This document describes why it is best practice not to use the command ip ospf mtu-ignore.
The article OSPF MTU and LSA Packing Tech Note explains one reason, related to Maximum Transmission Unit (MTU), why the Open Shortest Path First (OSPF) adjacency does not reach the FULL state.
A situation can occur where the interface MTU is at a high value, for example 9000, while the real value of the size of packets that can be forwarded over this interface is 1500.
If there is a mismatch on MTU on both sides of the link where OSPF runs, then the OSPF adjacency will not form because the MTU value is carried in the Database Description (DBD) packets and checked on the other side.
The DBD packet, also specified in RFC 2328, describes the contents of the OSPF link-state database:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version # | 2 | Packet length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Router ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Area ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | AuType |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface MTU | Options |0|0|0|0|0|I|M|MS
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| DD sequence number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+- -+
| |
+- An LSA Header -+
| |
+- -+
| |
+- -+
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... |
Appendix A.3.3. of RFC 2328 describes the interface MTU as: The size in bytes of the largest IP datagram that can be sent out the associated interface, without fragmentation.
Routers that are attached to a link exchange their interface MTU value in DBD packets when the OSPF adjacency is initialized.
Section 10.6 of RFC 2328 states this: If the Interface MTU field in the Database Description packet indicates an IP datagram size that is larger than the router can accept on the receiving interface without fragmentation, the Database Description packet is rejected.
When the debug ip ospf adj command is used, you can see the arrival of these DBD packets.
In this example, there is a mismatch in MTU values between two OSPF neighbors. This router has MTU 1600:
OSPF: Rcv DBD from 10.100.1.2 on GigabitEthernet0/1 seq 0x2124 opt 0x52 flag 0x2
len 1452 mtu 2000 state EXSTART
OSPF: Nbr 10.100.1.2 has larger interface MTU
The other OSPF router has interface MTU 2000:
OSPF: Rcv DBD from 10.100.100.1 on GigabitEthernet0/1 seq 0x89E opt 0x52 flag 0x7
len 32 mtu 1600 state EXCHANGE
OSPF: Nbr 10.100.100.1 has smaller interface MTU
The DBD packets are retransmitted continuously until the OSPF adjacency is eventually torn down.
OSPF: Send DBD to 10.100.1.2 on GigabitEthernet0/1 seq 0x9E6 opt 0x52 flag 0x7
len 32
OSPF: Retransmitting DBD to 10.100.1.2 on GigabitEthernet0/1 [10]
OSPF: Send DBD to 10.100.1.2 on GigabitEthernet0/1 seq 0x9E6 opt 0x52 flag 0x7
len 32
OSPF: Retransmitting DBD to 10.100.1.2 on GigabitEthernet0/1 [11]
%OSPF-5-ADJCHG: Process 1, Nbr 10.100.1.2 on GigabitEthernet0/1 from EXSTART to
DOWN, Neighbor Down: Too many retransmissions
The interface command ip ospf mtu-ignore disables this check of the MTU value in the OSPF DBD packets. Thus, use of this command allows the OSPF adjacency to reach the FULL state even though there is an interface MTU mismatch between two OSPF routers.
This command was introduced with Cisco bug ID CSCdr20891.
This command does affect the actual packet size of the OSPF packets after Cisco bug ID CSCsk86476.
This command does not affect the actual packets size of the transmitted IP packets and it does not affect Path MTU Discovery behavior for traffic that passes through the router. The usage of the command might help to bring up the OSPF adjacency, but the transit traffic through the router can still be impacted for large IP packets.
Before Cisco bug ID CSCse01519, the size of OSPF DBD packets was limited by 1500 bytes. That allowed OSPF to work normally even in a MTU-mismatch situation, when OSPF mtu-ignore functionality was used.
After Cisco bug ID CSCse01519 and the command ip ospf mtu-ignore is not used, it is possible that the OSPF adjacency fails when the actual OSPF packets are larger than 1500 bytes.
After Cisco bug ID CSCse01519 and with the command ip ospf mtu-ignore and before Cisco bug ID CSCsk86476, it could be that large (> 1500 bytes) OSPF packets are dropped. This prevented the OSPF adjacency from reaching the FULL state.
After Cisco bug ID CSCsk86476, if the command ip ospf mtu-ignore is used, then the router falls back to use of one safe maximum MTU value for the OSPF packets. That value is 1300 bytes. Since this value is rather small, this can affect the OSPF flooding. A bigger OSPF packet is more efficient for the OSPF flooding.
The proper solution in all cases is to configure the correct MTU on the interfaces. This MTU value must match on the routers on either side of the link.