[c-nsp] GRE tunnel routes not making it into FIB - 2911/K9

[Tim Huffman]

I have a customer with a strange problem that I can duplicate on a similar set up. We are both using Cisco 2911 routers. His is running version 15.1(4)M5 (base license), and mine is running 15.0(1)M6.

What's happening is this: There is a GRE tunnel set up between his router (a 2911) and mine (a 6503/sup720). We are running BGP over that GRE tunnel. The tunnel is up, and the two routers can pass traffic through the tunnel, but only to the router interfaces, NOT to devices on the customer LAN. On the 6503 side, the routes are installed normally, and CEF shows that traffic destined for his LAN should be going over the tunnel.

However, on the 2911 side, although the tunnel is up, and BGP is working, traffic is not being encapsulated, and devices attached to his LAN cannot get out to the Internet. When I do a 'sh ip route' things look fine. If I do a 'sh ip cef' things look fine. But if I do a 'sh ip cef exact-route' things get weird.

Here's what I'm seeing on his router:

#sh ip route
...
B*    0.0.0.0/0 [1/0] via 10.254.20.25

#sh ip cef
Prefix               Next Hop             Interface
0.0.0.0/0            10.254.20.25         Tunnel5

Everything looks good. Here's where it gets weird:

#sh ip cef exact-route 199.195.246.10 63.250.224.22
199.195.246.10 -> 63.250.224.22 => IP adj out of GigabitEthernet0/0, addr 63.250.226.93

Even if I take out the BGP route, and try STATICALLY routing traffic over the connection, I get similar results:
#sh ip route
...
S*    0.0.0.0/0 [1/0] via 10.254.20.25

#sh ip cef exact-route 199.195.246.10 63.250.224.50
199.195.246.10 -> 63.250.224.50 => IP adj out of GigabitEthernet0/0, addr 63.250.226.93

Is there something I'm missing? Could this be an IOS bug? Both 2911s are running the 'base' license, is routing over simple GRE something that's only enabled on some other license?

--
Tim Huffman