OSPFEXEC

show ip ospf database

Displays the OSPF link-state database (LSDB) for a specified OSPF process, showing all LSAs known to the router.

Overview

The 'show ip ospf database' command is a fundamental troubleshooting and verification tool for OSPF on Cisco NX-OS (Nexus) switches. It displays the contents of the OSPF Link-State Database (LSDB), which is the collection of all Link-State Advertisements (LSAs) that the router has received from its OSPF neighbors. The LSDB is the core of OSPF's link-state routing protocol; each router in an OSPF area maintains an identical LSDB for that area, and the Shortest Path First (SPF) algorithm uses this database to compute the routing table.

Understanding the LSDB is crucial for diagnosing OSPF issues. For example, if a route is missing from the routing table, you can check the LSDB to see if the corresponding LSA exists. If the LSA is present, the problem might be in the SPF calculation or route selection. If the LSA is missing, you need to investigate why the advertising router did not originate it or why it was not received (e.g., adjacency problems, filtering, or MTU issues).

On Cisco NX-OS, the command syntax is similar to IOS but with some NX-OS specific options. The output is organized by LSA type: Router Links (Type 1), Net Links (Type 2), Summary Net Links (Type 3), Summary ASBR Links (Type 4), and Type-5 AS External Links (Type 5). Additionally, NX-OS supports Opaque LSAs (Types 9, 10, 11) for features like Traffic Engineering. The command can be filtered to show specific LSA types or a particular LSA by using keywords like 'router', 'network', 'external', or by specifying the Link State ID and advertising router.

In troubleshooting workflows, this command is often used after verifying OSPF neighbor adjacencies with 'show ip ospf neighbor'. If neighbors are full, but routes are missing, the next step is to examine the LSDB. For example, in a multi-area OSPF network, you might check that Area Border Routers (ABRs) are generating Type 3 summary LSAs for inter-area routes. Similarly, for redistributed routes, you would look for Type 5 external LSAs. The command also helps in detecting database inconsistencies, such as when two routers have different sequence numbers for the same LSA, indicating a possible corruption or a router that has lost its database and is reoriginating.

Syntax·EXEC
show ip ospf [process-id] database [database-summary] [asbr-summary] [external] [network] [nssa-external] [opaque-area] [opaque-as] [opaque-link] [router] [self-originate] [adv-router <ip-address>] [link-state-id]

When to Use This Command

  • Verify OSPF adjacency formation by checking if Type 1 Router LSAs are present from neighbors.
  • Troubleshoot missing routes by examining Type 3 Network Summary LSAs for inter-area routes.
  • Check for redistribution issues by reviewing Type 5 External LSAs and their forwarding addresses.
  • Validate OSPF database consistency across routers in the same area by comparing LSAs.

Parameters

ParameterSyntaxDescription
process-id[process-id]The OSPF process ID (1-65535). If omitted, the command applies to the first OSPF process. Use this when multiple OSPF processes are configured.
database-summarydatabase-summaryDisplays a summary of the LSDB, showing the count of each LSA type per area. Useful for a quick overview of database size.
asbr-summaryasbr-summaryDisplays only Type 4 ASBR Summary LSAs, which advertise the location of ASBRs.
externalexternalDisplays only Type 5 External LSAs, which are redistributed routes from other routing protocols or static routes.
networknetworkDisplays only Type 2 Network LSAs, which are generated by the Designated Router on broadcast and NBMA networks.
nssa-externalnssa-externalDisplays only Type 7 NSSA External LSAs, used in Not-So-Stubby Areas.
opaque-areaopaque-areaDisplays Opaque LSAs of area scope (Type 10), used for Traffic Engineering and other extensions.
opaque-asopaque-asDisplays Opaque LSAs of AS scope (Type 11), used for Graceful Restart and other features.
opaque-linkopaque-linkDisplays Opaque LSAs of link scope (Type 9), used for MPLS Traffic Engineering.
routerrouterDisplays only Type 1 Router LSAs. Can be followed by a Router ID to show a specific LSA.
self-originateself-originateFilters the display to show only LSAs that were originated by the local router.
adv-routeradv-router <ip-address>Filters the display to show only LSAs advertised by the specified router ID.
link-state-id[link-state-id]The Link State ID of a specific LSA (e.g., the Router ID for Router LSAs, or the network address for Summary LSAs). Used to display a single LSA in detail.

