Popular Posts

Tuesday, 30 June 2015

OSPF generates 'interface config error - BAD PACKET' messages

Products
S-Series
Matrix N-Series DFE
K-Series 

Changes
The OSPF routing protocol has been configured on this device, and other OSPF routers exist on the local network. 

Symptoms
An OSPF-originated "BAD PACKET" error message is being syslogged ('show support') every 10 seconds; for example;
<164>Nov 29 07:54:29 10.26.189.11 OSPF[2]Router global: OSPF: Packet dropped - interface config error - src ip 10.26.167.1 - BAD PACKET 

Cause
This is usually caused by a misconfiguration between OSPF routers on common links, though the specific nature of the misconfiguration can vary. 

Solution
Use the "Debug IP/Packet" function (14661) to determine the ingress port(s) of these packets. Once the ingress port is discovered, go to any adjacent peer routers and compare configurations. 

In the example below you can see that the 10.26.167.1-sourced packet is ingressing ethernet port ge.3.48 on vlan 500.
ip access-list standard 1
permit 10.26.167.1 0.0.0.0
exit
 
debug packet filter access-list 1
 
<165>Nov 29 07:54:28 10.26.189.11 DbgIpPkt[3][1] [RECEIVE] in vr global,
on ge.3.48, vlan 500, Matched acl 1, rule[1: permit host 10.26.167.1],
  FATE: Forwarding discontinued, cause: SENT_TO_HOST, out multiple ports
excluding source, vlan.0.500, vr global, nexthop 224.0.0.5, flow
disallowed,
  PKT: InPort(ge.3.48) LEN(82) DA(01:00:5E:00:00:05)
SA(00:1F:45:5B:F4:C1) ETYPE(0800) SIP(10.26.167.1) DIP(224.0.0.5) VER(4)
HLEN(5) TOTALLEN(64) PROTO(89) TOS(192) TTL(1)
<165>Nov 29 07:54:38 10.26.189.11 DbgIpPkt[3][2] [RECEIVE] in vr global,
on ge.3.48, vlan 500, Matched acl 1, rule[1: permit host 10.26.167.1],
  FATE: Forwarding discontinued, cause: SENT_TO_HOST, out multiple ports
excluding source, vlan.0.500, vr global, nexthop 224.0.0.5, flow
disallowed,
  PKT: InPort(ge.3.48) LEN(82) DA(01:00:5E:00:00:05)
SA(00:1F:45:5B:F4:C1) ETYPE(0800) SIP(10.26.167.1) DIP(224.0.0.5) VER(4)
HLEN(5) TOTALLEN(64) PROTO(89) TOS(192) TTL(1)

Troubleshooting Duplicate Router IDs with OSPF

Introduction

This document describes how a router that runs Open Shortest Path First (OSPF) selects a router ID, in what packets this value is sent, and how to troubleshoot router log messages that report duplicate IDs.

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:
  • IP routing protocols
  • OSPF routing protocols

Components Used

The information in this document is based on the Cisco IOS® Software Release 12.2.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Related Products

This configuration can also be used with these hardware and software versions:
  • All routers, such as the 2500 and 2600 series
  • Layer 3 switches

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Router ID

By default, when the OSPF process initializes, it selects the highest IP address on a router as the router ID for the OSPF process. The router ID uniquely identifies a router within an OSPF domain.
As explained in Configuring OSPF, OSPF uses the largest IP address configured on the interfaces as its router ID. If the interface associated with this IP address is ever brought down, or if the address is removed, the OSPF process must recalculate a new router ID and resend all its routing information out its interfaces.
If a loopback interface is configured with an IP address, the Cisco IOS software uses this IP address as its router ID, even if other interfaces have larger IP addresses. Greater stability in the routing table is achieved, because loopback interfaces never go down.
OSPF automatically prefers a loopback interface over any other kind, and it chooses the highest IP address among all loopback interfaces. If there are no loopback interfaces present, the highest IP address in the router is chosen. The OSPF cannot be directed to use any particular interface. Once the router ID is elected, it does not change unless the OSPF process restarts or the router is reloaded.
Note: If there is not an interface with a valid IP address in an up/up state when it starts, OSPF reports can't allocate router-id error messages to the log.
These commands are used in order to view the router ID.
R2-AGS#show ip ospf interface e0 
     Ethernet0 is up, line protocol is up 
       Internet Address 1.1.1.2 255.255.255.0, Area 0 
       Process ID 1, Router ID 5.5.5.5, Network Type BROADCAST, Cost: 10 
       Transmit Delay is 1 sec, State BDR, Priority 1 
       Designated Router (ID) 6.6.6.6, Interface address 1.1.1.1 
       Backup Designated router (ID) 5.5.5.5, Interface address 1.1.1.2 
       Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 
         Hello due in 0:00:07 
       Neighbor Count is 1, Adjacent neighbor count is 1 
         Adjacent with neighbor 6.6.6.6  (Designated Router)
The default behavior of the selection of the highest IP address on a router as the router ID can be changed with the use of therouter-id OSPF command introduced in Cisco IOS Software Release 12.0(1)T. Refer to Cisco bug ID CSCdi38380 (registeredcustomers only) for more information. With the OSPF router-id command, the router ID of the OSPF process is the one manually selected. In this example, the router ID for the OSPF process is 10.10.10.10.
!
router ospf 100
 router-id 10.10.10.10
The show ip ospf database command can also be used as in this example in order to check the router ID:
Router#show ip ospf database
OSPF Router with ID (10.10.10.10) (Process ID 100)

