Hello @Breathing .

the only case where an end host PC exposes its default gateway settings is when the PC makes an ARP request for its default gateway. But this is not IP traffic but ARP traffic.

Once the default gateway is resolved packets with a destination outside the local subnet are sent in an ethernet frame with destination = SVI MAC address.

To be noted , as far as I know you can change the MAC address of an SVI but not only for the IP address secondary.

In other wiords in a SVI both the primary IP address and the secondary IP address are resolved to the same MAC address that can be the burned in address (BIA) or it can be configured.

PBR can process IP packets received on the SVI interface but it uses OSI L3 and above criteria.

But even if it could examine the OSI 2 MAC layer as I have explained above it could not discriminate packets sent to the primary address from packets sent to the secondary address as both share the same MAC address.

So it is not possible to make PBR able to check default gateway settings in the end user PC.

Possible suggestions are :

think of using a different IP subnet for the secondary IP address ( to be noted this is the normal use of secondary addresses, your use case is a corner case).

To make users able to use a different destination MAC address you could use HSRP or VRRP instead of a secondary IP address in the same subnet. In this last case the HSRP/VRRP VIP will respond to a virtual MAC protocol dependent.

However, I'm not aware of an option to check the destination MAC address in a route-map used for PBR.

Edit:

I have checked the following configuration guide in PBR on a Cat9300 the only possible match are match address  or match length that checks the size of the packet.

see

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-8/configuration_guide/rtng/b_168_rtng_9300_cg/b_168_rtng_9300_cg_chapter_01011.html?dtid=osscdc000283#ID8123

Hope to help

Giuseppe