OSPF Adjacency Not Forming Between Neighbors
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/entity//" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/entity//Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/entity//)Use the native HTML custom element.
Two routers configured for OSPF are not forming a neighbor relationship, remaining stuck in the INIT, 2-WAY, or EXSTART state rather than reaching FULL adjacency. Without a full adjacency, OSPF cannot exchange link-state advertisements (LSAs), meaning the routing table will not contain routes learned via the non-adjacent neighbor and those subnets will be unreachable.
Symptoms
- ⚠ `show ip ospf neighbor` shows the peer stuck in INIT, ATTEMPT, 2-WAY, EXSTART, or EXCHANGE state
- ⚠ OSPF neighbor appears briefly then drops — oscillating neighbor relationship (flapping)
- ⚠ Routes from the neighbor's area do not appear in `show ip route ospf`
- ⚠ OSPF debug logs show Hello packets sent but no Hello received from the peer
- ⚠ Adjacency forms on one side of the link but not the other
- ⚠ Adjacency was working previously but broke after a configuration change or software upgrade
Possible Root Causes
- • Hello or Dead interval mismatch — OSPF requires identical values on both sides of a link
- • Area ID mismatch — one router is configured for area 0 and the other for area 1 on the same interface
- • MTU mismatch causing Database Description packets to be rejected at the EXSTART/EXCHANGE stage
- • OSPF authentication configured on one side but not the other, or different passwords
- • Network type mismatch (point-to-point vs broadcast) causing different DR election expectations
Diagnosis Steps
Step 1: Check Neighbor State
# Cisco IOS
show ip ospf neighbor detail
# Linux (FRR/Quagga)
sudo vtysh -c "show ip ospf neighbor detail"
# Key states and their meaning:
# DOWN = No Hello received
# INIT = Hello received but Router ID not in Hello's neighbor list (one-way)
# 2-WAY = Hello received bidirectionally (non-DR/BDR stop here on broadcast)
# EXSTART = Negotiating master/slave for DD exchange
# EXCHANGE = Sending Database Descriptions
# LOADING = Requesting missing LSAs
# FULL = Adjacency complete, database synchronised
Step 2: Verify Hello Parameters Match
# Cisco IOS
show ip ospf interface GigabitEthernet0/0
# Look for: Hello 10, Dead 40, Wait 40, Retransmit 5
# Both sides MUST match: Hello interval, Dead interval, Area ID, Authentication type, MTU
# Linux FRR
sudo vtysh -c "show ip ospf interface eth0"
Step 3: Confirm Area ID and Network Type Match
# Area 0 (backbone) and area 1 are different — peers in different areas cannot form adjacency
# Network type: both must be same (point-to-point, broadcast, non-broadcast)
# Cisco
show running-config | section ospf
# Check: network area and ip ospf network type
# FRR
sudo vtysh -c "show running-config" | grep -A5 "ospf"
Step 4: Examine OSPF Debug Output
# Cisco IOS (limit output with ACL before enabling)
debug ip ospf adj # Shows adjacency state machine transitions
debug ip ospf hello # Shows Hello packet details
# FRR
sudo vtysh
conf t
debug ospf event
debug ospf packet all
end
# Watch: sudo journalctl -u frr -f
# Disable debug after diagnosis:
no debug ip ospf adj
Step 5: Check MTU Mismatch
# OSPF will not form adjacency if MTU differs between peers (DD packets are rejected)
# On interface connected to OSPF peer:
ip link show eth0
# MTU in ip link must match both sides
# Cisco
show interface GigabitEthernet0/0 | include MTU
# Or bypass MTU check (not recommended for production):
ip ospf mtu-ignore
Solution
Fix: Match Hello and Dead Intervals
# Cisco IOS — set on the interface
interface GigabitEthernet0/0
ip ospf hello-interval 10
ip ospf dead-interval 40
# FRR
sudo vtysh
conf t
interface eth0
ip ospf hello-interval 10
ip ospf dead-interval 40
end
write memory
Fix: Correct Area Assignment
# Cisco IOS
router ospf 1
no network 10.1.1.0 0.0.0.255 area 1 # Remove wrong area
network 10.1.1.0 0.0.0.255 area 0 # Add correct area
# FRR
router ospf
no network 10.1.1.0/24 area 1
network 10.1.1.0/24 area 0
Fix: Resolve MTU Mismatch
# Option 1: Fix the interface MTU to match
sudo ip link set eth0 mtu 1500
# Option 2: Enable OSPF MTU ignore (use only if MTU mismatch is by design)
# Cisco:
interface GigabitEthernet0/0
ip ospf mtu-ignore
# FRR:
interface eth0
ip ospf mtu-ignore
Fix: Configure Matching Authentication
# Cisco IOS — MD5 authentication
interface GigabitEthernet0/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 MySecretKey
# FRR
interface eth0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 MySecretKey
Prevention
- Standardise OSPF interface parameters (Hello/Dead intervals, authentication, network type) in a configuration template and apply via automation
- Implement OSPF neighborship monitoring: alert when any expected adjacency drops below FULL state for more than 60 seconds
- Use
show ip ospf neighboras a post-change verification step in all network change runbooks - Enable OSPF authentication on all interfaces to prevent accidental or malicious neighborship formation
- Document MTU values for all OSPF-enabled interfaces and verify end-to-end path MTU with
pingusing thedf-bitoption during commissioning
Related Protocols
Related Terms
More in VPN & Routing
Asymmetric Routing with Stateful Firewall Dropping Packets
Advanced
DNS Leaking Outside VPN Tunnel
Beginner
IPsec Phase Negotiation Failure (IKEv1/IKEv2)
Advanced
Missing Default Route After Network Change
Beginner
Routing Loop Causing TTL Exceeded Errors
Intermediate
Split-Tunnel VPN Routing Misconfiguration
Intermediate