10-02-2013 01:30 AM - edited 03-07-2019 03:47 PM
Hello,
I am having an issue with my fairly simple OSPF design.
Basically, I have 3 routers (4500X) which I'm running OSPF on.
They are all meshed together, but one adjacency behaves strangely : when I boot up the router, the adjacency is FULL ; after a while (maybe a minute, or two), the adjacency goes back into INIT state.
The two routers are named HDRouter and DSIRouter.
HDRouter is showing the adjacency as INIT and DSIRouter is not showing up the adjacency at all.
I ran a ospf debug and found out what I already knew - HDRouter is receiving Hellos from DSIRouter, and sends Hellos back (via immediate hello or via multicast), but the DSIRouter never sees the Hellos from HDRouter, hence getting stuck in INIT/Blank. (HD/DSI)
HDRouter#
*Oct 2 01:29:20.001: OSPF-1 HELLO Vl401: Send hello to 224.0.0.5 area 0 from 10.3.3.2
*Oct 2 01:29:24.395: OSPF-1 HELLO Vl404: Rcv hello from 10.3.0.3 area 0 10.3.3.10
*Oct 2 01:29:26.627: OSPF-1 HELLO Vl401: Rcv hello from 10.3.0.1 area 0 10.3.3.1
*Oct 2 01:29:26.627: OSPF-1 HELLO Vl401: No more immediate hello for nbr 10.3.0.1, which has been sent on this intf 2 times
The configuration is done with SVI interfaces over a L2 Link, like this :
HDRouter (Area 10 = 10.4.0.0/14)
router ospf 1
router-id 10.3.0.4
area 10 stub
redistribute connected subnets
passive-interface default
no passive-interface Vlan401
no passive-interface Vlan404
network 10.3.0.0 0.0.3.255 area 0
network 10.4.0.0 0.3.255.255 area 10
interface Vlan401
ip address 10.3.3.2 255.255.255.252
ip ospf network point-to-point
Neighbor ID Pri State Dead Time Address Interface
10.3.0.3 0 FULL/ - 00:00:32 10.3.3.10 Vlan404
10.3.0.1 0 INIT/ - 00:00:34 10.3.3.1 Vlan401
interface TenGigabitEthernet1/1/15
description *** To SR-VDGDSIT-4500X-BB1 Te 1/1/15 ***
switchport mode trunk
switchport nonegotiate
DSIT Router (Area 30 = 10.1.0.0/16 and 10.2.0.0/16)
router ospf 1
router-id 10.3.0.1
redistribute connected subnets
passive-interface default
no passive-interface Vlan401
no passive-interface Vlan402
no passive-interface Vlan405
network 10.1.0.0 0.0.255.255 area 30
network 10.2.0.0 0.0.255.255 area 30
network 10.3.0.0 0.0.3.255 area 0
default-information originate always
interface Vlan401
ip address 10.3.3.1 255.255.255.252
ip ospf network point-to-point
interface TenGigabitEthernet1/1/15
description *** To SR-VDGHDV-4500X-BB1 Te 1/1/15 ***
switchport mode trunk
switchport nonegotiate
Neighbor ID Pri State Dead Time Address Interface
10.3.0.3 0 FULL/ - 00:00:33 10.3.3.17 Vlan405
Area 0 is my backbone, which is where my SVI (vlans 401) are located.
Area 0 network is 10.3.3.0/24 subnetted in /30 subnets for interconnection. (10.3.3.0/30, 10.3.3.4/30, and so on)
Loopback interfaces are used for router-id purposes with subnet 10.3.0.0/24 and 10.3.1.0/24.
