FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
lestopace
Staff
Staff
Description This article describes the OSPF behavior when introducing a new router that has a higher router ID and priority to the OSPF neighborship in the same broadcast domain.
Scope FortiGate.
Solution

Problem.

In the following scenario, VDOM1 and VDOM2 have already formed OSPF neighbors between each other before the root was introduced.

 

VDOM2 is the Designated Router(DR) due to having a higher router ID while VDOM1 is the Backup Designated Router(BDR).

 

VDOM1.

 

lestopace_0-1663131750747.png

 

VDOM2.

 

lestopace_1-1663131792803.png

 

After introducing root VDOM to the same OSPF area, even though root VDOM has higher priority and router-id, VDOM2 was still the DR and VDOM1 was still the BDR.

 

lestopace_2-1663138801287.png

 

lestopace_0-1663137393314.png

 

This is because during init state, VDOM1 and VDOM2 have already informed the root of the current DR and BDR.

 

lestopace_3-1663139420670.png

 

This is in accordance to the RFC 2328:

https://www.rfc-editor.org/rfc/rfc2328#page-55

 

'In general, when a router's interface to a network first becomes functional, it checks to see whether there is currently a Designated Router for the network.

If there is, it accepts that Designated Router, regardless of its Router priority.

 

Note however that regardless of whichever is the DR and BDR, the router with the highest router ID will still be the master during DD packet exchange.

 

lestopace_0-1663140761733.png

 

Contributors