How routing lookup will work with/without DPS policy & PBR

By esupport posted Aug 05, 2020 08:56 AM

  
Q:
  • How routing lookup will work with/without DPS policy & PBR


A:
  1. Without any DPS policy and no PBR configured:

    • Route lookup will be based on Equal-cost multi-path (ecmp ) routes and their cost.
    • Lowest cost route is preferred.
    • If there multiple routes with equal cost, round robin algorithm is applied among these routes.
       
  2. With DPS policy configured, but no PBR configured:

    • VPN peer IP address will be the gateway for routes in branch controller.
    • Each VPN peer will be reachable through one or more wan uplinks.
    • If two or more VPN peers are in Active-Active mode, all the ipsecmaps over, all reachable uplinks to the respective VPN peers have to be considered. 
    • SDWAN policy might filter out certain wan links or wan link types based on the policy and SLA conditions.
    • Uplink load balance algorithm will be applied on the filtered routes
       
  3. With no DPS policy configured, but PBR configured:

    • PBR will decide the routing
       
  4. With DPS policy configured and PBR configured:

    • PBR provides the possible routes based on the traffic match.
    • If there is DPS policy match and if the DPS suggested WAN links’ routes are same or subset of PBR suggested routes, then DPS policy will be applied.
    • If DPS and PBR policy match but uplink not match then traffic will dropped.
0 comments
4 views