Hi,
Anyone have any experience with the LLS (L-bit) that most Cisco will have enabled default. As far as I can see in the logs my Cisco box will send with option 0x52, and the Fortigate will send with option 0x42 (that I figure is the LLS option)
I am having issues with ospf flapping massivly between loading/full on the Cisco end - and was wondering if anyone else have looked into this..and if it do have an impact ?
Hi Vince,
i dubt that having L-bit set in Hello/DBD packets it's the main issue and personally never had a interoperability problem (cisco,hpe,dell/force10,fortigate shop here) since as per RF2328/4813 if the router does not implement LLS extensions at minumum simply ignore L-bit and if support some standard or private extensions (NSF,Gracefull Restart,ecc) it can check/parse TLVs to see if it's supported....
but you can always turn off LLS per interface basis if you want a direct confirmation that's an interoperability bug/issue.
Anyway maybe knowing the cisco IOS/NX and FOS version can help and the output of
on cisco:
show ip ospf neighbor CISCO_INT detail
show ip ospf interface CISCO_INT detail
on FGT:
get router info ospf interface FGT_INT_NAME
get router info ospf nei detail all
since your the adjacency it's formed and not stucked before FULL state but it's flapping i'm expecting that you have exeeded retrasmissions or there is another trasmission problem
another good idea it's to turn on
debug ip ospf adj
Other questions:
- have you Gracefull restart enabled ? and if yes how it's configured on cisco and fortigate? LLS or Opaque LSA ?
- are you establish an adj via virtual link ?
- message digest auth ?
- bfd enabled ?
Well...enogh questions for now =)
Regards,
Antonio
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
