Policy-based routing using route maps on Cisco routers got me stumped for a while but with some research and looking at explanations and examples, I think I figured it out. I will use the image below to explain how it works.
Route maps follow an order if there are more than one route map commands:
– the lowest to highest sequence
– then the matching criteria
– then the set action.
The matching criteria itself only matches the ACL’s permit statement prefix. The ACL’s deny statement prefix is then passed through to the next sequence until it matches with a sequence (usually deny any or permit any).
So if you look at the example above, the prefix 172.16.1.0/24 is denied by ACL-ONE, which means that it passes through route map sequence 10 and 20 and ends on sequence 30. Sequence 30 has no match statement so 172.16.1.0/24 is permitted and its metric is set to 20.
On the other hand, the prefix 172.16.2.0/24 would match the permit statement in ACL-ONE and therefore matches route map sequence 10.