Value Transmission

Before the resolution of the duplicate router IDs with OSPF can be explained, you need to understand the five OSPF packet types. These are the packet types:
  • Hello
  • Database Description (DD)
  • Link State Request
  • Link State Update
  • Link State Acknowledgment
All OSPF packets begin with a standard 24-octet header. Note that the header includes a Router ID field, which indicates the unique ID of the route originating the OSPF packet.
Version | Type | Packet Length
Router ID
Area ID
Checksum | AuType
Authentication
Authentication
Packet Data
Typically, OSPF packets carry Link-State Advertisements (LSAs), which describe all of the links or interfaces of the router, and the state of the links. While all LSAs start with the same header, these three fields identifies a single LSA:
  • Type
  • Link State ID
  • Advertising Router
OSPF uses Link State Update packets to flood LSAs and send LSAs in response to Link State Requests. An OSPF neighbor is responsible for reencapsulating the appropriate LSAs in new Update packets for further flooding in order to propagate OSPF LSAs beyond the network on which they were originated. Thus, a duplicate router ID can be detected by, and propagated by multiple routers.
Complete these steps in order to determine if there is a duplicate router ID:
  1. Execute the show ip ospf database router x.x.x.x command on the router that should have this ID. This command displays the contents of a router LSA (Type 1), which advertises a router and all of its directly connected interfaces. Understand the interface list of the router and the assigned IP addresses.
  2. Execute the show ip ospf database router x.x.x.x command a few times on the router that reports the duplicate. The Shortest Path First (SPF) algorithm can run as frequently as once every 10 seconds.
If you capture these commands, you should be able to catch information that changes. This example is an output of the show ip ospf database router command.
r2.2.2.2#show ip ospf database router 1.1.1.1 

      OSPF Router with ID (2.2.2.2) (Process ID 2) 
  

         Router Link States (Area 0) 

LS age: 279 
Options: (No TOS-capability, DC) 
LS Type: Router Links 
Link State ID: 1.1.1.1 

!--- For router links, the Link State ID is always the same as the 
!--- advertising router (next line). 

Advertising Router: 1.1.1.1 

!--- This is the router ID of the router which created 
!--- this LSA. 

LS Seq Number: 8000001A 
Checksum: 0xA6FA 
Length: 48 
Number of Links: 2 

Link connected to: another Router (point-to-point) 

!--- This line shows that this router (1.1.1.1) is a neighbor 
!--- with 2.2.2.2. 

(Link ID) Neighboring Router ID: 2.2.2.2 
(Link Data) Router Interface address: 0.0.0.12 

!--- In case of an unnumbered link, use the Management Information 
!--- Base (MIB) II IfIndex value, which usually starts with 0. 

Number of TOS metrics: 0 
 TOS 0 Metrics: 64 

!--- This is the OSPF cost of the link that connects the two routers. 


Link connected to: a Stub Network 

!--- This entry represents the Ethernet segment 4.0.0.0/8. 

(Link ID) Network/subnet number: 4.0.0.0 
(Link Data) Network Mask: 255.0.0.0 
Number of TOS metrics: 0 
TOS 0 Metrics: 10 

!--- This is the OSPF cost of the Ethernet segment.

Known Issue

When two routers use the same router ID in an OSPF domain, routing possibly does not work correctly. Cisco bug IDs CSCdr61598(registered customers only) and CSCdu08678 (registered customers only) enhance the detection and reporting mechanisms of duplicate router IDs. Access the Bug Toolkit (registered customers only) in order to view additional information about these Cisco bug IDs. There are two duplicate router ID types:
  1. Area duplicate router ID
    %OSPF-4-DUP_RTRID1: Detected router with duplicate
      router ID 100.0.0.2 in area 0
    Explanation—OSPF detected a router that has the same router ID in the area.
    Recommended Action—The OSPF router ID should be unique. Make sure all routers in the area have unique router ID.
  2. Type 4 LSA
    %OSPF-4-DUP_RTRID2: Detected router with duplicate
      router ID 100.0.0.2 in Type-4 LSA advertised by 100.0.0.1
    Explanation—OSPF detected a router that has the same router ID in the other area. This router is advertised in Type-4 LSA.
    Recommended Action—The OSPF router ID should be unique. Make sure all Autonomous System Border Routers (ASBRs) in remote areas have a unique router ID.
When a router acts as both an Area Border Router (ABR) and an ASBR in an OSPF domain, false reports of duplicate router IDs can occur, as shown in this example log message.
OSPF-4-DUP_RTRID_AS Detected router with duplicate 
router ID 10.97.10.2 in Type-4 LSA advertised by 10.97.20.2
Cisco bug ID CSCdu71404 (registered customers only) resolves this problem of OSPF domain-wide detection.
  • If a router receives a Type 4 LSA and the Link State ID equals the router ID and the router is not an ABR, then a valid router ID duplication in the remote area occurs, and the error message should be logged.
  • If the router is not an ABR, it can receive a Type 4 LSA which tells it about itself from the other ABR. This condition does not represent a duplicate router ID problem, and the error message should not be logged.
A Type 4 LSA is also known as an ASBR Summary LSA. Issue the show ip ospf database asbr-summary command in order to observe these LSAs, as shown in this example.
The ABR creates (Type 4) ASBR Summary LSAs in order to advertise reachability of an ASBR into other areas.
r2.2.2.2#show ip ospf database asbr-summary 1.1.1.1 

           OSPF Router with ID (2.2.2.2) (Process ID 2) 

                    Summary ASB Link States (Area 0) 

      LS age: 266 
      Options: (No TOS-capability, DC) 
      LS Type: Summary Links(AS Boundary Router) 
      Link State ID: 1.1.1.1 (AS Boundary Router address) 

!--- ABR (Router 2.2.2.2) advertises that it knows how 
!--- to reach the ASBR (Router 1.1.1.1).
 
