Static Route fails to install

amit.vashishtha · ‎05-29-2013

Hello All ,

Need your help to understand this situation . Below is the topology

CE IP - 172.18.10.10 /30

PE IP - 172.18.10.9/30

I had configured some floating static route on the PE towards CE .

ip route vrf ABC 10.10.0.0 255.255.255.0 172.18.10.10 250

ip route vrf ABC 172.17.0.0 255.255.255.252 172.18.10.10 250

ip route vrf ABC 172.24.0.0 255.255.255.224 172.18.10.10 250

The routes were installed correctly till PE - CE link was UP as next hop IP was showing as connected .

Now the link has been removed and I am receiving a supernet of 172.16.0.0/12 from PE2 via MPBGP . Although the 1st static route for 10.10.0.0 is showing in routing table , the other 2 ( 172.17.0.0 & 172.24.0.0 ) donot show .

I believe that as both the routes and next hop fall under the supernet , the static route is not installing . But I dont know why is this behaviour . I tried to remove the distance 250 from both the routes , but still the static route doesnot install . I tried this on GNS3 but got the same results .

Can anybody help in understanding this .

mfurnival · ‎05-29-2013

Your static routes should still be valid even if you receive the supernet because your static routes have a longer subnet mask. Could you post the running config from PE1 and a "show ip route" please?

amit.vashishtha · ‎05-29-2013

PE1#sh ip route vrf ABC 172.18.10.10

Routing Table: ABC
Routing entry for 172.16.0.0/12, supernet
Known via "bgp 1", distance 200, metric 0, type internal
Last update from 2.2.2.2
Routing Descriptor Blocks:
* 2.2.2.2 (default), from 2.2.2.2
      Route metric is 0, traffic share count is 1
      AS Hops 0
      MPLS Required

PE1#sh ip route vrf ABC 172.17.0.0

Routing Table: ABC
Routing entry for 172.16.0.0/12, supernet
Known via "bgp 1", distance 200, metric 0, type internal
Last update from 2.2.2.2
Routing Descriptor Blocks:
* 2.2.2.2 (default), from 2.2.2.2
      Route metric is 0, traffic share count is 1
      AS Hops 0
      MPLS Required

amit.vashishtha · ‎05-29-2013

Also when I tried on GNS3 , and run a debug , it showed that " static route table deleted "

cadet alain · ‎05-29-2013

Hi,

Can you post the debug you got on gns3.

Regards

Alain

Don't forget to rate helpful posts.

mfurnival · ‎05-29-2013

Amit,

Can you please post what I have asked for?

"show run"

"show ip route"

"show ip route vrf ABC"

amit.vashishtha · ‎05-29-2013

OK , I tried to make a simple topology again on GNS3 which looks like :

R1 ----- R2 ----- R3

The running config is attached below .

As you can see that static route for a shorter prefix is applied with a next hop IP of a shut interface , I ahve advertised a supernet of this complete range from R3 via BGP . R1 prefers to install the longer prefix learnt via eBGP rather than the static route .

Debug on R1 shows :

R1#

*Mar 1 00:31:17.383: IP-Static: 1.1.1.128 255.255.255.128 1.1.1.10 Path = 2 5 6 8, route table deleted, recursive flag set

R1#

*Mar 1 00:32:17.387: IP-Static: 1.1.1.128 255.255.255.128 1.1.1.10 Path = 2 5 6 8, route table deleted, recursive flag set

amit.vashishtha · ‎05-29-2013

R1#sh run
Building configuration...

Current configuration : 1211 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
!
multilink bundle-name authenticated
!
!
interface Loopback11
ip address 11.11.11.11 255.255.255.255
!
interface FastEthernet0/0
description --- To R2
ip address 1.1.1.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 1.1.1.9 255.255.255.252
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
router bgp 1
no synchronization
bgp log-neighbor-changes
network 11.11.11.11 mask 255.255.255.255
neighbor 1.1.1.2 remote-as 2
no auto-summary
!
ip forward-protocol nd
ip route 1.1.1.128 255.255.255.128 1.1.1.10
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end

##########################

R2#sh run
Building configuration...
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
!
multilink bundle-name authenticated
!
!
!
archive
log config
hidekeys
!
!
interface Loopback22
ip address 22.22.22.22 255.255.255.255
!
interface FastEthernet0/0
description --- To R1
ip address 1.1.1.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
description --- To R3
ip address 2.2.2.1 255.255.255.0
duplex auto
speed auto
!
router bgp 2
no synchronization
bgp log-neighbor-changes
network 22.22.22.22 mask 255.255.255.255
neighbor 1.1.1.1 remote-as 1
neighbor 2.2.2.2 remote-as 3
no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end

################################

R3#sh run
Building configuration...

