[Troubleshooting Series] Case 30 OSPF Neighbor Relationships Cannot Be Established

Created: Jan 17, 2019 13:59:51 430 0 0 0


Physical Network Topology

135359qpn0qen9ehaj0a9j.png

 

Fault Description

The status of OSPF process is “exstart” on CE12800, and it is “exchange” on the CE12800-SwitchB. Run the display ospf peer command  to check the status.

[~R4U13-CE12800] display ospf peer
OSPF Process 100 with Router ID 10.220.7.60                                       
 Area 0.0.0.0 interface 107.1.1.1 (10GE1/0/7)'s neighbors                     
  Router ID: 10.1.1.2           Address : 107.1.1.2                           
  State    : ExStart            Mode    : Nbr is Slave      Priority: 1        
  DR       : 107.1.1.2          BDR     : 107.1.1.1         MTU     : 0        
  Dead timer due (in seconds) : 37                                              
  Retrans timer interval      : 5                                               
  Neighbor up time            : 00h00m00s                                       
  Authentication Sequence     : 0

[~R4U13-CE12800-SWITCH-B] display ospf peer
OSPF Process 100 with Router ID 10.1.1.2                                       
 Area 0.0.0.0 interface 107.1.1.2 (10GE3/0/2)'s neighbors                     
  Router ID: 10.220.7.60        Address : 107.1.1.1                           
  State    : Exchange           Mode    : Nbr is Master     Priority: 1        
  DR       : None               BDR     : None              MTU     : 0        
  Dead timer due (in seconds) : 37                                              
  Retrans timer interval      : 5                                                
  Neighbor up time            : 00h00m00s                                       
  Authentication Sequence     : 0  

Configuration Files

l   CE12800

!Software Version V100R005C10SPC200
#
acl number 3000
 rule 5 permit tcp destination-port eq 1900
 rule 10 permit udp destination-port eq 1900
#
acl number 3010
 rule 10 permit ip
#
traffic classifier c1 type or
 if-match acl 3000
#
traffic behavior b1
 deny
#
traffic policy p1
 classifier c1 behavior b1 precedence 5
#
ospfv3 100
 area 0.0.0.0
#
interface 10GE1/0/7
 undo portswitch
 mtu 2000
 ipv6 enable
 ip address 107.1.1.1 255.255.255.0
 ipv6 address 100::1/64
 ospfv3 100 area 0.0.0.0
 mpls
 mpls ldp
 jumboframe enable 1536
 device transceiver 1000BASE-X
#
interface Tunnel1
 ip address 13.13.13.13 255.255.255.0
 tunnel-protocol gre
 source 107.1.1.1
 destination 107.1.1.2
#
ospf 100
 import-route direct
 import-route static
 area 0.0.0.0
  network 13.13.13.0 0.0.0.255
  network 102.1.1.0 0.0.0.255
  network 107.1.1.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 10.220.6.1
ip route-static 0.0.0.0 0.0.0.0 192.168.64.1

l   CE12800-SwitchB

!Software Version V100R005C10SPC200 

#
acl ipv6 number 3000
 rule 1 permit ipv6 destination 100::/64
#
traffic classifier test type or
 if-match ipv6 acl 3000
#
traffic behavior test
 redirect interface 10GE3/0/9
#
traffic policy test
 classifier test behavior test precedence 5
#
ospfv3 100
 area 0.0.0.0
#
interface Vlanif1000
 ipv6 enable
 ip address 100.100.1.103 255.255.255.0
 ipv6 address 1000:1000::1/64
 vrrp vrid 1 virtual-ip 100.100.1.101
 vrrp6 vrid 2 virtual-ip FE80::5 link-local
 vrrp6 vrid 2 virtual-ip 1000:1000::1000
 traffic-policy test inbound 
#
interface 10GE3/0/2
 undo portswitch
 mtu 2000
 ipv6 enable
 ip address 107.1.1.2 255.255.255.0
 ipv6 address 100::2/64
 ospfv3 100 area 0.0.0.0
 jumboframe enable 1536
 device transceiver 1000BASE-X
#
interface Tunnel1
 ipv6 enable
 ip address 13.13.13.14 255.255.255.0
 ipv6 address 100:100::100/64
 tunnel-protocol gre
 source 107.1.1.2
 destination 107.1.1.1
 ospfv3 100 area 0.0.0.0
#
bgp 10089
 peer 107.1.1.1 as-number 10086
 #
 ipv4-family unicast
  import-route direct  
  peer 107.1.1.1 enable
#
ospf 100
 import-route direct
 import-route static
 area 0.0.0.0
  network 5.5.5.5 0.0.0.0
  network 13.13.13.0 0.0.0.255
  network 107.1.1.0 0.0.0.255
#     

Troubleshooting Procedure

When OSPF neighbor relationships cannot be established, seeFigure 4-3 to rectify the fault.