As you can see, I have another adjacency which works perfectly well on HD and on DSI (they are adjacencies to the same third router, called CC)
Here is how CC is configured
CC Router (Area 20 = 10.12.0.0/14)
router ospf 1
router-id 10.3.0.3
redistribute connected subnets
passive-interface default
no passive-interface Vlan403
no passive-interface Vlan404
no passive-interface Vlan405
network 10.3.0.0 0.0.3.255 area 0
network 10.12.0.0 0.3.255.255 area 20
interface Vlan404
ip address 10.3.3.10 255.255.255.252
ip ospf network point-to-point
interface Vlan405
ip address 10.3.3.17 255.255.255.252
ip ospf network point-to-point
Neighbor ID Pri State Dead Time Address Interface
10.3.0.1 0 FULL/ - 00:00:32 10.3.3.18 Vlan405
10.3.0.4 0 FULL/ - 00:00:33 10.3.3.9 Vlan404
Finally, here is a piece of my routing table from HD Router :
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E2 - OSPF external type 2
Gateway of last resort is 10.3.3.10 to network 0.0.0.0
O*E2 0.0.0.0/0 [110/1] via 10.3.3.10, 00:20:09, Vlan404
10.0.0.0/8 is variably subnetted, 23 subnets, 3 masks
O IA 10.1.10.0/24 [110/3] via 10.3.3.10, 00:20:09, Vlan404
C 10.3.0.0/24 is directly connected, Loopback1
O 10.3.0.1/32 [110/3] via 10.3.3.10, 00:20:09, Vlan404
O 10.3.0.2/32 [110/3] via 10.3.3.10, 00:20:09, Vlan404
O 10.3.0.3/32 [110/2] via 10.3.3.10, 00:20:09, Vlan404
L 10.3.0.4/32 is directly connected, Loopback1
C 10.3.1.0/24 is directly connected, Loopback2
O 10.3.1.1/32 [110/3] via 10.3.3.10, 00:20:09, Vlan404
O 10.3.1.2/32 [110/3] via 10.3.3.10, 00:20:09, Vlan404
O 10.3.1.3/32 [110/2] via 10.3.3.10, 00:20:09, Vlan404
L 10.3.1.4/32 is directly connected, Loopback2
C 10.3.3.0/30 is directly connected, Vlan401
L 10.3.3.2/32 is directly connected, Vlan401
O 10.3.3.4/30 [110/3] via 10.3.3.10, 00:20:09, Vlan404
C 10.3.3.8/30 is directly connected, Vlan404
L 10.3.3.9/32 is directly connected, Vlan404
O 10.3.3.12/30 [110/2] via 10.3.3.10, 00:20:09, Vlan404
O 10.3.3.16/30 [110/2] via 10.3.3.10, 00:20:09, Vlan404
C 10.4.10.0/24 is directly connected, Vlan10
L 10.4.10.253/32 is directly connected, Vlan10
O IA 10.8.10.252/30 [110/3] via 10.3.3.10, 00:20:09, Vlan404
O IA 10.12.10.0/24 [110/2] via 10.3.3.10, 00:20:09, Vlan404
O E2 10.12.12.0/24 [110/20] via 10.3.3.10, 00:20:09, Vlan404
Could anyone point me where I'm getting this wrong ? I already checked L1/L2 connectivity, changed fibers... I am surprised as to why it would go to FULL adjacency before going back to INIT...
Thanks
Solved! Go to Solution.
10-02-2013 08:05 AM
Jeremy,
I think what happend was that INT-Switch sent VTP Join messages with the information that VLAN 401 was not needed on the trunk because it didn't have any active port in VLAN 401.
The intermediate and VTP-transparent switch DSIRouter just relayed this VTP Join messages to HDRouter and HDRouter pruned VLAN 401.
There are several approaches to avoid something like that, e.g. you could configure VLAN 401 pruning-ineligible on the trunks which form the OSPF-links.
HTH
Rolf
10-02-2013 01:41 AM
I found the solution to my problem 30 seconds after this post...
My DSI switch was configured as VTP Transparent.
I had another switch (a 3750 - called INT) linked via a L2 trunk to my DSI Router. All vlans allowed.
