Do we support "Policy based routing" on Windows Server operating systems?

Hi there,

In one of the past cases, one of our customers wanted to know if we supported policy based routing on Windows 2003 or later OSes. First of all, it might be useful to clarify what “policy based routing” means in this context. Let’s take the following as an example:

“A server is running as a router and have 3 network interfaces. When the server receives a packet from a specific host (let’s say running at a certain IP address) from one of its interfaces (say interface1), we would like the server to always route that host’s packets through interface2 without consulting the routing table. (The criteria might be different for different scenarios such as “all packets with a destination of TCP port 80 to be sent out from interface3 etc)”

This kind of advanced routing decisions are generally supported by network hardware vendors like Cisco. For example, by using route-map configuration in Cisco IOS, you can affect the conventional routing decisions made by looking up the routing table. You can find more information on that at the following link: Configuring Policy-Based Routing

And the answer to the original question is: No, we don’t support policy based routing on Windows server OSes since this is generally a feature that would be needed on hardware routers whose main purpose is to do packet routing.

Hope this helps


Comments (4)

  1. Anonymous says:

    Excuse me, couldn't you do "Policy Based Routing" by using the decision capabilities of IPSec rules and terminate with a tunnel to an interface? I know its for VPN and secure tunneling but a lot of the configs look like they could be used for Policy Base Routing.

  2. Harmandeep says:

    Thanks —

  3. Workaround? says:

    Do you know of a workaround without messing with the router (I don't have access to it)?

    I'm trying to do this on Windows 2008 Server.

  4. James Brown says:

    The is an appalling state of affairs in 2015. The Linux Kernel has supported policy routing since v2.2. A slightly more sensible thing for Windows to add would be VRF support, a bit like Cisco IOS or NXOS.