Topology: NE80 (g1/0/1)--(VLAN3002 G1/0/0)S8016
The interface of NE80 is down because of link, and when it is restored to be up, the OSPF neighbor with S8016 cannot set up.
1. Check the configuration, and it is found that the RULE-MAP for EACL ACL2 configured for interconnecting interfaces contains the address of interconnecting interfaces.
2. Modify RULE-MAP rules, and iron out the address of interconnecting interface. The problem is solved.
1. Check the configurations of the equipment, as follows:
rule-map crc1 ip 126.96.36.199 0.0.255.255 188.8.131.52 0.31.255.255
flow-action crc redirect ip 184.108.40.206 GigabitEthernet1/0/2
eacl acl2 crc1 crc
The EACL is applied to the interconnecting interface of S8016, and the RULE-MAP contains the address of the interface. The DD packets from the process to set up OSPF neighbor are unicast and redirected. However, the S8016 at peer cannot receive the packets, so OSPF neighbor cannot set up.
2. EACL has been in existence before the interface is down, but why does it not influence the state of neighbor? This is because DD packets will not be exchanged once the neighbor relationship has been set up. The HELLO packets to maintain neighbor relationship are multicast, and the EACL is configured after the neighbor has been set up.