Troubleshooting OSPF

Troubleshooting OSPF

Because it is a link-state routing protocol, OSPF scales well with a growing network. But this scalability introduces complexity in design, configuration, and maintenance. This section introduces some of the common issues surrounding an OSPF network and offers a flowchart approach to troubleshooting these issues.

Components of Troubleshooting OSPF

Troubleshooting OSPF requires an understanding of the operation of the protocol as well as a specific approach methodology. Figure 4-8 shows the major components of OSPF troubleshooting and the order in which the process flows.

Figure 4-8 Components of Troubleshooting OSPF
Introducing OSPF fig4.8

The major components of OSPF troubleshooting include the following:

  • OSPF neighbor adjacencies
  • The OSPF routing table
  • OSPF authentication

Troubleshooting OSPF Neighbor Adjacencies
The first component to troubleshoot and verify is the OSPF neighbor adjacency. Figure 4-9 shows the verification/troubleshooting components for neighbor adjacencies.

Figure 4-9 Troubleshooting OSPF Neighbor Adjacencies
Introducing OSPF fig4.9

A healthy OSPF neighbor state is “Full.” If the OSPF neighbor state remains in any other state, it may indicate a problem. Example 4-12 demonstrates sample output from the show ip ospf neighbor command to gather this information.

Example 4-12 Verifying OSPF Neighbor State

To determine whether a possible Layer 1 or Layer 2 problem exists with a connection, display the status of an interface using the show ip ospf neighbor command. “Administratively Down” indicates that the interface is not enabled. If the status of the interface is not up/up, there will be no OSPF neighbor adjacencies. In Example 4-13, serial 0/0/1 is up/up.

Example 4-13 Verifying Interface Status

For OSPF to create an adjacency with a directly connected neighbor router, both routers must agree on the maximum transmission unit (MTU) size. To check the MTU size of an interface, use the show interface command. In Example 4-14, the MTU size is 1500 bytes.

Example 4-14 Verifying Interface MTU Size

The network command that you configure under the OSPF routing process indicates which router interfaces participate in OSPF and determines inwhich area the interface belongs. If an interface appears under the show ip ospf interface command, that interface is running OSPF. In Example 4-15, interfaces serial 0/0/1 and serial 0/0/0 are running OSPF.

Example 4-15 Verifying Whether an Interface Is Running OSPF

OSPF routers exchange hello packets to create neighbor adjacencies. Four items in an OSPF hello packet must match before an OSPF adjacency can occur:

  • Area ID
  • Hello and dead intervals
  • Authentication password
  • Stub area flag

To determine whether any of these hello packet options do not match, use the debug ip ospf adj command. The output in Example 4-16 illustrates a successful adjacency on the serial 0/0/1 interface.

Example 4-16 Verifying OSPF Adjacencies

Troubleshooting OSPF Routing Tables

After you have verified that the adjacencies are correct, the next step is to troubleshoot/verify the routing tables. Figure 4-10 shows the procedures for verifying the routing tables.

Figure 4-10 Troubleshooting OSPF Routing Tables
Introducing OSPF fig4.10

An OSPF route found in the routing table can have a variety of different codes:

  • O: OSPF intra-area, within the same area, route from a router within the same OSPF area
  • O IA: OSPF inter-area, from another area in the OSPF network, route from a router in a different OSPF area
  • O E1 or E2: An external OSPF route from another autonomous system

If you have a single OSPF area, you should not see O IA routes in the routing table. Example 4-17 has both an O IA and an O E2 route.

Example 4-17 Determining OSPF Route Types

The network command that you configure under the OSPF routing process also indicates which networks OSPF advertises.

The show ip protocols command indicates whether any route filters have been implemented, which can affect which routes are seen in the routing table. The command, as shown in Example 4-18, also displays the networks that have been configured to be advertised to other OSPF routers.

Example 4-18 Determining Whether Route Filters Have Been Implemented

Troubleshooting Plaintext Password Authentication

If you are using OSPF password authentication, you must also be prepared to troubleshoot any authentication problems that may occur during the adjacency process.

You can use the debug ip ospf adj command to display OSPF adjacency-related events. This command is useful when troubleshooting authentication.

If plaintext password authentication is configured on the Router X serial 0/0/1 interface but no authentication is configured on the Router Y serial 0/0/1 interface, the routers will not be able to form an adjacency over that link. The output of the debug ip ospf adj command shown in Example 4-19 illustrates that the routers report a mismatch in authentication type; no OSPF packets will be sent between the neighbors.

Example 4-19 Determining Whether an Authentication Mismatch Exists

NOTE The different types of authentication have these codes:

  • Null is type 0
  • Simple password is type 1
  • MD5 is type 2

If plaintext password authentication is configured on the Router X serial 0/0/1 interface and on the router Y serial 0/0/1 interface, but the interfaces are configured with different passwords, the routers will not be able to form an adjacency over that link.
The output of the debug ip ospf adj command shown in Example 4-20 illustrates that the routers report a mismatch in authentication key; no OSPF packets will be sent between the neighbors.

Example 4-20 debug ip ospf adj Command Output Confirms an Authentication Mismatch

More Resources

About the author

Prasanna

Leave a Comment