      Advertising Router: 2.2.2.2 
      LS Seq Number: 80000001 
      Checksum: 0x935C 
      Length: 28 
      Network Mask: /0 
            TOS: 0  Metric: 64 
     
!--- This is the cost of ABR to reach the ASBR.
 
If the LSA is a Type 4, the Link State ID is the router ID of the ASBR that is advertised. Refer to How OSPF Propagates External Routes into Multiple Areas for more information.

Troubleshooting

The troubleshooting was done with a Cisco IOS software release released before the Cisco bug ID CSCdr61598 (registeredcustomers only) and Cisco bug ID CSCdu08678 (registered customers only) integration.

Single Area Network

This image is a representation of the single area network described in these steps.
duplicate_router_id_ospf1.gif
  1. Issue the show proc cpu | include OSPF command. This allows you to see the OSPF processes that utilize the CPU.
    r4#show proc cpu | include OSPF
       3        4704       473       9945  1.38%  0.81%  0.68%   0 OSPF Hello       
      71        9956      1012       9837  1.47%  1.62%  1.41%   0 OSPF Router 
    As seen in the previous example, there is high CPU for OSPF. This shows that there must be something wrong with either the link stability or a duplicate router-id.
  2. Issue the show ip ospf statistics command. This allows you to see if the SPF algorithm is run more than ordinary.
    r4#show ip ospf statistics
      Area 0: SPF algorithm executed 46 times
    
      SPF calculation time
    Delta T   Intra D-Intra Summ    D-Summ  Ext     D-Ext   Total   Reason
    00:01:36   0    0       0       0       0       0       0       N, 
    00:01:26   0    0       0       0       0       0       0       R, N, 
    00:01:16   0    0       0       0       0       0       0       R, N, 
    00:01:06   0    0       0       0       0       0       0       R, N, 
    00:00:56   0    0       0       0       0       0       0       R, N, 
    00:00:46   0    0       0       0       0       0       0       R, N, 
    00:00:36   0    0       0       0       0       0       0       R, N, kmbgvc
    00:00:26   0    0       0       0       0       0       0       R, N, 
    00:00:16   0    0       0       0       0       0       0       R, N, 
    00:00:06   0    0       0       0       0       0       0       R, N, 
    The show ip ospf statistics command shows that recalculation of SPF is done every 10 seconds, as seen in the previous example. It is triggered by the router and network LSA. There is a problem in the same area as the current router.
  3. Issue the show ip ospf database command.
    r4#show ip ospf database 
    
                OSPF Router with ID (50.0.0.4) (Process ID 1)
    
                    Router Link States (Area 0)
    
    Link ID         ADV Router      Age         Seq#       Checksum Link count
    50.0.0.1        50.0.0.1        681         0x80000002 0x7E9D   3
    50.0.0.2        50.0.0.2        674         0x80000004 0x2414   5
    50.0.0.4        50.0.0.4        705         0x80000003 0x83D    4
    50.0.0.5        50.0.0.5        706         0x80000003 0x5C24   6
    50.0.0.6        50.0.0.6        16          0x80000095 0xAF63   6
    50.0.0.7        50.0.0.7        577         0x80000005 0x86D5   8
    
                    Net Link States (Area 0)
    
    Link ID         ADV Router      Age         Seq#       Checksum
    192.168.2.6     50.0.0.6        6           0x8000007A 0xABC7
    The show ip ospf database command shows that one LSA is newer (age 16) and its sequence number is much higher then the other LSAs in the same OSPF database. You need to figure out which router sent this LSA. Since it is in the same area, the advertising router id is known (50.0.0.6). It is more probable that this router ID is duplicated. You need to find out which other router has the same router-id.
  4. This example shows several instances of the show ip ospf database command.
    r4#show ip ospf database router adv-router 50.0.0.6
    
                OSPF Router with ID (50.0.0.4) (Process ID 1)
    
                    Router Link States (Area 0)
    
      LS age: 11
      Options: (No TOS-capability, DC)
      LS Type: Router Links
      Link State ID: 50.0.0.6
      Advertising Router: 50.0.0.6
      LS Seq Number: 800000C0
      Checksum: 0x6498
      Length: 72
      Number of Links: 4
    
        Link connected to: a Transit Network
         (Link ID) Designated Router address: 192.168.2.6
         (Link Data) Router Interface address: 192.168.2.6
          Number of TOS metrics: 0
           TOS 0 Metrics: 10
    
        Link connected to: another Router (point-to-point)
         (Link ID) Neighboring Router ID: 50.0.0.7
         (Link Data) Router Interface address: 192.168.0.21
          Number of TOS metrics: 0
           TOS 0 Metrics: 64
    
        Link connected to: a Stub Network
         (Link ID) Network/subnet number: 192.168.0.20
         (Link Data) Network Mask: 255.255.255.252
          Number of TOS metrics: 0
           TOS 0 Metrics: 64
    
        Link connected to: a Stub Network
         (Link ID) Network/subnet number: 50.0.0.6
         (Link Data) Network Mask: 255.255.255.255
          Number of TOS metrics: 0
           TOS 0 Metrics: 1
    
    r4#show ip ospf database router adv-router 50.0.0.6
    
                OSPF Router with ID (50.0.0.4) (Process ID 1)
    
                    Router Link States (Area 0)
    
      LS age: 7
      Options: (No TOS-capability, DC)
      LS Type: Router Links
      Link State ID: 50.0.0.6
      Advertising Router: 50.0.0.6
      LS Seq Number: 800000C7  
    
    !--- The sequence number has increased.
     
