cancel
Showing results for 
Search instead for 
Did you mean: 

INVALID static route with unreachable next-hop still shows in VPN route table

New here

INVALID static route with unreachable next-hop still shows in VPN route table

I have recently deployed Active/Active DC-DC failover topology where I have installed a Meraki MX84
in two of our Datacenters. It has issue during failover on spoke site as it don't get failover to 
secondary headend/hub when LAN port of primary headend goes down.
 
During the event of LAN port down, Primary Headend still keep the static routes in routing table.
These INVALID static route with unreachable next-hop still shows in VPN route table. This makes VPN to
advertise INVALID routes to spoke. Spoke continue to send traffic to primary headend where it get dropped 
as it find no further path.
 
Meraki support suggested that what ever the status of next-hop, INVALID route will still there in VPN. 
I have made a request though WISH.
2 REPLIES 2
Kind of a big deal

Re: INVALID static route with unreachable next-hop still shows in VPN route table

Use static route tracking in this case to withdrawl the routes when the LAN gateway goes down.

https://documentation.meraki.com/MX/Networks_and_Routing/MX_Routing_Behavior#Static_Route_Tracking

 

You could also consider getting support to enable BGP, and use BGP peering and dump the static routes.

https://documentation.meraki.com/MX/Networks_and_Routing/BGP

Highlighted
Kind of a big deal

Re: INVALID static route with unreachable next-hop still shows in VPN route table

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.