How to troubleshoot flapping OSPF neighbour adjacency

• Palo Alto Firewalls
• PAN-OS
• OSPF

1. Identify possible OSFP adjacency reachability issue.
   1. For the physical layer use, How to troubleshoot physical port flap or link down issue.
   2. Usage of the same IP address on two different devices can lead to an unstable OSPF, check Received conflicting ARP on interface ethernetX/X indicating duplicate IP Y.Y.Y.Y to resolve such issue.
   3. Is BFD configured between neighbours, review How to troubleshoot BFD to isolate the problem?
   4. Check if the aggregated interface using LACP is having issue, explore How to troubleshoot LACP going down or flap issue.
   5. Incomplete ARP Entry or Firewall Responds To Every ARP Request On The Network.
   6. Was HA failover triggered? 
   7. Verify that OSPF Graceful restart is configured on both peers.
2. Identify possible resource depletion in the Palo Alto firewall.
   1. If the firewall is monitored by Strata Cloud Manager (formerly known as AIOps), use How to identify high CPU, Packet Buffer, and Packet Descriptor in the firewall with Strata Cloud Manager.
   2. For non-Strata Cloud Manager monitored firewalls, use the following steps. 
      1. Use HowTo Troubleshoot High Packet Buffer Or Packet Descriptors Usage to check if your firewall is having high dataplane resources usage.
      2. Determine if the data plane CPU utilization is high.
         1. Under the firewall's GUI, go to DASHBOARD > Widgets > System > click on System Resources.
         2. To resolve this issue, use How to Troubleshoot High DataPlane CPU.
      3. Determine if the management plane CPU utilization is high.
         1. Under the firewall's GUI, go to DASHBOARD > Widgets > System > click on System Resources.
         2. To resolve this issue, use  TIPS & TRICKS: Reducing Management Plane Load.
3. How to troubleshoot OSPF adjacency stuck in INIT or EXSTART or EXCHANGE or LOADING States.
4. Search for the errors from routed.log.

> grep pattern "use-values-below" mp-log routed.log

1. neighbor does not need to become adjacent.
2. Hello packet dropped because source router ID matches local router ID
3. Couterfeit packet received