3.8 OSPF Troubleshooting Scenarios
Key Takeaways
- If OSPF neighbors are stuck in INIT, there is one-way communication — check ACLs, interface type, or authentication.
- Neighbors stuck in EXSTART/EXCHANGE usually indicates an MTU mismatch between the two interfaces.
- Missing OSPF routes often mean a missing network statement or the interface is passive.
- DR/BDR election issues occur when priority is misconfigured or the wrong switch is root.
- Always verify: area match, timer match, authentication match, subnet match, and MTU match.
OSPF Troubleshooting Scenarios
OSPF troubleshooting is a favorite topic on the CCNA exam. You will likely see at least one scenario where you must identify why OSPF is not working correctly.
Scenario 1: No OSPF Neighbor Seen
Symptoms: show ip ospf neighbor shows no neighbors.
Troubleshooting checklist:
- Is OSPF enabled on the interface? →
show ip ospf interface brief - Is the interface passive? →
show ip protocols(lists passive interfaces) - Are the interfaces in the same subnet? →
show ip interface brief - Is the interface up/up? →
show ip interface brief - Are Hello packets being sent? →
debug ip ospf hello - Is an ACL blocking OSPF (protocol 89)? →
show access-lists - Is OSPF authentication configured on one side but not the other?
Scenario 2: Neighbor Stuck in INIT State
Symptoms: Neighbor appears in show ip ospf neighbor but state remains Init.
Cause: One-way communication — your router sees the neighbor's Hello but the neighbor doesn't see yours (or vice versa).
Common causes:
- ACL blocking OSPF on one direction
- Asymmetric routing
- Firewall between OSPF routers
- Multicast not working properly on one side
Scenario 3: Neighbor Stuck in EXSTART/EXCHANGE
Symptoms: Neighbor state never progresses past ExStart or Exchange.
Cause: Almost always an MTU mismatch. The two interfaces have different MTU values, causing DBD exchange to fail.
Fix: Set matching MTU on both interfaces:
Router(config-if)# ip mtu 1500
Or disable MTU check (not recommended in production):
Router(config-if)# ip ospf mtu-ignore
Scenario 4: Neighbor Formed but Routes Missing
Symptoms: OSPF neighbor is Full, but expected routes are not in the routing table.
Possible causes:
- The remote router doesn't have a
networkstatement for that subnet - The remote interface is passive
- Route filtering is applied
- The route exists but a better (lower AD) route is preferred
Scenario 5: Suboptimal Path Selection
Symptoms: Traffic takes a longer path than expected.
Cause: OSPF cost calculation is wrong, usually because the reference bandwidth doesn't differentiate between link speeds.
Fix: Set the reference bandwidth consistently on all routers:
Router(config-router)# auto-cost reference-bandwidth 10000
Quick OSPF Troubleshooting Reference
| Neighbor State | Meaning | Likely Issue |
|---|---|---|
| — (no neighbor) | No Hellos received | Interface down, passive, wrong area, ACL blocking |
| Init | One-way Hello seen | ACL, firewall, multicast issue |
| 2-Way | Normal for DROther pairs | Not a problem (only DR/BDR reach Full) |
| ExStart | DBD negotiation stuck | MTU mismatch |
| Full | Complete adjacency | Normal — working correctly |
On the Exam: When troubleshooting OSPF, always verify the five matching requirements: area ID, Hello/Dead timers, authentication, subnet/mask, and MTU. These cover the vast majority of OSPF neighbor issues.
An OSPF neighbor relationship is stuck in the ExStart state. What is the most likely cause?
An OSPF neighbor shows state "Full/DR" while another shows "2-Way/DROther". Is this normal?