I have set check-gateway to ping on the router filter for the routes we receive via BGP so that if the gateway for the route is not accessible it won’t mark the route active but it does not work.
When I look at the route it says “ping” for check-gateway, but when I look at the nexthop it shows check-gateway=none.
If I set check-gateway on a static route it works fine and shows that the check-gateway succeeded.
Is this expected behaviour? Can you not enable check-gateway on BGP learnt routes?
If so how do others deal with this?
Typically you would rely on the health of the BGP peering to manage the health of the routes (except for verifying path reachability).
One of the first checks BGP has to do is validate the gateway that is learned in the route received…if isn’t reachable, BGP won’t install the route. It seems like you may be adding an unnecessary step.
See the first entry in the BGP Best Path selection:
Thanks for your response. I am sorry I didn’t see your reply at the time.
I agree with you, except in this case it is peering to an IX, and for some reason the routes were still published from the IX even though the gateway to them was down.
While check-gateway may help with the issue, I can see that would really just be trying to cover for the real issue which is ‘why were the routes still being advertised if the source of those advertisements had gone offline’.
The next time I see this happen I will pursue it with them.