Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
What happens when graceful restart occurs in OSPF? - Knowledge Base - Palo Alto Networks

What happens when graceful restart occurs in OSPF?

11706
Created On 03/23/19 15:10 PM - Last Modified 01/13/25 18:53 PM


Question


What happens if an OSPF graceful restart is triggered on a firewall in the BDR role?

Environment


  • OSPF Routing Protocol configured.
  • BDR role.

Answer


Restarting the routing service will trigger a graceful restart: 
>debug routing restart
>debug software restart routed
  
105 16:13:06.398383 192.168.10.3 224.0.0.5 OSPF 106 LS Update

Frame 105: 106 bytes on wire (848 bits), 106 bytes captured (848 bits)
Ethernet II, Src: Vmware_9b:75:1b (00:50:56:9b:75:1b), Dst: IPv4mcast_05 (01:00:5e:00:00:05)
Internet Protocol Version 4, Src: 192.168.10.3, Dst: 224.0.0.5
Open Shortest Path First
OSPF Header
Version: 2
Message Type: LS Update (4)
Packet Length: 72
Source OSPF Router: 192.168.10.3
Area ID: 0.0.0.5
Checksum: 0x76be [correct]
Auth Type: Null (0)
Auth Data (none): 0000000000000000
LS Update Packet
Number of LSAs: 1
LSA-type 9 (Opaque LSA, Link-local scope), len 44
.000 0000 0000 0000 = LS Age (seconds): 0
0... .... .... .... = Do Not Age Flag: 0
Options: 0x02, (E) External Routing
0... .... = DN: Not set
.0.. .... = O: Not set
..0. .... = (DC) Demand Circuits: Not supported
...0 .... = (L) LLS Data block: Not Present
.... 0... = (N) NSSA: Not supported
.... .0.. = (MC) Multicast: Not capable
.... ..1. = (E) External Routing: Capable
.... ...0 = (MT) Multi-Topology Routing: No
LS Type: Opaque LSA, Link-local scope (9)
Link State ID Opaque Type: grace-LSA (3)
Link State ID Opaque ID: 0
Advertising Router: 192.168.10.3
Sequence Number: 0x80000001
Checksum: 0xa12e
Length: 44
Grace Period: 120 seconds. <<<<<<<<<<<<<<<<<<<<<<
TLV Type: grace-LSA Grace Period (1)
TLV Length: 4
Grace Period: 120 seconds
Restart Reason: Unknown (0)
Restart IP: 192.168.10.3

There are two possible outcomes:

1. if the process is able to complete the reload within the allotted grace time (120 seconds), the Firewall's role as a BDR is maintained.
2. if the process takes longer than 120 seconds, the firewall will take the new role as a DROTHER
  
246 16:14:36.368084 192.168.10.3 224.0.0.5 OSPF 86 Hello Packet

Frame 246: 86 bytes on wire (688 bits), 86 bytes captured (688 bits)
Ethernet II, Src: Vmware_9b:75:1b (00:50:56:9b:75:1b), Dst: IPv4mcast_05 (01:00:5e:00:00:05)
Internet Protocol Version 4, Src: 192.168.10.3, Dst: 224.0.0.5
Open Shortest Path First
OSPF Header
OSPF Hello Packet
Network Mask: 255.255.255.0
Hello Interval [sec]: 10
Options: 0x02, (E) External Routing
0... .... = DN: Not set
.0.. .... = O: Not set
..0. .... = (DC) Demand Circuits: Not supported
...0 .... = (L) LLS Data block: Not Present
.... 0... = (N) NSSA: Not supported
.... .0.. = (MC) Multicast: Not capable
.... ..1. = (E) External Routing: Capable
.... ...0 = (MT) Multi-Topology Routing: No
Router Priority: 1
Router Dead Interval [sec]: 40
Designated Router: 192.168.10.1
Backup Designated Router: 192.168.10.2. <<<<<<<<<<<<< changed from 192.168.10.3
Active Neighbor: 192.168.10.1
Active Neighbor: 192.168.10.2
Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 239,534
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000boPzCAI&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language