Figure 1-2 Troubleshooting flowchart for a failure to establish an OSPF relationship

135400i7kyk018hi8zx1m8.png

 

                               Step 1      Check information about neighbors in each OSPF area.

Run the display ospf peer command in the user view and rectify the fault according to the State field.

[~R4U130-CE12800] display ospf peer
 
OSPF Process 100 with Router ID 10.220.7.60 
 Area 0.0.0.0 interface 107.1.1.1 (10GE1/0/7)'s neighbors
  Router ID: 10.1.1.2           Address : 107.1.1.2 
  State    : ExS                Mode    : Nbr is Slave       Priority: 1 
  DR       : 107.1.1.2          BDR     : 107.1.1.1          MTU     : 0 
  Dead timer due (in seconds) : 30
  Retrans timer interval      : 5  
  Neighbor up time            : 00h00m00s 
  Authentication Sequence     : 0

According to the OSPF Neighbor Relationships Cannot Be Established, if the neighbor status remains Exstart, the two devices remain in DD negotiation and cannot synchronize their DDs. Two possible causes exist:

l   Oversized packets cannot be received and sent.

Run the ping-s1500neighbor-address command to check oversized packet transmission. If the ping operation fails, rectify the link fault.

l   The two devices have different OSPF MTUs configured.

Huawei devices check the MTU of DD packets only when the ospf mtu-enable command is configured on OSPF interfaces. Non-Huawei devices check the MTU of DD packets by default.

Check whether the local OSPF interface has the ospf mtu-enable command configured and whether the interfaces on both ends use the same OSPF MTU. If the two interfaces use different MTUs, ensure that the two interfaces use the same MTU.

                               Step 2      Check the MTU configuration of the OSPF interface and oversized packet transmission.

Run the display ospf interface verbose command to check the configuration on the switch.

[~R4U13-CE12800] display ospf interface verbose
 
OSPF Process 1 with Router ID 10.220.7.60 
 
 Area: 0.0.0.0          MPLS TE not enabled
 
 Interface: 107.1.1.1 (10GE1/0/7)
 Cost: 1       State: BDR         Type: Broadcast            MTU: 2000
 Priority                 : 1 
 Designated Router        : 107.1.1.2
 Backup Designated Router : 107.1.1.1
 Timers: Hello 10, Dead 40, Wait 40, Poll 120, Retransmit 5, Transmit Delay 1
 Opaque ID: 0   Previous state: waitting
 Effective cost : 1, enabled by OSPF Protocol
...

Querying the current configuration shows that the MTU values configured on the interfaces at both ends are the same and both are 2000. You can run the ping -s 1500 neighbor-address command to view the sending and receiving of large packets.

[~R4U13-CE12800] ping ignore-mtu -s 2048 107.1.1.2 
  PING 107.1.1.2: 56 data bytes, press CTRL_C to break
    Request time out (unroutable)
    Request time out (unroutable)
    Request time out (unroutable)
    Request time out (unroutable)
    Request time out (unroutable)
 
  --- 107.1.1.2 ping statistics ---
    5 packet(s) transmitted
    0 packet(s) received
    100.00% packet loss

We find that the jumbo frames are not reachable, so we confirm that it causes the wrong OSPF status between two switch. When there are lots of route entries on device, the DD packets need to send these LSA to its peer, the length of DD packets is equal to the MTU.

Solution: Modify the MTU of the OSPF interface to 1300.

[~R4U13-CE12800] interface 10ge 3/0/2
[~R4U13-CE12800--10GE3/0/2] mtu 1300
[*R4U13-CE12800--10GE3/0/2] commit

Root Cause

The root cause is that the length of OSPF DD packets is close or equal the MTU value in the interface, the jumbo frames are dropped in the ports for this reason, it causes OSPF DD packets cannot be sent to its peer.

 


  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top