cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2670
Views
0
Helpful
16
Replies

OSPF States INIT/DROTHER

BEASTMODE
Level 1
Level 1

Current configuration : 2363 bytes
!
! Last configuration change at 21:17:11 UTC Tue Sep 24 2019
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
!
track 10 ip sla 10 reachability
delay down 5 up 5
!
track 20 ip sla 20 reachability
delay down 5 up 5
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.55.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
interface FastEthernet0/1
ip address 192.168.56.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
interface FastEthernet1/0
ip address 192.168.12.1 255.255.255.252
ip nat inside
ip policy route-map LOCAL
speed auto
duplex auto
!
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
!
router ospf 1
network 192.168.12.0 0.0.0.3 area 0
network 192.168.55.0 0.0.0.255 area 0
network 192.168.56.0 0.0.0.255 area 0
!
ip nat inside source route-map ISP1 interface FastEthernet0/0 overload
ip nat inside source route-map ISP2 interface FastEthernet0/1 overload
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.55.1 track 10
ip route 0.0.0.0 0.0.0.0 192.168.56.1 track 20
!
ip access-list extended LAN
permit ip 192.168.10.0 0.0.0.255 any
permit ip 192.168.20.0 0.0.0.255 any
permit ip 192.168.30.0 0.0.0.255 any
permit ip 192.168.12.0 0.0.0.3 any
ip access-list extended NET1
permit ip any any
ip access-list extended NET2
permit ip any any
!
ip sla 10
icmp-echo 192.168.55.1
frequency 5
ip sla schedule 10 life forever start-time now
ip sla 20
icmp-echo 192.168.56.1
frequency 5
ip sla schedule 20 life forever start-time now
!
route-map LOCAL permit 30
set ip next-hop verify-availability 192.168.55.1 10 track 10
set ip next-hop verify-availability 192.168.56.1 20 track 20
!
route-map ISP2 permit 10
match ip address NET2
match interface FastEthernet0/1
!
route-map ISP1 permit 10
match ip address NET1
match interface FastEthernet0/0
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
!
end

16 Replies 16

Deepak Kumar
VIP Alumni
VIP Alumni

Hi,

Share your remote end configuration also. It seems two-way communication is not happening with the remote end. Is it in the same subnet or any blocking etc?

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Remote end configuration

 

Building configuration...

Current configuration : 1801 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
!
!
ip cef
ip name-server 8.8.8.8
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.55.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address dhcp
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
!
interface FastEthernet1/1
no switchport
ip address 192.168.15.2 255.255.255.252
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Ethernet2/0
no ip address
shutdown
half-duplex
!
interface Ethernet2/1
no ip address
shutdown
half-duplex
!
interface Ethernet2/2
no ip address
shutdown
half-duplex
!
interface Ethernet2/3
no ip address
shutdown
half-duplex
!
interface Vlan1
no ip address
!
router ospf 1
log-adjacency-changes
network 192.168.15.0 0.0.0.3 area 0
network 192.168.55.0 0.0.0.255 area 0
!
no ip http server
no ip http secure-server
ip forward-protocol nd
!
!
!
no cdp log mismatch duplex
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end

Hi,

I didn't find any issue with configuration. Is it LAB or real devices? Are both devices are pingable from each other? 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

This is LAB simulation. and Yes, they can ping each other.

Hello

Can you apply a simple acl to initiate  a debug for failing multicast hello packets then post results of it.

