When a router receives a data packet, it normally decides where to forward it based on the destination address in the packet, which is then used to look up an entry in a routing table. However, in some cases, there may be a need to forward the packet based on other criteria. Policy-based routing allows for forwarding or routing of data packets according to your own policies.
To add a policy route, proceed as follows:
On the Policy Routes tab click New Policy Route.
The Add Policy Route dialog box opens.
Specify the following settings:
Position: The position number, defining the priority of the policy route. Lower numbers have higher priority. Routes are matched in ascending order. Once a route has matched, routes with a higher number will not be evaluated anymore.
Route type: The following route types are available:
- Interface route: Packets are sent out on a particular interface. This is useful in two cases. First, for routing on dynamic interfaces (PPP Point-to-Point Protocol), because in this case the IP address of the gateway is unknown. Second, for defining a default route having a gateway located outside the directly connected networks.
- Gateway route: Packets are sent to a particular host (gateway).
Source interface: The interface on which the data packet to be routed has arrived. The Any setting applies to all interfaces.
Source network: The source network of the data packets to be routed. The Any setting applies to all networks.
Service: The service definition that matches the data packet to be routed. The drop-down list contains all predefined services as well as the services you have defined yourself. These services allow you to specify precisely which kind of traffic should be processed. The Any setting matches any combination of protocols and source and destination ports.
Destination network: The destination network of the data packets to be routed. The Any setting applies to all networks.
Note – Destination networks which are bound to interfaces are treated like normal networks. The binding has no effect on policy routes. Therefore you have to use the option Target interface. This option is only available with the route type Interface Route.
Target interface: The interface for the data packets to be sent to (only available with the route type Interface Route).
Gateway: Select the gateway/router to which the gateway will forward data packets (only available if you selected Gateway Route as route type).
Comment (optional): Add a description or other information.
The new route appears on the Policy Routes list.
Enable the route.
Click the toggle switch to activate the route.
To either edit or delete a route, click the corresponding buttons.