Current configuration : 1125 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
interface Loopback33
ip address 33.33.33.33 255.255.255.255
!
interface FastEthernet0/0
description --- To R2
ip address 2.2.2.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 3
no synchronization
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 33.33.33.33 mask 255.255.255.255
neighbor 2.2.2.1 remote-as 2
no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end

amit.vashishtha · ‎05-29-2013

Here is RT on R1 :

R1#sh ip route
Gateway of last resort is not set

     1.0.0.0/30 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, FastEthernet0/0
     33.0.0.0/32 is subnetted, 1 subnets
B       33.33.33.33 [20/0] via 1.1.1.2, 00:14:30
     22.0.0.0/32 is subnetted, 1 subnets
B       22.22.22.22 [20/0] via 1.1.1.2, 00:14:30
     11.0.0.0/32 is subnetted, 1 subnets
C       11.11.11.11 is directly connected, Loopback11
R1#

R1#
R1#sh ip route stat

R1#
R1#sh run | i ip route
ip route 1.1.1.128 255.255.255.128 1.1.1.10
R1#

mfurnival · ‎05-29-2013

Amit,

You did not attach your running config or the output of the command requested.

Are you aware that a static route to a destination will not be inserted into the routing table if the next hop address is not reachable?

amit.vashishtha · ‎05-29-2013

Its attached alongwith all the debugs . I think by reachability check ,the router does a recursive lookup for the next hop ( unless it is configured as being attached to a particular interface ) . In our case , the next hop IP is a part of the supernet being received via BGP .

mfurnival · ‎05-29-2013

Amit - it is as I said, R1 cannot resolve the next-hop (1.1.1.10) so it does not insert the static route into the routing table. The static route remains in the config but cannot be used because the router would not know where to send the packets. If you do a "no shut" on the fa0/1 interface you should see the static route added to the routing table.

amit.vashishtha · ‎05-29-2013

Thts wht I want to understand why R1 cannot resolve next-hop . I have a route for 1.1.1.10 in the route table .

R1#sh ip route 1.1.1.10
Routing entry for 1.1.1.0/24
Known via "bgp 1", distance 20, metric 0
Tag 2, type external
Last update from 1.1.1.2 00:02:01 ago
Routing Descriptor Blocks:
* 1.1.1.2, from 1.1.1.2, 00:02:01 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 2

But still route to 1.1.1.128 is preferred via bgp .

R1#sh ip route 1.1.1.128
Routing entry for 1.1.1.0/24
Known via "bgp 1", distance 20, metric 0
Tag 2, type external
Last update from 1.1.1.2 00:04:20 ago
Routing Descriptor Blocks:
* 1.1.1.2, from 1.1.1.2, 00:04:20 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 2

R1#

mfurnival · ‎05-29-2013

Amit, you have a route to 1.1.1.0/24, not 1.1.1.10.

The router is doing a recursive lookup to decide which exit interface to use for your static route. Because the next-hop address is not reachable (1.1.1.10) it cannot insert that route into the routing table.

amit.vashishtha · ‎05-30-2013

I just tried configuring 1 more static route in R1 which is a seperate subnet i.e.

ip route 10.10.10.0 255.255.255.128 1.1.1.10

when I shut the fa0/1 interface on r1 , even though 1.1.1.128 route is removed from static , the other one which I just installed still remains . So this is not at all related to the interface being shut .

*Mar 1 00:07:00.759: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
R1#sh ip route 1.1.1.128
Routing entry for 1.1.1.0/24
Known via "bgp 1", distance 20, metric 0
Tag 2, type external
Last update from 1.1.1.2 00:01:55 ago
Routing Descriptor Blocks:
* 1.1.1.2, from 1.1.1.2, 00:01:55 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 2

R1#
R1#sh ip route 10.10.10.0
Routing entry for 10.10.10.0/25
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 1.1.1.10
Route metric is 0, traffic share count is 1

I beleive this is something related to the destination prefix and next hop being a part of the agregate route recived via BGP .