VRF which stands for virtual routing and forwarding is a feature that allows a single physical router to segregate network traffic into separate virtual routing instances. A router has only one global routing table by default which includes all connected, static and dynamic learned routes. As an analogy VRFs can be viewed as a segregation feature at layer 3 similar to VLANs at layer 2. If we take the example of an ISP with multiple customers by using VRFs we can have separate routing tables per customer on the same router. VRF-lite is a simple form of VRF implementation which is used without MPLS and is appropriate for small to medium enterprises. Being logically isolated each VRF can use overlapping IP address spaces without conflicting with each other.
Normally when a routing device receives a packet it decides where to forward it based on the destination address of the packet. Policy Based Routing (PBR) is a mechanism which allows you forward packets based on policies manually defined by network administrators. A good use case for PBR is when a company which has multiple outside connections to different ISPs needs to control how traffic can be distributed across these connections. Compared to traditional routing PBR allows you to implement routing policies based on different criterias like source or destination address, source or destination port, protocol, size of the packet, packet classification and so on. Cisco introduced this feature on Cisco ASA beginning with version 9.4(1). Let’s dive into the PBR configuration.