Was recently working on a project for a client where the client needed to route traffic from a specific network over a T1 and send the rest of the traffic out the default gateway of the router. In order to accomplish the task I configured policy based routing on the 2911 as follows:
interface GigabitEthernet0/0.4
encapsulation dot1q 4
ip address 10.2.1.1 255.255.255.0
ip policy route-map NoDSL
access-list 101 permit 10.2.1.0 0.0.0.255 any
route-map NoDSL 10
match ip address 101
set ip default next-hop 172.16.1.29
Cisco has a pretty good example configuration white paper: http://www.cisco.com/c/en/us/support/docs/ip/ip-routed-protocols/47121-pbr-cmds-ce.html
The route map policy didn’t seem to apply correctly, as traffic was hitting the default route instead of my defined next hop. I enabled debugging and found the issue. Debug output was showing the following:
R1#debug ip policy
R1#debug ip packet 101 detail
*May 26 14:45:21.359: IP: s=10.2.1.99 (GigabitEthernet0/0.4), d=64.4.4.1, len 84, FIB policy match
*May 26 14:45:21.359: IP: s=10.2.1.99 (GigabitEthernet0/0.4), d=64.4.4.1, len 84, FIB policy rejected(explicit route) – normal forwarding
The output showed me where the problem was. In the Cisco example document, when used with a dynamic routing protocol the command to override the next-hop should omit the “default” statement (the reason is explained below). I changed the route-map to the following:
route-map NoDSL 10
match ip address 101
set ip next-hop 172.16.1.29
Traffic began to flow as expected and matched the policy I had created.
This is an excellent policy routing reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/15-mt/iri-15-mt-book/iri-pbr-default-nexthop-route.html
The applicable quote from this document:
The set ip next-hop and set ip default next-hop commands are similar but have a different order of operation. Configuring the set ip next-hop command causes the system to first use policy routing and then use the routing table. Configuring the set ip default next-hop command causes the system to first use the routing table and then the policy-route-specified next hop.