This switch, INT, had VTP Server configured, with the same VTP Domain as my HDRouter (vtp domain HD)
As soon as I changed the VTP Domain name and changed server mode to transparent mode on the INT switch, my adjacency between DSI and HD went up !
I cannot explain this behavior, I guess it would have to do with native vlan ?
10-02-2013 01:55 AM
Jeremy,
I do not think this had anything to do with native VLAN, as VTP has no influence on it. But I wonder - do you happen to have VTP Pruning activated?
Best regards,
Peter
10-02-2013 02:04 AM
Peter,
Yes, it was enabled.
Actually the state of VTP and Pruning was this :
HDRouter - VTP mode Server, VTP domain HD, Pruning enabled
DSIRouter - VTP mode transparent, no vtp domain configured, Pruning disabled
INTSwitch - VTP mode Server, VTP domain HD, Pruning enabled
with trunk links between HD - DSI - INT (allowed vlans : all)
Could it be that my vlan 401 (OSPF interconn vlan) was pruned ?
However, seeing as my DSI switch was not part of the VTP, just forwarding the information, why is this INT edge switch having any impact ? For me the impact should be mitigated to HD and DSI Routers only ?
Regards,
Jeremy
10-02-2013 07:11 AM
Hi Jeremy
Can you please upload your network diagram?
From you first post, the adjacency was going up initially and then going down after 1-2 minutes. We must understand this behaviour.
From your solution, there must have been L2 problem related to VTP or VLANs. But we must look for the root of this behaviour.
Regards
Bharat
10-02-2013 08:05 AM
Jeremy,
I think what happend was that INT-Switch sent VTP Join messages with the information that VLAN 401 was not needed on the trunk because it didn't have any active port in VLAN 401.
The intermediate and VTP-transparent switch DSIRouter just relayed this VTP Join messages to HDRouter and HDRouter pruned VLAN 401.
There are several approaches to avoid something like that, e.g. you could configure VLAN 401 pruning-ineligible on the trunks which form the OSPF-links.
HTH
Rolf
10-02-2013 08:11 AM
Hi Rolf,
That seems to explain it.
Just for the sake of information, this was a lab issue, in production I will use routed interfaces in place of Interface vlans, so I will most likely not run into this same issue. It's a good situation to encounter though.
Thanks
Jeremy
02-24-2017 04:50 PM
Por si alguien mas tuviese el mismo problema
http://www.cisco.com/c/en/us/support/docs/lan-switching/vtp/98155-tshoot-vlan.html
Open Shortest Path First (OSPF) Hellos can get blocked and the adjacency can be dropped if a switch in the VTP domain is changed from the server or client mode to transparent mode. This issue can occur if VTP pruning is enabled in the domain.
Use any of these options in order to resolve the issue:
Hard code the OSPF neighbors.
Disable VTP pruning in the domain.
Revert the VTP mode of the switch to server or client.
10-02-2013 08:07 AM
Hello Bharat,
Here is a diagram of my OSPF design attached.
I think that the OSPF adjacency "dies" within the first dead timer of 40 seconds. For some reason, after bootup HD Router is able to transmit a hello to its neighbor DSI Router. Then it cannot do so anymore, probably because of VTP issues, and the dead timer runs down, and drops the adjacency.
Looking forward to your thoughts on the subject. Please let me know if you need more info.
Regards,
Jeremy
10-02-2013 08:38 AM
Thanks for sharing the diagram Jeremy. I think Rolf has explained it correctly.
I think CC router doesn't have any problem. Is that router also part of VTP domain? I can see a neighborhsip between DSI and CC router over VLAN 405. But your diagram is missing VLAN405 or link between DSI and CC router.
Regards
Bharat
10-02-2013 08:40 AM
Bharat,
The CC Router is there to show a case where OSPF adjacencies are forming with HD Router. It was working perfectly well.
Indeed, the vlan is not the same, and the pruning does not take place...
Thanks for your input.
Regards,
Jeremy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide