Difference between Policy-Routing and Routing-Policy

Table of Contents

Why write about this?
The concepts in short
- Policy-Routing
- Routing-Policy
How does Cisco refer to these concepts?
- Operating system references
- IOS-XR comparison
How does Juniper refer to these concepts?
How does Linux refer to these concepts?

Why write about this?

I once worked with a colleague¹, and he didn’t know there was a difference between Policy-Routing and Routing-Policy. Given his senior position, I was surprised at the initial confusion this created as we collaborated with a vendor. His view was both concepts of Routing-Policy and Policy-Routing had the same meaning, that being of Routing-Policy.

Policy-Routing is not the same thing as Routing-Policy. They are distinctly different approaches to manipulate packet flow.

The concepts in short

Policy-Routing

Policy-Routing is making a forwarding decision based upon the IP header attributes. It does not use routing protocols².

The Policy-Based Routing feature is a process whereby a device puts packets through a route map before routing the packets. The route map determines which packets are routed next to which device. Policy-based routing is a more flexible mechanism for routing packets than destination routing.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3e/iri-xe-3e-book/iri-pbr.html

Policy-based routing (PBR) is a technique that forwards and routes data packets based on policies or filters. Network administrators can selectively apply policies based on specific parameters such as source and destination IP address, source or destination port, traffic type, protocols, access list, packet size, or other criteria and then route the packets on user-defined routes.
https://www.juniper.net/us/en/research-topics/what-is-policy-based-routing.html

Routing-Policy

Routing-Policy is making a forwarding decision based upon routing protocol attributes.

A routing policy instructs the router to inspect routes, filter them, and potentially modify their attributes as they are accepted from a peer, advertised to a peer, or redistributed from one routing protocol to another.
https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r7-6/routing/configuration/guide/b-routing-cg-asr9000-76x/implementing-routing-policy.html

Routing policies allow you to control the routing information between the routing protocols and the routing tables and between the routing tables and the forwarding table.
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/index.html

How does Cisco refer to these concepts?

Policy-Routing

Cisco refers to Policy-Routing by several names

PBR (Policy Based Routing)
ePBR (Enhanced Policy Based Routing)
ABF (ACL Based Forwarding)

I’ve only linked to the PBR docs below.

Operating system references

IOS-XR comparison

The following table illustrates the match/set criteria that is supported by ABF, ePBR/Flowspec, and PBR:

match/set criteria	ABF	ePBR/Flowspec	PBR
source ip	match	match	match
destination ip	match	match	match
source protocol/port	match	match	match
destination protocol/port	match	match	match
nexthop ip	set	set	set
nexthop vrf	set	set	set
nexthop ip+vrf	set	NA	set
dscp	NA	match/set	NA
forward-class	NA	NA	set
police	NA	set	NA
access-group	NA	NA	match
flow-tag	NA	NA	match
fragment-type	NA	match	NA
packet length	NA	match	NA
ip protocol	match	match	match
tcp-flag	match	match	match
ipv4/ipv6 icmp-type	NA	match	NA
ipv4/ipv6 icmp-code	NA	match	NA
port	NA	match	NA
port-range	match	match	match

Supported Match and Set Operations—ABF, ePBR/Flowspec, and PBR³

Routing-Policy

How does Juniper refer to these concepts?

Policy-Routing

Juniper refers to Policy-Routing by several names

FBF (Filter Based Forwarding)
APBR (Advanced policy-based routing)

JUNOS: Filter Based Forwarding (FBF) https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/concept/firewall-filter-option-filter-based-forwarding-overview.html

For IPv4 or IPv6 traffic only, you can use stateless firewall filters in conjunction with forwarding classes and routing instances to control how packets travel in a network. This is called filter-based forwarding (FBF).
Filters That Classify Packets or Direct Them to Routing Instances

JUNOS: Advanced Policy-Based Routing

Advanced policy-based routing (APBR) also known as application-based routing, a new addition to Juniper Networks suite, provides the ability to forward traffic based on applications.
https://www.juniper.net/documentation/us/en/software/junos/application-identification/topics/topic-map/security-application-advanced-policy-based-routing.html

Routing-Policy

JUNOS: https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/concept/policy-routing-overview.html

How does Linux refer to these concepts?

The following is used by Linux to enable policy based routing. The software package used is called iproute2. The CLI command tool is called ip.

Policy routing table
Policy routing rule

Red Hat Enterprise 7 example⁴: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/networking_guide/configuring-policy-based-routing-to-define-alternative-routes

Online reference book for Linux policy routing, http://www.policyrouting.org/PolicyRoutingBook/ONLINE/TOC.html

Footnotes and Sources

This colleague was from a different team and not someone I worked with every day.[↩]
Not to be confused with Segment Routing. https://www.cisco.com/c/en/us/solutions/segment-routing.html[↩]
https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r7-6/b-ip-addresses-cg-asr9000-76x/Implementing-policy-based-routing.html#id_84172[↩]
at first this example uses the nmcli command and further down uses the ip command.[↩]