    Checksum: 0x4B95 
    Length: 96 
    Number of Links: 6 
    
    !--- The number of links has increased although the network has been stable. 
    
    
    Link connected to: a Stub Network
         (Link ID) Network/subnet number: 192.168.3.0
         (Link Data) Network Mask: 255.255.255.0
          Number of TOS metrics: 0
           TOS 0 Metrics: 10
    
        Link connected to: another Router (point-to-point)
         (Link ID) Neighboring Router ID: 50.0.0.5
         (Link Data) Router Interface address: 192.168.0.9
          Number of TOS metrics: 0
           TOS 0 Metrics: 64
    
        Link connected to: a Stub Network
         (Link ID) Network/subnet number: 192.168.0.8
         (Link Data) Network Mask: 255.255.255.252
          Number of TOS metrics: 0
           TOS 0 Metrics: 64
    
        Link connected to: another Router (point-to-point)
         (Link ID) Neighboring Router ID: 50.0.0.2
         (Link Data) Router Interface address: 192.168.0.2
          Number of TOS metrics: 0
           TOS 0 Metrics: 64
    
        Link connected to: a Stub Network
         (Link ID) Network/subnet number: 192.168.0.0
         (Link Data) Network Mask: 255.255.255.252
          Number of TOS metrics: 0
           TOS 0 Metrics: 64
    
        Link connected to: a Stub Network
         (Link ID) Network/subnet number: 50.0.0.6
         (Link Data) Network Mask: 255.255.255.255
          Number of TOS metrics: 0
           TOS 0 Metrics: 1
  5. If you know your network, you can find which router advertises those links. The first previous output shows that the LSAs are sent by a router with OSPF neighbors 50.0.0.7, whereas the second output shows neighbors 50.0.0.5 and 50.0.0.6. Issue theshow ip ospf command in order to find those routers and access them in order to verify their OSPF router-id. In this example setup, they are R6 and R3.
    3>show ip ospf
     Routing Process "ospf 1" with ID 50.0.0.6
     Supports only single TOS(TOS0) routes
     Supports opaque LSA
    
    r6#show ip ospf
     Routing Process "ospf 1" with ID 50.0.0.6
     Supports only single TOS(TOS0) routes
     Supports opaque LSA
  6. Issue the show run | beg router ospf command in order to check the configuration that starts at the OSPF configuration.
    R6#show run | include router ospf
    router ospf 1
     router-id 50.0.0.6
     log-adjacency-changes
     network 50.0.0.0 0.0.0.255 area 0
     network 192.168.0.0 0.0.0.255 area 0
     network 192.168.2.0 0.0.0.255 area 0
    
    r3#show run | begin router ospf 
    router ospf 1
     log-adjacency-changes
     network 50.0.0.0 0.0.0.255 area 0
     network 192.168.0.0 0.0.0.255 area 0
     network 192.168.3.0 0.0.0.255 area 0
    In the previous example, the router-id command was removed and the OSPF process was not restarted. The same problem can also result from a loopback interface that is removed and configured somewhere else.
  7. Issue the clear ip ospf 1 process command and the show ip ospf command in order to clear the process.
    r3#clear ip ospf 1 process 
    Reset OSPF process? [no]: y
    
    r3#show ip ospf
     Routing Process "ospf 1" with ID 50.0.0.6
     Supports only single TOS(TOS0) routes
     Supports opaque LSA
    As shown in the previous example, the wrong IP address still appears.
  8. Issue the show ip int brie command in order to check the interface.
    r3#show ip int brie
    Interface                  IP-Address      OK? Method Status                Protocol
    Ethernet0/0                192.168.3.1     YES NVRAM  up                    up      
    Serial1/0                  192.168.0.2     YES NVRAM  up                    up      
    Serial2/0                  192.168.0.9     YES NVRAM  up                    up      
    Loopback0                  unassigned      YES NVRAM  up                    up      
    Loopback1                  50.0.0.6        YES NVRAM  up                    up     
    
    
    !--- The highest Loopback IP address 
    
    
    In order to correct the problem, make sure that either the highest loopback configured on the router is unique in your OSPF network, or configure statically the router-id with the router-id <ip address> command under the OSPF router configuration mode.

