I have a two routers A and B connected over ethernet link and running OSPF between them. IP ospf network type is configured as point to point. When enabled netflow i see traffic with source as interface IP and destination as 18.104.22.168 consuming more bandwidth. Further diagnosis showed the number of retransmissions of OSPF to be changing at a higher rate. Could anyone let me know the reason for retransmissions.
ip address x.x.x.x 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip tcp adjust-mss 1372
ip ospf network point-to-point
Solved! Go to Solution.
could you please tell us a little more about the retransmitted OSPF packets and also about the neighbor-states of your routers?
While exchanging the database, sending the Database Description packets will be retried until the DB exchange is completely done. If this process loops continuously, the problem is often caused by MTU mismatches or other MTU or layer-2 issues.
I noticed that you're doing MSS clamping (ip tcp adjust-mss) with a relativ low value, is the connection type an IPSec-Tunnel or something like that?
Maybe this document helps you in isolating the problem:
Hope that helps
Thanks for the reply.
Device is in distibuted layer of the production network and there are around 100 access layer devices connected running OSPF,so would not be able to execute debug. command and provide the retransmitted OSPF packet.Neighbours state of the routers is full. MTU throughout the path is set to 1500.
Had a observation from past 2 days, CPU of the device goes high during peak hours so though that might be a issue, but when the CPU utilsation is normal i still see retransmissions. Just a note number of retransmission is not that high its around 2000 for 6 hours.
The document provided is very informative and would help me while troubleshooting OSPF
and there are around 100 access layer devices connected running OSPF
wow - that's a lot!
How many OSPF devices do you have in a single area?
Recently I read a recommendation about OSPF hierarchy design that said you should avoid fragmentation of Router LSAs. As far as I remember, with a MTU of 1500 byte, a Router LSA can contain at the most 119 Link entries without fragmentation.
Could this be an issue in your network (show ip ospf database)?
Furthermore, very large packets have to be fragmented for the transport through the IPSec tunnel. This shouldn't be a problem but maybe it's worth an examination.
Just a note number of retransmission is not that high its around 2000 for 6 hours.
If the network is stable, we should see "paranoid flooding" every 30 minutes.
2000 : 12 = 166; but this doesn't tell us much. Maybe it helps you in estimating, you know your network.
Fischer is correct. Every 30 minutes, each router, will retransmit LSAs from which it originated. Also, is everything in one big area? If so, if there is any change in Type-1 and Type-2 LSAs, a full SPF run will occur. And since you have a LOT of routers in a single area (not sure on that yet), I could easily see with all the other stuff in your network, an LSA ACK or not coming in on time, or retransmits.
You can also implement, imcremental SPF, LSA Group Pacing, etc for OSPF if you have a lot of routers in one big area. But I would do research on those yourself, and see if it would be a good fit for your network.
Fisher, your post was very informative about how many Type-1 LSas you could contain in a 1500 byte packet.
OSPF database has 96 router LSA so that should not be an issue. I have 15 area's configured which are totally stub and maximum number of routers in a area is 30. There was a typo error i have 200 Access routers.
Though i am not much aware abt sh ip ospf retransmission-list, executed and observed retransmission happening inbetween.
After reviewing http://www.itcertnotes.com/2011/12/ospf-type-1-router-lsa.html I have to add that with authentication it's actually less than 119. I also found very much interesting information in "BRKRST-2337 - OSPF Deployment in Modern Networks (2013 Orlando)" - they have really great stuff on Cisco Live 365.