* OSPF operation can be subdivided into four discrete steps...
- Discover OSPF Neighbours.
- Exchange Topology Information.
- Choose Best Path.
- Neighbour and Topology Table Maintenance.
### Discover OSPF Neighbours
* Requires IP protocol 89 multicast (224.0.0.5/224.0.0.6) or unicast transport depending on network type.
- Possible NBMA pseudo-broadcast support issues.
- Possible filtering issues.
* Attributes that must be unique to proceed.
- IP Address.
- Router-ID.
* Attributes that must match to proceed.
- Subnet.
- Area.
- Compatible Network Types (Support DR/BDR election or not).
- Timers.
- MTU.
- Stub Flags.
- Authentication.
### Exchanging OSPF Topology info.
* Intra-area routes flooded via LSA 1 & LSA 2.
- Duplicate Router-ID issues.
- DR/BDR on NBMA issues.
* Inter-area routes flooded via LSA 3 by ABR.
- Discontinuous area 0 issue.
* External routes flooded via LSA 4, and 5 or 7.
- Duplicate Router-ID
- NSSA connectivity issues.
- Forward address issue on translated 7 to LSA.
### Common OSPF Verifications
- show ip route
- show ip ospf neighbor
- show ip ospf database
- debug ip ospf adj
### Practice OSPF ISSUES
* We have configured OSPF AS 1 with areas 0,1 and 2. (Basic configuration)
### NON_BROADCAST issue
* When we configure all devices, we can see that R5 not established as neighbour R2 and R4.
R5(config-router)#do show ip ospf interface serial 0/0 | in Type
Process ID 1, Router ID 10.1.5.5, Network Type NON_BROADCAST, Cost: 64
* Here we can see that this type of connection not permits Broadcast traffic.
- We have to configure neighbor statement in OSPF.
# R5
R5(config)#router ospf 1
R5(config-router)#neighbor 10.1.245.2
R5(config-router)#neighbor 10.1.245.4
# R2
R2(config-router)#neighbor 10.1.245.5
# R4
R4(config-router)#neighbor 10.1.245.5
R5#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.2.2 1 FULL/DROTHER 00:01:48 10.1.245.2 Serial0/0
10.1.4.4 1 FULL/BDR 00:01:58 10.1.245.4 Serial0/0
### Timer issue
* Configure hello timer at serial 0/0 on R4
R4#conf terminal
R4(config)#in serial 0/0
R4(config-if)#ip ospf hello-interval 4
R4(config-if)#do show running-config interface serial 0/0 | in interval
ip ospf hello-interval 4
* Note: R5 by default has 30 sec.
R5#debug ip ospf adj
OSPF adjacency events debugging is on
R5#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
<Output omitted>
*Mar 1 04:36:07.150: OSPF: 0.0.0.0 address 10.1.245.4 on Serial0/0 is dead
*Mar 1 04:36:07.150: OSPF: 0.0.0.0 address 10.1.245.4 on Serial0/0 is dead, state DOWN
*Mar 1 04:36:07.154: %OSPF-5-ADJCHG: Process 1, Nbr 0.0.0.0 on Serial0/0 from ATTEMPT to DOWN, Neighbor Down: Dead timer expired
R5#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.2.2 1 FULL/BDR 00:01:41 10.1.245.2 Serial0/0
N/A 0 ATTEMPT/DROTHER - 10.1.245.4 Serial0/0 <-- R4
* Solution
R2(config)#in serial 0/0
R2(config-if)#ip ospf hello-interval 4
R5(config)#in serial 0/0
R5(config-if)#ip ospf hello-interval 4
R5#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.2.2 1 FULL/DROTHER 00:00:15 10.1.245.2 Serial0/0
10.1.4.4 1 FULL/DR 00:00:11 10.1.245.4 Serial0/0
### DR/BDR election issue
* In this case R4 is DR and R5 is BDR.
R5#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.2.2 1 FULL/DROTHER 00:00:15 10.1.245.2 Serial0/0
10.1.4.4 1 FULL/DR 00:00:11 10.1.245.4 Serial0/0
* On Frame Relay networks we don´t have full connectivity.
* R2 to reach R4 needs to cross R5.
* If R2 wants to send an update out of the network, its really needs to go R5 and than down to R4.
* The problem is an non-broadcast network only DR is allowed to LSA replication.
* DR have to be someone who has full connectivity to the rest of the network.
* Check Route Table
R2#show ip route ospf
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.1.13.0/24 [110/74] via 10.1.23.3, 00:14:37, FastEthernet0/0
O 10.1.3.3/32 [110/11] via 10.1.23.3, 00:14:37, FastEthernet0/0
R4#show ip route ospf
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
O 10.1.6.6/32 [110/11] via 10.1.146.6, 00:30:13, FastEthernet0/0
O 10.1.5.5/32 [110/65] via 10.1.245.5, 00:12:33, Serial0/0
O 10.1.1.1/32 [110/11] via 10.1.146.1, 00:30:13, FastEthernet0/0
O 10.1.60.0/24 [110/20] via 10.1.146.6, 00:30:13, FastEthernet0/0
O 10.1.50.0/24 [110/74] via 10.1.245.5, 00:12:33, Serial0/0
* We cannot see IA networks and the problem is DR election.
