No OSPF hello received on FortiGate

snobs · ‎02-25-2019

Hello, I try to get OSPF up and running on a FortiGate running FortiOS 6.0.4, which is connected an HP 5930AF switch.

On the HP switch I can happily see OSPF hello packets:

OSPF/7/DEBUG: Source address: 10.1.2.138 OSPF/7/DEBUG: Destination address: 224.0.0.5 OSPF/7/DEBUG: Version 2, Type: 1, Length: 48. OSPF/7/DEBUG: Router: 10.1.3.60, Area: 0.0.0.0, Checksum: 23149. OSPF/7/DEBUG: Authentication type: 00, Key(ASCII): 0 0 0 0 0 0 0 0. OSPF/7/DEBUG: Network mask: 255.255.255.254, Hello interval: 10, Option: _E_. OSPF/7/DEBUG: Router priority: 1, Dead Interval: 40, DR: 10.1.2.138, BDR: 0.0.0.0. OSPF/7/DEBUG: Neighbor ID: 10.1.3.62. OSPF 1: Receiving packets. Source address: 10.1.2.139 Destination address: 224.0.0.5 Version 2, Type: 1, Length: 44. Router: 10.1.3.62, Area: 0.0.0.0, Checksum: 58554. Authentication type: 00, Key(ASCII): 0 0 0 0 0 0 0 0. Network mask: 255.255.255.254, Hello interval: 10, Option: _E_.

On the FortiGate no Hello is received at all

# get router info ospf interface LAN is down, line protocol is down Internet Address 10.1.2.142/31, Area 0.0.0.0, MTU 1500 Process ID 0, VRF 0, Router ID 10.1.3.62, Network Type BROADCAST, Cost: 0 Transmit Delay is 1 sec, State Down, Priority 1 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10.000, Dead 40, Wait 40, Retransmit 5 WAN is up, line protocol is up Internet Address 10.1.2.139/31, Area 0.0.0.0, MTU 1500 Process ID 0, VRF 0, Router ID 10.1.3.62, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 10.1.3.62, Interface Address 10.1.2.139 No backup designated router on this network Timer intervals configured, Hello 10.000, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Neighbor Count is 0, Adjacent neighbor count is 0 Crypt Sequence Number is 10 Hello received 0 sent 620, DD received 0 sent 0 LS-Req received 0 sent 0, LS-Upd received 0 sent 0 LS-Ack received 0 sent 0, Discarded 0 BFD enalbed

So what am I missing? Is there any special policy I need at the Fortigate?

Regards

Toshi_Esumi · ‎02-25-2019

Maybe because you're using a /31 subnet on the interface. I would suggest you open a ticket at TAC to get taken a look at. It could be a comeback of an old bug. Or you can try changing it to a /30.

Either way, please let us know how it goes.

Toshi_Esumi · ‎02-25-2019

One thing my coworker reminded me....

Go to ospf-interface config and get in the particular one it's coming from. Then,

xxx-fg1 (<interface_name>) # get | grep network-type network-type : broadcast

Make sure it's not point-to-point. /31 is considered as point-to-point.

rwpatterson · ‎02-25-2019

Are you sure you want OSPF on the WAN and not the LAN?

snobs wrote:
# get router info ospf interface LAN is down, line protocol is down .
.
.
WAN is up, line protocol is up .
.
.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

No OSPF hello received on FortiGate

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website