On 2009/12/18 12:31, Claudio Jeker wrote: > > So it seems that any host routes, even RTP_DOWN, take priority over > > higher priority net routes for the same address. > > Host routes are allways more specific then network routes (even /32 ones). > So they will used in that case. Currently the lookup will not try less > specific routes in case their RTP_DOWN (or actually not RTF_UP). This > could be regarded as bug -- the code is just too insane to fix it easily.
Hmmm... given this, would it make any kind of sense to have the routing daemons install /32 as host rather than network routes? > > This explains a little trouble I've been having when I restart ospfd > > (which I do a bit more often than is good for me, but haven't been able > > to put my finger on exactly why I have to...) > > Hmm. If you know what goes wrong I will try to fix it :) The relevant machines were running old code, but this week I've finally got them over the nat-to bump, so I'll be able to do some meaningful testing with -current soon (I hate reporting problems unless I know I've collected enough information to at least point someone in approximately the right direction ;) > This is PMTU fucking around because TCP is no longer getting ACKs back and > so it goes and tries to disable PMTU by creating a dynamic route cloned > from the parent route. In your case that's the default reject route. > Now that's totaly stupid I know and especially the created route is > wrong in so far that the reject bit is dropped. It is also questionable > why we should create a dynamic route cloned from a reject or blackhole > route. aha...yes this does indeed seem to be the explanation, and certainly for disabling PMTU, cloning a reject or blackhole route makes no sense. > As a workaround I would try to use blackhole routes instead of reject ones > and see if this will make the event of TCPs PMTU magic kicking in less > probable. This doesn't noticably help. But now I remember that since I started sending full BGP tables everywhere I don't actually need a default route to redist into OSPF any more...and after removing the route completely, this does work as expected, fixing my immediate problem.