FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
lestopace
Staff
Staff
Article Id 223727
Description This article describes the OSPF behavior when introducing a new router that has a higher router ID and priority to the OSPF neighborship in the same broadcast domain.
Scope FortiGate.
Solution

Problem.

In the following scenario, VDOM1 and VDOM2 have already formed OSPF neighbors between each other before the root VDOM was introduced.

 

VDOM2 is the Designated Router(DR) due to having a higher router ID while VDOM1 is the Backup Designated Router(BDR).

 

VDOM1.

 

lestopace_0-1663131750747.png

 

VDOM2.

 

lestopace_1-1663131792803.png

 

After introducing root VDOM to the same OSPF area, even though root VDOM has higher priority and router-id, VDOM2 was still the DR and VDOM1 was still the BDR.

 

lestopace_2-1663138801287.png

 

lestopace_0-1663137393314.png

 

This is because during init state, VDOM1 and VDOM2 have already informed the root of the current DR and BDR.

 

lestopace_3-1663139420670.png

 

This is in accordance with the RFC 2328.

 

However, note that regardless of whichever is the DR and BDR, the router with the highest router ID will still be the master during DD packet exchange.

 

lestopace_0-1663140761733.png

 

In order to make the root VDOM the DR, clear the OSPF neighbor ship for the current DR so the root VDOM has higher priority and the router-id can take it as the new DR. 

 

exec router clear ospf process