Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1188
Views
0
Helpful
12
Replies

OSPF Neighbour Down

asadgulzar90
Level 1
Level 1

‎10-27-2019 02:04 AM

I have configured OSPF and GRE Tunnel 50 in HO & branch routers. All routers were working fine but suddenly from last month, one branch router starts giving below error and i lost connectivity. 

%OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from FULL to DOWN, Neighbor Down: Dead timer expired .

then i have to shut reshut int vlan 50 & physical port to amke link up again. Problem comes back again after few hours or a day.

Labels:
0 Helpful
12 Replies 12

balaji.bandi
Hall of Fame
Hall of Fame

‎10-27-2019 03:18 AM

Since you have an OSPF interface configured on Tunnel, i suspect when the tunnel went down, the OSPF process terminated with a neighbour. investigate with Tunnel status and see any abnormal in the logs? both the side, since your logs only from one side.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Georg Pauwen
VIP
VIP

‎10-27-2019 03:47 AM

Hello,

 

is this a DMVPN setup ? What kind of tunnel do you have configured, just a GRE tunnel, or an IPSec/GRE tunnel ? And what interface do you need to bounce ? Is the corresponding Internet link going down as well ? Is this branch configured like all other branches, and is the hardware and IOS identical to what you have at the other branches ?

 

In short, we need (a whole lot) more information...

0 Helpful

asadgulzar90
Level 1
Level 1
In response to Georg Pauwen

‎10-27-2019 07:18 AM

yes it is dmvpn tunnel with ipsec/gre. int vlan 50 is configured for tunnel 50. all branches are configured same way. this branch was also configured 9 months ago, but problems started almost a month ago
0 Helpful

pigallo
Cisco Employee
Cisco Employee

‎10-27-2019 04:10 AM

Your message is not tunnel related issue but control-plane related issue.
OSPF dead timer expiration caused adjacency fault in your case. You have to understand why that happened.
This doesn't mean it's necessary a tunnel problem as in GRE tunneling is stateless. It means GRE doesn't test connectivity to bring up the tunnel. As long you have valid route in the rib for destination, tunnel goes always up unless you configure keepalives.
If in your HO you have kind of hub /spoke setup (P2MP on hub and P2P on spokes) and you use single tunnel to connect to all branch sites, then ,whatever the issue was, all sites would probably be impacted if the problem was caused by hub site.
As in your case the issue is related to a single branch i would first investigate remotely on that branch to see what's happening on the network:
For example, if you have latency on that link which is caused by peak of traffic which impacts the tunneled GRE ospf packets that would be a problem. It could be a QOS issue too if control-plane traffic is not well prioritized.
Or probably you have set too aggressive timer for that link which should be adjusted.

 

Regards

0 Helpful

asadgulzar90
Level 1
Level 1
In response to pigallo

‎10-27-2019 07:26 AM

i did not find any delay in traffic, also please note that sometimes it goes off and come up again automatically .
Few minutes ago, it went down multiple times and came up by itself.. below are the logs from branch router:

Oct 27 12:45:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to down
Oct 27 12:45:47: %LINK-3-UPDOWN: Interface FastEthernet1, changed state to up
Oct 27 12:45:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to up
Oct 27 12:46:24: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from FULL to DOWN, Neighbor Down: Dead timer expired
Oct 27 12:46:30: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from LOADING to FULL, Loading Done
Oct 27 13:06:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to down
Oct 27 13:06:15: %LINK-3-UPDOWN: Interface FastEthernet1, changed state to up
Oct 27 13:06:16: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to up
Oct 27 13:06:48: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from FULL to DOWN, Neighbor Down: Dead timer expired
Oct 27 13:06:52: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from LOADING to FULL, Loading Done
Oct 27 13:42:01: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from FULL to DOWN, Neighbor Down: Dead timer expired
Oct 27 16:22:48: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from LOADING to FULL, Loading Done
Oct 27 17:14:50: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from FULL to DOWN, Neighbor Down: Dead timer expired
Oct 27 17:16:31: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from LOADING to FULL, Loading Done
Oct 27 17:17:48: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from FULL to DOWN, Neighbor Down: Dead timer expired
Oct 27 17:20:13: %OSPF-5-ADJCHG: Process 3, Nbr 172.16.50.2 on Tunnel50 from LOADING to FULL, Loading Done
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to asadgulzar90

‎10-27-2019 10:21 AM

Since we are not aware of your setup you need to give us more information, and some topology, looking at the logs as mentioned. some of the interface gone down due to some reason, OSPF always relays on your underlay infrastructure to form and neighbourship.

 

can we know more information, how your network connected

 

Do you see some information here this interface gone down the same time? what is the interface? and where it is connected?

 

Oct 27 12:45:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1, changed state to down

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

asadgulzar90
Level 1
Level 1
In response to balaji.bandi

‎10-27-2019 10:41 PM

Each branch has 2 routers, one is connected to Mpls link and other is connected to Internet link.

This Router at branch is directly connected to MPLS link at port Fastethernet1, then it is connected to LAN Switch.
Internet router is connected to Firewall then from firewall it is connected to same LAN switch.

172.16.50.2 is the LAN port IP of HO router. 

0 Helpful

Georg Pauwen
VIP
VIP
In response to asadgulzar90

‎10-27-2019 02:51 PM

Hello,

 

is this a phase 2 or phase 3 DMVPN ? Is your OSPF configured as 'broadcast' network type?

0 Helpful

asadgulzar90
Level 1
Level 1
In response to Georg Pauwen

‎10-27-2019 10:45 PM

yes it is DMVPN 3 and ospf is set to broadcast
0 Helpful

paul driver
VIP
VIP

‎10-28-2019 10:34 PM - edited ‎10-28-2019 10:36 PM

Hello

Can you please confirm the MTU values on the tunnel interfaces and also initiate a debug of the ospf adjacency and post the output.
sh ip interface tunnel x | in MTU

debug ip ospf adj


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

asadgulzar90
Level 1
Level 1
In response to paul driver

‎10-30-2019 11:02 PM

Dear All, Thanks for your replies, I have changed the router port 2 days ago, and it is working fine since then,, seemed there was some hard ware issue.
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to asadgulzar90

‎10-31-2019 01:36 AM

just curious to know - is this one? interface FastEthernet1 was going up and down?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card