Aug
27

Today my routers finally passed the point of no return. Negotiations between R4 and SW4 broke down, and the course of action we were all trying to avoid was now inevitable… all out war.

R4#
%OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 204.12.1.0 type-5 adv-rtr 223.255.255.255 in area 0
%OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 31.2.0.0 type-5 adv-rtr 223.255.255.255 in area 0
%OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 31.3.0.0 type-5 adv-rtr 223.255.255.255 in area 0
%OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 204.12.1.0 type-5 adv-rtr 223.255.255.255 in area 0
%OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 31.2.0.0 type-5 adv-rtr 223.255.255.255 in area 0
%OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 31.3.0.0 type-5 adv-rtr 223.255.255.255 in area 0

Who will be the winner? Only time will tell. What sent them over the edge though? Did the diplomat in charge of DTP negotiation fail?

Be the first person to tell me why R4 and SW4 declared all out WAR on each other and win a $50 amazon gift card! Post your comments now!

Update:

Congratulations to Patrik Berglund, winner of a $50 amazon gift card!

R4 and SW4 declared war on each other because they had duplicate OSPF Router-IDs. When R4 redistributed routes into OSPF, it generated LSA Type-5 routes tagged with its own Router-ID, 223.255.255.255. Per RFC 2328, OSPFv2:

    13.4.  Receiving self-originated LSAs

        It is a common occurrence for a router to receive self-
        originated LSAs via the flooding procedure. A self-originated
        LSA is detected when either 1) the LSA's Advertising Router is
        equal to the router's own Router ID or 2) the LSA is a network-
        LSA and its Link State ID is equal to one of the router's own IP
        interface addresses.

        However, if the received self-originated LSA is newer than the
        last instance that the router actually originated, the router
        must take special action.  The reception of such an LSA
        indicates that there are LSAs in the routing domain that were
        originated by the router before the last time it was restarted.
        In most cases, the router must then advance the LSA's LS
        sequence number one past the received LS sequence number, and
        originate a new instance of the LSA.

        It may be the case the router no longer wishes to originate the
        received LSA. Possible examples include: 1) the LSA is a
        summary-LSA or AS-external-LSA and the router no longer has an
        (advertisable) route to the destination, 2) the LSA is a
        network-LSA but the router is no longer Designated Router for
        the network or 3) the LSA is a network-LSA whose Link State ID
        is one of the router's own IP interface addresses but whose
        Advertising Router is not equal to the router's own Router ID
        (this latter case should be rare, and it indicates that the
        router's Router ID has changed since originating the LSA).  In
        all these cases, instead of updating the LSA, the LSA should be
        flushed from the routing domain by incrementing the received
        LSA's LS age to MaxAge and reflooding (see Section 14.1).

In this case, SW4 received an external LSA with its own Router-ID (223.255.255.255) as the originator ID. Since SW4 didn’t have a route to the destination that it was originating, it thought that it had previously originated the route, lost the route to the destination, and now received an old LSA which was aging out throughout the topology. In response to this SW4 incremented the age of the LSA to MaxAge, effectively poisoning it. When R4 received this back, it thought that its own LSA was somehow aged out, but since it had a route to the destination itself locally still it re-originated the LSA again. The fight between the legitimate route and the MaxAge route continues over and over, resulting in the FLOOD_WAR message on the command line.

For more detailed information and lab scenarios like this check out the new IEWB-RS Volume 1 Version 5.0!

About Brian McGahan, CCIE #8593, CCDE #2013::13:

Brian McGahan was one of the youngest engineers in the world to obtain the CCIE, having achieved his first CCIE in Routing & Switching at the age of 20 in 2002. Brian has been teaching and developing CCIE training courses for over 10 years, and has assisted thousands of engineers in obtaining their CCIE certification. When not teaching or developing new products Brian consults with large ISPs and enterprise customers in the midwest region of the United States.

Find all posts by Brian McGahan, CCIE #8593, CCDE #2013::13 | Visit Website


You can leave a response, or trackback from your own site.

29 Responses to “The War is On Between R4 and SW4!”

 
  1. Patrik Berglund says:

    Duplicate Router-ID?

  2. Patrik Berglund says:

    Actually I found the answer at cisco.com: The error message is due to the some router that is flushing the network LSA because the network LSA received by the router whose LSA ID conflicts with the IP address of one of the router’s interfaces and flushes the LSA out of the network. For OSPF to function correctly the IP addresses of transit networks must be unique. If it is not unique the conflicting routers reports this error message. In the error message the router with the OSPF router ID reported as adv-rtr reports this message.

    Which is not far away from my previous reply… :-)

  3. Derek says:

    R4 & SW4 have the same RID 223.255.255.255

  4. Fred B says:

    Hmm….I will take a stab. Based on Cisco’s System Message Guide – do both R4 & SW4 have the same router-id of 223.255.255.255 configured on both of them?

    %OSPF-4-FLOOD_WAR : Process [dec] [chars] LSA ID [IP_address] type-[dec] adv-rtr [IP_address] in area [chars]

    Explanation Router is extensively re-originating or flushing the LSA reported by this error message.

    Recommended Action

    If this router is re-originating an LSA, highly probably some other router is flushing this LSA out of the network. Find that router and avoid the conflict. Conflict for type-2 LSA may be due to duplicate LSA ID, for type-5 LSA it may be duplicate router-id on the router reporting this error message and on the routers connected to the different area.