Multiple Areas with ASBR

The symptoms of these problems are that the external route, which is learned through the redistribution from static into OSPF process by R6, ASBR router flaps from the routing table on all routers within OSPF Area 0. The external route is 120.0.0.0/16 and the problem is noticed on Router 5 in Area 0. Start to troubleshoot from there.
duplicate_router_id_ospf2.gif
  1. Issue the show ip route command a few times consecutively in order to see the symptom.
    r5#show ip route 120.0.0.0
    Routing entry for 120.0.0.0/16, 1 known subnets
    
    O E2    120.0.0.0 [110/20] via 192.168.0.9, 00:00:03, Serial2/0
    
    r5#show ip route 120.0.0.0
    % Network not in table
    r5#
  2. Take a look at the OSPF database in order to check whether the LSA is received. If you issue the show ip ospf databasecommand several times in a row, you notice that the LSA is received by two routers, 50.0.0.6 and 50.0.0.7. If you look at the age of the second entry, if present, you notice that its value changes dramatically.
    r5#show ip ospf database | begin Type-5 
                    Type-5 AS External Link States
    
    Link ID         ADV Router      Age         Seq#       Checksum Tag
    120.0.0.0       50.0.0.6        2598        0x80000001 0xE10E   0
    120.0.0.0       50.0.0.7        13          0x80000105 0xD019   0
    r5#show ip ospf database | begin Type-5 
                    Type-5 AS External Link States
    
    Link ID         ADV Router      Age         Seq#       Checksum Tag
    120.0.0.0       50.0.0.6        2599        0x80000001 0xE10E   0
    120.0.0.0       50.0.0.7        14          0x80000105 0xD019   0
    r5#show ip ospf database | begin Type-5 
                    Type-5 AS External Link States
    
    Link ID         ADV Router      Age         Seq#       Checksum Tag
    120.0.0.0       50.0.0.6        2600        0x80000001 0xE10E   0
    120.0.0.0       50.0.0.7        3601        0x80000106 0x6F6    0
    r5#show ip ospf database | begin Type-5 
                    Type-5 AS External Link States
    
    Link ID         ADV Router      Age         Seq#       Checksum Tag
    120.0.0.0       50.0.0.6        2602        0x80000001 0xE10E   0
    r5#show ip ospf database | begin Type-5
                    Type-5 AS External Link States
    
    Link ID         ADV Router      Age         Seq#       Checksum Tag
    120.0.0.0       50.0.0.6        2603        0x80000001 0xE10E   0
    r5#
  3. You also notice strange behavior if you look at the sequence number for the LSAs that are received from 50.0.07, which is the advertising router. Review what other LSAs are received from 50.0.0.7. If you issue the show ip ospf database adv-router 50.0.0.7 command several times in a row, the entries vary quickly, as shown in this example.
    r5#show ip ospf database adv-router 50.0.0.7
    
                OSPF Router with ID (50.0.0.5) (Process ID 1)
    
                    Router Link States (Area 0)
    
    Link ID         ADV Router      Age         Seq#       Checksum Link count
    50.0.0.7        50.0.0.7        307         0x8000000D 0xDF45   6
    
                    Type-5 AS External Link States
    
    Link ID         ADV Router      Age         Seq#       Checksum Tag
    120.0.0.0       50.0.0.7        9           0x8000011B 0xA42F   0
    
    
    
    r5#show ip ospf database network adv-router 50.0.0.7
    
                OSPF Router with ID (50.0.0.5) (Process ID 1)
    r5#show ip ospf database network adv-router 50.0.0.7
    
                OSPF Router with ID (50.0.0.5) (Process ID 1)
    This last output does not show anything. Either the route is flapping or there is a problem of another kind, most probably a duplicate router ID within the OSPF domain.
  4. Issue the show ip ospf database command in order to view the external LSAs advertised by 50.0.0.7.
    r5#show ip ospf database external adv-router 50.0.0.7
    
                OSPF Router with ID (50.0.0.5) (Process ID 1)
    
                    Type-5 AS External Link States
    
      Delete flag is set for this LSA
      LS age: MAXAGE(3600)
      Options: (No TOS-capability, DC)
      LS Type: AS External Link
      Link State ID: 120.0.0.0 (External Network Number )
      Advertising Router: 50.0.0.7
      LS Seq Number: 80000136
      Checksum: 0xA527
      Length: 36
      Network Mask: /16
            Metric Type: 2 (Larger than any link state path)
            TOS: 0 
            Metric: 16777215 
            Forward Address: 0.0.0.0
            External Route Tag: 0
    
    r5#show ip ospf database  external adv-router 50.0.0.7
    
                OSPF Router with ID (50.0.0.5) (Process ID 1)
    r5#
  5. Look at the SPF calculation reasons in order to verify this. X means that SPF runs every 10 seconds because of an External LSA (type 5) flap and indeed, you see that SPF runs.
    r5#show ip ospf statistic
      Area 0: SPF algorithm executed 2 times
    
      SPF calculation time
    Delta T   Intra D-Intra Summ    D-Summ  Ext     D-Ext   Total   Reason
    00:47:23   0    0       0       0       0       0       0       X
    00:46:33   0    0       0       0       0       0       0       X
    00:33:21   0    0       0       0       0       0       0       X
    00:32:05   0    0       0       0       0       0       0       X
    00:10:13   0    0       0       0       0       0       0       R, SN, X
    00:10:03   0    0       0       0       0       0       0       R, SN, X
    00:09:53   0    0       0       0       0       0       0       R, 
    00:09:43   0    0       0       0       0       0       0       R, SN, X
    00:09:33   0    0       0       0       0       0       0       X
    00:09:23   0    0       0       0       0       0       0       X
  6. It is known that the problem is outside the current area. Turn your focus on the ABR. Telnet to the ABR Router 2 in order to have more visibility on other areas than OSPF area 0. Issue the show ip ospf border-routers and show ip ospf database network adv-router commands.
    r2#show ip ospf border-routers 
    
    OSPF Process 1 internal Routing Table
    
    Codes: i - Intra-area route, I - Inter-area route
    
    i 50.0.0.7 [20] via 192.168.2.1, Ethernet0/0, ASBR, Area 1, SPF 25
    
    
    
    r2#show ip ospf database network adv-router 50.0.0.7 
    
                OSPF Router with ID (50.0.0.2) (Process ID 1)
    
                    Net Link States (Area 1)
    
      Routing Bit Set on this LSA
      LS age: 701
      Options: (No TOS-capability, DC)
      LS Type: Network Links
      Link State ID: 192.168.1.2 (address of Designated Router)
      Advertising Router: 50.0.0.7
      LS Seq Number: 80000001
      Checksum: 0xBC6B
      Length: 32
      Network Mask: /24
            Attached Router: 50.0.0.7
            Attached Router: 50.0.0.1
  7. The faulty router is on the same LAN as 50.0.0.1. It must be Router 6. Issue the show ip ospf command.
    r6#show ip ospf
     Routing Process "ospf 1" with ID 50.0.0.7
     Supports only single TOS(TOS0) routes
     Supports opaque LSA
     It is an autonomous system boundary router.
  8. Once the faulty router is found, refer to the Single Area Network section of this document to correct the problem.

Error Message: %OSPF-4-FLOOD_WAR: Process 60500 flushes LSA ID 10.x.x.0 type-5 adv-rtr 10.40.x.x in area 10.40.0.0

The %OSPF-4-FLOOD_WAR: Process 60500 flushes LSA ID 10.35.70.4 type-5 adv-rtr 10.40.0.105 in area 10.40.0.0 error message is received.
This error message states that the router originates or flushes LSA at a high rate. A typical scenario in a network may be where one router in the network originates LSA and the second router flushes that LSA. A detailed description of this error message is provided here:
  • Process 60500 - The OSPF process that reports the error. In this example, the process ID is 60500.
  • re-originates or flushes (keyword) - Indicates if the router originates LSA or flushes. In this error message, the routerflushes LSA.
  • LSA ID 10.35.70.4 - Link state ID for which a flood war is detected. In this example, it is 10.35.70.4.
  • type -5 - LSA type. This example has a Type 5 LSA.
    Note: A flood war has a different root cause for every LSA.
  • adv-rtr - Router which originates LSA (that is, 10.40.0.105).
  • Area - Area to which the LSA belongs. In this example, the LSA belongs to 10.40.0.0.
Solution
Note the Type specifics of this error; in this example, type-5. This designation means there are duplicate router IDs on two routers located in the different areas. As a result, it is necessary to change the router ID on one of the routers.

OSPF core issue and resolution

Core Issue:

These are among the issues:
    Troubleshooting OSPF Neighbor States
    Troubleshooting the OSPF Routing Table
    Troubleshooting OSPF Init State
    Troubleshooting OSPF MTU
    Troubleshooting OSPF Corrupt Packets
    Troubleshooting OSPF Two-Way State
    Troubleshooting OSPF Links
    Troubleshooting Full Adjacency
    Troubleshooting External Link-State Advertisements
    Troubleshooting OSPF NBMA Networks
    Troubleshooting Access Lists
    Troubleshooting Neighbors over PRI
    Troubleshooting Ping
    Troubleshooting the OSPF Interface
    Troubleshooting Frame Relay Environment
    Troubleshooting External Route Problems
    Troubleshooting Network Type
    Troubleshooting OSPF Area Type
    Troubleshooting the Hello/Dead Interval

Resolution:

To resolve these issues, refer to Troubleshooting OSPF.
A) When examining an router's configuration, check the following:
    1) All interfaces have the correct addresses and masks?
    2) The configure network area statements have the correct inverse masks to match the correct interfaces?
    3) The configure network area statements put all interfaces into the correct areas?
B) When examining neighborship, consider the following questions:
    1) Are Hellos being sent from both neighbors?
    2) Are the timers(Dead and Hello) set the same between neighbors?
    3) Are the interfaces configured on the same subnet?
    4) Are the neighboring interfaces of the same network type (Broadcast, Point to point,Point to multi-point)
    5) Is a router attempting to form an adjacency with a neighbor's secondary address?
    6) If authentication is being used, is the authentication type the same between neighbors? Are the passwords same?
    7) Are any access lists blocking OSPF?
    8) If the adjacency is across a virtual link, is the link configured within a stub area?
    9) Is unique Router Id configured in the your As?
    10) Is MTU size same on the interface?
C) If a neighbor or adjacency is seeing unstable, you can monitor adjacencies using the command "debug ip ospf adj"
D)The state changes of a neighbor can be monitored by adding the command "log-adjacency-changes [detail]" under a router's OSPF configuration.
E) OSPF Errors, Warnings, and Log Messages
Receiving "ospf unknown protocol" error message
Receiving "Mismatch Authentication type"
Receiving "%ospf-4-NONEIGHBOR" error message
Receiving "ospf-5-ADJCHG"  error message
Receiving "OSPF: Hello from x.x.x.x with mismatched NSSA option bit"
F) If you suspect that a link-state database is corrupted or that two databases are not synchronized, you can use the "show ip ospf database database-summary" command to observe the number of LSAs in each router's database.

