OSPF routemaps are a bit curious and I cannot understand why these two configurations do not exclude the default gateway.
The goal is to distribute all static routes into a transport VRF, except the default gateway. This is a VPN-Gateway with a couple cores, the main GW is an appliance with a lot more capacity, though we do not want to terminate VPN tunnels due to compatibility issues. The main GW will also announce itself as the default GW with OSPF into the transport VRF.
The network should only know the routes that are going into the VPN enc domains, defined by statically routing them towards the default gw on the gateway external side.
set routemap ospfout id 9 on
set routemap ospfout id 9 restrict
set routemap ospfout id 9 match network 0.0.0.0/0 exact
set routemap ospfout id 10 on
set routemap ospfout id 10 allow
set routemap ospfout id 10 match nexthop <default-gw> on
set routemap ospfout id 10 match protocol static
set ospf instance default export-routemap ospfout preference 10 on
The above does not work even if the order is reversed.
set routemap ospfout id 10 on
set routemap ospfout id 10 allow
set routemap ospfout id 10 match nexthop <default gw> on
set routemap ospfout id 10 match protocol static
set routemap ospfoutrestrict id 10 on
set routemap ospfoutrestrict id 10 restrict
set routemap ospfoutrestrict id 10 match network 0.0.0.0/0 exact
set ospf instance default export-routemap ospfout preference 10 on
set ospf instance default export-routemap ospfoutrestrict preference 9 on
This version didn't exclude the default route either, I also tested variants of the above with no luck.
I ended up with a trick, which works since this is a simple setup:
set routemap ospfout id 10 on
set routemap ospfout id 10 allow
set routemap ospfout id 10 match nexthop <default-gw> on
set routemap ospfout id 10 match network 0.0.0.0/0 refines
set routemap ospfout id 10 match protocol static
The trick is that refines is "less than", it covers all routes that are not 0.0.0.0/0, which is the widest mask possible.
Do you have any insight in why the Cisco way in my first couple examples don't work with CP routed? I've seen configuration examples with my second configuration, though is there something new with R80.40 OSPF?
I tried to get some help from TAC, though they closed the issue as soon as I reported the workaround above. Not at all happy with getting no answers, especially on a premium support contract.