  5. NTllect says:

    I haven’t my gear near, so my version is in sync with google’s one – one of devices have the same router-id.

    Or, one of devices receive LSA with router-id which is equal to ip address of one of its interfaces.

    I see type 5, so here redistribution comes into play, probably.

  6. anon says:

    I think because R4 introduced peacemakers in area 0, which SW4 considered as its own

  7. Brett Eschbach says:

    The receiving router has an IP Address equal to the router ID of the LSA be received.

  8. mike says:

    Per error message decoder:

    If this router is flushing the network LSA, it means the router received a network LSA whose LSA ID conflicts with the IP address of one of the router’s interfaces and flushed the LSA out of the network. For OSPF to function correctly the IP addresses of transit networks must be unique. Conflicting routers are the router reporting this error message and the router with the OSPF router ID reported as adv-rtr in this message. If this router is re-originating an LSA, highly probably some other router is flushing this LSA out of the network. Find that router and avoid the conflict. Conflict for type-2 LSA may be due to duplicate LSA ID, for type-5 LSA it may be duplicate router-id on the router reporting this error message and on the routers connected to the different area.In an unstable network, this message may also warn of extensive re-origination of LSA for some other reason. Contact your Cisco technical support representative to investigate such a case.

  9. Diego says:

    Duplicated router id, though.

  10. multiple points of redistribution within the same area.

  11. Dara says:

    hmmm,

    Duplicate RID in your network someplace :| .

    some router (223.255.255.255) that is flushing the LSA because the LSA received by the router whose LSA ID conflicts flushes the LSA out of the network.

  12. Jo says:

    duplicate router id?

  13. Rack009 says:

    The error message is due to the some router that is flushing the network LSA because the network LSA received by the router whose LSA ID conflicts with the IP address of one of the router’s interfaces and flushes the LSA out of the network. For OSPF to function correctly the IP addresses of transit networks must be unique. If it is not unique the conflicting routers reports this error message. In the error message the router with the OSPF router ID reported as adv-rtr reports this message.

  14. bryan says:

    Duplicate Router ID 223.255.255.255!

  15. Shafeeq Shaikh says:

    If i remember correct, this is b/c of the conflicting ip addresses b/w one of the router interface and the LSA ID of type 5 LSA.

  16. Sesano says:

    This is purely a router-id conflicts.

    The ospf process on both devices is likely to have same ospf router-id configured.

  17. Manish Behal says:

    BGP does not accept router-ids higher than 223.255.255.255. This is a OSPFBGP Redistribution issue!

  18. Cham Gill says:

    he error message is due to the some router that is flushing the network LSA because the network LSA received by the router whose LSA ID conflicts with the IP address of one of the router’s interfaces and flushes the LSA out of the network. For OSPF to function correctly the IP addresses of transit networks must be unique. If it is not unique the conflicting routers reports this error message. In the error message the router with the OSPF router ID reported as adv-rtr reports this message.

    http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml#wat

  19. Cham Gill says:

    223.255.255.255 – Conflicting addresses (last class C)

  20. Matt LaSota says:

    Duplicate RID. LSA’s are constantly being re-flooded through the network.

  21. Matt LaSota says:

    Just on another note 223.255.255.255 is the highest possible RID that can be set in OSPF. I suppose good for forcing a DR election without changing the default ip ospf priorities. Just make sure that only one router has this RID.

  22. Thiago says:

    duplicated router-ids?

  23. Thiago says:

    just to complete my answer, duplicated router-ids with the routers in different area.

  24. JB says:

    the boxes receive a lsa with a ip address that is configured on their own interfaces.
    So this means OSPF war between R4 and SW4, since they both claim that ip in the lsa.

  25. Alaaeldin Attia says:

    The router flooding the LSA because it is receiving a LSA ID conflicts with the IP address of one of its interfaces.

    For OSPF to function correctly, the IP addresses of the transit networks must be unique

  26. Bill Creighton says:

    router ID in received LSA is a duplicate of a local interface’s IP address

  27. Ouaja says:

    It seems to be well explicit here !
    %OSPF-4-FLOOD_WAR:
    Process [dec] [chars] LSA ID [IP_address] type-[dec] adv-rtr [IP_address] in area [chars]

    Router is extensively re-originating or flushing the LSA reported by this error message.

    Recommended Action: If this router is flushing the network LSA, it means the router received a network LSA whose LSA ID conflicts with the IP address of one of the router’s interfaces and flushed the LSA out of the network. For OSPF to function correctly the IP addresses of transit networks must be unique. Conflicting routers are the router reporting this error message and the router with the OSPF router ID reported as adv-rtr in this message. If this router is re-originating an LSA, highly probably some other router is flushing this LSA out of the network. Find that router and avoid the conflict. Conflict for type-2 LSA may be due to duplicate LSA ID, for type-5 LSA it may be duplicate router-id on the router reporting this error message and on the routers connected to the different area.In an unstable network, this message may also warn of extensive re-origination of LSA for some other reason.

  28. alvingalang says:

    SW4 is flushing the external LSA to R4. And because the external LSA received by R4 whose LSA ID conflicts with the IP address of one of the R4′s interfaces and flushes the LSA out of the network. I think when you’re doing some maintenance, you did some mistypo on the IP addresses that made duplicate RIDs between R4 and SW4.

 

Leave a Reply

Categories

CCIE Bloggers