 

ip-access-list extended 110

oermit up 192.168.55.0 0.0.0.3 host 224.0.0.5

 

debug up packet detail 110


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Both sides can ping multicast address

*Sep 25 12:30:59.992: IP: s=192.168.55.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, local feature, proto=89, NAT(2), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Sep 25 12:30:59.992: IP: s=192.168.55.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, sending broad/multicast, proto=89
*Sep 25 12:30:59.992: IP: s=192.168.55.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, output feature, proto=89, packet consumed, Post-routing NAT Outside(24), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Sep 25 12:31:00.304: IP: s=192.168.55.1 (FastEthernet0/0), d=224.0.0.5, len 76, input feature, proto=89
R1#, NAT Outside(78), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Sep 25 12:31:00.304: IP: s=192.168.55.1 (FastEthernet0/0), d=224.0.0.5, len 76, rcvd 0, proto=89
*Sep 25 12:31:00.304: IP: s=192.168.55.1 (FastEthernet0/0), d=224.0.0.5, len 76, input feature, proto=89, packet consumed, MCI Check(92), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE

Hi,

could you share debug ip ospf events &debug ip ospf hello from both devices?

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

R1 debugs

R1#

*Sep 25 13:16:00.383: OSPF-1 HELLO Fa0/0: Rcv hello from 192.168.55.1 area 0 192.168.55.1
*Sep 25 13:16:00.383: OSPF-1 HELLO Fa0/0: No more immediate hello for nbr 192.168.55.1, which has been sent on this intf 2 times
R1#
*Sep 25 13:16:02.431: OSPF-1 HELLO Fa0/1: Rcv hello from 192.168.56.1 area 0 192.168.56.1
*Sep 25 13:16:02.431: OSPF-1 HELLO Fa0/1: No more immediate hello for nbr 192.168.56.1, which has been sent on this intf 2 times
*Sep 25 13:16:03.391: OSPF-1 HELLO Fa0/1: Send hello to 224.0.0.5 area 0 from 192.168.56.2
R1#
*Sep 25 13:16:05.727: OSPF-1 HELLO Fa0/0: Send hello to 224.0.0.5 area 0 from 192.168.55.2
*Sep 25 13:16:05.787: OSPF-1 HELLO Fa1/0: Send hello to 224.0.0.5 area 0 from 192.168.12.1
R1#
*Sep 25 13:16:06.735: OSPF-1 HELLO Fa1/0: Rcv hello from 192.168.30.1 area 0 192.168.12.2
R1#
*Sep 25 13:16:10.379: OSPF-1 HELLO Fa0/0: Rcv hello from 192.168.55.1 area 0 192.168.55.1
*Sep 25 13:16:10.379: OSPF-1 HELLO Fa0/0: No more immediate hello for nbr 192.168.55.1, which has been sent on this intf 2 times
R1#
*Sep 25 13:16:12.435: OSPF-1 HELLO Fa0/1: Rcv hello from 192.168.56.1 area 0 192.168.56.1
*Sep 25 13:16:12.435: OSPF-1 HELLO Fa0/1: No more immediate hello for nbr 192.168.56.1, which has been sent on this intf 2 times
*Sep 25 13:16:12.439: OSPF-1 HELLO Fa0/1: Send hello to 224.0.0.5 area 0 from 192.168.56.2
R1#
*Sep 25 13:16:15.463: OSPF-1 HELLO Fa0/0: Send hello to 224.0.0.5 area 0 from 192.168.55.2
*Sep 25 13:16:15.475: OSPF-1 HELLO Fa1/0: Send hello to 224.0.0.5 area 0 from 192.168.12.1
R1#
*Sep 25 13:16:16.731: OSPF-1 HELLO Fa1/0: Rcv hello from 192.168.30.1 area 0 192.168.12.2
R1#
*Sep 25 13:16:20.375: OSPF-1 HELLO Fa0/0: Rcv hello from 192.168.55.1 area 0 192.168.55.1
*Sep 25 13:16:20.375: OSPF-1 HELLO Fa0/0: No more immediate hello for nbr 192.168.55.1, which has been sent on this intf 2 times

 

 

 

