The problem is that AS1 relies on the default route to get there and doesn't have anything more specific. I cannot send the default route from AS1 to AS2, so the locally significant answer to this seems to be a static route.

I am a bit puzzled at the description of the problem in the original post. It says " If I put those routes in and point them to the next hop interface IP, this works fine." So what are you putting into the static routes when they are not inserted into the routing table? Perhaps you can provide an example of the static configuration and also the output of show ip route so that we see what is known on the router?

HTH

Rick

                                            AS 1

                                     /                 \

                      Router 1                       Router 2

                                   \                    /

                                      L3 Switch

                                             |

                                          AS 2

Above is a rough diagram. The L3 switch participates in both ASs of EIGRP. If I put in a static route that says the following, it works:

ip route 1.1.1.1 255.255.255.255 [router A's directly connected interface IP address]

If I put in the following route, it does not get installed in the routing table:

ip route 1.1.1.1 255.255.255.255 [ip address in AS 1]

You can pick any address in AS 1, but if it helps to pick one, call it 10.1.1.1. The reason this should work is because the L3 switch has the following route already in the table:

D*EX  0.0.0.0/0 [170/xxxxxxxx] via [router A], 4d21h, GigabitEthernetX/X/X

Everything I've ever seen before tells me this will do a recursive lookup (two actually, since it will have to look up the actual interface), and install it. Yet it does not. Hopefully my logic is just wrong somewhere here?

As a quick test could you use a specific route to the AS IP you are using as the next hop rather than rely on the default route and see if it works. 

Jon 

I don't think I understand.

The situation above that it does work in is where I point to the next hop. The problem is that the routers connect to my WAN provider. The provider had an outage on their CE device, but since the next hop isn't down from the router's perspective, the route stays installed.

As such, I want the static route to point at something in my datacenter, which will intentionally use the default route. The default will not be received if there is a failure in the provider's network, so it will use the other provider connection that I have.

So using your example of 10.1.1.1 as the next hop IP of your recursive route, instead of relying on the default route to get to 10.1.1.1 add a specific route for that IP address and see if your recursive route works. 

I appreciate this is not a solution, it is to work out whether it is because you are using the default route that your recursive lookup is not working. 

On a more general note have you considered IP SLA ?

Jon

Hmm...I could try to do so. Unfortunately, at this point, I'd have to build a lab to emulate this. Doing it in production won't go over so well.

My assumption is that nothing would change, as 10.1.1.1 will also need to recursively resolve to the default route, but considering this is not working based on my very first assumption, it could do something.

I'm really glad someone else mentioned the SLA. That was my off-of-the-bat thought, but I also realize that I have no way to control the SLA adequately. I don't get an IP address in the WAN provider network (it's all layer 2 adjacent), so the next IP I can point to is my datacenter, but if the WAN provider has an issue, the SLA will still succeed because of the other WAN provider. I think I could do this by pointing the static route to a destination and interface, but I think there's an easier way to do this.

I'm thinking I could send a summary route into AS 2 and remove static routing all-together, but I need to find a way to get a single route to this box from AS 1 so it has something to summarize. At that point, it should work itself out.

Still, I have a few other locations with similar problems that I can't do this at, so I'd really like to understand why the routes are not installed in the first place. Can anyone confirm that I'm correct in believing that IOS should install this route if it can recurse to the default route?

Unfortunately can't test at the moment but I suspect the issue may be the default route. 

Re the IP SLA, you could use PBR to force it to go via R1 so that would get round the the route being received via the other router. 

Quick question, are you running EIGRP to both R1 and R2 and do you receive just a default route from each and do you advertise routes to those routers ? 

Jon

EIGRP is on both R1 and R2. They both receive the default route from AS 1. The Layer3 switch does run EIGRP and advertise subnets to R1 and R2 in AS 1, as well as to devices in AS 2.

Thanks for the clarification. 

Sorry I can't test at the moment as I am on leave so no access to equipment. 

Hopefully someone can confirm if recursive routing works when using the default route. 

Jon

Thanks Richard! I'd never heard of this being a limitation.

Unfortunately, all routes other than the default route are filtered at ingress to a site. I can make a change to the prefix list to allow one additional route in for this case.

You are welcome. I agree that this restriction is not well known, and it certainly is not well documented. If you can make a change so that one non-default route is advertised then I believe that this will solve your problem. Thank you for marking this question as solved. This will help other participants in the community to recognize discussions which have helpful content - and this one certainly does.

HTH

Rick