Command Examples

Basic OSPF Database Display

show ip ospf database
       OSPF Router with ID (10.1.1.1) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
10.1.1.1        10.1.1.1        123         0x80000004 0x00A1B2 2
10.2.2.2        10.2.2.2        456         0x80000003 0x00C3D4 3

                Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.1.2        10.1.1.2        789         0x80000001 0x00E5F6

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.3.3.0        10.1.1.1        234         0x80000002 0x00G7H8

                Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum
192.168.1.0     10.2.2.2        567         0x80000001 0x00I9J0

The output shows the OSPF LSDB for process 1. Router Link States list each router's LSA with its advertising router, age, sequence number, checksum, and link count. Net Link States show the DR's network LSA. Summary Net Link States are inter-area routes. Type-5 AS External are redistributed routes.

Display OSPF Database for a Specific LSA Type

show ip ospf database router 10.2.2.2
       OSPF Router with ID (10.1.1.1) (Process ID 1)

                Router Link States (Area 0)

  LS age: 456
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 10.2.2.2
  Advertising Router: 10.2.2.2
  LS Seq Number: 0x80000003
  Checksum: 0xC3D4
  Length: 48
  Number of Links: 3

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.1.1.2
     (Link Data) Router Interface address: 10.1.1.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 10.2.2.0
     (Link Data) Network Mask: 255.255.255.0
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

    Link connected to: another Router (point-to-point)
     (Link ID) Neighboring Router ID: 10.3.3.3
     (Link Data) Router Interface address: 10.2.2.3
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

This shows detailed information about the Router LSA from router 10.2.2.2. It includes the LSA header (age, options, type, LSID, advertising router, sequence number, checksum, length) and each link with its type, link ID, data, and metric.

Understanding the Output

The 'show ip ospf database' command output is organized by LSA type. The first section lists Router Link States (Type 1) for each router in the area. Each entry shows the Link ID (the router's Router ID), ADV Router (the router that originated the LSA), Age (seconds since the LSA was originated), Seq# (sequence number for freshness), Checksum (for integrity), and Link count (number of links described). The Net Link States (Type 2) are generated by the Designated Router and list the DR's interface IP as Link ID. Summary Net Link States (Type 3) are inter-area routes, with Link ID being the network address. Type-5 AS External (Type 5) are redistributed routes. Healthy values: ages should be low (under 1800 seconds), sequence numbers should be increasing, and checksums should match across routers. Problem indicators: high age (over 1800) indicates stale LSAs; mismatched sequence numbers may indicate a database corruption or a router that lost its database; missing LSAs from a neighbor suggest adjacency issues. The detailed view (e.g., 'show ip ospf database router') provides the full LSA content, including each link's type (transit, stub, point-to-point), link ID, data, and metric. This helps in understanding the topology as seen by that router.

Configuration Scenarios

Verifying OSPF Database in a Multi-Area Network

You have a three-router OSPF network with Area 0 and Area 1. Router1 is an ABR. You want to verify that Router1 is generating Type 3 summary LSAs for Area 1 networks into Area 0.

Topology

Area 0 Area 1 R1 (ABR) --------- R2 | | | | R3 R4 (Internal) (Internal)

Steps

  1. 1.On Router1 (ABR), enter privileged EXEC mode.
  2. 2.Run 'show ip ospf database summary' to see Type 3 LSAs.
  3. 3.Check that the Link ID shows networks from Area 1 (e.g., 10.2.0.0) with ADV Router as Router1's Router ID.
Configuration
! No configuration needed for verification; this is a show command.

Verify: The output should include Summary Net Link States with Link IDs like 10.2.0.0 and ADV Router 1.1.1.1 (Router1's ID).

Watch out: If the summary LSAs are missing, ensure that Router1 has inter-area routes in its routing table and that the 'area 1' command is correctly configured.

Checking for Redistributed Routes via Type 5 LSAs

You have redistributed static routes into OSPF on an ASBR. You want to verify that the external LSAs are present in the database.

Topology

ASBR (R5) --- OSPF Area 0 --- R6 | Static route: 192.168.100.0/24

Steps

  1. 1.On the ASBR (R5), run 'show ip ospf database external'.
  2. 2.Look for a Type-5 AS External LSA with Link ID 192.168.100.0.
  3. 3.Verify the ADV Router is R5's Router ID and the metric is correct.
Configuration
! On R5:
router ospf 1
 redistribute static subnets
!

