Hi

we've got a private AS with two uplinks to our ISP, and we've got a number of subnets that we advertise. Now we got a new assignment and it doesn't work as expected.

Here is the situation:

x.x.74.113
x.x.74.114
[DMZ1_box_1]
    ||
[DMZ1_GW] -- OSPF -- [GW_1] -- OSPF -- [GW_2] -- OSPF -- ...
x.x.24.227
                        |                 |
                       BGP               BGP
                        |                 |
                     ISP_rtr_1        ISP_rtr_2
                          \           /
                         ISP & Internet

Now if I advertise the new subnet /29 (or up to /31) from DMZ1_GW it gets propagated to both BGPs and the ISP correctly routes the traffic to GW_1 as it's closer to the box.

However if I advertise the IP/32 from DMZ1_GW then for some reason the traffic is routed from Internet to GW_2 first. ISP confirmed they accept up to /32 from us.

This is the relevant output from GW_1:
GW_1 ~ # birdc show route protocol ospf_eit | grep ^x.x.74
BIRD 1.3.8 ready.
x.x.74.114/32 via 172.31.253.32 on tunVpnCust [ospf_eit 11:44] * E2 (150/1/10000) [x.x.24.227]
x.x.74.112/31 via 172.31.253.32 on tunVpnCust [ospf_eit 11:44] * E2 (150/1/10000) [x.x.24.227]

GW_1 ~ # birdc show route export bgp_isp | grep ^x.x.74
BIRD 1.3.8 ready.
x.x.74.114/32 via 172.31.253.32 on ifDmz1 [ospf_eit 11:44] * E2 (150/1/10000) [x.x.24.227]
x.x.74.112/31 via 172.31.253.32 on ifDmz1 [ospf_eit 11:44] * E2 (150/1/10000) [x.x.24.227]


This is the relevant output from GW_2:
GW_2 ~ # birdc show route protocol ospf_eit | grep ^x.x.74
BIRD 1.3.8 ready.
x.x.74.114/32 via 172.31.253.1 on tunO2Oorc4 [ospf_eit 11:44] * E2 (150/11/10000) [x.x.24.227]
x.x.74.112/31 via 172.31.253.1 on tunO2Oorc4 [ospf_eit 11:44] * E2 (150/11/10000) [x.x.24.227]

GW_2 ~ # birdc show route export bgp_isp | grep ^x.x.74
BIRD 1.3.8 ready.
x.x.74.114/32 via 172.31.253.1 on tunO2Oorc4 [ospf_eit 11:44] * E2 (150/11/10000) [x.x.24.227]
x.x.74.112/31 via 172.31.253.1 on tunO2Oorc4 [ospf_eit 11:44] * E2 (150/11/10000) [x.x.24.227]

As it is now a ping from outside to x.x.74.113 (that's advertised as /31) goes to GW_1, which is correct and a ping to x.x.74.114 (that's advertised as /32) goes to GW_2, that's incorrect.

How come? I can't see what am I doing wrong...?

Any ideas?

Thanks

Michael