Policy-Based Routing Configuration on Edgerouter

In this video, I go over how to set up Policy-Based routing (PBR) on a Ubiquiti Edgerouter. I've gotten quite a few questions over the years where policy-based routing ends up being the answer someone is looking for, but most people haven't heard of this topic.
The approach I take in this video isn't your typical PBR scenario, but I do my best to cover both the standard use-case as well as this more "niche" use of the feature.
Intro: 00:00
What is Policy-Based Routing?: 00:38
Test Environment Explanation: 02:50
If You Want to Follow the Guide: 05:52
Configuration Breakdown: 06:36
Configuring Policy-Based Routing: 07:51
Confirming the Configuration: 16:48
Why is this Useful?: 17:45
Did you Catch that? 18:23
Omitted Portions of the Ubiquiti Guide: 19:55
Changing Source IPs and the Result: 24:36
Modifying Configuration to Include all IPs in Network: 25:23
Recap: 26:50

Пікірлер: 12

  • @XianweiTechnologies
    @XianweiTechnologies3 ай бұрын

    You and your videos are so insightful. You’ve been of help to problems I have been facing in networking.

  • @jordanhanes7243
    @jordanhanes72437 ай бұрын

    Thank you toasty answers. Policy based routing is very useful. Company may want to use dual WANs or the use of one local and remote Edge router for isp/ip redundancy.

  • @darrenoleary5952
    @darrenoleary59527 ай бұрын

    I'd just gone through this exact subject in the last couple of months to route traffic of my Synology NAS when it backs up to an offsite NAS. My setup is exactly the same as your example where I have two ERs, each connected to their own ISP and got it working easily enough. I've now extended this so my Xbox and Playstation consoles use the second ER and ISP exclusively for their internet connection, freeing up my primary internet connection for everything else.

  • @timwood3840
    @timwood38403 ай бұрын

    This video is perfect for explaining PBR especially since i tried using the UBNT guide and screwed things up and not knowing why. Now i know! Scenario i have that i want to use this for is I have one VLAN that i would like to direct through a specific ISP (Im using Load Balancing) when any device on that VLAN is requesting a specific IP. Basically takes your "N" streaming service example and says only when these devices on VLAN 10 are requesting "N" then use PBR. How would you modify the PBR to do that?

  • @AA-bh3bz
    @AA-bh3bz7 ай бұрын

    Duuuude you are still making videos !? I just thought I'd check out see if anything happening in the ubiquti world after setting up an edge years and years ago thanks to your videos... I want an upgrade .. stand alone router.. is there anything worth replacing the edge router with ?

  • @ToastyAnswers

    @ToastyAnswers

    7 ай бұрын

    Yeeeep, I'm still at it. Not as often as I'd like to be, but still trying. That is a bit of a complicated question and I plan to make a video centered around it here soon. The Edgerouter is becoming less and less attractive as time moves on, but it still has its advantages. To make a long story short, my opinion is that an Edgerouter is still perfectly viable, as long as these conditions are true. 1. Your connection speed is below 1Gbps and you don't have the need or want to run any type of QoS. Also, you don't need higher than 1Gbps LAN routing. 2. You are fine with a simple firewall and don't need advanced features such as IPS, Packet Inspection, or other NGFW features. 3. You either need or want to use more advanced features such as OSPF, MPLS, or have complete control over protocols such as IPSEC, OpenVPN, or Wireguard. I'm mostly talking about the ER-X as the price to feature ratio is still quite high. Things start to change a bit when you get up into the ER-4 and above territory as the price-point is starting to compete with other great alternatives. If you'd like a recommendation, the Dream Machine Pro is a device I've considered transitioning to personally. The performance and feature set is there for fast networks. The drawback for me is the lack of support for more advanced features such as OSPF. Rolling with a custom Pfsense box is also a great option, although YMMV depending on the hardware chosen. Hope this helps.

  • @AA-bh3bz

    @AA-bh3bz

    7 ай бұрын

    @@ToastyAnswers that helps so much 🙏🏻 thank you for such a detailed response really didn't expect that. Wish you the best for the future your content is top tier and hopefully you will get as many or more subs that your content deserves.

  • @local-admin
    @local-admin7 ай бұрын

  • @local-admin

    @local-admin

    7 ай бұрын

    Will be using this to fix T-Mobile

  • @IsDaveGaming
    @IsDaveGaming6 ай бұрын

    Would love to see a variation of this video, but using destination domains as the endpoints rather than known IP Addresses, for example, when live streaming I need to push the rtmps streams over my local ISP, rather than over my starlink connection, so adding a. rtmps. youtube and b. rtmps. youtube to a destination tables. Reason, too many packet drops over starlink for streaming.

  • @ToastyAnswers

    @ToastyAnswers

    5 ай бұрын

    I haven't really looked into this, but at first glance this seems like it would be verydifficult to implement (at least in the same way as shown in this video) since the policy is modifying the routing table. A routing table doesn't care about DNS hostnames and doesn't have a mechanism to use them (as far as I know). This is probably possible, but I'd imagine it would have to be done using a different service or application more suited for this specific use-case. Proxy servers or split-horizon DNS come to mind... but that's just me spitballing.

  • @IsDaveGaming

    @IsDaveGaming

    5 ай бұрын

    @@ToastyAnswers I haven't been able to get it to work, there are apparently some custom approaches using scripts to do DNS lookup and then update an address group which is then used by the firewall/routing. Way over my head....