* Solution
R2(config)#in ser 0/0
R2(config-if)#ip ospf priority 0
R4(config)#in ser 0/0
R4(config-if)#ip ospf priority 0
R2#show ip ospf neighbor | in 10.1.5.5
10.1.5.5 1 FULL/DR 00:00:13 10.1.245.5 Serial0/0
R4#show ip ospf neighbor | in 10.1.5.5
10.1.5.5 1 FULL/DR 00:00:15 10.1.245.5 Serial0/0
R5#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.2.2 0 FULL/DROTHER 00:00:12 10.1.245.2 Serial0/0
10.1.4.4 0 FULL/DROTHER 00:00:13 10.1.245.4 Serial0/0
* Check Route Table Again
R2#show ip route ospf
10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks
O 10.1.13.0/24 [110/74] via 10.1.23.3, 00:20:26, FastEthernet0/0
O IA 10.1.6.6/32 [110/75] via 10.1.245.4, 00:00:06, Serial0/0
O 10.1.5.5/32 [110/65] via 10.1.245.5, 00:00:06, Serial0/0
O IA 10.1.4.4/32 [110/65] via 10.1.245.4, 00:00:06, Serial0/0
O 10.1.3.3/32 [110/11] via 10.1.23.3, 00:20:26, FastEthernet0/0
O IA 10.1.1.1/32 [110/75] via 10.1.245.4, 00:00:06, Serial0/0
O IA 10.1.60.0/24 [110/84] via 10.1.245.4, 00:00:06, Serial0/0
O 10.1.50.0/24 [110/74] via 10.1.245.5, 00:00:06, Serial0/0
O IA 10.1.146.0/24 [110/74] via 10.1.245.4, 00:00:06, Serial0/0
R4#show ip route ospf
10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks
O IA 10.1.13.0/24 [110/138] via 10.1.245.2, 00:00:26, Serial0/0
O 10.1.6.6/32 [110/11] via 10.1.146.6, 00:36:26, FastEthernet0/0
O 10.1.5.5/32 [110/65] via 10.1.245.5, 00:00:26, Serial0/0
O IA 10.1.3.3/32 [110/75] via 10.1.245.2, 00:00:26, Serial0/0
O IA 10.1.2.2/32 [110/65] via 10.1.245.2, 00:00:26, Serial0/0
O 10.1.1.1/32 [110/11] via 10.1.146.1, 00:36:26, FastEthernet0/0
O IA 10.1.23.0/24 [110/74] via 10.1.245.2, 00:00:26, Serial0/0
O 10.1.60.0/24 [110/20] via 10.1.146.6, 00:36:25, FastEthernet0/0
O 10.1.50.0/24 [110/74] via 10.1.245.5, 00:00:26, Serial0/0
### MTU issue
* Configure MTU value on R3 incorectlly
R3#conf terminal
R3(config)#in ser 0/0
R3(config-if)#mtu 1490
R3#debug ip ospf adj
OSPF adjacency events debugging is on
R3#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
<Output omitted>
*Mar 1 05:22:01.346: OSPF: Send DBD to 10.1.1.1 on Serial0/0 seq 0x2006 opt 0x52 flag 0x7 len 32
*Mar 1 05:22:01.350: OSPF: Retransmitting DBD to 10.1.1.1 on Serial0/0 [5]
*Mar 1 05:22:01.394: OSPF: Rcv DBD from 10.1.1.1 on Serial0/0 seq 0x2006 opt 0x52 flag 0x2 len 232 mtu 1500 state EXSTART
*Mar 1 05:22:01.398: OSPF: Nbr 10.1.1.1 has larger interface MTU
R3#show ip ospf neighbor | in ^Ne|10.1.1.1
Neighbor ID Pri State Dead Time Address Interface
10.1.1.1 0 EXSTART/ - 00:00:11 10.1.13.1 Serial0/0 <-- Its stacks in EXSTART state
*Mar 1 05:26:46.338: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial0/0 from EXSTART to DOWN, Neighbor Down: Too many retransmissions
*Mar 1 05:27:46.338: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial0/0 from DOWN to DOWN, Neighbor Down: Ignore timer expired
* Debug on R1
*Mar 1 05:29:46.262: OSPF: Rcv DBD from 10.1.3.3 on Serial0/0 seq 0xEB opt 0x52 flag 0x7 len 32 mtu 1490 state EXCHANGE
*Mar 1 05:29:46.266: OSPF: Nbr 10.1.3.3 has smaller interface MTU
*Mar 1 05:29:46.266: OSPF: Send DBD to 10.1.3.3 on Serial0/0 seq 0xEB opt 0x52 flag 0x2 len 232
* Solution
R3#conf terminal
R3(config)#in ser 0/0
R3(config-if)#no mtu
*Mar 1 05:32:05.538: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial0/0 from LOADING to FULL, Loading Done
R3#show ip ospf neighbor | in ^Ne|10.1.1.1
Neighbor ID Pri State Dead Time Address Interface
10.1.1.1 0 FULL/ - 00:00:09 10.1.13.1 Serial0/0
### Duplicate Router-ID issue
* Check Router ID on R1
R1#show ip ospf database | in OSPF
OSPF Router with ID (10.1.1.1) (Process ID 1)
* Configure Router-ID to 10.1.2.2 (As a R2)
R1(config)#router ospf 1
R1(config-router)#router-id 10.1.2.2
* Note: Reload or use "clear ip ospf process" command, for this to take effect
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
* When you have duplicate Router-ID your Route table is not complete and router generate log message every 4 min. %OSPF-4-DUP_RTRID_AREA.
