Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7221
Views
25
Helpful
8
Replies

OSPF Problem, where to start from

Go to solution
Mero Cisco
Level 1
Level 1

‎08-12-2012 08:12 PM - edited ‎03-04-2019 05:15 PM

Hi,

I have configured lots of router with OSPF. Most of them working fine, but on some of the routers it's not working. Same commands used except the network address change. I have checked the commands, nothing wrong in commands.

The "sh ip ospf database" command gives the link state of only the same router's database. show ip ospf neighbor gives no data. From where should I start troubleshooting ? Please guide me.

Yours,

Mero

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎08-12-2012 11:27 PM

Hi Mero,

The fact that the show ip ospf neighbor output is empty is a good indication that there is a problem in basic neighborhood/adjacency establishement. You have to verify the following:

  1. Try pinging your OSPF neighbors by their IP address (use the IP address from the network that directly connects you to these routers). If the ping is not successful, there is a basic problem with IP connectivity and so OSPF cannot work because it relies on the ability of two routers to speak through IP directly.
  2. If the ping is successful, verify the following:
    1. Enter the show ip ospf interface brief command on both routers. Verify that the interface to the neighboring router is listed and that all interface are assigned to the same Process ID (the PID column). If not, you are missing the appropriate network command in OSPF configuration.
    2. Using the same output, verify that interfaces that connect both routers together are placed into the same area.
    3. Have a look at the configuration of these interfaces in the running-config. Make sure that the OSPF timers either are not set at all or that they are set on both routers to the identical values.
    4. Also verify if there is any authentication configured on the interface. The authentication mode and password must match on both routers.
    5. Have a look at the configuration of the OSPF process itself. Verify if the interfaces are configured as passive - they must not be.
    6. Also verify if the area type (stub, nssa, no special area type) is identically configured on both routers.

Please keep us informed. Good luck!

Best regards,

Peter

View solution in original post

Go to solution
ashirkar
Level 7
Level 7
In response to Peter Paluch

‎08-13-2012 03:00 AM

Hello Mero,

Please Check the following points if your neighbor relationship is not comming up

1) Check the physical connectivity

2) Check for area no and process has initialize on interface or not ....(command :sh ip ospf int brief )

3) Check for network type (point to point ,point to multipoint ,NBMA etc)....(Command:Sh ip ospf interface )

4) Check for Authentication.(Type of authentication type 0,1,2 need to be on both side,also the authentication key)

5) Check for MTU size on the interface.(Need to be same or else database will not going to be exchange)

6) Check any ACL is present on interface.

7) Check for the Subnets

8) Check for the Area type (Stub,totally stub,nssa,normal area)

9) Check for dead and hello timers both need to same on the both sides

10) Router Id must unique in the your As.

Good commands to verify troubleshooting ospf issue

1) sh ip os int brief

2) sh ip os ne

3) sh ip protocol

4) sh ip ospf database (check for specific type like network,router,external etc )

5) clear ip ospf process (will kill all neighbor in short it will reinitialize process)

If you want to see Ospf adjecency is flapping then use this command under ospf process (ospf log-adjacency-change) ,

Still u will be having problem with full Neighborship use Debug ip ospf adj or packet (Not recommanded in live enviroment)

Also keep in mind that media can have Impact on ospf neighborship (example: In Framerelay broadcast queue packet drops ,you can verify that using command :sh interface ( check for broadcast sent/dropped)

Hop that is informative to you.

Regards,

Ashish

View solution in original post

8 Replies 8

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎08-12-2012 11:27 PM

Hi Mero,

The fact that the show ip ospf neighbor output is empty is a good indication that there is a problem in basic neighborhood/adjacency establishement. You have to verify the following:

  1. Try pinging your OSPF neighbors by their IP address (use the IP address from the network that directly connects you to these routers). If the ping is not successful, there is a basic problem with IP connectivity and so OSPF cannot work because it relies on the ability of two routers to speak through IP directly.
  2. If the ping is successful, verify the following:
    1. Enter the show ip ospf interface brief command on both routers. Verify that the interface to the neighboring router is listed and that all interface are assigned to the same Process ID (the PID column). If not, you are missing the appropriate network command in OSPF configuration.
    2. Using the same output, verify that interfaces that connect both routers together are placed into the same area.
    3. Have a look at the configuration of these interfaces in the running-config. Make sure that the OSPF timers either are not set at all or that they are set on both routers to the identical values.
    4. Also verify if there is any authentication configured on the interface. The authentication mode and password must match on both routers.
    5. Have a look at the configuration of the OSPF process itself. Verify if the interfaces are configured as passive - they must not be.
    6. Also verify if the area type (stub, nssa, no special area type) is identically configured on both routers.

Please keep us informed. Good luck!

