After trying couple of things, we noticed that the bgp routes are missing from the kernel routing table as long as we have a route added toward the other end of the tunnel using the public ip of the tunnel as gateway ie:
root@vpn1:~ # netstat -rn | grep <public ip1> <public ip1> <public ip2> UGHS 2 4389837 - 8 vlan10 172.29.1.3 <public ip1> UHS 1 5 - L 8 mgre0 If we remove that route toward 172.29.1.3 (mgre tunnel on the other side) then the routing table gets populated with all the bgp routes, but then we can reach that gateway 172.29.1.3 as soon as we readd that route, all the bgp routes disappear: root@vpn1:~ # route -n show | grep mgre 172.29.1/24 172.29.1.2 UCn 0 0 - 4 mgre0 172.29.1.2 mgre0 UHl 0 18431 - 1 mgre0 172.29.1.3 <public ip1> UHS 1 5 - L 8 mgre0 root@vpn1:~ # route del 172.29.1.3 del host 172.29.1.3 root@vpn1:~ # route -n show | grep mgre 10.1.0/24 172.29.1.3 UG 0 0 - 48 mgre0 10.1.2/24 172.29.1.3 UG 0 0 - 48 mgre0 10.1.3/24 172.29.1.3 UG 0 0 - 48 mgre0 10.1.4/24 172.29.1.3 UG 0 0 - 48 mgre0 10.1.5/24 172.29.1.3 UG 0 0 - 48 mgre0 10.1.6/24 172.29.1.3 UG 0 0 - 48 mgre0 10.1.16/24 172.29.1.3 UG 0 0 - 48 mgre0 ... We also noticed that sometimes the iface is missing in the bgpctl show next command: root@vpn1:~ # bgpctl show next Flags: * = nexthop valid Nexthop Route Prio Gateway Iface * 172.29.1.3 172.29.1.3/32 8 <public ip1> Thanks, Ben
