Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
knaveenkumar
Staff
Staff

Created on ‎12-29-2022 09:50 AM Edited on ‎09-27-2024 04:17 AM By Community Manager

Article Id 241311

Troubleshooting Tip: Duplicate OSPF router ID

Description This article describes steps to troubleshoot a duplicate router-id during the process of forming OSPF neighbors in FortiGate and FortiOS.
Scope

FortiGate and FortiOS.
Solution

10.5.16.0.PNG

 

In the above diagram, Router 1's router-id is 1.1.1.1, and Router 2's router-id is 2.2.2.2. 

 

Note:

The router-id will be selected based on the Manually configured router ID and then if the manual router ID is not configured then the highest IP address on the loopback interface IP. If the loopback interface is not present, the highest physical active interface IP will be preferred as the OSPF router ID.

 

In OSPF, the router-id should be unique on both devices to form the OSPF neighbourship.

 

# get router info ospf neighbor
OSPF process 0, VRF 0:
Neighbor ID Pri State Dead Time Address Interface
10.0.5.231 1 Full/DR 00:00:38 10.5.21.231 port1


neutron-esx34 # OSPF: LSA[Refresh]: timer expired
OSPF: IFSM[port1:10.5.27.232]: Hello timer expire
OSPF: SEND[Hello]: To 224.0.0.5 via port1:10.5.27.232, length 48 <----- Sending hello out via port1:10.5.27.232.
OSPF: -----------------------------------------------------
OSPF: Header
OSPF: Version 2
OSPF: Type 1 (Hello)
OSPF: Packet Len 48
OSPF: Router ID 1.1.1.1 <----- The sending router-id is 1.1.1.1.
OSPF: Area ID 0.0.0.0
OSPF: Checksum 0xd9c6
OSPF: AuType 0
OSPF: Hello
OSPF: NetworkMask 255.255.240.0
OSPF: HelloInterval 10
OSPF: Options 0x2 (*|-|-|-|-|-|E|-)
OSPF: RtrPriority 0
OSPF: RtrDeadInterval 40
OSPF: DRouter 10.5.21.231
OSPF: BDRouter 0.0.0.0
OSPF: # Neighbors 1
OSPF: Neighbor 10.0.5.231
OSPF: -----------------------------------------------------
OSPF: RECV[Hello]: From 1.1.1.1 via port1:10.5.27.232 (10.5.28.246 -> 224.0.0.5) <--- receiving hello via port1:10.5.27.232
OSPF: -----------------------------------------------------
OSPF: Header
OSPF: Version 2
OSPF: Type 1 (Hello)
OSPF: Packet Len 48
OSPF: Router ID 1.1.1.1 <----- while receiving router ID 1.1.1.1.
OSPF: Area ID 0.0.0.0
OSPF: Checksum 0xd9c6
OSPF: AuType 0
OSPF: Hello
OSPF: NetworkMask 255.255.240.0
OSPF: HelloInterval 10
OSPF: Options 0x2 (*|-|-|-|-|-|E|-)
OSPF: RtrPriority 0
OSPF: RtrDeadInterval 40
OSPF: DRouter 10.5.21.231
OSPF: BDRouter 0.0.0.0
OSPF: # Neighbors 1
OSPF: Neighbor 10.0.5.231
OSPF: -----------------------------------------------------
OSPF: RECV[Hello]: duplicate router-id 1.1.1.1 detected on port1:10.5.27.232 <--- duplicate router-ID
OSPF: LSA[MaxAge]: Maxage walker finished (0.000000 sec)


After correcting router2's router id as 2.2.2.2, the OSPF neighbourship goes up successfully.


# get router info ospf neighborship is up
OSPF process 0, VRF 0:
Neighbor ID Pri State Dead Time Address Interface
10.0.5.231 1 Full/DR 00:00:35 10.5.21.231 port1
1.1.1.1 0 Full/DROther 00:00:35 10.5.28.246 port1 <----- R1 router id 1.1.1.1.

 

# get router info ospf neighbor
OSPF process 0, VRF 0:
Neighbor ID Pri State Dead Time Address Interface
10.0.5.231 1 Full/DR 00:00:38 10.5.21.231 port1
2.2.2.2 1 Full/Backup 00:00:33 10.5.27.232 port1 <----- R2 router-id 2.2.2.2.

 

Note:

  • Routers in the different Areas can have duplicate Router IDs.
  • The router in ASBRs must have a unique Router ID.
Labels:
2382
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.