- See more at: https://supportforums.cisco.com/document/20021/how-resolve-common-ospf-issues#sthash.BPF7Eyw0.dpuf

OSPF – Open Shortest Path First notes

  • Defined in RFC 2328
  • Supports VLSM and CIDR
  • Is a link state protocol
  • Uses a link state database (LSDB) for topology information, identical within area
  • Reliable flooding of LSAs
  • Uses hello protocol to build adjacencies
  • Runs directly over IP, protocol 89
  • Uses the Dijkstra algorithm
Packet types
OSPF uses five different packet types, do not confuse this with the different LSA types. The packet types are:
Type 1: Hello packet – The hello packet is used to discover/mantain neighbors
Type 2: Database description – Summarize database contents, sent when establishing adjacency.
Type 3: Link State Request – Database download
Type 4: Link State Update – Database update
Type 5: Link State ACK – Flooding acknowledgement
LSA types
These are the most common LSAs:
LS type 1: Router-LSA                   
Originated by all routers. Describes the collected states of the routers interfaces to an  area. Flooded throughout a single area only.
LS type 2: Network-LSA              
Originated for broadcast and NBMA networks by the designated router. Contains a list
 of routers connected to the network. Flooded throughout a single area only.
LS type 3: Summary-LSA            
Originated by area border routers. Describes a route to a destination outside the area(Inter-area route) but still inside the AS.
LS type 4: Summary-LSA              
Originated by area border routers. Describes routes to Autonomous System Border Routers.
LS type 5: AS-external-LSA        
Originated by Autonomous System Border Routers, flooded throughout the AS. Describes routes external to the AS. Defaults routes for the AS can be described by this LSA.
LS type 7: NSSA-LSA                     
Originated by Autonomous System Border Routers. Used to flood AS external routes through a stub area. The ABR connected to the backbone will then convert it to a type five LSA.
Designated Router (DR)
On broadcast and NBMA networks a Designated Router (DR) is elected. The router with the highest priority will be elected the DR. The priority can range from 0 to 255 where 255 is the most preferred and where 0 is ineligible to become the DR. A Backup DR (BDR) will also be elected and it will be the router with the second highest priority. The election is not preemptive which means if a router is setup later with a higher priority it will not become the DR unless clearing the OSPF process. The DR has two main functions. Generate a network LSA that lists the set of routers connected to the network. It is also responsible for maintaining adjacencies. The DR and BDR uses the AllDRRouters address of 224.0.0.6. They send updates to the 224.0.0.5 AllSPFRouters address.
Timers used by OSPF
HelloInterval – Length in seconds between hello packets sent on interface, defaults to ten seconds on broadcast networks and thirty on NBMA.
RouterDeadInterval – Number of seconds before neighbor is declared dead, 40 on broadcast and 120 on NBMA (4x missed hello packets)
Wait Timer – Number of seconds before router leaves Wait state and elects designated router. If a router joins later than this it will not have a chance to be elected as DR. Same value as RouterDeadInterval.
RxmtInterval – Number of seconds between LSA restransmissions, also used for DBD and LSR packets.
Interface states
Down – The initial state of an interface, lower level protocols have indicated that the interface is not ready for use. No protocol traffic can be sent or received and no adjacencies can form.
Loopback – The interface is looped back to the network either in hardware or in software. By default will be announced as host routes (/32). To announce with another mask on loopback interface use ip ospf network point-to-point.
Wait – Router is trying to determine the DR and BDR of the network. The router monitors the hello packets it receives. The router is not allowed to elect a DR or BDR until the wait timer has expired.
Point-to-point – In this state the interface is operational and connected to either a physical point-to-point network or to a virtual link. Upon entering this state the router attempts to form an adjacency and sends hello packets every HelloInterval.
DR Other – All routers except for DR and BDR will be in this state and will form adjacencies with the DR and BDR.
Backup – The backup designated router, will be promoted to DR if/when the DR fails. Forms adjacencies with all other routers.
DR – The designated router, forms adjacencies with all other routers. Responsible for building network LSA for attached network containing links to all routers.
Neighbor states
Attempt – Only seen on NBMA networks. No recent information has been received by the neighbor, send hello packets every HelloInterval.
Init –  A hello packet has recently been seen from the neighbor, 2-way communication has not yet beeen established. All neighbors in this state or higher are listed in hello packets sent from the interface.
2-way – Bidirectional communication has been assured through the hello protocol. The BDR is chosen from neighbors in state 2-way or greater.
ExStart – The first step in creating an adjacency between neighboring routers. The goal is to decide which router is the master and the initial DD sequence number.
Exchange – The router is describing its entire link state database with DBD packets. Every DBD packet has a sequence number and there can’t be more than one DBD packet outstanding unacknowledged at a time. LSR packets may also be sent requesting newer LSAs.
Loading – In this state LSR packets are sent asking the neighboring router for LSAs described in the DBD packets earlier.
Full – In this state the routers are now fully adjacent.
The hello protocol
Used to build and mantain neighbor adjacencies. Used to insure there is bidirectional communication between neighbors. Hello packets are sent out periodically on all OSPF interfaces unless passive interface is used. On broadcast and NMBA networks OSPF elects a Designated Router (DR) and a Backup Designated Router (BDR). If there is no support for multicast neighbors might need to be statically configured.
Synchronization of link state databases
When using link state protocols it is critical that the link state databases are syncrhonized. In OSPF this is done when building the adjacency by sending DataBase Description packets (DBD). The DBD packets describe the LSAs in the link state database, they are a summary only showing necessary information to request the whole LSA if needed. When exchanging LSAs there is a master/slave relationship. The router with the highest IP will become the master. This is indicated through the MS bit (Master/Slave). If the DBD packet is the first in sequence it will also have the I (Init) bit set. All DBD packets except for the last one will have the M bit set (More). After describing the database with DBD packets the routers can exchange the full LSAs through LSR (Link State Request) and LSU (Link State Update) packets.
Optional capabilities
ExternalRoutingCapability – indicates if the area supports external (type five) LSAs. Also known as the E-bit. Set to one if supporting external routes. Must be set to zero in stub areas.
Identifiers used by OSPF
Router-ID:
A 32-bit number that uniquely identifies a router in the AS. In Ciscos implementation OSPF will choose a loopback interface with the highest IP configured as Router-ID, if no loopback is available it will pick the highest IP of normal interfaces. Recommended to set this manually. If Router-ID has changed, a restart of the OSPF process is necessary.This can be done with the clear ip ospf process command.
Area ID:
A 32-bit number identifying the area. The number 0.0.0.0 is reserved for the backbone, also written as 0. All areas must connect to the backbone but note that if running a single area only this area doesn’t need to be area zero.
OSPF design and router roles
Topology divided into areas,  often not necessary with modern routers, scales to hundreds of routers in one area.
Depending on where router resides it can have different roles:
Internal router: Router with interfaces in only one area.
Backbone router: Router with an interface in the backbone (area zero).
Area border router (ABR): Router with interfaces in at least two areas.
Autonomous System Boundary Router (ASBR): Router which injects routing information external to the AS. Will often do redistribution.
Route preference in OSPF
1. Intra-area routes
2. Inter-area routes
3. Type 1 external
4. Type 2 external
External routing information
Can either be of type one or type two, E1 or E2. If using an E1 metric the metric will be the external cost and the cost internally to reach the router advertising the external route (ASBR). If the external metric is 100 and the internal metric is 150 then the E1 metric will be 250 but if using E2 metric it would be 100. If a route is advertised as both E1 and E2 then E1 is preferred.
The backbone
Area zero is called the backbone, most often written as area 0 but can also be expressed as 0.0.0.0. The backbone area must be contigious. Doesn’t have to be physically contigious, can use virtual links to connect areas which are not directly connected to area zero.
Stub area
Area where no external routing information is allowed (type five). To reach external routes a default route is used, the default route is sent by the ABR. The stub area can not contain an ASBR, since type five LSAs are not allowed. All routers in a stub area must agree that the area is in fact a stub. A stub area usually has only one exit point but note that a stub can have both several exit points and several ABRs in the area.

