Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Why the OSPF is in '2 Way' state with some neighbors and "Full" with others?

0

0

Article ID: KB14881 KB Last Updated: 25 Mar 2020Version: 6.0
Summary:

This article describes the issue of an Open Shortest Path First (OSPF) neighbor being in the 2 Way state.

Symptoms:

The firewall or router is not forming an adjacency. Maximum transmission unit (MTU) settings are the same on both sides of the link.

How do I determine if an OSPF neighbor is a designated router (DR) or a backup designated router (BDR)?

Solution:

In broadcast media, only the designated router and backup designated router will form a full adjacency with the other OSPF neighbors.

  • OSPF devices will be in the Full state only with the DR and BDR.

  • OSPF devices will be in the 2 Way state if the neighbor is neither a DR nor BDR; this is expected behavior, as per the RFC for broadcast networks.

For more information, refer to OSPF Version 2 (RFC 2328), Section - 7.3. The Designated Router.

On a ScreenOS firewall, you can run the get vr <vr-name> protocol ospf int CLI command to check which device is the DR (Designated Router) and the BDR (Backup Designated Router). On the firewall,you can run the get vr <vr-name> protocol ospf nei CLI command to check if the firewall has formed the neighborship and with which firewall.

The priority determines the DR and the BDR; but a new device with higher priority will not assume the DR role, until the next election. This can be configured on the OSPF interface. But, if the device with the higher priority has preemt configured, it can trigger the election and become the DR, as and when it comes up.

On a Junos OS router, check these outputs to determine the DR and BDR for the segment:

show ospf neighbor detail
show ospf interface detail

If the OSPF neighbor is in a routing-instance, then use:

show ospf neighbor instance <instance-name> detail
show ospf interface instance <instance-name> detail

A DRother router will stay in a two way state with other DRother routers.

Modification History:

2020-03-25: Article reviewed for accuracy; it is valid and accurate.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search