VPN VA - Cisco Router Frequent OSPF Adjacency Loss

  • 1
  • Question
  • Updated 2 years ago
In our setup with two VPN VA in L3 VPN service with dynamic routing enabled (OSPF), there is a frequent loss of adjacency between VPN VA and cisco router. The event is more frequent in secondary VPN as compared to the primary. Below is what it looks from logs.

*** VPN ***
2016-02-18 06:51:18 err     ah_brd: route daemon exited with status code 0
2016-02-17 07:47:19 err     ah_brd: route daemon exited with status code 0
2016-02-16 19:07:28 err     ah_brd: route daemon exited with status code 0
2016-02-16 18:30:43 err     ah_brd: route daemon exited with status code 0
2016-02-16 18:27:28 err     ah_brd: route daemon exited with status code 0
2016-02-16 18:25:03 err     ah_brd: route daemon exited with status code 0
2016-02-16 18:24:47 err     ah_brd: route daemon exited with status code 0
2016-02-16 18:03:04 err     ah_brd: route daemon exited with status code 0
2016-02-16 18:02:49 err     ah_brd: route daemon exited with status code 0
2016-02-16 17:59:24 err     ah_brd: route daemon exited with status code 0
2016-02-16 17:59:09 err     ah_brd: route daemon exited with status code 0
2016-02-16 17:58:34 err     ah_brd: route daemon exited with status code 0

*** Upstream Router ***
011765: Feb 16 19:07:42.170: %OSPF-5-ADJCHG: Process 2, Nbr <VPN 1 Router ID> on Vlan90 from LOADING to FULL, Loading Done
011766: Feb 16 19:08:18.846: %OSPF-5-ADJCHG: Process 2, Nbr <VPN 2 Router ID> on Vlan91 from LOADING to FULL, Loading Done

Been observing it in 6.4 standard image, 6.4 private build and 6.6r2a.

Just wanted to check if other have this issue as well.
Photo of joel cuya

joel cuya

  • 11 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of joel cuya

joel cuya

  • 11 Posts
  • 0 Reply Likes
Got this from brd debug. The ospfd is being reload when it learned a new subnet. In our case with with two VPN connected to two upstream router, the new subnet is being detected when a failing tunnel comes back up.

new subnet ip:1...
compared against remote end point:...
ah_brd: [brd_basic]: begin ospf regen config file.
ah_brd: [brd_basic]: trigger restart of ospfd

Hopefully this behavior will be improved as it is disruptive at layer 3. I think ospfd (quagga) can handle changes the same as cisco router does without a need to restart the routing process.