OSPF/IGRP Quick Notes

Here are some notes we jotted down that relate to OSPF. Helpful when studying for the CCIE practical exam as a primer for OSPF. If you find this helpful let us know and we will create additional notes for other routing protocols compliments of CCIE4u.com
OSPF – link state, unlimited hops, classless, uses cost for metric, process # is locally significant, 224.0.0.5 and 224.0.0.6
Router ospf 1
Network x.x.x.x 0.0.0.0 area 0   (tells router which int will participate in OSPF)
  -or-     Network x.x.x.x 0.0.0.31 area 0  (same as above except matches network)
  -or-     Network 0.0.0.0 255.255.255.255 area 0 (turns OSPF on on all interfaces)

broadcast medium - ethernet, token ring, ATM.  Don’t need to define neighbors
non broadcast medium – frame relay.  Need to define neighbors on DR and BDR using one of two ways -
ip ospf network broadcast or point-to-multipoint -or-
neighbor x.x.x.x  and ensure all int are non broadcast by using ip ospf network non-broadcast
point-to-point (serial but not frame) – No DR, separate subnet for each sub int
ip ospf network point-to-point
point-to-multipoint (frame relay from one to many) – No DR, don’t need neighbor cmds
ip ospf network point-to-multipoint –or- neighbor x.x.x.x   -  usually one subnet for whole network

Summarize routes from one area to another at ABR (multiple ospf areas)  -  area 1 range x.x.x.x 255.255.0.0
Summarize external routes at ASBR (redist  into OSPF)  - summary address x.x.x.x 255.255.0.0
Summarize OSPF routes for redist into IGRP at ASBR   - summary address x.x.x.x 255.255.0.0

Change cost metric using ip ospf cost 10  (changes from def of 100,000,000/bps) higher bandwidth = lower cost
To change the def bandwidth calculation without using cost – use ip ospf reference bandwidth ???

Virtual link to connect discontiguous areas to area 0.  area 1 virtual-link 2.2.2.2     area 1 virtual-link 1.1.1.1
            The area # is the transit area.  The IP is the router id of the neighbor  (highest loop or highest IP if no loop)
To prevent hello’s and lsa’s from brinding up a circuit – use int s0 – ip ospf demand circuit
To advertise default route from ospf – default information originate always  (use always if 0.0.0.0 not in table)
NSSA – Prevent ext type 5 lsa’s from being flooded from area 0 into area 2 but allows importing type 7 as ext routes
area 2 NSSA   (type 7’s are translated into type 5’s by the NSSA ABR then are flooded).
To advertise loopbacks – run ospf on the int with network x.x.x.x –or- redistribute connected route-map ian subnets
Distribute-list 1 out can only be used on ASBR
Distribute-list 1 in to filter routes on each local router.  Each router will need the dist in to filter out networks

Authentication simple –
router ospf 64
area x authentication
int e0
ip ospf authentication

 IGRP – distance vector, 255 hops, classful, uses metrics for route determination, AS #
Router igrp 10
Network x.x.x.x (classful)
Passive-interface e0   (listen but don’t send routes)
Neighbor x.x.x.x  (use with passive-int for unicast IGRP)