Route marked inactive when gateway is reachable.

RouterOS General
1

I have a /32 route that is on-link to an interface. If I make that ip address the gateway for another network, the route is always inactive, even if I tell it to not check gateway.

The use case is I assign /32 routes to DHCP customers with DHCP option 121, then I make a static route to them with the gateway on the interface, this works fine. If I add a network for this customer, the network never becomes active even though I can ping the gateway just fine.

[me@routeros-1] /ip/route> add dst-address=63.116.158.80/30 gateway=63.116.158.74 check-gateway=none

[me@routeros-1] /ip/route> /ip route/print where dst-address=63.116.158.80/30
Flags: I - INACTIVE; s - STATIC
Columns: DST-ADDRESS, GATEWAY, DISTANCE

7 Is 63.116.158.80/30 63.116.158.74 1
Note this is inactive


[me@routeros-1] /ip/route> /ip route/print where dst-address=63.116.158.74
Flags: A - ACTIVE; s - STATIC
Columns: DST-ADDRESS, GATEWAY, DISTANCE

1 As 63.116.158.74/32 vlan44_vrrp 1
Note that I have an on-link route for this address

[me@routeros-1] /ip/route> /ping 63.116.158.74
SEQ HOST SIZE TTL TIME STATUS
0 63.116.158.74 56 128 431us
1 63.116.158.74 56 128 605us
2 63.116.158.74 56 128 437us
sent=3 received=3 packet-loss=0% min-rtt=431us avg-rtt=491us max-rtt=605us

Note I can ping the gateway address without issue.

I would think this should work. I want to say it worked on an older release. This is 7.18.1.

Any ideas?

2

I can simulate the behavior I want it I also put the routed network on the interface then build static arp for each address. Like this:

[me@routeros-1] /ip/route> add dst-address=63.116.158.80/30 gateway=vlan44_vrrp
[me@routeros-1] /ip/arp> add address=64.116.158.80 mac-address=58:47:CA:77:DC:E2 interface=vlan44_vrrp
[me@routeros-1] /ip/arp> add address=64.116.158.81 mac-address=58:47:CA:77:DC:E2 interface=vlan44_vrrp
[me@routeros-1] /ip/arp> add address=64.116.158.82 mac-address=58:47:CA:77:DC:E2 interface=vlan44_vrrp
[me@routeros-1] /ip/arp> add address=64.116.158.83 mac-address=58:47:CA:77:DC:E2 interface=vlan44_vrrp

That explicitly sends the routing to the right host, but not sure why I need to build all of that when the router is already tracking the mac address of 63.116.158.74.

3

You need to set the target-scope value of the dst-address=63.116.158.80/30 gateway=63.116.158.74 route to be at least the scope value of the dst-address=63.116.158.74/32 gateway=vlan44_vrrp route.

Read more about it here https://help.mikrotik.com/docs/spaces/ROS/pages/328084/IP+Routing#IPRouting-NexthopLookup

Routes with a scope greater than the maximum accepted value are not used for next-hop lookup. Each route > specifies the maximum accepted scope value for its nexthop in the target-scope property. > The default value of this property allows nexthop lookup only through connected routes, with the exception of iBGP routes that have a larger default value and can lookup nexthop also through IGP and static routes.

4

The older documentation (https://wiki.mikrotik.com/Manual:IP/Route) says:

Routes with interface name as the value of gateway are not used for nexthop lookup. If route has both interface nexthops and active IP address nexthops, then interface nexthops are ignored.

This is what I’m doing, my nexthop is a route with an interface as the gateway.

The newer documentation doesn’t mention this limitation (https://help.mikrotik.com/docs/spaces/ROS/pages/328084/IP+Routing) has this changed for v7?

I’ll try setting the scope.

5

Yes, the part that I linked to specifically mentioned the changes from v6 to v7 regarding scope and nexthop (and the reasons).

6

Confirmed, using a larger target-scope fixes this. Looks like the previous limitation does apply to routeros 7.