R3 debugs

*Mar 1 18:50:43.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet0/0 from 192.168.55.1
*Mar 1 18:50:43.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet1/1 from 192.168.15.2
R3#
*Mar 1 18:50:50.855: OSPF: Rcv hello from 192.168.16.1 area 0 from FastEthernet1/1 192.168.15.1
*Mar 1 18:50:50.855: OSPF: End of hello processing
R3#
*Mar 1 18:50:53.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet0/0 from 192.168.55.1
*Mar 1 18:50:53.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet1/1 from 192.168.15.2
R3#
*Mar 1 18:51:00.839: OSPF: Rcv hello from 192.168.16.1 area 0 from FastEthernet1/1 192.168.15.1
*Mar 1 18:51:00.839: OSPF: End of hello processing
R3#
*Mar 1 18:51:03.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet0/0 from 192.168.55.1
*Mar 1 18:51:03.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet1/1 from 192.168.15.2
R3#
*Mar 1 18:51:10.835: OSPF: Rcv hello from 192.168.16.1 area 0 from FastEthernet1/1 192.168.15.1
*Mar 1 18:51:10.835: OSPF: End of hello processing
R3#
*Mar 1 18:51:13.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet0/0 from 192.168.55.1
*Mar 1 18:51:13.871: OSPF: Send hello to 224.0.0.5 area 0 on FastEthernet1/1 from 192.168.15.2

 

 

When I changed the route-map ISP1 configuration. The OSPF is working well. Can you explain why? Thanks

ACL LIST
ip access-list extended LAN
permit ip 192.168.10.0 0.0.0.255 any
permit ip 192.168.20.0 0.0.0.255 any
permit ip 192.168.30.0 0.0.0.255 any
permit ip 192.168.12.0 0.0.0.3 any

ip access-list extended NET1
permit ip any any

OLD configuration
route-map ISP1 permit 10
match ip address NET1
match interface FastEthernet0/0

NEW configuration
route-map ISP1 permit 10
match ip address LAN
match interface FastEthernet0/0

Hi,

As per debug logs, I noticed that R1 is not finishing Hello packet process means there is drop or some ACL is making an issue. And second logs which I am looking on R1 is:

*Sep 25 12:30:59.992: IP: s=192.168.55.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, output feature, proto=89, packet consumed, Post-routing NAT Outside(24), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE

I hope NAT is making an issue for you.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Yes, I think you are right about the NAT. Can you tell me how can I fix the issue ?

Hi,

I found below issue:

DB packet reply is getting failed on router1 (where we configured NAT).

here are the logs:

NAT logs:

*Sep 25 07:11:45.707: mapping pointer available mapping:0
*Sep 25 07:11:45.707: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:11:50.223: mapping pointer available mapping:0
*Sep 25 07:11:50.223: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:11:54.759: mapping pointer available mapping:0
*Sep 25 07:11:54.759: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:11:59.663: mapping pointer available mapping:0
*Sep 25 07:11:59.663: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:04.251: mapping pointer available mapping:0
*Sep 25 07:12:04.255: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:09.039: mapping pointer available mapping:0
*Sep 25 07:12:09.043: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:13.611: mapping pointer available mapping:0
*Sep 25 07:12:13.611: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:18.595: mapping pointer available mapping:0
*Sep 25 07:12:18.595: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:23.235: mapping pointer available mapping:0
*Sep 25 07:12:23.239: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:27.907: mapping pointer available mapping:0
*Sep 25 07:12:27.907: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:32.703: mapping pointer available mapping:0
*Sep 25 07:12:32.707: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:37.447: mapping pointer available mapping:0
*Sep 25 07:12:37.447: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:45.915: mapping pointer available mapping:0
*Sep 25 07:12:45.915: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#
*Sep 25 07:12:55.059: mapping pointer available mapping:0
*Sep 25 07:12:55.059: NAT: translation failed (A), dropping packet s=1.1.1.1 d=1.1.1.2
R1#

 

Packet capture:DB packet.png

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

True, It is dropping my NAT packet. How can i fix this ?

Review Cisco Networking for a $25 gift card