Hi All

Just met a strange problem with PBR vs static route.

#Topology

#Purpose

A static route exists on 6509 for servers in 172.16.0.0/16:

ip route 172.76.0.0 255.255.0.0 10.69.151.69

All the traffic towards servers will be sent to router R1 by 6509.

Now I want to configure a PBR to force the traffic from host A towards servers to go through router R2. And there're some other devices behind R2 for following process.

#Configuration

The configuration is as below:

...

access-list 134 permit ip host 10.56.136.4 172.76.0.0 0.0.255.255

...

route-map test permit 10

match ip address 134

set ip next-hop 10.56.137.7

...

interface Vlan2

ip address 10.56.136.1 255.255.255.128

ip policy route-map test

...

...

ip route 172.76.0.0 255.255.0.0 10.69.151.69

...

#Problem:

According to common understanding, PBR has higher priority than static route in routing table.

It's also described in many doc:

PBR is used to bypass the routing table. It allows network administrators to configure different routing rules outside the boundaries of the original IP routing table.  One of the main uses of PBR is to route packets that are based on the source IP address instead of the destination IP address

PBR static routes have priority over static routes in the routing table. If the packet does not match a PBR static route, the packet is forwarded according to the priority of the static routes in the routing table.

But the strange thing is, I found the PBR setting as above didn't take effect. Instead, the request from hostA to 172.76.0.0/16 is still handled by static route, e.g., sent to R1.

Then I deleted the static route "ip route 172.76.0.0 255.255.0.0 10.69.151.69", the PBR works immediately! If I add that static route back, PBR fails again.

Why 6509 act as this? Why static route take higher priority than PBR here?