My organization has multiple sites, and multiple connections to the internet. I set up the following to get vlan 18 internet traffic going out the connection at another site. There's a mistake here - The IP address in the route-map doesn't exist.
Yet, I have functioning internet access from workstations in Vlan 18. When I traceroute from a workstation in Vlan 18, I go out the default route.
I would have thought that for matching traffic, the route-map's default next-hop overwrote the router's default route.
Clearly I'm wrong on that - Can anyone clarify what's actually happening?
#sh access-l 181
Extended IP access list 181
10 permit ip x.x.18.0 0.0.0.255 any (845093 matches)
route-map Wireless, permit, sequence 10
ip address (access-lists): 181
ip default next-hop 10.30.202.3
Policy routing matches: 845115 packets, 97431971 bytes
#sh run int vlan18
Current configuration : 344 bytes
ip address x.x.18.2 255.255.255.0
ip access-group 109 in
ip helper-address x.x.x.x
no ip redirects
no ip proxy-arp
ip wccp web-cache redirect out
ip wccp web-cache redirect in
ip policy route-map Wireless
standby 18 ip x.x.18.1
standby 18 priority 200
standby 18 preempt
#sh access-l 109
Extended IP access list 109
10 permit tcp any any established (653532 matches)
20 permit udp any any eq bootps (739 matches)
30 permit icmp any any (359 matches)
40 permit udp x.0.0.0 0.255.255.255 x.0.0.0 0.255.255.255 eq domain
50 permit tcp x.0.0.0 0.255.255.255 x.0.0.0 0.255.255.255 eq domain
60 deny ip any x.0.0.0 0.255.255.255 (22758 matches)
70 permit ip x.0.0.0 0.255.255.255 any (307368 matches)
#sh run | i 0.0.0.0
ip route 0.0.0.0 0.0.0.0 x.x.2.254
When the only route to the destination is the default route,there is no specific route for that destination in the routing tale, the packet is policy routed.
When you loose the next hop, the packet follows the normal forwarding (routing table)