*Mar 1 05:47:37.238: %OSPF-4-DUP_RTRID_AREA: Detected router with duplicate router ID 10.1.2.2 in area 1
*Mar 1 05:47:43.410: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.1.4.4 type-3 adv-rtr 10.1.2.2 in area 1
R2#show ip ospf database router 10.1.2.2 | beg Area 1
Router Link States (Area 1)
LS age: 5
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 10.1.2.2
Advertising Router: 10.1.2.2 <-- Router-ID
LS Seq Number: 80000070
Checksum: 0x38FA
Length: 48
Area Border Router
Number of Links: 2
<Output omitted>
* When R1 receives updates from R2 the Advertising Router is the same.
* Create Lo 3 in R3 and redistribute into OSPF.
R3#conf terminal
R3(config)#in lo 3
R3(config-if)#ip address 3.3.3.3 255.255.255.255
R3(config-if)#router ospf 1
R3(config-router)#redistribute connected subnets
R3(config-router)#end
R3#show ip ospf database | begin Ext
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
3.3.3.3 10.1.3.3 267 0x80000001 0x00D3AF 0
* Check Route table in R6.
R6#show ip route 3.3.3.3
Routing entry for 3.3.3.3/32
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 84
Last update from 10.1.146.4 on FastEthernet0/0, 00:06:40 ago
Routing Descriptor Blocks:
* 10.1.146.4, from 10.1.3.3, 00:06:40 ago, via FastEthernet0/0
Route metric is 20, traffic share count is 1
* in this case if we have the duplicate Router-ID between R3 and R6 we have problems.
* Configure incorrectly R6 Router-ID.
R6#conf terminal
R6(config)#router ospf 1
R6(config-router)#router-id 10.1.3.3
R6#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
* Check again Database and Routing table in R6.
* You can see route 3.3.3.3 in the OSPF database but it never install into the routing table.
R6#show ip ospf database | beg Type-5
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
3.3.3.3 10.1.3.3 3659 0x8000000C 0x00F497 0
R6#show ip route 3.3.3.3
% Network not in table
* On R3 you receive Log Message: %OSPF-4-FLOOD_WAR.
*Mar 1 05:47:43.410: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.1.3.3 type-5 adv-rtr 10.1.3.3 in area 1
* Make ping from R5 to route 3.3.3.3
R5#ping 3.3.3.3
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/27/44 ms
* Note: If we make debug ip routing in R5 we can see what happens.
R5#debug ip routing
IP routing debugging is on
*Mar 1 06:26:27.874: OSPF: Rcv LS UPD from 10.1.4.4 on Serial0/0 length 64 LSA count 1
*Mar 1 06:26:27.886: RT: del 3.3.3.3/32 via 10.1.245.2, ospf metric [110/20]
*Mar 1 06:26:27.886: RT: delete subnet route to 3.3.3.3/32
*Mar 1 06:26:27.890: RT: NET-RED 3.3.3.3/32
*Mar 1 06:26:27.894: RT: delete network route to 3.0.0.0
*Mar 1 06:26:27.894: RT: NET-RED 3.0.0.0/8
*Mar 1 06:26:32.890: OSPF: Rcv LS UPD from 10.1.4.4 on Serial0/0 length 64 LSA count 1
*Mar 1 06:26:32.902: RT: SET_LAST_RDB for 3.3.3.3/32
*Mar 1 06:26:32.902: RT: NEW rdb: via 10.1.245.2
*Mar 1 06:26:32.906: RT: add 3.3.3.3/32 via 10.1.245.2, ospf metric [110/20]
*Mar 1 06:26:32.910: RT: NET-RED 3.3.3.3/32
* It deletes and than adds again all times this network.
### Virtual-link issue
* In our Lab, if R2 loses S0/0 connection, now Area 1 is isolated from Area 0.
* To fix this problem we need to create Virtual-Link between R1 and R4 through Area 2.
* Configure Virtual-Link between R1 and R4.
R1#conf terminal
R1(config)#router ospf 1
R1(config-router)#area 2 virtual-link 10.1.4.4
R4#conf terminal
R4(config)#router ospf 1
R4(config-router)#area 2 virtual-link 10.1.1.1
