A /32 route of the local tunnel address is created automatically for all tunnels on the MC-IPsec enabled tunnel-group.
This /32 route can be exported to a routing protocol by a route policy. The protocol type in route-policy is IPsec.
To attract traffic to the master chassis, a route metric of these /32 routes could be set according to the MIMP state, a metric from the master chassis is better than a metric from the standby chassis. There are three available states that can be used in the from state command in the route policy entry configuration:
IPsec-master-with-peer
Corresponding MIMP states: master
IPsec-master-without-peer
Corresponding MIMP states: eligible
IPsec-non-master
Corresponding MIMP states: discovery/standby
However, if the standby chassis receives IPsec traffic, the traffic is shunted to the master chassis by forwarding to a redundant next-hop. The redundant next-hop is an IP next-hop in the public routing instance.