Showing posts with label OSPF. Show all posts
Showing posts with label OSPF. Show all posts

Wednesday, 4 May 2011

Common OSPF issues and their cause

Troubleshooting OSPF Commands
-----------------------------------------
Show IP OSPF
Show IP OSPF Database
Show IP OSPF Database Database-Summary
show ip ospf neighbor
show ip ospf neighbor detail
show ip ospf interface
show ip ospf virtual-links
sh ip ospf stat
show ip ospf borders-routers
show ip ospf database self-originate
show ip ospf database adv-router x.x.x.x
Adjacency Is Not Coming Up
---------------------------------
Layer 2 is down
OSPF not enabled on the interface
Mismatched subnet mask
Mismatched authentication key
Mismatched area ID
Mismatched transit/stub/NSSA option
Useful Commands for This Problem:
Show IP OSPF neighbor
Show IP OSPF interface
Debug IP OSPF adjacency

Neighbor Stuck in ATTEMPT state
-----------------------------------------
Our hellos are getting lost in NBMA cloud
Neighbor hellos are getting lost in NBMA cloud
We received neighbor’s hello but rejects it for some reason
Misconfigured neighbor statement
Broken Unicast
Neighbor Stuck in INIT state
----------------------------------
One side is blocking the hello packet with access-list
One side is translating (NAT) OSPF hello
One side multicast capabilities is broken (Layer 2)
Dialer map or Frame Relay map is missing keyword ‘broadcast’
Neighbor Stuck in 2-WAY state
-------------------------------------
This is normal in broadcast network types
This is to reduce the amount of flooding on the wire
Problem can happen if all the router are configured with priority equal to ‘0’
Take care which routers are configured with priority 0 so they don’t participate in DR election
Neighbor Stuck in EXSTART/EXCHANGE
-------------------------------------------------
MTU mismatch—EXCHANGE
Note: If Cisco IOS is < 12.0.3 neighbor will show stuck in EXCHANGE
Neighbor RID is same as ours—EXSTART
Note: If Cisco IOS is > 12.0.7, it displays msg: %OSPF-3-DUP_RTRID & OSPF neighbor list will be empty
Unicast is broken—EXCHANGE
a. Wrong VC/DLCi mapping in frame/ATM environment in highly redundant network
b. MTU problem, can’t ping across with more than certain length packet
c. Access-list blocking unicast; after two-way OSPF send unicast packet except p2p links
d. NAT is translating unicast packet
Between PRI and BRI/dialer and network type is p2p—EXCHANGE
Neighbor Stuck in LOADING state
----------------------------------------
LS request is being made and neighbor is sending bad packet or mem corrupt
a. Do show IP OSPF bad to see bad LSA
b. Show log will show OSPF-4-BADLSATYPE msg
LS request is being made and neighbor is ignoring the request
MTU mismatch problem (RFC 1583 and 2178 compatibility issue) . OSPF should detect if the neighbor MTU is smaller than ours. Currently available in latest 12.3 and 12.0S.

Information is in the Database, but Not in the Routing Table

-----------------------------------------------------------------------
Generally caused due to any filtering options enabled
Mismatched Network Types
Point-to-Point Numbered and Unnumbered Links
Different Mask or IP Subnet on P2P Links
Address Flipped on Dual Links
Forwarding Address Problem
Discontigous Backbone

OSPF Neighbor States

Introduction
When OSPF adjacency is formed, a router goes through several state changes before it becomes fully adjacent with its neighbor. Those states are defined in the OSPF RFC 2328, section 10.1. The states are Down, Attempt, Init, 2-Way, Exstart, Exchange, Loading, and Full. This document describes each state in detail.

Down
This is the first OSPF neighbor state. It means that no information (hellos) has been received from this neighbor, but hello packets can still be sent to the neighbor in this state.
During the fully adjacent neighbor state, if a router doesn't receive hello packet from a neighbor within the RouterDeadInterval time (RouterDeadInterval = 4*HelloInterval by default) or if the manually configured neighbor is being removed from the configuration, then the neighbor state changes from Full to Down.
Attempt
This state is only valid for manually configured neighbors in an NBMA environment. In Attempt state, the router sends unicast hello packets every poll interval to the neighbor, from which hellos have not been received within the dead interval.
Init
This state specifies that the router has received a hello packet from its neighbor, but the receiving router's ID was not included in the hello packet. When a router receives a hello packet from a neighbor, it should list the sender's router ID in its hello packet as an acknowledgment that it received a valid hello packet.
2-Way
This state designates that bi-directional communication has been established between two routers. Bi-directional means that each router has seen the other's hello packet. This state is attained when the router receiving the hello packet sees its own Router ID within the received hello packet's neighbor field. At this state, a router decides whether to become adjacent with this neighbor. On broadcast media and non-broadcast multiaccess networks, a router becomes full only with the designated router (DR) and the backup designated router (BDR); it stays in the 2-way state with all other neighbors. On Point-to-point and Point-to-multipoint networks, a router becomes full with all connected routers.
At the end of this stage, the DR and BDR for broadcast and non-broadcast multiacess networks are elected. For more information on the DR election process, refer to DR Election.
Note: Receiving a Database Descriptor (DBD) packet from a neighbor in the init state will also a cause a transition to 2-way state.
Exstart
Once the DR and BDR are elected, the actual process of exchanging link state information can start between the routers and their DR and BDR.
In this state, the routers and their DR and BDR establish a master-slave relationship and choose the initial sequence number for adjacency formation. The router with the higher router ID becomes the master and starts the exchange, and as such, is the only router that can increment the sequence number. Note that one would logically conclude that the DR/BDR with the highest router ID will become the master during this process of master-slave relation. Remember that the DR/BDR election might be purely by virtue of a higher priority configured on the router instead of highest router ID. Thus, it is possible that a DR plays the role of slave. And also note that master/slave election is on a per-neighbor basis.
Exchange
In the exchange state, OSPF routers exchange database descriptor (DBD) packets. Database descriptors contain link-state advertisement (LSA) headers only and describe the contents of the entire link-state database. Each DBD packet has a sequence number which can be incremented only by master which is explicitly acknowledged by slave. Routers also send link-state request packets and link-state update packets (which contain the entire LSA) in this state. The contents of the DBD received are compared to the information contained in the routers link-state database to check if new or more current link-state information is available with the neighbor.
Loading
In this state, the actual exchange of link state information occurs. Based on the information provided by the DBDs, routers send link-state request packets. The neighbor then provides the requested link-state information in link-state update packets. During the adjacency, if a router receives an outdated or missing LSA, it requests that LSA by sending a link-state request packet. All link-state update packets are acknowledged.
Full
In this state, routers are fully adjacent with each other. All the router and network LSAs are exchanged and the routers' databases are fully synchronized.
Full is the normal state for an OSPF router. If a router is stuck in another state, it's an indication that there are problems in forming adjacencies. The only exception to this is the 2-way state, which is normal in a broadcast network. Routers achieve the full state with their DR and BDR only. Neighbors always see each other as 2-way.

Cisco SD-WAN: Onboarding Controllers step by step (on-prem)

 This configuration example only covers the process of installing the SD-WAN controller software images on a VMWare ESXI instance, establish...