Policy-Based Routing on IOS-XE Causes GRE Tunnel to drop
I wanted to use PBR on our DMVPN tunnels to set the next-hop address to a Layer 3 switch on the LAN. We set it up and it seemed to work fine. Then it was noticed that is a site went down even briefly and the tunnel dropped, the tunnel would never re-establish itself (The tunnel interface remained line up/protocol down). We recreated the problem in our lab and it consistently failed. We moved the tunnel to an IOS router and that wasn’t affected.
It was eventually revealed that apparently, PBR is handled differently in IOS-XE and IOS routers.
The problem occurs when a route-map is attached to an interface with only a “set” operation and no “match” (When there is no match specified there is an implicit “match any any”) OR when a match “any any” is used. Read more…