I've just realised I shouldn't be specifying these routes at all. Bird does this for me! It works if I remove them, but I can't see the resulting routes in an "ip show route". Is there a way to see what is going on?
Iain > On 9 Jan 2015, at 18:00, Iain Buchanan <[email protected]> wrote: > > Hi, > > I'm having a problem where routes that are associated with gre tunnels are > not removed when the tunnel stops working. The tunnels are set up to run > over IPSEC transport links and there are firewall rules that prevent > unencrypted traffic from being sent out. There are three machines, each with > a link from itself to the other two machines. > > When I bring down an IPSEC link bird detects this fairly quickly. I can do a > "show ospf state all" and see the connectivity change, with the distance for > the node that is no longer directly linked to increasing. > > The problem is that each of the three nodes still lists all of the networks > as reachable. > > For example, on node 1 there are the following routing rules (ip route show): > 10.142.0.0/16 via 10.1.2.10 dev gre_node2 > 10.143.0.0/16 via 10.1.2.14 dev gre_node3 > > These are set up statically in a post-up rule in the network configuration > (could this be done some other way?). > > Bird shows the nodes' OSPF state as the following, even though it has > detected the link isn't working: > external 10.142.0.0/16 metric2 10000 via 10.1.2.10 > external 10.143.0.0/16 metric2 10000 via 10.1.2.14 > > Should I be specifying these routes in another way, or is there a way I can > make bird remove the routes when it detects the link has gone? > > Iain
