%PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing - Enable PBR on Cisco 3560E

Symptons

Working on Cisco 3560E with IOS C3560-IPSERVICESK9-M and trying to enable Policy Based Routing on vlan interface with command :

ip access-list extended Re_Route_10.99.13.66

 permit ip host 10.99.13.66 any

route-map Map_Re_Route_10.99.13.66 permit 10
 match ip address Re_Route_10.99.13.66
 set ip next-hop 10.99.2.30
!
interface Vlan13
ip policy route-map Map_Re_Route_10.99.13.66 

but got following errors in the log:
017242: .Mar 24 14:59:46.961 EDT: %PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing




Switch information is list below:
SW-3560E#sh ver
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(53)SE1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Fri 12-Mar-10 16:54 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02E00000

ROM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

M-CSWO2001 uptime is 42 weeks, 3 days, 23 hours, 47 minutes
System returned to ROM by power-on
System restarted at 15:01:02 EDT Thu May 30 2013
System image file is "flash:c3560-ipservicesk9-mz.122-53.SE1.bin"
....

cisco WS-C3560G-24TS (PowerPC405) processor (revision C0) with 131072K bytes of memory.
Processor board ID FOC10030125
Last reset from power-on
4 Virtual Ethernet interfaces
28 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : 00:17:94:30:40:80
Motherboard assembly number     : 73-9718-04
Power supply part number        : 341-0090-01
Motherboard serial number       : FOC10030125
Power supply serial number      : AZS100006CN
Model revision number           : C0
Motherboard revision number     : A0
Model number                    : WS-C3560G-24TS-S
System serial number            : FOC10030125
SFP Module assembly part number : 73-7757-03
SFP Module revision Number      : A0
SFP Module serial number        : CAT1007110
Top Assembly Part Number        : 800-2584-02
Top Assembly Revision Number    : B0
Version ID                      : V02
CLEI Code Number                : CNMW2001RB
Hardware Board Revision Number  : 0x05


Switch Ports Model              SW Version            SW Image                 
------ ----- -----              ----------            ----------               
*    1 28    WS-C3560G-24TS     12.2(53)SE1           C3560-IPSERVICESK9-M     


Research
Googled Internet, and found SDM template has to change to meet this requirement. Here are some documentation explains this:
Understanding Policy Routing
Configuring SDM Templates

SDM templates is used to configure system resources in the switch to optimize support for specific features, depending on how the switch is used in the network. You can select a template to provide maximum system usage for some functions or use the default template to balance resources.

To allocate ternary content addressable memory (TCAM) resources for different usages, the switch SDM templates prioritize system resources to optimize support for certain features. You can select SDM templates to optimize these features:

•Access—The access template maximizes system resources for access control lists (ACLs) to accommodate a large number of ACLs.

•Default—The default template gives balance to all functions.

•Routing—The routing template maximizes system resources for IPv4 unicast routing, typically required for a router or aggregator in the center of a network.

•VLANs—The VLAN template disables routing and supports the maximum number of unicast MAC addresses. It would typically be selected for a Layer 2 switch.

Solution

SW-3560E#show sdm prefer default 
 "desktop default" template:
 The selected template optimizes the resources in
 the switch to support this level of features for
 8 routed interfaces and 1024 VLANs. 

  number of unicast mac addresses:                  6K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    8K
    number of directly-connected IPv4 hosts:        6K
    number of indirect IPv4 routes:                 2K
  number of IPv4 policy based routing aces:         0
  number of IPv4/MAC qos aces:                      0.5K
  number of IPv4/MAC security aces:                 1K

SW-3560E(config)#sdm prefer ?
  access              Access bias
  default             Default bias
  dual-ipv4-and-ipv6  Support both IPv4 and IPv6
  ipe                 IPe bias
  routing             Unicast bias
  vlan                VLAN bias


SW-3560E(config)#sdm prefer routing 
Changes to the running SDM preferences have been stored, but cannot take effect 
until the next reload.
Use 'show sdm prefer' to see what SDM preference is currently active.

SW-3560E(config)#sdm prefer default 

Performance Impact 

For the negative impact on CPU after implemented PBR, please refer to doc:

Catalyst 3750 Series Switches High CPU Utilization Troubleshooting

Troubleshooting Reference

Some troubleshooting commands:

SW-3560E#show processes cpu history 

SW-3560E#show platform tcam utilization

CAM Utilization for ASIC# 0                      Max            Used

                                             Masks/Values    Masks/values

 Unicast mac addresses:                        784/6272         37/209   

 IPv4 IGMP groups + multicast routes:          152/1216          6/26    

 IPv4 unicast directly-connected routes:       784/6272         37/209   

 IPv4 unicast indirectly-connected routes:     272/2176         13/69    

 IPv4 policy based routing aces:                 0/0             0/0     

 IPv4 qos aces:                                768/768         260/260   

 IPv4 security aces:                          1024/1024         33/33    

Note: Allocation of TCAM entries per feature uses

a complex algorithm. The above information is meant

to provide an abstract view of the current TCAM utilization

SW-3560E#sh controller cpu-interface | i icmp 

icmp              436790153  0          0          24         0         

icmp              0            24   

SW-3560E#show ip cef 10.99.2.64 detail 

10.99.2.64/32, epoch 2, flags attached

  Adj source: IP adj out of Vlan2, addr 10.99.2.64 052DCC00

   Dependent covered prefix type adjfib cover 10.99.2.0/24

  attached to Vlan2

SW-3560E#show platform ip unicast adjacency 10.99.2.64 0

10.99.2.64 Vlan:2 Mac:3cb1.5b51.629b OI:33 PDFlags:0x108 MAD:0x3F19384(RWI-IP:33 RWI-HMSM:33) Ref:1

        COMPLETE  MAD OK Stn OK Mvid OK MvidLock VlLock:2

        HMSM_hdl: 0x3F19384, Stn:0x138

SW-3560E#sh controllers cpu-interface

ASIC    Rxbiterr   Rxunder    Fwdctfix   Txbuflos   Rxbufloc   Rxbufdrain

-------------------------------------------------------------------------

ASIC0     0          0          0          0          0          0         

ASIC1     0          0          0          0          0          0         

ASIC2     0          0          0          0          0          0         

ASIC3     0          0          0          0          0          0         

ASIC4     0          0          0          0          0          0         

ASIC5     0          0          0          0          0          0         

ASIC6     0          0          0          0          0          0         

HOL Fix Counts

--------------

No Fixes:          0 Added:          1 In Use:          0 Both:         23

CPU Heartbeat Statistics

Tx Success Tx Fail    1st Thr    2nd Thr    Unthr      RetryCtMax

---------- ---------- ---------- ---------- ---------- ----------

 511575214          0          0          0          0          1

Rx Delay

         0          1          2          3          4 

---------- ---------- ---------- ---------- ---------- 

 511575214          0          0          0       

SW-3560E#debug platform cpu-queues software-fwd-q