This document describes how a router that runs Open Shortest Path First (OSPF) selects a router ID, in what packets this value is sent, and how to troubleshoot router log messages that report duplicate IDs.
Cisco recommends that you have knowledge of these topics:
IP routing protocols
OSPF routing protocols
The information in this document is based on the Cisco IOS® Software Release 12.2.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
This configuration can also be used with these hardware and software versions:
All routers, such as the 2500 and 2600 series
Layer 3 switches
Refer to Cisco Technical Tips Conventions for more information on document conventions.
By default, when the OSPF process initializes, it selects the highest IP address on a router as the router ID for the OSPF process. The router ID uniquely identifies a router within an OSPF domain.
As explained in Configuring OSPF, OSPF uses the largest IP address configured on the interfaces as its router ID. If the interface associated with this IP address is ever brought down, or if the address is removed, the OSPF process must recalculate a new router ID and resend all its routing information out its interfaces.
If a loopback interface is configured with an IP address, the Cisco IOS software uses this IP address as its router ID, even if other interfaces have larger IP addresses. Greater stability in the routing table is achieved, because loopback interfaces never go down.
OSPF automatically prefers a loopback interface over any other kind, and it chooses the highest IP address among all loopback interfaces. If there are no loopback interfaces present, the highest IP address in the router is chosen. The OSPF cannot be directed to use any particular interface. Once the router ID is elected, it does not change unless the OSPF process restarts or the router is reloaded.
Note: If there is not an interface with a valid IP address in an up/up state when it starts, OSPF reports can't allocate router-id error messages to the log.
These commands are used in order to view the router ID.
R2-AGS#show ip ospf interface e0 Ethernet0 is up, line protocol is up Internet Address 1.1.1.2 255.255.255.0, Area 0 Process ID 1, Router ID 5.5.5.5, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State BDR, Priority 1 Designated Router (ID) 6.6.6.6, Interface address 1.1.1.1 Backup Designated router (ID) 5.5.5.5, Interface address 1.1.1.2 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 0:00:07 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 6.6.6.6 (Designated Router)
The default behavior of the selection of the highest IP address on a router as the router ID can be changed with the use of the router-id OSPF command introduced in Cisco IOS Software Release 12.0(1)T. Refer to Cisco bug ID CSCdi38380 (registered customers only) for more information. With the OSPF router-id command, the router ID of the OSPF process is the one manually selected. In this example, the router ID for the OSPF process is 10.10.10.10.
! router ospf 100 router-id 10.10.10.10
The show ip ospf database command can also be used as in this example in order to check the router ID:
Router#show ip ospf database OSPF Router with ID (10.10.10.10) (Process ID 100)
Before the resolution of the duplicate router IDs with OSPF can be explained, you need to understand the five OSPF packet types. These are the packet types:
Hello
Database Description (DD)
Link State Request
Link State Update
Link State Acknowledgment
All OSPF packets begin with a standard 24-octet header. Note that the header includes a Router ID field, which indicates the unique ID of the route originating the OSPF packet.
Version | Type | Packet Length |
Router ID |
Area ID |
Checksum | AuType |
Authentication |
Authentication |
Packet Data |
Typically, OSPF packets carry Link-State Advertisements (LSAs), which describe all of the links or interfaces of the router, and the state of the links. While all LSAs start with the same header, these three fields identifies a single LSA:
Type
Link State ID
Advertising Router
OSPF uses Link State Update packets to flood LSAs and send LSAs in response to Link State Requests. An OSPF neighbor is responsible for reencapsulating the appropriate LSAs in new Update packets for further flooding in order to propagate OSPF LSAs beyond the network on which they were originated. Thus, a duplicate router ID can be detected by, and propagated by multiple routers.
Complete these steps in order to determine if there is a duplicate router ID:
Execute the show ip ospf database router x.x.x.x command on the router that should have this ID. This command displays the contents of a router LSA (Type 1), which advertises a router and all of its directly connected interfaces. Understand the interface list of the router and the assigned IP addresses.
Execute the show ip ospf database router x.x.x.x command a few times on the router that reports the duplicate. The Shortest Path First (SPF) algorithm can run as frequently as once every 10 seconds.
If you capture these commands, you should be able to catch information that changes. This example is an output of the show ip ospf database router command.
r2.2.2.2#show ip ospf database router 1.1.1.1 OSPF Router with ID (2.2.2.2) (Process ID 2) Router Link States (Area 0) LS age: 279 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 1.1.1.1 !--- For router links, the Link State ID is always the same as the !--- advertising router (next line). Advertising Router: 1.1.1.1 !--- This is the router ID of the router which created !--- this LSA. LS Seq Number: 8000001A Checksum: 0xA6FA Length: 48 Number of Links: 2 Link connected to: another Router (point-to-point) !--- This line shows that this router (1.1.1.1) is a neighbor !--- with 2.2.2.2. (Link ID) Neighboring Router ID: 2.2.2.2 (Link Data) Router Interface address: 0.0.0.12 !--- In case of an unnumbered link, use the Management Information !--- Base (MIB) II IfIndex value, which usually starts with 0. Number of TOS metrics: 0 TOS 0 Metrics: 64 !--- This is the OSPF cost of the link that connects the two routers. Link connected to: a Stub Network !--- This entry represents the Ethernet segment 4.0.0.0/8. (Link ID) Network/subnet number: 4.0.0.0 (Link Data) Network Mask: 255.0.0.0 Number of TOS metrics: 0 TOS 0 Metrics: 10 !--- This is the OSPF cost of the Ethernet segment.
When two routers use the same router ID in an OSPF domain, routing possibly does not work correctly. Cisco bug IDs CSCdr61598 (registered customers only) and CSCdu08678 (registered customers only) enhance the detection and reporting mechanisms of duplicate router IDs. Access the Bug Toolkit (registered customers only) in order to view additional information about these Cisco bug IDs. There are two duplicate router ID types:
Area duplicate router ID
%OSPF-4-DUP_RTRID1: Detected router with duplicate router ID 100.0.0.2 in area 0
Explanation—OSPF detected a router that has the same router ID in the area.
Recommended Action—The OSPF router ID should be unique. Make sure all routers in the area have unique router ID.
Type 4 LSA
%OSPF-4-DUP_RTRID2: Detected router with duplicate router ID 100.0.0.2 in Type-4 LSA advertised by 100.0.0.1
Explanation—OSPF detected a router that has the same router ID in the other area. This router is advertised in Type-4 LSA.
Recommended Action—The OSPF router ID should be unique. Make sure all Autonomous System Border Routers (ASBRs) in remote areas have a unique router ID.
When a router acts as both an Area Border Router (ABR) and an ASBR in an OSPF domain, false reports of duplicate router IDs can occur, as shown in this example log message.
OSPF-4-DUP_RTRID_AS Detected router with duplicate router ID 10.97.10.2 in Type-4 LSA advertised by 10.97.20.2
Cisco bug ID CSCdu71404 (registered customers only) resolves this problem of OSPF domain-wide detection.
If a router receives a Type 4 LSA and the Link State ID equals the router ID and the router is not an ABR, then a valid router ID duplication in the remote area occurs, and the error message should be logged.
If the router is not an ABR, it can receive a Type 4 LSA which tells it about itself from the other ABR. This condition does not represent a duplicate router ID problem, and the error message should not be logged.
A Type 4 LSA is also known as an ASBR Summary LSA. Issue the show ip ospf database asbr-summary command in order to observe these LSAs, as shown in this example.
The ABR creates (Type 4) ASBR Summary LSAs in order to advertise reachability of an ASBR into other areas.
r2.2.2.2#show ip ospf database asbr-summary 1.1.1.1 OSPF Router with ID (2.2.2.2) (Process ID 2) Summary ASB Link States (Area 0) LS age: 266 Options: (No TOS-capability, DC) LS Type: Summary Links(AS Boundary Router) Link State ID: 1.1.1.1 (AS Boundary Router address) !--- ABR (Router 2.2.2.2) advertises that it knows how !--- to reach the ASBR (Router 1.1.1.1). Advertising Router: 2.2.2.2 LS Seq Number: 80000001 Checksum: 0x935C Length: 28 Network Mask: /0 TOS: 0 Metric: 64 !--- This is the cost of ABR to reach the ASBR.
If the LSA is a Type 4, the Link State ID is the router ID of the ASBR that is advertised. Refer to How OSPF Propagates External Routes into Multiple Areas for more information.
The troubleshooting was done with a Cisco IOS software release released before the Cisco bug ID CSCdr61598 (registered customers only) and Cisco bug ID CSCdu08678 (registered customers only) integration.
This image is a representation of the single area network described in these steps.
Issue the show proc cpu | include OSPF command. This allows you to see the OSPF processes that utilize the CPU.
r4#show proc cpu | include OSPF 3 4704 473 9945 1.38% 0.81% 0.68% 0 OSPF Hello 71 9956 1012 9837 1.47% 1.62% 1.41% 0 OSPF Router
As seen in the previous example, there is high CPU for OSPF. This shows that there must be something wrong with either the link stability or a duplicate router-id.
Issue the show ip ospf statistics command. This allows you to see if the SPF algorithm is run more than ordinary.
r4#show ip ospf statistics Area 0: SPF algorithm executed 46 times SPF calculation time Delta T Intra D-Intra Summ D-Summ Ext D-Ext Total Reason 00:01:36 0 0 0 0 0 0 0 N, 00:01:26 0 0 0 0 0 0 0 R, N, 00:01:16 0 0 0 0 0 0 0 R, N, 00:01:06 0 0 0 0 0 0 0 R, N, 00:00:56 0 0 0 0 0 0 0 R, N, 00:00:46 0 0 0 0 0 0 0 R, N, 00:00:36 0 0 0 0 0 0 0 R, N, kmbgvc 00:00:26 0 0 0 0 0 0 0 R, N, 00:00:16 0 0 0 0 0 0 0 R, N, 00:00:06 0 0 0 0 0 0 0 R, N,
The show ip ospf statistics command shows that recalculation of SPF is done every 10 seconds, as seen in the previous example. It is triggered by the router and network LSA. There is a problem in the same area as the current router.
Issue the show ip ospf database command.
r4#show ip ospf database OSPF Router with ID (50.0.0.4) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 50.0.0.1 50.0.0.1 681 0x80000002 0x7E9D 3 50.0.0.2 50.0.0.2 674 0x80000004 0x2414 5 50.0.0.4 50.0.0.4 705 0x80000003 0x83D 4 50.0.0.5 50.0.0.5 706 0x80000003 0x5C24 6 50.0.0.6 50.0.0.6 16 0x80000095 0xAF63 6 50.0.0.7 50.0.0.7 577 0x80000005 0x86D5 8 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 192.168.2.6 50.0.0.6 6 0x8000007A 0xABC7
The show ip ospf database command shows that one LSA is newer (age 16) and its sequence number is much higher then the other LSAs in the same OSPF database. You need to figure out which router sent this LSA. Since it is in the same area, the advertising router id is known (50.0.0.6). It is more probable that this router ID is duplicated. You need to find out which other router has the same router-id.
This example shows several instances of the show ip ospf database command.
r4#show ip ospf database router adv-router 50.0.0.6 OSPF Router with ID (50.0.0.4) (Process ID 1) Router Link States (Area 0) LS age: 11 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 50.0.0.6 Advertising Router: 50.0.0.6 LS Seq Number: 800000C0 Checksum: 0x6498 Length: 72 Number of Links: 4 Link connected to: a Transit Network (Link ID) Designated Router address: 192.168.2.6 (Link Data) Router Interface address: 192.168.2.6 Number of TOS metrics: 0 TOS 0 Metrics: 10 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 50.0.0.7 (Link Data) Router Interface address: 192.168.0.21 Number of TOS metrics: 0 TOS 0 Metrics: 64 Link connected to: a Stub Network (Link ID) Network/subnet number: 192.168.0.20 (Link Data) Network Mask: 255.255.255.252 Number of TOS metrics: 0 TOS 0 Metrics: 64 Link connected to: a Stub Network (Link ID) Network/subnet number: 50.0.0.6 (Link Data) Network Mask: 255.255.255.255 Number of TOS metrics: 0 TOS 0 Metrics: 1 r4#show ip ospf database router adv-router 50.0.0.6 OSPF Router with ID (50.0.0.4) (Process ID 1) Router Link States (Area 0) LS age: 7 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 50.0.0.6 Advertising Router: 50.0.0.6 LS Seq Number: 800000C7 !--- The sequence number has increased. Checksum: 0x4B95 Length: 96 Number of Links: 6 !--- The number of links has increased although the network has been stable. Link connected to: a Stub Network (Link ID) Network/subnet number: 192.168.3.0 (Link Data) Network Mask: 255.255.255.0 Number of TOS metrics: 0 TOS 0 Metrics: 10 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 50.0.0.5 (Link Data) Router Interface address: 192.168.0.9 Number of TOS metrics: 0 TOS 0 Metrics: 64 Link connected to: a Stub Network (Link ID) Network/subnet number: 192.168.0.8 (Link Data) Network Mask: 255.255.255.252 Number of TOS metrics: 0 TOS 0 Metrics: 64 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 50.0.0.2 (Link Data) Router Interface address: 192.168.0.2 Number of TOS metrics: 0 TOS 0 Metrics: 64 Link connected to: a Stub Network (Link ID) Network/subnet number: 192.168.0.0 (Link Data) Network Mask: 255.255.255.252 Number of TOS metrics: 0 TOS 0 Metrics: 64 Link connected to: a Stub Network (Link ID) Network/subnet number: 50.0.0.6 (Link Data) Network Mask: 255.255.255.255 Number of TOS metrics: 0 TOS 0 Metrics: 1
If you know your network, you can find which router advertises those links. The first previous output shows that the LSAs are sent by a router with OSPF neighbors 50.0.0.7, whereas the second output shows neighbors 50.0.0.5 and 50.0.0.6. Issue the show ip ospf command in order to find those routers and access them in order to verify their OSPF router-id. In this example setup, they are R6 and R3.
3>show ip ospf Routing Process "ospf 1" with ID 50.0.0.6 Supports only single TOS(TOS0) routes Supports opaque LSA r6#show ip ospf Routing Process "ospf 1" with ID 50.0.0.6 Supports only single TOS(TOS0) routes Supports opaque LSA
Issue the show run | beg router ospf command in order to check the configuration that starts at the OSPF configuration.
R6#show run | include router ospf router ospf 1 router-id 50.0.0.6 log-adjacency-changes network 50.0.0.0 0.0.0.255 area 0 network 192.168.0.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 r3#show run | begin router ospf router ospf 1 log-adjacency-changes network 50.0.0.0 0.0.0.255 area 0 network 192.168.0.0 0.0.0.255 area 0 network 192.168.3.0 0.0.0.255 area 0
In the previous example, the router-id command was removed and the OSPF process was not restarted. The same problem can also result from a loopback interface that is removed and configured somewhere else.
Issue the clear ip ospf 1 process command and the show ip ospf command in order to clear the process.
r3#clear ip ospf 1 process Reset OSPF process? [no]: y r3#show ip ospf Routing Process "ospf 1" with ID 50.0.0.6 Supports only single TOS(TOS0) routes Supports opaque LSA
As shown in the previous example, the wrong IP address still appears.
Issue the show ip int brie command in order to check the interface.
r3#show ip int brie Interface IP-Address OK? Method Status Protocol Ethernet0/0 192.168.3.1 YES NVRAM up up Serial1/0 192.168.0.2 YES NVRAM up up Serial2/0 192.168.0.9 YES NVRAM up up Loopback0 unassigned YES NVRAM up up Loopback1 50.0.0.6 YES NVRAM up up !--- The highest Loopback IP address
In order to correct the problem, make sure that either the highest loopback configured on the router is unique in your OSPF network, or configure statically the router-id with the router-id <ip address> command under the OSPF router configuration mode.
The symptoms of these problems are that the external route, which is learned through the redistribution from static into OSPF process by R6, ASBR router flaps from the routing table on all routers within OSPF Area 0. The external route is 120.0.0.0/16 and the problem is noticed on Router 5 in Area 0. Start to troubleshoot from there.
Issue the show ip route command a few times consecutively in order to see the symptom.
r5#show ip route 120.0.0.0 Routing entry for 120.0.0.0/16, 1 known subnets O E2 120.0.0.0 [110/20] via 192.168.0.9, 00:00:03, Serial2/0 r5#show ip route 120.0.0.0 % Network not in table r5#
Take a look at the OSPF database in order to check whether the LSA is received. If you issue the show ip ospf database command several times in a row, you notice that the LSA is received by two routers, 50.0.0.6 and 50.0.0.7. If you look at the age of the second entry, if present, you notice that its value changes dramatically.
r5#show ip ospf database | begin Type-5 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 120.0.0.0 50.0.0.6 2598 0x80000001 0xE10E 0 120.0.0.0 50.0.0.7 13 0x80000105 0xD019 0 r5#show ip ospf database | begin Type-5 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 120.0.0.0 50.0.0.6 2599 0x80000001 0xE10E 0 120.0.0.0 50.0.0.7 14 0x80000105 0xD019 0 r5#show ip ospf database | begin Type-5 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 120.0.0.0 50.0.0.6 2600 0x80000001 0xE10E 0 120.0.0.0 50.0.0.7 3601 0x80000106 0x6F6 0 r5#show ip ospf database | begin Type-5 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 120.0.0.0 50.0.0.6 2602 0x80000001 0xE10E 0 r5#show ip ospf database | begin Type-5 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 120.0.0.0 50.0.0.6 2603 0x80000001 0xE10E 0 r5#
You also notice strange behavior if you look at the sequence number for the LSAs that are received from 50.0.07, which is the advertising router. Review what other LSAs are received from 50.0.0.7. If you issue the show ip ospf database adv-router 50.0.0.7 command several times in a row, the entries vary quickly, as shown in this example.
r5#show ip ospf database adv-router 50.0.0.7 OSPF Router with ID (50.0.0.5) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 50.0.0.7 50.0.0.7 307 0x8000000D 0xDF45 6 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 120.0.0.0 50.0.0.7 9 0x8000011B 0xA42F 0 r5#show ip ospf database network adv-router 50.0.0.7 OSPF Router with ID (50.0.0.5) (Process ID 1) r5#show ip ospf database network adv-router 50.0.0.7 OSPF Router with ID (50.0.0.5) (Process ID 1)
This last output does not show anything. Either the route is flapping or there is a problem of another kind, most probably a duplicate router ID within the OSPF domain.
Issue the show ip ospf database command in order to view the external LSAs advertised by 50.0.0.7.
r5#show ip ospf database external adv-router 50.0.0.7 OSPF Router with ID (50.0.0.5) (Process ID 1) Type-5 AS External Link States Delete flag is set for this LSA LS age: MAXAGE(3600) Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 120.0.0.0 (External Network Number ) Advertising Router: 50.0.0.7 LS Seq Number: 80000136 Checksum: 0xA527 Length: 36 Network Mask: /16 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 16777215 Forward Address: 0.0.0.0 External Route Tag: 0 r5#show ip ospf database external adv-router 50.0.0.7 OSPF Router with ID (50.0.0.5) (Process ID 1) r5#
Look at the SPF calculation reasons in order to verify this. X means that SPF runs every 10 seconds because of an External LSA (type 5) flap and indeed, you see that SPF runs.
r5#show ip ospf statistic Area 0: SPF algorithm executed 2 times SPF calculation time Delta T Intra D-Intra Summ D-Summ Ext D-Ext Total Reason 00:47:23 0 0 0 0 0 0 0 X 00:46:33 0 0 0 0 0 0 0 X 00:33:21 0 0 0 0 0 0 0 X 00:32:05 0 0 0 0 0 0 0 X 00:10:13 0 0 0 0 0 0 0 R, SN, X 00:10:03 0 0 0 0 0 0 0 R, SN, X 00:09:53 0 0 0 0 0 0 0 R, 00:09:43 0 0 0 0 0 0 0 R, SN, X 00:09:33 0 0 0 0 0 0 0 X 00:09:23 0 0 0 0 0 0 0 X
It is known that the problem is outside the current area. Turn your focus on the ABR. Telnet to the ABR Router 2 in order to have more visibility on other areas than OSPF area 0. Issue the show ip ospf border-routers and show ip ospf database network adv-router commands.
r2#show ip ospf border-routers OSPF Process 1 internal Routing Table Codes: i - Intra-area route, I - Inter-area route i 50.0.0.7 [20] via 192.168.2.1, Ethernet0/0, ASBR, Area 1, SPF 25 r2#show ip ospf database network adv-router 50.0.0.7 OSPF Router with ID (50.0.0.2) (Process ID 1) Net Link States (Area 1) Routing Bit Set on this LSA LS age: 701 Options: (No TOS-capability, DC) LS Type: Network Links Link State ID: 192.168.1.2 (address of Designated Router) Advertising Router: 50.0.0.7 LS Seq Number: 80000001 Checksum: 0xBC6B Length: 32 Network Mask: /24 Attached Router: 50.0.0.7 Attached Router: 50.0.0.1
The faulty router is on the same LAN as 50.0.0.1. It must be Router 6. Issue the show ip ospf command.
r6#show ip ospf Routing Process "ospf 1" with ID 50.0.0.7 Supports only single TOS(TOS0) routes Supports opaque LSA It is an autonomous system boundary router.
Once the faulty router is found, refer to the Single Area Network section of this document to correct the problem.
The %OSPF-4-FLOOD_WAR: Process 60500 flushes LSA ID 10.35.70.4 type-5 adv-rtr 10.40.0.105 in area 10.40.0.0 error message is received.
This error message states that the router originates or flushes LSA at a high rate. A typical scenario in a network may be where one router in the network originates LSA and the second router flushes that LSA. A detailed description of this error message is provided here:
Process 60500 - The OSPF process that reports the error. In this example, the process ID is 60500.
re-originates or flushes (keyword) - Indicates if the router originates LSA or flushes. In this error message, the router flushes LSA.
LSA ID 10.35.70.4 - Link state ID for which a flood war is detected. In this example, it is 10.35.70.4.
type -5 - LSA type. This example has a Type 5 LSA.
Note: A flood war has a different root cause for every LSA.
adv-rtr - Router which originates LSA (that is, 10.40.0.105).
Area - Area to which the LSA belongs. In this example, the LSA belongs to 10.40.0.0.
Solution
Note the Type specifics of this error; in this example, type-5. This designation means there are duplicate router IDs on two routers located in the different areas. As a result, it is necessary to change the router ID on one of the routers.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
24-Apr-2012 |
Initial Release |