Best regards,

Peter

Go to solution
Mero Cisco
Level 1
Level 1
In response to Peter Paluch

‎08-13-2012 02:07 AM

Hi Peter,

Thanks for your kind response.

I found one mistake on one of the router and fixed the problem. But in another router I get nothing with the shop io ospf database except it's own loopback data but I can find 4 neighbor detail with INIT/DROTHER state. What to do now ?

Regards,

Mero

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Mero Cisco

‎08-13-2012 02:11 AM

Hello Mero,

If you see a neighbor stuck in INIT state then there's a chance there is an ACL on that neighbor's interface that blocks OSPF traffic. Can you check that? If there is an ACL in the in direction on the neighboring router's interface, can you post its contents here? It will be easier to suggest a correction.

Best regards,

Peter

Go to solution
Mero Cisco
Level 1
Level 1
In response to Peter Paluch

‎08-13-2012 02:19 AM

Dear Peter,

I have deleted the ACL from ther interface. The router is woking fine with static routing but not working with OSPF.

Regards,

Mero

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Mero Cisco

‎08-13-2012 02:24 AM

Mero,

Please do not make extensive configuration changes like removing ACLs. We first have to narrow down the problem and only then make configuration changes. Doing these blind experiments may actually make our situation worse.

So once again - you are telling me that the neighbor whose state is indicated as INIT indeed has an ACL placed in the in direction on the interface towards your router. Please be so kind to post both the configuration of that neigbhor's interface and the ACL itself. If there are any sensitive information like public addresses, you may replace them with "x.x.x.x" but otherwise, do not remove any parts of the configuration.

Thank you!

Best regards,

Peter

0 Helpful

Go to solution
ashirkar
Level 7
Level 7
In response to Peter Paluch

‎08-13-2012 03:00 AM

Hello Mero,

Please Check the following points if your neighbor relationship is not comming up

1) Check the physical connectivity

2) Check for area no and process has initialize on interface or not ....(command :sh ip ospf int brief )

3) Check for network type (point to point ,point to multipoint ,NBMA etc)....(Command:Sh ip ospf interface )

4) Check for Authentication.(Type of authentication type 0,1,2 need to be on both side,also the authentication key)

5) Check for MTU size on the interface.(Need to be same or else database will not going to be exchange)

6) Check any ACL is present on interface.

7) Check for the Subnets

8) Check for the Area type (Stub,totally stub,nssa,normal area)

9) Check for dead and hello timers both need to same on the both sides

10) Router Id must unique in the your As.

Good commands to verify troubleshooting ospf issue

1) sh ip os int brief

2) sh ip os ne

3) sh ip protocol

4) sh ip ospf database (check for specific type like network,router,external etc )

5) clear ip ospf process (will kill all neighbor in short it will reinitialize process)

If you want to see Ospf adjecency is flapping then use this command under ospf process (ospf log-adjacency-change) ,

Still u will be having problem with full Neighborship use Debug ip ospf adj or packet (Not recommanded in live enviroment)

Also keep in mind that media can have Impact on ospf neighborship (example: In Framerelay broadcast queue packet drops ,you can verify that using command :sh interface ( check for broadcast sent/dropped)

Hop that is informative to you.

Regards,

Ashish

Go to solution
Mero Cisco
Level 1
Level 1
In response to ashirkar

‎08-13-2012 08:10 PM

Dear Ashish,

Thanks for your kind reply. The difference I found on the functioning and non-functioning is the state. The state of WAN connectivity is DROTH in functioning and DR in non-functioning, how to correct this one ?

Regards,

Mero

0 Helpful

Go to solution
ashirkar
Level 7
Level 7
In response to Mero Cisco

‎10-04-2012 01:33 AM

Hey mero ,

Thanks for your reply,

please find the answer for your question

DR  is port-based means only for that network segment, a router may be the DR for one area but may not be the DR of another area.

To better manage LSA floods on same network segment, DR is elected.

DRothers will form adjacency with DR and BDR only and DRother is a router that is neither a DR nor a BDR.

DRother routers send hello packet to ALL ospf enable Router using 224.0.0.5 to check the existence of neighbouring OSPF routers.

However update will only be multicast using 224.0.0.6, only DR and BDR will listen to this MC.DR will send update to ALL ospf ROUTERS using 224.0.0.5.DR and BDR also forms adjacency to each other.

Backup Designated Router (BDR) is elected to replace DR during DR fail. Hence DRother routers also form adjacency with BDR.

When OSPF process started, the process will look for existing DR and BDR election

If there’s no DR but there’s a BDR, BDR will be promoted to DR.

During the election process the highest priority router wins the DR

the next highest priority router become BDR,If all routers priority is a tie, then the highest router ID will be the tie-breaker.

i.e could be manually set on the router or highest loopback or up up interface will be the router id for that router

Hop it will help you

Thanks and regards,

Ashish shirkar

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card