OSPF邻居状态异常原因汇总

实验拓扑

OSPF邻居状态异常原因汇总

正常状态(full)下的配置:

R1:

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
!         
router ospf 1
 router-id 1.1.1.1
 network 1.1.1.1 0.0.0.0 area 0
 network 192.168.12.1 0.0.0.0 area 0

R2:

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
 ip address 192.168.12.2 255.255.255.0
!
router ospf 1
 router-id 2.2.2.2
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.12.2 0.0.0.0 area 0

R1的邻居状态:

R1#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/DR        00:00:33    192.168.12.2    Ethernet0/0

R2的邻居状态:

R2#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   FULL/BDR         00:00:35    192.168.12.1    Ethernet0/0

接口 down

我们将R1的E0/0接口down掉(以下所有改动如未说明,均在R1上进行,R2不做改动):

R1(config)#int e0/0
R1(config-if)#shut
R1(config-if)#
*Jun  6 06:17:59.385: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached

邻居状态直接变成down。

R1#show ip ospf neighbor 
R1#

在R2上查看亦然:

R2#
*Jun  6 06:24:17.571: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf neighbor 
R2#

R2感知不到R1的接口关闭,继续发送hello报文,dead time后未收到回包,触发dead time过期提示,然后邻居状态变为down。

接口未运行 OSPF 进程

在R1上 no 掉 network 语句:

R1(config)#router ospf 1
R1(config-router)#no net 192.168.12.1 0.0.0.0 a 0
R1(config-router)#
*Jun  6 06:40:16.851: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached

邻居状态变为 down。

R1#show ip ospf neighbor 
R1#

在R2上查看其邻居状态:

R2#
*Jun  6 06:40:56.223: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf nei
R2#

R2 感知不到 R1 的接口未开启 OSPF 进程,继续发送hello报文,dead time 后未收到回包,触发 dead time 过期提示,然后邻居状态变为down。

不匹配的 Timer

在 R1 的 E0/0 接口上修改 OSPF 的默认 hello 间隔:

R1(config)#int e0/0
R1(config-if)#ip ospf hello-interval 9

邻居状态变为 down:

R1#
*Jun  6 06:54:05.543: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R1#show ip ospf neighbor 
R1#

R2 的邻居状态也变为 down:

R2#
*Jun  6 06:54:07.696: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf neighbor 
R2#

不匹配的区域号

修改 R1 的 E0/0 接口上的 OSPF 区域号:

R1(config)#router ospf 1
R1(config-router)#no net 192.168.12.1 0.0.0.0 a 0
R1(config-router)#
*Jun  6 07:04:05.246: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1(config-router)#net 192.168.12.1 0.0.0.0 a 1
R1(config-router)#
*Jun  6 07:05:00.101: %OSPF-4-ERRRCV: Received invalid packet: mismatched area ID from backbone area from 192.168.12.2, Ethernet0/0
R1(config-router)#
*Jun  6 07:05:09.763: %OSPF-4-ERRRCV: Received invalid packet: mismatched area ID from backbone area from 192.168.12.2, Ethernet0/0
R1(config-router)#
*Jun  6 07:05:19.329: %OSPF-4-ERRRCV: Received invalid packet: mismatched area ID from backbone area from 192.168.12.2, Ethernet0/0
R1(config-router)#

邻居状态变为 down:

R1#show ip ospf neighbor 
R1#

R2 亦然:

R2#
*Jun  6 07:04:40.519: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf neighbor 
R2#

不匹配的区域类型

将 R1 和 R2 的所有接口配置为 area 1(area 0 不能配置为特殊区域),并将 R1 的 area 1配置为 stub 区域:

R1(config)#router ospf 1
R1(config-router)#area 1 stub 
R1(config-router)#
*Jun  6 07:25:49.454: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

邻居状态变为 down:

R1#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   DOWN/DROTHER       -        192.168.12.2    Ethernet0/0

R2的邻居状态也为down:

*Jun  6 07:26:20.126: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf neighbor 
R2#

不同的子网掩码

将 R1 的 E0/0 接口的子网掩码改为 255.255.255.128:

R1(config)#int e0/0
R1(config-if)#ip add 192.168.12.1 255.255.255.128
R1(config-if)#
*Jun  6 07:54:35.550: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1(config-if)#
R1#show
*Jun  6 07:54:46.168: %SYS-5-CONFIG_I: Configured from console by console
R1#show ip ospf nei
R1#

