When you get a MTU Mismatch in OSPF….

…you will always see that the adjacency will stuck in ExStart/ExChange.

OSPF doesn’t check the configured MTU size on an interface with the hello packets. But it must make sure, that the OSPF database exchange works completly. To avoid an MTU problem, the MTU will be exchanged in the Database Description (DBD) packets. If the MTU doesn’t match (RFC 2328 section 10.6) the routers never start exchanging Link-State Advertisements (LSA).

The reason:
OSPF itself doesn’t define a fragmention, but every OSPF router should be able to split multiple LSAs into several packets (see RFC 2328 Appendix A.1).  The size of these LSAs is determined by the MTU of your outgoing interface. To avoid fragementation your router will always build smaller LSAs to fit into MTU.  But if your packets will be bigger as your neighbor could receive, they got lost and your neighbor could never get your database. 

Here is an example of an MTU mismatch beween R1 and R2.

MTU Mismatch between R1 and R2
MTU Mismatch between R1 and R2

We see that both routers stuck in ExStart:

admin@router> show ospf neighbor logical-system R1
Address Interface State ID Pri Dead
10.0.1.2 fe-0/2/2.50 ExStart 10.0.2.2 128 36

admin@router> show ospf neighbor logical-system R2
Address Interface State ID Pri Dead
10.0.1.1 fe-0/2/3.50 ExStart 10.0.2.1 128 35

The „show ospf interface“ command give us some hints:

admin@router> show ospf interface detail logical-system R1
Interface State Area DR ID BDR ID Nbrs
fe-0/2/2.50 BDR 0.0.0.0 10.0.2.2 10.0.2.1 1
 Type: LAN, Address: 10.0.1.1, Mask: 255.255.255.252, MTU: 1200, Cost: 1
 DR addr: 10.0.1.2, BDR addr: 10.0.1.1, Priority: 128
 Adj count: 0
 Hello: 10, Dead: 40, ReXmit: 5, Not Stub
 Auth type: None
 Protection type: None
 Topology default (ID 0) -> Cost: 1

admin@router> show ospf interface detail logical-system R2
Interface State Area DR ID BDR ID Nbrs
fe-0/2/3.50 DR 0.0.0.0 10.0.2.2 10.0.2.1 1
 Type: LAN, Address: 10.0.1.2, Mask: 255.255.255.252, MTU: 1500, Cost: 1
 DR addr: 10.0.1.2, BDR addr: 10.0.1.1, Priority: 128
 Adj count: 0
 Hello: 10, Dead: 40, ReXmit: 5, Not Stub
 Auth type: None
 Protection type: None
 Topology default (ID 0) -> Cost: 1
fe-0/2/3.53 Down 0.0.0.0 0.0.0.0 0.0.0

And we can see it in tcpdump in the DBD but not in the Hello packets:

admin@router> monitor traffic interface fe-0/2/3.50 no-resolve detail Address resolution is OFF. Listening on fe-0/2/3.50, capture size 1514 bytes

13:03:15.100618 In IP (tos 0xc0, ttl 1, id 23483, offset 0, flags [none], proto: OSPF (89), length: 68) 10.0.1.1 > 224.0.0.5: OSPFv2, Hello, length 48 Router-ID 10.0.2.1, Backbone Area, Authentication Type: none (0) Options [External] Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 128 Designated Router 10.0.1.2, Backup Designated Router 10.0.1.1 Neighbor List: 10.0.2.2

13:03:18.269589 Out IP (tos 0xc0, ttl 1, id 23514, offset 0, flags [none], proto: OSPF (89), length: 68) 10.0.1.2 > 224.0.0.5: OSPFv2, Hello, length 48 Router-ID 10.0.2.2, Backbone Area, Authentication Type: none (0) Options [External] Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 128 Designated Router 10.0.1.2, Backup Designated Router 10.0.1.1 Neighbor List: 10.0.2.1

13:03:18.301879 Out IP (tos 0xc0, ttl 1, id 23517, offset 0, flags [none], proto: OSPF (89), length: 52) 10.0.1.2 > 10.0.1.1: OSPFv2, Database Description, length 32 Router-ID 10.0.2.2, Backbone Area, Authentication Type: none (0) Options [External, Opaque], DD Flags [Init, More, Master], MTU: 1500, Sequence: 0x0a01e9de

13:03:18.623449 In IP (tos 0xc0, ttl 1, id 23520, offset 0, flags [none], proto: OSPF (89), length: 52) 10.0.1.1 > 10.0.1.2: OSPFv2, Database Description, length 32 Router-ID 10.0.2.1, Backbone Area, Authentication Type: none (0) Options [External, Opaque], DD Flags [Init, More, Master], MTU: 1200, Sequence: 0x0a01cae3

 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.