Verify: The output should show the external LSA with correct forwarding address (0.0.0.0 if not set) and metric type (E1 or E2).

Watch out: If the LSA is missing, check that the static route exists and that redistribution is enabled under OSPF. Also ensure that the 'subnets' keyword is used to redistribute the exact prefix.

Troubleshooting with This Command

When troubleshooting OSPF issues on Cisco NX-OS, the 'show ip ospf database' command is invaluable. Start by checking the overall database health with 'show ip ospf database database-summary' to see the count of each LSA type per area. A healthy database should have a reasonable number of LSAs; an excessive number might indicate a flapping route or a misconfiguration. Next, verify that all expected LSAs are present. For example, if a neighbor is in FULL state but routes from that neighbor are missing, check if the neighbor's Router LSA (Type 1) is in the database. If it is, the problem might be in the SPF calculation or route selection. If it is not, there may be a database synchronization issue, possibly due to MTU mismatch or authentication failure.

Common troubleshooting scenarios include: - Missing inter-area routes: Check for Type 3 Summary LSAs from the ABR. If missing, verify that the ABR has the routes in its routing table and that the area is correctly configured. - Missing external routes: Check for Type 5 External LSAs from the ASBR. If missing, verify redistribution configuration and that the ASBR has the routes. - Stale LSAs: If an LSA's age is approaching 1800 seconds (MaxAge), it may be about to be flushed. This could indicate a neighbor that is not refreshing its LSAs, possibly due to a unidirectional link or a router that is down. - Database corruption: If sequence numbers are unexpectedly high or checksums are invalid, the LSA may be corrupt. In such cases, clear the OSPF process with 'clear ip ospf process' to force reorigination of all LSAs.

On NX-OS, you can also use the 'show ip ospf database self-originate' to quickly see what LSAs the local router is generating. This is useful to confirm that the router is advertising its networks correctly. Additionally, the 'adv-router' filter helps isolate LSAs from a specific neighbor, which is helpful when troubleshooting a particular adjacency.

Remember that the LSDB must be identical across all routers in the same area. If you suspect an inconsistency, compare the output of 'show ip ospf database' on multiple routers. Differences in sequence numbers or missing LSAs indicate a problem that needs investigation.

CCNA Exam Tips

1.

Remember that the 'show ip ospf database' command displays the LSDB, not the routing table; use 'show ip route ospf' for routes.

2.

Be able to identify LSA types: Type 1 (Router), Type 2 (Network), Type 3 (Summary), Type 4 (ASBR Summary), Type 5 (External).

3.

Know that the 'self-originate' keyword filters to show only LSAs originated by the local router.

Common Mistakes

Confusing the OSPF database with the routing table; the database contains LSAs, not routes.

Assuming that a missing LSA always indicates a problem; it could be that the LSA has aged out or the neighbor is not fully adjacent.

Forgetting to specify the process ID when multiple OSPF processes exist; the command will default to the first process.

Platform Notes

On Cisco NX-OS (Nexus), the 'show ip ospf database' command behaves similarly to Cisco IOS but with some differences. NX-OS supports OSPFv2 and OSPFv3, and the command syntax is consistent across both. One key difference is that NX-OS uses a modular architecture, and OSPF processes can be configured with VRF awareness. The command output includes VRF information if applicable. Additionally, NX-OS supports Opaque LSAs (Types 9, 10, 11) for features like MPLS Traffic Engineering and Graceful Restart, which are not always present in IOS. The 'opaque-area', 'opaque-as', and 'opaque-link' keywords are specific to NX-OS and IOS XE.

Compared to IOS, the output format is slightly different; for example, NX-OS may display the LS age in seconds, while IOS sometimes shows it in hours:minutes:seconds. The 'database-summary' option is available on both platforms but may have different formatting. On NX-OS, you can also use 'show ip ospf database internal' to see internal OSPF information, though this is not commonly needed.

For equivalent commands on other platforms: On Juniper JunOS, the equivalent is 'show ospf database'. On Arista EOS, it is 'show ip ospf database'. On Huawei VRP, it is 'display ospf lsdb'. The concept is the same across platforms, but the output format and filtering options vary.

Version differences: In earlier NX-OS versions, the command might not support all LSA types (e.g., Opaque LSAs were added later). Always check the documentation for your specific NX-OS version. The command is available in all NX-OS software releases that support OSPF.

Related Commands

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions