Netrider Training – Troubleshoot OSPF

Question Troubleshoot OSPF

This post is about solving or troubleshooting OSPF network. OSPF stand for Open Shortest Path First. It is an adaptive routing protocol for IP network. It uses link state algorithm and operating within a single autonomous system (AS). This question i received for netrider training. So in this post, i’ll share the question and discuss how to solve this question.

Question

Question Troubleshoot OSPF

You are a new network administrator in Company A. Past network administrator has misconfigured OSPF throughout the company network. Besides, he also did disturb some others configuration to burden the new network administrator. Your task is to troubleshoot the network and make sure the OSPF is working fine as before.

In this question, we have no access to the Router A and Router D

Answer

1. You will see red light between Switch B and Router B.
Check
use show ip int brief on the swith will show everything fine
use show ip int brief on the router you will notice administratively down on interface f0/0.
Solution
Just use no shut to that interface and it will be fine.

2. Since the question about ospf, so we will check the ospf connection.

Check on Router B.
Use command show ip route and you will see there is only connected network and no ospf network.
Use show ip ospf neighbor will not display anything.
use show ip protocols and you will see each ospf network has been correctly configured
use show run and you will see the same about the ospf network correctly configured. However you should notice on the interface has been configured with authentication. If the authentication key is wrong, then it might the reason why the ospf not exchanging information.

So here come the useful and dangerous command which is debug. Since we want to debug the ospf problem, the command will be debug ip ospf event. Take note that debug ip ospf neighbor will be useless since there is no neighbor already established.
From the debug output, you actually able to see 2 problems which are Mismatched hello parameter and Mismatch Authentication Key. However we solve one problem at a time.

Solving Hello Interval
Actually 10 seconds is the default hello interval which is applied at Router B. However Since we don’t have access to router A, we configure Router B according to Router A to make sure the hello interval is the same between the two router.
Please remember extra ospf configuration such as hello time, authentication key and etc is not configured on the ospf configuration itself but on the interface involve.
So, go to interface s0/0/0 configuration and use command ip ospf hello-interval 5. 5 is the interval time that used by Router A.

Solving Authentication Key
Second problem detected on the debug output is mismatched authentication key. This problem related to the network between Router B and Router C. Simplest way is to use show run on Router B and Router C to check the key used by both routers. You may do the changes either on Router B or Router C. Just go to the right interface configuration and use command ip ospf authentication-key RC-RB where RC-RB is the authentication key used.

Confirmation
USe show ip route and show ip ospf neighbor command. You will see ospf network and ospf neighbor on Router B. So, Router B network problem solved

3. Next, you will see red light between Switch C and PC C. Checking the switch configuration using show ip interface brief will lead you to nothing. Everything look fine. So, you must check the PC since the connection problem appeared between the swithch and the PC. You will notice actually the PC is not turn on. Turn it on and the green light will appear.

4. On Router C, again use show ip ospf neighbor and you will notice there’s only one neighbor. So, you should be aware there’s no connection to Router D directly. However you may successfully ping to Router D because of the ospf network that has been established on the other path. It means the packet will use path from Router c to Router B and finally to Router A. You may check this using traceroute command on Router C. Traceroute 172.16.1.2 where 172.16.1.2 is the interface on Router D.

So in order to solve this, again you may check ospf configuration using show ip ospf protocol first. You’ll see all the network has been properly configures. You might need to run debug ip ospf event. Then you’ll notice “Mismatched hello parameters from 172.16.2.1”. You can see that the dead interval receive from Router D is 50 while Router C using only 40. Since you can’t make adjustment to Router D, you need to change the dead interval on Router C to 50. Go to interface s0/0/1 configuration, and use command ip ospf dead-interval 50 where 50 is the time that we use to match with Router D.

To confirm, again type show ip ospf neighbor and you’ll see you have two neighbors.

Note: when you type show ip ospf neighbor, the ip address that appeared is 172.16.4.2 instead of 172.16.3.0 for Router B. The reason why this happening is because 172.16.4.2 is more higher that 172.16.3.0. Remember in OSPF, the procedure of choosing router id is first based on router-id command, then the loopback interface and finally the highest active ip address of any single interface.

5. Finally you will be able to ping from one PC to another except to PC D. So, we try to ping to the router for PC D network which is Router D. The ping will be successful. So the problem is between the Router D and PC D although the light is green. Since we don’t have access to Router D, so absolutely nothing can be change on the router.

The culprit behind this is the IP adress of PC D. It is not on the same network with Router D. So just change it to one of the IP address on network 10.10.20.0/24 such as 10.10.20.254 and it will be good.

So you can ping from one PC to another perfectly.Take note that if you type show ip route on Router B, you’ll notice two path with same administrative distance and cost to Router D. So do from Router C to Router A. This is due to load balance concept used by OSPF.

Congartulations. It’s all solved

You may download the OSPF question below.

Training – Netrider OSPF Question

Thank You.

 

Sharing is Caring

Leave a Reply

Your email address will not be published. Required fields are marked *