邻居状态变为 down。

R2 亦然:

R2(config-router)#
*Jun  6 07:55:07.455: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf neighbor 
R2#

被动接口

将 R1 的 E0/0 改为被动接口:

R1(config)#router ospf 1
R1(config-router)#passive-interface e0/0
R1(config-router)#
*Jun  6 08:14:51.990: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached

邻居状态变为 down。

R2 亦然:

R2#
*Jun  6 08:15:24.117: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf neighbor 
R2#

不匹配的认证信息

在 R1 的 E0/0 接口上开启 MD5 认证(R2 的对端口未开启认证):

R1(config)#int e0/0
R1(config-if)#ip ospf message-digest-key 1 md5 KENAN
R1(config-if)#ip ospf authentication message-digest 
R1(config-if)#
*Jun  6 08:49:14.100: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired

邻居状态变为 down:

R1#show ip ospf neighbor 
R1#

R2 亦然:

R2#
*Jun  6 08:49:11.234: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf nei
R2#

ACL

1)在 R1 上部署 ACL,过滤掉 OSPF 协议,并在接口 E0/0 上应用:

R1(config)#access-list 100 deny ospf any any
R1(config)#access-list 100 permit ip any any
R1(config)#int ethernet 0/0
R1(config-if)#ip access-group 100 in
R1(config-if)#ip access-group 100 out

重启 OSPF 进程,邻居变为 down:

R1#clear ip ospf process 
Reset ALL OSPF processes? [no]: yes
R1#
*Jun  6 09:09:41.155: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1#show ip ospf nei
R1#

R2 的邻居状态变为 INIT:

R2#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   INIT/DROTHER    00:00:32    192.168.12.1    Ethernet0/0

2)在 R1 上部署 ACL,过滤掉组播地址 224.0.0.5,并在接口 E0/0 上应用:

R1(config)#access-list 101 deny igmp any host 224.0.0.5
R1(config)#access-list 101 permit ip any any
R1(config)#int e0/0
R1(config-if)#ip access-group 101 in
R1(config-if)#ip access-group 101 out

重启 OSPF 进程,邻居变为 down:

R1#clea ip ospf pr
Reset ALL OSPF processes? [no]: yes
R1#
*Jun  6 09:34:19.390: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1#show ip ospf nei
R1#

R2 的邻居变为 INIT:

R2#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   INIT/DROTHER    00:00:31    192.168.12.1    Ethernet0/0

MTU不匹配

修改 R1 上 E0/0 的 MTU:

R1(config)#int e0/0
R1(config-if)#ip mtu 1400

重启 OSPF 进程,邻居状态变为 EXSTART:

R1#clea ip ospf pr
Reset ALL OSPF processes? [no]: yes
R1#
*Jun  6 09:52:30.130: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   EXSTART/DR      00:00:39    192.168.12.2    Ethernet0/0
R1#

R2 亦然:

R2#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   EXSTART/BDR     00:00:38    192.168.12.1    Ethernet0/0
R2#

重复的 router id

将 R1 的 ospf router id 改为和 R2 的一样:

R1(config)#router ospf 1
R1(config-router)#router-id 2.2.2.2
% OSPF: Reload or use "clear ip ospf process" command, for this to take effect
R1(config-router)# 
R1#
*Jun  6 10:01:13.184: %SYS-5-CONFIG_I: Configured from console by console
R1#clear ip ospf pr
Reset ALL OSPF processes? [no]: yes

邻居状态变为 down:

R1#
*Jun  6 10:01:24.058: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1#
*Jun  6 10:01:26.524: %OSPF-4-DUP_RTRID_NBR: OSPF detected duplicate router-id 2.2.2.2 from 192.168.12.2 on interface Ethernet0/0
R1#show ip ospf nei
R1#

R2 亦然:

*Jun  6 10:02:04.023: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#clea ip ospf pro
% Please answer 'yes' or 'no'.
Reset ALL OSPF processes? [no]: yes
R2#show ip ospf nei
R2#

不匹配的网络类型

1)将R1的 E0/0 口的 OSPF 网络类型改为点对点:

R1(config)#int e0/0
R1(config-if)#ip ospf network point-to-point

邻居状态变为 down,又变为 Full:

R1(config-if)#
*Jun  6 10:10:04.048: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
*Jun  6 10:10:04.049: %OSPF-4-NET_TYPE_MISMATCH: Received Hello from 2.2.2.2 on Ethernet0/0 indicating a  potential 
             network type mismatch
R1(config-if)#
*Jun  6 10:10:04.050: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from LOADING to FULL, Loading Done

对端路由器的接口 OSPF 网络类型默认为广播,虽然本端被改为了点对点,但它们具有相同的 hello time(10s)和 dead time(40s),所以能形成正常的邻接关系并交换 LSA,但由于两端的链路类型不一致,各自的1类 LSA 中的 Link ID 表示的含义不一样(P2P 类型的 LINK ID 为对端的 router ID,广播类型的LINK ID 为 DR 的 IP),所以无法计算最短路径树,也就无法学到 OSPF 路由。

R1#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/  -        00:00:30    192.168.12.2    Ethernet0/0
R1#show ip rou ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set
R1#

R2 的邻居状态也为 Full:

R2#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   FULL/BDR        00:00:36    192.168.12.1    Ethernet0/0

2)将 R1 的 E0/0 口的 OSPF 网络类型改为点对多点:

R1(config)#int e0/0
R1(config-if)#ip ospf network point-to-multipoint

邻居状态变为 down,因为和对端网络类型的hello time和dead time不一致,所以不能建立邻接关系。

R1(config-if)#
*Jun  6 10:41:54.846: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1(config-if)#
R1#
*Jun  6 10:42:17.683: %SYS-5-CONFIG_I: Configured from console by console
R1#show ip ospf nei
R1#

R2亦然:

*Jun  6 11:32:03.265: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2#show ip ospf nei
R2#

综上可知,不同网络类型之间,只要time一致,都能建立邻接关系(full),但不能学到路由。

OSPF 优先级设置错误

将 R1 的 E0/0 和 R2 的 E0/0 的 OSPF 优先级都设置成为 0(不允许参与 DR 和 BDR 的选举):

R1(config)#int e0/0
R1(config-if)#ip ospf priority 0
R2(config)#int e0/0
R2(config-if)#ip ospf priority 0

双方的邻居状态都变成了 2way:

R1#clea ip ospf pr
Reset ALL OSPF processes? [no]: yes
R1#
*Jun  6 13:09:59.713: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from 2WAY to DOWN, Neighbor Down: Interface down or detached
R1#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   2WAY/DROTHER    00:00:33    192.168.12.2    Ethernet0/0
R1#
R2#clea ip ospf pr
Reset ALL OSPF processes? [no]: yes
R2#
*Jun  6 13:10:17.577: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from 2WAY to DOWN, Neighbor Down: Interface down or detached
R2#show ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           0   2WAY/DROTHER    00:00:33    192.168.12.1    Ethernet0/0
R2#

总结

邻居状态可能原因
down接口down
down接口未运行ospf进程
down不匹配的timer
down不匹配的区域号
down不匹配的区域类型
down不同的子网掩码
down被动接口
down不匹配的认证信息
down重复的router id
down不匹配的网络类型
INITACL
2WAY接口的OSPF优先级设置错误
EXSTART/EXCHANGEMTU不匹配

此验证实验所用模拟器为 pnet,镜像为思科 IOL,IOS版本为15.4。本文列举的所有可能原因均为常见原因,所呈现的邻居状态在不同模拟器和 IOS 版本之间可能有出入。

原文出处:Haike Nan's Blog

原文链接:https://nan.cool/posts/2022/06/06/OSPF-neighbor.html

---------------------------------------------------------------------

本站原创文章仅代表作者观点,不代表运维社区立场。所有原创内容版权均属运维社区,欢迎大家转发分享。但未经授权,严禁任何媒体(平面媒体、网络媒体、自媒体等)以及微信公众号复制、转载、摘编或以其他方式进行使用,转载须注明来自运维社区并附上本文链接。 本站中所有编译类文章仅用于学习和交流目的,编译工作遵照 CC 协议,如果有侵犯到您权益的地方,请及时联系我们。

(0)
上一篇 2022年9月8日 下午2:14
下一篇 2022年9月20日 下午1:49

相关推荐

发表回复

您的电子邮箱地址不会被公开。