We're running into a strange problem of OSPF-learnt routes being marked as unreachable in the routing table. Our goal is to setup basic redundant connectivity for a branch office using two Internet connections and OSPF over IPSec/IPIP tunnels.
In the data centre we have a Cisco 7301 running 12.4(24)T5 and the office has an RB1200 running 5.12. The office has two ADSL services from two different ISPs. The data centre router has two loopback interfaces, with a tunnel from each ISP to each loopback. Each tunnel has a /31, running OSPF with the data centre router. The two loopbacks on the DC router are statically routed one per ISP.
Routes from the office appear just fine in the Cisco's routing table. But routes from the data centre to the office router show up with an unreachable next hop in the routing table. Pinging across the tunnels works fine.
In this example, 10.4.1.0/'24 is a data centre subnet, 10.4.0.2/31 is the RB's local side of the tunnel to the DC.
Code: Select all
7 Do dst-address=10.4.1.0/24 gateway=10.4.0.2 gateway-status=10.4.0.2 unreachable distance=110 scope=20
target-scope=10 ospf-metric=50 ospf-type=external-type-2
I thought this should be simple to fix, and just apply a set-gateway-check=none via the ospf-in route filter, but it doesn't actually do anything - the output from /ip route doesn't change. I tested this by adding a comment, which added just fine.
Code: Select all
9 Do ;;; From OSPF
10.4.1.0/24 10.4.0.2 110
2 chain=ospf-in target-scope=0 invert-match=no action=accept set-route-comment="From OSPF"
set-check-gateway=none set-bgp-prepend-path=""
So, either there's a problem setting set-check-gateway from a route filter, or there's something else wrong.
Does anyone have any idea whats up? Or a good place to start hunting? I'm a RouterOS n00b, dealing with Cisco stuff far more often.
Thanks