Error point restore:
#AR31
isis 1
is-level level-1
Title: AR34 did not learn two equivalent routes
1, Fault root cause judgment
After analysis, the root cause of the fault is: the ISIS router level configuration error of AR31 is level-1, and the correct configuration should be level-1-2.
2, Fault analysis
2.1. The fault phenomenon reappears. Execute the display IP routing table command on AR34 to check whether there are two default routes in the routing table of AR34. The inspection results are as follows:
<AR34>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 ISIS-L1 15 10 D 10.5.34.30 GigabitEthernet0/0/0
10.5.1.30/32 ISIS-L1 15 10 D 10.5.34.30 GigabitEthernet0/0/0
10.5.1.31/32 ISIS-L1 15 10 D 10.5.14.31 GigabitEthernet0/0/1
10.5.1.34/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.5.14.0/24 Direct 0 0 D 10.5.14.34 GigabitEthernet0/0/1
10.5.14.34/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.5.14.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.5.34.0/24 Direct 0 0 D 10.5.34.34 GigabitEthernet0/0/0
10.5.34.34/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.5.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.5.129.0/24 ISIS-L1 15 20 D 10.5.34.30 GigabitEthernet0/0/0
10.5.130.0/24 ISIS-L1 15 20 D 10.5.14.31 GigabitEthernet0/0/1
According to the inspection results, there is only one default route from the next hop to AR30 in the routing table of AR34, and the overhead of the routes received from AR30 and AR31 is the same, which eliminates the possibility of failure caused by inconsistent interface overhead. Since the necessary condition for AR34 to generate two default routes is to receive the LSP with ATT set to 1 from AR30 and AR31 respectively, and the conditions for att set are as follows:
a. AR30, AR31 and AR34 establish a level-1 neighbor relationship, and must establish a level-2 neighbor relationship with AR28;
b. The ISIS area ID of AR30 and AR31 must be consistent with that of AR34, but inconsistent with that of AR28;
c. AR30 and AR31 must support the router type of ISIS level-1-2;
Therefore, it is necessary to check whether there is an LSP with ATT set to 1 from AR30 and AR31 in the ISIS LSDB database of AR34.
2.2. Execute the display isis lsdb command on AR34 to view the lsdb database of AR34. The inspection results are as follows:
<AR34>display isis lsdb
Database information for ISIS(1)
--------------------------------
Level-1 Link State Database
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0030.00-00 0x00000009 0x78e4 862 102 1/0/0
0000.0000.0031.00-00 0x0000000a 0xf198 891 102 0/0/0
0000.0000.0031.01-00 0x00000003 0xe018 891 55 0/0/0
0000.0000.0034.00-00* 0x00000007 0x93df 766 113 0/0/0
0000.0000.0034.01-00* 0x00000002 0x8d6a 766 55 0/0/0
Total LSP(s): 5
*(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended),
ATT-Attached, P-Partition, OL-Overload
According to the inspection results, AR34 only receives the LSP with ATT set to 1 from AR30. According to the three necessary conditions of ATT set, it is necessary to further check whether the ISIS neighbor relationship between AR31, AR34 and AR28 is established normally.
2.3 execute the display isis peer command on AR31 to check the ISIS neighbor relationship of AR31. The inspection results are as follows:
<AR31>dis isis peer
Peer information for ISIS(1)
System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0000.0000.0034 GE0/0/1 0000.0000.0031.01 Up 23s L1 64
According to the inspection results, AR31 only established level-1 neighbor relationship with AR34, and did not establish level-2 neighbor relationship with AR28. It is necessary to further check whether it is caused by the inaccessibility of the three-layer address of the interface used for ISIS neighbor relationship between AR28 and AR31.
2.4 execute ping -a 10.5.130.31 10.5.130.28 command on AR31, and the test results are as follows:
<AR31>ping -a 10.5.130.31 10.5.130.28 PING 10.5.130.28: 56 data bytes, press CTRL_C to break Reply from 10.5.130.28: bytes=56 Sequence=1 ttl=255 time=60 ms Reply from 10.5.130.28: bytes=56 Sequence=2 ttl=255 time=20 ms Reply from 10.5.130.28: bytes=56 Sequence=3 ttl=255 time=20 ms Reply from 10.5.130.28: bytes=56 Sequence=4 ttl=255 time=30 ms Reply from 10.5.130.28: bytes=56 Sequence=5 ttl=255 time=20 ms --- 10.5.130.28 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 20/30/60 ms
According to the output results, the three-layer address of the interconnection interface between AR28 and AR31 can be reached. It is preliminarily judged that there may be an error in the ISIS configuration of AR31. Check whether AR31 receives the ISIS error statistics message.
2.5 execute the command display isis error int g0/0/2 on AR31 and check whether the g0/0/2 interface of AR31 receives the error statistics message. The check results are as follows:
<AR31>display isis error int g 0/0/2 Statistics of errored packets for GE0/0/2: -------------------------------------------------------------------- LSP packet errors: Longer LSP : 0 Smaller LSP : 0 Mismatched Level : 0 Invalid Sysid : 0 Zero Sequence Number : 0 Illegal IS Type : 0 Zero Checksum : 0 Incorrect Checksum : 0 Bad Authentication : 0 Bad Auth Count : 0 More Protocol TLV : 0 Bad Nbr TLV : 0 Bad Extended IS TLV : 0 Bad IF Addr TLV : 0 Bad Reach TLV : 0 Bad Inter Domain TLV : 0 Mismatched Area Id(L1) : 0 Bad TLV Length : 0 Bad Alias TLV : 0 Bad Area TLV : 0 Bad SRLG TLV : 0 Unknown Adjacency : 0 Bad Protocol ID : 0 Bad Version : 0 Zero Lifetime : 0 Bad Ext Reach TLV : 0 Bad TE Router ID TLV : 0 Bad TE Sub TLV : 0 Hello packet errors: Bad Packet Length : 0 Reserved CircType : 0 Repeated System ID : 0 Bad Circuit Type : 0 Longer packet : 0 More Area Addr : 0 Longer Area Addr : 0 Bad Area Addr TLV : 0 More IF Addr : 0 Bad Formatted IF TLV : 0 More Nbr SNPA(LAN) : 0 Invalid Sysid : 0 Bad TLV Length : 0 Zero HoldingTime : 0 Unusable IP Addr : 0 Repeated IPv4 Addr : 0 Mismatched Area Addr(L1): 0 Mismatched Proto : 0 SNPA Conflicted(LAN) : 0 Mismatched Level : 0 Mimatched Max Area Addr: 0 Bad Authentication : 0 More Auth TLV : 0 3-Way Option Error(P2P) : 0 No Area Addr TLV : 0 Bad Protocol ID : 0 Bad Version : 0 Invalid IPv6 Addr : 0 More IPv6 IF Addr : 0 Duplicate IPv6 Addr : 0 More Optional Checksum : 0 Bad Optional Checksum : 0 --------------------------------------------------------------------
According to the output results, the g/0/0/2 interface of AR31 has not received any error statistics messages. It is necessary to further check the isis configuration information of AR31.
2.6 execute the display isis brief command on AR31 and check the ISIS related configuration of AR31. The inspection results are as follows:
<AR31>dis isis brief
ISIS Protocol Information for ISIS(1)
-------------------------------------
SystemId: 0000.0000.0031 System Level: L1
Area-Authentication-mode: NULL
Domain-Authentication-mode: NULL
Ipv6 is not enabled
ISIS is in invalid restart status
ISIS is in protocol hot standby state: Real-Time Backup
Interface: 10.5.14.31(GE0/0/1)
Cost: L1 10 L2 10 Ipv6 Cost: L1 10 L2 10
State: IPV4 Up IPV6 Down
Type: BROADCAST MTU: 1497
Priority: L1 64 L2 64
Tmers: Csnp: L1 10 L2 10 ,Retransmit: L12 5 , Hello: L1 10 L2 10 ,
Hello Multiplier: L1 3 L2 3 , LSP-Throttle Timer: L12 50
Interface: 10.5.130.31(GE0/0/2)
Cost: L1 10 L2 10 Ipv6 Cost: L1 10 L2 10
State: IPV4 Up IPV6 Down
Type: BROADCAST MTU: 1497
Priority: L1 64 L2 64
Timers: Csnp: L1 10 L2 10 ,Retransmit: L12 5 , Hello: L1 10 L2 10 ,
Hello Multiplier: L1 3 L2 3 , LSP-Throttle Timer: L12 50
Interface: 10.5.1.31(Loop0)
Cost: L1 0 L2 0 Ipv6 Cost: L1 0 L2 0
State: IPV4 Up IPV6 Down
Type: P2P MTU: 1500
Priority: L1 64 L2 64
Timers: Csnp: L12 10 , Retransmit: L12 5 , Hello: 10 ,
Hello Multiplier: 3 , LSP-Throttle Timer: L12 50
According to the output results, AR31 only supports Isis neighbor relationship of level-1 and does not support Isis neighbor relationship of level-2, which makes it impossible to establish level-2 neighbor relationship with AR28. Since the interconnection interface with AR28 is not enabled, the Isis neighbor relationship cannot be established, so it is necessary to check the g 0/0/2 interface of AR31.
2.7. Execute the display isis int g 0/0/2 command on AR31 and check the interface configuration. The output results are as follows:
<AR31>dis isis int g 0/0/2
Interface information for ISIS(1)
---------------------------------
Interface Id IPV4.State IPV6.State MTU Type DIS
GE0/0/2 002 Up Down 1497 L1/L2 No/No
According to the output results, the g 0/0/2 interface of AR31 enables ISIS, and the interface types support L1 and L2
To sum up: the fundamental reason why AR34 cannot generate two default routes is that AR28 and AR31 cannot establish the ISIS neighbor relationship of level-2, resulting in that AR34 cannot receive the LSP with ATT set to 1 from AR31. The reason why AR34 cannot establish a neighbor is that the ISIS route level of AR31 is configured as level-1 and the correct configuration is level-1-2.
3, Fault handling
3.1. The router level of AR31 is configured as level-1. The following commands need to be executed on AR31:
system-view #Enter system view isis 1 #Enter ISIS process is-level level-1-2 #Modify the router level to level-1-2 After executing the above command, in AR31 and AR34 Test whether the fault has been solved by executing the following command on: display isis peer #Check whether a level-2 neighbor relationship is established with AR28 on AR31 display isis lsdb #Set art from ls31 and art 34 in lsdb to see if it is received display ip routing-table #Check whether there are two default routes in the routing table
3.2. Other high possibility faults - the g 0/0/2 interface of AR28 does not enable ISIS, so the following commands need to be executed on AR28:
system-view #Enter system view iint g0/0/2 #Enter interface view isis enable 1 #Enable isis function After executing the above command, in AR31 and AR34 Test whether the fault has been solved by executing the following command on: display isis peer #Check whether a level-2 neighbor relationship is established with AR28 on AR31 display isis lsdb #Check whether the lsdb of AR34 receives the LSP with ATT set to 1 from AR30 and AR31 display ip routing-table #Check whether there are two default routes in the routing table
3.3. Other high possibilities - isis authentication is configured under the g 0/0/2 interface of AR28, and the following commands need to be executed on AR28:
system-view #Enter system view iint g0/0/2 #Enter interface view undo isis authentication-mode #Delete interface isis authentication After executing the above command, in AR31 and AR34 Test whether the fault has been solved by executing the following command on: display isis peer #Check whether a level-2 neighbor relationship is established with AR28 on AR31 display isis lsdb #Check whether the lsdb of AR34 receives the LSP with ATT set to 1 from AR30 and AR31 display ip routing-table #Check whether there are two default routes in the routing table
3.4. Other high possibilities - the forced ATT not set command is configured under the ISIS process of AR31, and the following commands need to be executed on AR31:
system-view #Enter system view isis 1 #Enter ISIS process undo attached-bit advertise #Delete ATT unset command After executing the above command, in AR31 and AR34 Test whether the fault has been solved by executing the following command on: display isis peer #Check whether a level-2 neighbor relationship is established with AR28 on AR31 display isis lsdb #Check whether the lsdb of AR34 receives the LSP with ATT set to 1 from AR30 and AR31 display ip routing-table #Check whether there are two default routes in the routing table
3.5. Other high possibility - to configure the weight value of AR30 as the next hop under the ISIS process of AR34, you need to execute the following commands on AR34:
system-view #Enter system view isis 1 #Enter ISIS process undo next-hop 10.5.34.30 #Delete the weight value of the next hop configuration After executing the above command, in AR31 and AR34 Test whether the fault has been solved by executing the following command on: display isis peer #Check whether a level-2 neighbor relationship is established with AR28 on AR31 display isis lsdb #Check whether the lsdb of AR34 receives the LSP with ATT set to 1 from AR30 and AR31 display ip routing-table #Check whether there are two default routes in the routing table
quit # exit to system view
save # saves the configuration
If the fault still exists after executing the above command, please send a front-line engineer to the site for troubleshooting, or provide complete equipment configuration information, call Huawei 400 hotline and ask Huawei experts for remote assistance.