Symptom: The CPU usage became high, and many LSA and OSPF logs were recorded.
1. The CPU usage became high.
CPU Usage : 54% Max: 92%
2. Many alarms were reported indicating LSA aging or redelivery.
Dec 18 2012 17:08:44 ICRHAA OSPF/2/IFRETX:OID 18.104.22.168.22.214.171.124.2.10 An OSPF packet is retransmitted on a non-virtual interface. (IfIpAddress=10.0.13.58, AddressLessIf=0, NbrIfIpAddress=10.0.13.57, NbrAddressLessIf=0.0.0.0, LsdbAreaId=0.0.0.0, LsdbType=5 LsdbLsid=10.40.4.64, LsdbRouterId=10.0.13.58, RouterId=10.0.13.58, IfNeighbor=10.0.13.61, PacketType=4) Dec 18 2012 17:08:44 ICRHAA OSPF/2/IFRETX:OID 126.96.36.199.188.8.131.52.2.10 An OSPF packet is retransmitted on a non-virtual interface. (IfIpAddress=10.0.13.58, AddressLessIf=0, NbrIfIpAddress=10.0.13.57, NbrAddressLessIf=0.0.0.0, LsdbAreaId=0.0.0.0, LsdbType=5 LsdbLsid=10.0.196.8, LsdbRouterId=10.0.13.58, RouterId=10.0.13.58, IfNeighbor=10.0.13.61, PacketType=4)
Huawei performed the following operations to diagnose the fault:
1. Analyzed the cause of high CPU usage.
2. Viewed user logs and diagnosis logs and found many alarms indicating LSA aging or redelivery.
3. Analyzed suspect routes' detailed information and neighbor status.
display ospf peer
dis ip rou 10.10.70.4 verbose
dis ip rou 10.203.11.24 verbose
dis ip rou 10.30.16.30 verbose
display ospf routing 10.10.70.4
display ospf routing 10.203.11.24
display ospf routing 10.30.16.30
4. Analyzed the cause and time of the OSPF neighbor going down. Pinged the OSPF neighbor using large packets and checked whether any packets were lost.
display ospf 31 peer last-nbr-down
display ospf 40 peer last-nbr-down
5. Analyze the OSPF packet exchange process to find out the cause of the neighbor relationship establishment failure. 6. Analyzed the cause why the firewall did not respond to DD packets sent by the NE5000E.
The OSPF neighbor status on the NE5000E was Exchange. Therefore, when the local routing information changed, the NE5000E flooded LSAs to its neighbor and added them in the redelivery list. If the neighbor did not send back acknowledgement packets, the NE5000E kept redelivering the LSAs. Because the OSPF neighbor of the neighbor was in the Exstart state, it discarded received flooded LSAs and therefore did not send acknowledgement packets to the NE5000E. As a result, the NE5000E kept redelivering the LSAs. In addition, no acknowledgement packets were received in response to aged LSAs and therefore the LSAs were stored in the local database. The LSA aging alarms were recorded repeatedly. In conclusion, the root cause was that the firewall did not receive DD packets sent by the NE5000E, because packet filtering was disabled on the firewall.
Packet filtering was enabled on the firewall.