OSPF Routers Not Establishing Neighbors

Symptom: OSPF routers are not establishing neighbor relationships properly. The result is that routing information is not exchanged between routers.

Table 7-11 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 7-11 OSPF: Routers Not Establishing Neighbors

Possible Problem


Misconfigured or missing network router configuration command

Step 1 Use the show ip ospf interfaces exec command to determine which interfaces have OSPF1 enabled.

Step 2 If the output indicates that an interface that should be running OSPF is not doing so, use the show running-config privileged exec command to view the router configuration.

Step 3 Make sure that network router configuration commands are specified for each interface on which OSPF should run.

For example, if the IP address of Ethernet interface 0 is with a subnet mask of, enter the following commands to enable OSPF on the interface:

c4500(config)#router ospf 100

c4500(config-router)#network area 0

Make sure the proper process IDs, addresses, wildcard masks, and other variables are properly specified. To configure an OSPF routing process, use the router ospf global configuration command:

router ospf process-id

Syntax Description:

• process-id—Internally used identification parameter for an OSPF routing process. It is locally assigned and can be any positive integer. A unique value is assigned for each OSPF routing process.

Note: There is no correlation between OSPF wildcard masks (used in OSPF network commands) and the subnet mask configured as part of an interface IP address.

Step 4 Check other OSPF routers on the network using the preceding steps.

Make sure that OSPF is configured properly on all neighboring routers so that neighbor relationships can be established.

Possible Problem


Mismatched Hello or dead timers, E-bits (set for stub areas), area IDs, authentication types, or network masks

Mismatched Hello or dead timers, E-bits (set for stub areas), area IDs, authentication types, or network masks

The values set for the Hello timer and dead timer intervals, E-bits (this bit is set if the router is configured in a stub area), area IDs, authentication types, and network masks should all be the same throughout an OSPF area and in some cases the entire OSPF network.

Step 1 Use the show ip ospf neighbor privileged exec command to identify the OSPF neighbors of each router.

Step 2 If the output does not list an expected neighbor, use the show ip ospf interface privileged exec command on the router and its expected neighbor. Examine the Hello and dead timer interval values configured on OSPF interfaces.

The following is an example of the show ip ospf interface command:

C7010#show ip ospf interface [...]

Timer intervals configured, Hello 12, Dead 48, Wait 40, Retransmit 5

Step 3 Compare the values configured for the timers on each router. If there is a mismatch, reconfigure the timer values so that they are the same on the router and its neighbor.

For example, to change the Hello timer interval to 10 on Ethernet interface 0/1, enter the following commands:

C7010(config)#interface e0/1 C7010(config-if)#ip ospf hello-interval 10

The following is an overview of the ip ospf hello-interval command:

ip ospf hello-interval seconds Syntax Description:

• seconds—Unsigned integer that specifies the interval in seconds. The value must be the same for all nodes on a specific network. The default is 10 seconds.

Step 4 Use the debug ip ospf adj privileged exec command. Check the output for mismatched values.

In the following example, there is a network mask mismatch. The mask received from router is, and the mask configured on the router C4500 is

C4 5 0 0#debug ip ospf adj

OSPF: Mismatched hello parameters from Dead R 40 C 40, Hello R 10 C 10 Mask R C Step 5 If mismatches are indicated in the debug output, try to resolve the mismatch. For detailed information about configuring OSPF, see the Cisco IOS Network Protocols Configuration Guide, Part 1.

Step 6 Perform the same steps for all these parameters. Ensure that all routers in an area have the same area ID, check whether all routers in the area are configured as stub routers, check whether the same authentication type is configured for all routers, and so forth. For information on configuring these parameters, consult the Cisco IOS Network Protocols Configuration Guide, Part 1.

Note: Timer values are extremely important when Cisco routers interoperate with routers from other vendors.

Possible Problem


Access list is misconfigured

Step 1 Use the show access-list privileged exec command on suspect routers to see whether there are IP access lists configured on the router.

Step 2 If there are IP access lists enabled on the router, disable them using the appropriate commands. For example, to disable input access list 10, use the following command:

C4000(config-if)#no ip access-group 10 in

Step 3 After disabling all access lists on the router, determine whether the router is able to establish neighbor relationships normally. Use the show ip ospf neighbor privileged exec command. If the proper neighbor relationships have been established, an access list is probably filtering OSPF hello packets.

Step 4 To isolate the problem access list, enable access lists one at a time until the router cannot establish neighbors (use the clear ip ospf neighbors privileged exec command to force the router to clear the neighbor table).

Step 5 Check the access list to see whether it is filtering traffic from port 89, the port used by OSPF. At the end of every access list is an implied "deny all traffic" criteria statement. Therefore, if a packet does not match any of your criteria statements, the packet will be blocked. If an access list denies OSPF traffic, enter an explicit permit statement for port 89 to ensure that neighbor relationships can be established properly. (You can also use the ospf keyword when configuring the access list.)

For example, to configure input access list 101 to allow OSPF traffic to pass, enter the following on the router:

C4500(config)#access-list 101 permit ospf any any

Step 6 If you altered an access list, enable the list and enter the clear ip ospf neighbors privileged exec command. Then enter the show ip ospf neighbor command to see whether neighbor relationships are established normally.

Step 7 If the router is establishing neighbors, perform the preceding steps for other routers in the path until all access lists are enabled and the router can still establish neighbors normally.

For more information on configuring access lists, see the Cisco IOS configuration guides.

Step 1 A virtual link cannot be configured across a stub area. Check router configurations for routers configured both as part of a stub area and as an ABR2 that is part of a virtual link. Use the show running-config privileged exec command and look for command entries that are similar to the following:

area 2 stub area 2 virtual-link Step 2 If both of these commands are present, there is a misconfiguration.

Remove one of the commands (using the no form of the command) to resolve the misconfiguration.

1 OSPF = Open Shortest Path First

2 ABR = area border router

Virtual link and stub area configuration mismatch

Was this article helpful?

+1 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook

Post a comment