Troubleshooting Tip: OSPF Error logs 'no route to ASBR'

subramanis · ‎05-12-2025

Description

This article describes the solution for the error 'no route to ASBR' when performing OSPF debugging.

Scope

FortiGate.

Solution

Screenshot 2025-05-12 110111.jpg

In OSPF, the Link-State Database (LSDB) stores all received LSAs, including Type-5 External LSAs that represent redistributed routes (for example, a static route like 8.8.8.8/32). While these LSAs may exist in the LSDB, their presence alone does not guarantee that the associated routes will be installed in the routing table.

Consider a topology where the external route 8.8.8.8/32 is redistributed into OSPF by router FGT3, which has the OSPF Router ID 100.1.2.2. This route is advertised to other routers, including FGT1 and FGT2, via Type-5 LSAs.

When the link between FGT2 and FGT3 (for example, 172.16.1.1 or 172.16.1.2) goes down, FGT1 may still retain the Type-5 LSA for 8.8.8.8/32 in its LSDB for a time. However, the OSPF process on FGT1 will not install the route into the routing table if the originating ASBR (100.1.2.2) becomes unreachable.

After the link failure:

R1 continues to see the Type-5 LSA for 8.8.8.8/32 in the LSDB, with 100.1.2.2 as the advertising router.

The SPF (Shortest Path First) algorithm runs on FGT1 to calculate the best path to each LSA originator.

Since there is no longer a valid path to 100.1.2.2 (due to the failed adjacency between FGT1 and FGT2), FGT1 cannot compute a route to the ASBR.

As a result, OSPF logs the following message:

OSPF: Route[ASE]: 8.8.8.8/32 no route to ASBR (100.1.2.2)

This error highlights that OSPF separates LSA reception from path computation. An external route is only installed if the ASBR that advertised it is reachable via the OSPF topology.

Technical Summary:

LSDB Update: LSAs remain in the LSDB until they age out, even after link or adjacency failures.

SPF Calculation: If a router cannot calculate a path to the ASBR, it will not install the associated external route.

Routing table and OSPF database when it works:

FGT1 # get router info ospf database brief

OSPF Router with ID (192.168.1.1) (Process ID 0, VRF 0)

Router Link States (Area 0.0.0.0)

Link ID ADV Router Age Seq# CkSum Flag Link count

100.1.2.2 100.1.2.2 394 8000000a 7481 0012 1

192.168.1.1 192.168.1.1 1144 80000005 d8c7 0031 1

192.168.1.2 192.168.1.2 480 80000013 f40c 0012 2

Net Link States (Area 0.0.0.0)

Link ID ADV Router Age Seq# CkSum Flag

172.16.1.2 100.1.2.2 384 80000004 73e4 0012

192.168.1.2 192.168.1.2 690 80000002 8226 0012

AS External Link States

Link ID ADV Router Age Seq# CkSum Flag Route Tag

8.8.8.8 100.1.2.2 1134 80000003 2815 0012 E2 8.8.8.8/32 0

FGT1 # get router info routing-table details

Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP

O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

V - BGP VPNv4

* - candidate default

Routing table for VRF=0

O E2 8.8.8.8/32 [110/10] via 192.168.1.2, port1, 00:37:02, [1/0]

C 10.109.48.0/20 is directly connected, mgmt

O 172.16.1.0/24 [110/2] via 192.168.1.2, port1, 00:37:53, [1/0]

C 192.168.1.0/24 is directly connected, port1

Routing table and OSPF database when an error occurs: