Here are the configs (minus the ports that are shutdown to save space)

ABR:

Current configuration : 2308 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
ip routing
!

!
!
spanning-tree mode pvst
!

!
interface Loopback0
 ip address 10.200.250.253 255.255.255.0
!
interface FastEthernet0/1
!
interface FastEthernet0/2
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,410
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/3
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,402
 switchport trunk encapsulation dot1q
!
interface GigabitEthernet0/1
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,408
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/2
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,401
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan401
 ip address 10.200.255.249 255.255.255.252
!
interface Vlan402
 ip address 10.200.255.246 255.255.255.252
!
interface Vlan408
 ip address 10.201.255.253 255.255.255.252
!
interface Vlan410
 ip address 10.204.255.250 255.255.255.252
!
router ospf 10
 log-adjacency-changes
 area 0 range 10.200.0.0 255.255.0.0
 area 0 range 10.201.0.0 255.255.0.0
 area 0 range 10.202.0.0 255.255.0.0
 area 0 range 10.203.0.0 255.255.0.0
 network 10.200.0.0 0.0.255.255 area 0
 network 10.1.0.0 0.0.255.255 area 0
 network 192.168.12.0 0.0.3.255 area 0
 network 10.204.0.0 0.0.255.255 area 1
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login

!
end

Middle Switch:

Current configuration : 1761 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!

!
ip routing
!
!
spanning-tree mode pvst
!

!
interface Loopback0
 ip address 10.204.250.253 255.255.255.0
!
interface FastEthernet0/1
!
interface FastEthernet0/2
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,410
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,409
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan409
 ip address 10.204.255.253 255.255.255.252
!
interface Vlan410
 ip address 10.204.255.249 255.255.255.252
!
router ospf 10
 log-adjacency-changes
 passive-interface default
 no passive-interface Vlan409
 no passive-interface Vlan410
 network 10.204.0.0 0.0.255.255 area 1
!
ip classless
!
ip flow-export version 9
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

End Switch:

Current configuration : 2360 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
ip routing
!
!
spanning-tree mode pvst
!
!
interface Loopback0
 ip address 10.204.250.254 255.255.255.0
!
interface Port-channel 1
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,400-402,999
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/1
!
interface FastEthernet0/2
 channel-group 1 mode on
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,400-402,999
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/3
 channel-group 1 mode on
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,400-402,999
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
 switchport trunk native vlan 990
 switchport trunk allowed vlan 1,8,409
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan400
 ip address 10.204.40.1 255.255.255.0
 ip helper-address 10.1.16.12
!
interface Vlan401
 ip address 10.204.41.1 255.255.255.0
 ip helper-address 10.1.16.12
!
interface Vlan402
 ip address 10.204.42.1 255.255.255.0
 ip helper-address 10.1.16.12
!
interface Vlan409
 ip address 10.204.255.254 255.255.255.252
!
interface Vlan999
 ip address 10.204.253.1 255.255.255.0
!
router ospf 10
 log-adjacency-changes
 passive-interface default
 no passive-interface Vlan409
 network 10.204.0.0 0.0.255.255 area 1
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end

Actually forget that, it doesn't matter.

The configs look okay at the moment.

Have you done a debug on the middle switch to see what the actual LSA being received is ?

Jon

This is the debug from the middle switch:

03:12:44: OSPF: Rcv hello from 10.200.250.253 area 1 from Vlan410 10.204.255.250

03:12:44: OSPF: End of hello processing

03:12:44: OSPF: Rcv hello from 10.204.250.254 area 1 from Vlan409 10.204.255.254

03:12:44: OSPF: End of hello processing

03:12:45: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual-link but not found from 10.204.255.253, Vlan409

I'm not 100% sure how to interpret it.

Interestingly the routes are being distributed properly I'm just getting the error repeatedly so it doesn't seem to be affecting OSPF actually working but I'd still like to get to the bottom of it.

It's the end switch that the middle switch is complaining about.

Can you post a "sh ip ospf database" from the end switch.

Also is the end switch only connected to the middle switch ?

Jon

The end switch has a layer 2 edge switch attached to it that doesn't have OSPF setup on it, I have made all the interfaces other that those involved in OSPF passive.

Here is the database:

            OSPF Router with ID (10.204.250.254) (Process ID 10)

Router Link States (Area 1)

Link ID ADV Router Age Seq# Checksum Link count

10.204.250.254 10.204.250.254 1671 0x80000008 0x0015f0 6

10.200.250.253 10.200.250.253 1542 0x8000000e 0x00fe0d 1

10.204.250.253 10.204.250.253 1541 0x80000010 0x00ea7d 3

Net Link States (Area 1)

Link ID ADV Router Age Seq# Checksum

10.204.255.254 10.204.250.254 1671 0x80000002 0x0040b3

10.204.255.250 10.200.250.253 1542 0x80000004 0x000316

Summary Net Link States (Area 1)

Link ID ADV Router Age Seq# Checksum

10.200.0.0 10.200.250.253 1602 0x80000611 0x0004a5

10.1.0.0 10.200.250.253 1552 0x80000632 0x002926

192.168.12.0 10.200.250.253 1552 0x80000633 0x007076

10.203.0.0 10.200.250.253 1552 0x80000634 0x00a3de

10.202.0.0 10.200.250.253 1552 0x80000635 0x00b7c9

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag

0.0.0.0 10.200.250.254 1612 0x80000007 0x009a65 1

Peter

Okay that is weird then because the middle switch is definitely complaining about receiving an LSA from the end switch for the wrong area but the middle switch only has one L3 SVI peering with the end switch and that is in area 1.

And the end switch only has LSAs in area 1.

I did wonder if you had somehow created a sort of loop back to the backbone area but if there is one I can't see it.

I'll have another look at the configs and maybe even lab it up but I can't see an obvious issue at the moment.

Jon

Thanks Jon your help is massively appreciated. 

I found the answer but a bit of pure luck.

The reason for the error was because it was receiving packet for 10.1.0.0 255.255.0.0 because the 10.1 network is extended out across all the sites

But because 10.1.0.0 0.0.255.255 was in the core switch in area 0 it kept complaining that it was receiving the packet in the wrong area.

Thanks for all your help.

Hi Peter

Thanks for letting me know the resolution.

Jon

Is the end switch connected to any other L3 device ?

Can you post "sh ip ospf database" from the end switch.

Jon