OSPF troubleshooting – neighbour relationship

Download as PDF

Huawei NE40E OSPF basic configuration:

ospf 1 router-id 1.1.1.1
 area 0.0.0.0
  authentication-mode simple plain labnario
  network 10.0.0.0 0.0.0.3
  network 1.1.1.1 0.0.0.0

How to display OSPF neighbour:

display ospf peer

         OSPF Process 1 with Router ID 1.1.1.1
                 Neighbors

 Area 0.0.0.0 interface 10.0.0.1(GigabitEthernet3/0/0)'s neighbors
 Router ID: 2.2.2.2          Address: 10.0.0.2
   State: Full  Mode:Nbr is  Master  Priority: 1
   DR: 10.0.0.2  BDR: 10.0.0.1  MTU: 0
   Dead timer due in 34  sec
   Retrans timer interval: 5
   Neighbor is up for 00:33:07
   Authentication Sequence: [ 0 ]

How to display OSPF routing:

display ospf routing

         OSPF Process 1 with Router ID 1.1.1.1
                  Routing Tables

 Routing for Network
 Destination        Cost  Type       NextHop         AdvRouter       Area
 10.0.0.0/30        1     Transit    10.0.0.1        2.2.2.2         0.0.0.0
 2.2.2.2/32         1     Stub       10.0.0.2        2.2.2.2         0.0.0.0
 1.1.1.1/32         0     Stub       1.1.1.1         1.1.1.1         0.0.0.0

 Total Nets: 3
 Intra Area: 3  Inter Area: 0  ASE: 0  NSSA: 0

Configuring OSPF neighbour relationship you have to remember that:

  1. Each router ID must be unique.
  2. Interfaces between two neighbouring routers must belong to the same area.
  3. Network mask, except P2P network, of all interfaces in the same network must be the same.
  4. Authentication type must match in the same area.
  5. Authentication key must match in the same network.
  6. When configuring stub or NSSA, configuration must be the same on all routers in the area.
  7. For NBMA, peer must be configured manually.

Most failures in OSPF area are caused by neighbour’s relationship. The first thing we should do is to check OSPF errors:

display ospf error

         OSPF Process 1 with Router ID 1.1.1.1
                 OSPF error statistics

General packet errors:
 0     : IP: received my own packet     0     : Bad packet
 0     : Bad version                    0     : Bad checksum
 0     : Bad area id                    0     : Drop on unnumbered interface
 0     : Bad virtual link               0     : Bad authentication type
 0     : Bad authentication key         0     : Packet too small
 0     : Packet size > ip length        0     : Transmit error
 0     : Interface down                 0     : Unknown neighbor

HELLO packet errors:
 0     : Netmask mismatch               0     : Hello timer mismatch
 0     : Dead timer mismatch            0     : Extern option mismatch
 0     : Router id confusion            0     : Virtual neighbor unknown
 0     : NBMA neighbor unknown          0     : Invalid Source Address

DD packet errors:
 0     : Neighbor state low             0     : Router id confusion
 0     : Extern option mismatch         0     : Unknown LSA type
 0     : MTU option mismatch

LS ACK packet errors:
 0     : Neighbor state low             0     : Bad ack
 0     : Duplicate ack                  0     : Unknown LSA type

LS REQ packet errors:
 0     : Neighbor state low             0     : Empty request
 0     : Bad request

LS UPD packet errors:
 0     : Neighbor state low             0     : Newer self-generate LSA
 0     : LSA checksum bad               0     : Received less recent LSA
 0     : Unknown LSA type

Opaque errors:
 0     : 9-out of flooding scope        0     : 10-out of flooding scope
 0     : 11-out of flooding scope       0     : Unkown TLV type

Retransmission for packet over Limitation errors:
 0     : Number for DD Packet           0     : Number for Update Packet
 0     : Number for Request Packet

Receive Grace LSA errors:
 0     : Number of invalid LSAs         0     : Number of policy failed LSAs
 0     : Number of wrong period LSAs

Configuration errors:
 0     : Tunnel cost mistake
0	: The network type of the neighboring interface is not consistent.

This is very helpful command and analysing output of this command you have a clue what to do next. The only thing you have to do is to check OSPF and OSPF interfaces configuration to eliminate the configuration’s mistakes.
For example:

[NE40E-1]display ospf error

         OSPF Process 1 with Router ID 1.1.1.1
                 OSPF error statistics

General packet errors:
 0     : IP: received my own packet     18    : Bad packet
 0     : Bad version                    0     : Bad checksum
 0     : Bad area id                    0     : Drop on unnumbered interface
 0     : Bad virtual link               18    : Bad authentication type
 0     : Bad authentication key         0     : Packet too small
 0     : Packet size > ip length        0     : Transmit error
 0     : Interface down                 0     : Unknown neighbor

How to display OSPF configuration:

[NE40E-1]display current-configuration configuration ospf
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
  network 10.0.0.0 0.0.0.3
  network 1.1.1.1 0.0.0.0

[NE40E-2-ospf-1]display this
#
ospf 1 router-id 2.2.2.2
 area 0.0.0.0
  authentication-mode simple plain labnario
  network 2.2.2.2 0.0.0.0
  network 10.0.0.0 0.0.0.3
#
Return

As we can see authentication is not configured on one of the routers.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s