OSPF Error Message (expecting virtual link)

bradleyordner · ‎10-11-2012

Hi Guys,

I have two routers -

R1 - Area 0 & Area 144

R2 - Area 144

There is a trunk between these routers -

switchport trunk native vlan 100

switchport trunk allowed vlan 97,100,210,220

They share a neighborship on VLAN 100. (10.207.144.0/24)

Now when R1 sends the following -

Oct 2 15:02:33 AEST: OSPF: Send hello to 224.0.0.5 area 0 on Vlan102 from 10.207.152.17

Oct 2 15:02:36 AEST: OSPF: Send hello to 224.0.0.5 area 0 on Vlan95 from 10.207.128.22

Oct 2 15:02:37 AEST: OSPF: Send hello to 224.0.0.5 area 144 on Vlan100 from 10.207.144.132

R2 does this -

Oct 12 15:42:08 AEST: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual-link but not found from 10.207.152.17, Vlan100
Oct 12 15:42:22 AEST: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual-link but not found from 10.207.128.22, Vlan100

So my intial thoughts are the multicasts are being put on the native VLAN. What debugs can I use to confirm where the multicasts are going. It is possible there is a switch with say VLAN 95 on one end and VLAN 100 on other end as acces sports and the multicast is being sent into vlan 100?

OSPF debugs seems to be giving me layer 3 info, i need some layer 2 type debugs!

Thanks

Raju Sekharan · ‎10-12-2012

Hi

Can you paste the config from both R1 and R2

nickbonifacio · ‎10-12-2012

Hi Bradley,

Can you do a "show run interface x" on the relevant router interfaces? Also, could you do the same on the switch interfaces facing the routers?

i.e.

R9#sh run int fa0/0

Building configuration...

Current configuration : 94 bytes

!

interface FastEthernet0/0

ip address 10.89.9.9 255.255.255.0

duplex auto

speed auto

end

Also, do a "show ip ospf int brief" on the routers.

Thanks,

Nick

Nick Bonifacio CCIE #38473

Sandeep Choudhary · ‎10-12-2012

Hi ,

here is the link to solve this problem:

The %OSPF-4-ERRRCV error message indicates that an Open Shortest Path First (OSPF) router has received an invalid OSPF packet. These are the possible causes:

Mismatch area ID
Bad checksum
ospf NOT ENABLED ON THE RECEIVING INTERFACE
Ospf not enabled on the receving interface due to bug
Bad version
Invalid type
Bad link-state update advertisement count
Bad link-state update length

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094819.shtml

Regards

pLEASE RATE IF IT HELPS:

Giuseppe Larosa · ‎10-12-2012

Hello Bradleyordner,

from the two log outputs that you have provided, I agree that it looks like that somewhere in the network broadcast domains Vlan 95 and Vlan 102 are merged with broadcast domain Vlan 100, causing R2 device to discard the out of context OSPF hello messages.

To check this, CDP if enabled provides useful info to find a L2 connection between Vlan X and Vlan Y made on access ports.

A log message of

CDP ... native vlan mismatch on port ...

should appear

If CDP is disabled, you should perform a test like the following:

connect a PC to an access port in vlan 95 in your network with appropriate IP address this will give you a device with a unique MAC address that should only be associated to vlan 95.

Have the PC to ARP or to send multicast traffic or simply to ping the IP directed broadcast of the IP subnet,

Check CAM table for vlan 100 to see if the PC MAC appears and if it appears follow it in your switches.

Hope to help

Giuseppe

bradleyordner · ‎10-18-2012

Hi guys,

Sorry for delay. I need to correct my original post, so when i said R1 & R2
I meant layer 3 Switch 1 & 2

I am currently seraching for the native vlan mismatch as well.

Here is configs you guys have asked for -

Switch 1 -

interface GigabitEthernet1/0/25
description to switch 2
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 97,100,210,220
switchport mode trunk
priority-queue out
mls qos trust dscp
storm-control broadcast level 6.00
end

Interface    PID   Area            IP Address/Mask    Cost State Nbrs F/C
Lo0          1     0               10.207.250.6/32    1     LOOP 0/0
Vl95         1     0               10.207.128.22/29   2     BDR   1/1
Vl102        1     0               10.207.152.17/29   10    DR    1/1
Vl100        1     144             10.207.144.132/25 10    DR    2/2

Switch 2 -

interface GigabitEthernet1/0/12
description Fibre To switch 1
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 97,100,210,220
switchport mode trunk
priority-queue out
mls qos trust dscp
storm-control broadcast level 6.00

Interface    PID   Area            IP Address/Mask    Cost State Nbrs F/C
Lo0          1     144             10.207.250.5/32    1     LOOP 0/0
Vl100        1     144             10.207.144.133/25 10    BDR   2/2

I also did test regarding CAM tables.

I can see that multicasts sent from both vlans 95 and vlan 102 end up in vlan 100 on
switch 2. Confirming that these neigbors messages are hitting it as well. I really thing its the native vlan. Althouhg if i modify native to VLAN 999 what would happen?

Giuseppe Larosa · ‎10-19-2012

Hello Bradleyordner,

you can make a test changing native vlan to 999 on both ends of the trunk ( be aware it can cause some traffic disruption, do it before on switch2 side).

However, switch2 should not receive the OSPF hellos originated in different Vlans even if Vlan 100 is the native vlan of trunk.

If behaviour changes there was a strange issue with native vlan as you think of.. If still after the change switch2 will complain of receiving out of context OSPF hellos you will need to find out where the broadcast domains are joined as discussed in previous post.

To be noted these messages are not blocking the forming of OSPF adjacencies in Vlan 100, with switch1 that is the DR and switch2 that is the BDR. Also the neighbor count is 2 and adj count is 2 meaning a third device is in Vlan 100.

Does the third device in vlan 100 complains of out of context hellos or not ?

If not the issue is limited to switch2 and joining of broadcast domains is not really happening ( or also third device would camplain)

Hope to help

Giuseppe