Geek Speak

Monitoring OSPF Neighbor State Changes

I got into a conversation today about monitoring OSPF neighbor state changes so I thought I'd talk about it a little here and ask all of you if this is something that you're specifically interested in.

As most of you know, OSPF is the most commonly deployed Interior Gateway Protocol (IGP) within medium and large enterprises today. When managing an OSPF network, one of the most important things to monitor is changes to the OSPF neighbor states. This is exactly what it sounds like - monitoring how each router within the OSPF network sees other routers within the network. Some of these state changes are a normal part of the operation of OSPF, but many times a state change is indicative of a problem on the network. There are several ways to monitor these state changes, but typically it's done with either SNMP based polling and/or SNMP traps.

A really good reference for learning more about OSPF neighboring can be found here:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0e.shtml

Is this something that you monitor today? If so, how? If not, would you like to?

 

Flame on...
Josh

 

Published Feb 22 2008, 08:24 AM by Josh Stephens

Comments

 

epenney said:

This is a gap in our current monitoring. We receive snmp traps of ospf events - but it's not a pretty way to see OSPF health of your network or to retrace impact the OSPF event had on the network. Looking for OSPF monitoring tool!

February 25, 2008 6:32 PM
 

Network_Guru said:

I found this document which describes the issue and a solution to monitoring OSPF routes and link state changes in a network;

www.emmanuelbaccelli.org/.../IM_2001.pdf

February 29, 2008 3:24 PM
 

riverhino said:

Yes - monitoring OSPF is something we'd like to be doing actively - but finding a non-obtrusive way to do it has been tough.  Especially on the cheap.

Surprised SolarWinds hasn't developed more proto-specific tools?

April 16, 2008 9:11 AM
 

Spear said:

Its surprising how few tools there are for passive monitoring of OSPF when it doesn't really seem that hard to listen to LSA messages.

There are some expensive passive tools out there for example Packet Design's Route Explorer, PacketStorm's Route Analyser.

Im currently working on my own product that will both passively listen to LSA messages and also reply to Hello messages as a priority zero / DOTHER to gather the route adjacency's and to verify link state information (incase of a missed LSA multicast messages. Hope to also be able to do ISIS and BGP in the future.

May 31, 2008 5:49 PM
 

Network_Guru said:

I'm still looking for an OSPF monitoring tool and found another research project which built exactly what I need:

www.cs.princeton.edu/.../shaikh04.pdf

July 25, 2008 4:09 PM

About Josh Stephens

Josh Stephens is director of technology – aka Head Geek – at SolarWinds, where he plays an integral part in the development and delivery of our award-winning network management products. Josh has extensive experience in network management systems, network engineering, and software development. His 15-plus years of experience in technology include designing and deploying advanced networks and network management systems within organizations including the US Air Force, Sprint, MCI/UUNET, and Wal-Mart. He has received several industry certifications including those from Cisco Systems, Microsoft, and HP.