Wanted to get your thoughts on a strange issue and see if you guys might have any ideas.
We have a very strange intervlan routing problem that happens only when we add a match protocol statement for xwindows under the class-map match-any ZS_Critical_Data.
As soon as we add the following commands:
class-map match-any ZS-Critical-Data
match protocol xwindows
to the router configuration, user's on the 10.17.5.x/24 and 10.17.6.x/24 segments could no longer hit the Citrix servers on 10.17.200.x/24. As soon as we remove that match protocol xwindows from the Class Map everything starts working again. What doesn't make sense to me is how matching an additional protocol via NBAR for a class map that is ultimately applied to the multilink group composed of serial interfaces would have any affect whatsoever on the intervlan routing that just stays on the Gi0/0 interface. In other words, traffic does not hit the serial interfaces/multilink groups at all. Attached is the configuration of the router. Also, FYI sitting inside the router is just a Cisco switch. We are using the router for one armed routing and is the default gateway for all subnets.