OSPFCCNA 200-301

OSPF LSA Flooding Loop Causing CPU Spike

Presenting Symptom

The router CPU utilization spikes to 100% and OSPF neighbors flap intermittently, causing network instability.

Network Context

The network is a small enterprise campus with three routers (R1, R2, R3) running OSPF in a single area 0. All routers are Cisco IOS 15.x. The topology is a triangle: R1 connected to R2 and R3, and R2 connected to R3. OSPF is configured with default settings, and all interfaces are in area 0.

Diagnostic Steps

Check CPU utilization

show processes cpu sorted | exclude 0.00

CPU utilization for five seconds: 99%/0%; one minute: 95%; five minutes: 90%
PID  Runtime(ms)  Invoked  uSecs   5Sec   1Min   5Min  TTY  Process
123  4567890       10000    456789  45.00% 40.00% 35.00%  0   OSPF Router

High CPU usage by OSPF process indicates a problem with OSPF itself, such as excessive LSA flooding or route computation.

Check OSPF neighbor state

show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
10.0.0.2         1   FULL/DR         00:00:35    10.0.1.2        GigabitEthernet0/0
10.0.0.3         1   INIT/DROTHER    00:00:32    10.0.2.3        GigabitEthernet0/1

Neighbor in INIT state indicates adjacency problems. Normally all neighbors should be FULL. This suggests LSA flooding issues causing neighbor resets.

Check OSPF database for duplicate LSAs

show ip ospf database | include LS Age

  LS Age: 3600
  LS Age: 3600
  LS Age: 3600

Multiple LSAs with max age (3600 seconds) indicate that LSAs are being flushed and reoriginated repeatedly, a sign of a flooding loop.

Enable OSPF debugging to see LSA flooding

debug ip ospf lsa-generation

OSPF: Generate LSA Type 1, LSID 10.0.0.1, adv-rtr 10.0.0.1, age 1
OSPF: Generate LSA Type 1, LSID 10.0.0.1, adv-rtr 10.0.0.1, age 2
... (repeated rapidly)

Rapid generation of the same LSA indicates a flooding loop. The router keeps generating new LSAs because it receives its own LSA back from a neighbor due to a misconfiguration.

Root Cause

The OSPF LSA flooding loop is caused by a misconfigured OSPF network type mismatch. On the link between R2 and R3, one interface is configured as point-to-point while the other is broadcast. This causes R2 to send LSAs out the interface, which R3 receives and floods back to R2 because it sees the LSA as new (different network type). R2 then reoriginates the LSA, creating a loop.

Resolution

Correct the OSPF network type mismatch. On R2 and R3, configure the same network type on the connecting interface. For example, set both to point-to-point: On R2: interface GigabitEthernet0/1 ip ospf network point-to-point On R3: interface GigabitEthernet0/0 ip ospf network point-to-point Alternatively, set both to broadcast. The key is consistency.

Verification

After applying the fix, verify OSPF neighbors are stable and CPU normalizes: show ip ospf neighbor Expected output: All neighbors in FULL state. show processes cpu sorted | include OSPF Expected output: OSPF process CPU usage below 5%. show ip ospf database | include LS Age Expected output: LS ages varying normally (not all max age).

Prevention

1. Always configure OSPF network type consistently on both ends of a link. 2. Use point-to-point network type on serial links or when only two routers are connected to avoid DR/BDR election issues. 3. Implement OSPF authentication to prevent rogue routers from injecting LSAs.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario may appear as a troubleshooting multiple-choice question where you must identify the cause of OSPF neighbor flapping and high CPU. The exam tests your ability to interpret show commands and debug output to pinpoint network type mismatches. Key fact: OSPF network type mismatch can cause LSA flooding loops.

Exam Tips

Memorize the default OSPF network types: broadcast on Ethernet, point-to-point on serial (HDLC/PPP).

Know that 'show ip ospf neighbor' showing INIT or EXSTART state often indicates a network type mismatch or MTU issue.

Remember that 'debug ip ospf lsa-generation' is useful but can spike CPU further; use with caution in production.

Commands Used in This Scenario

show ip ospf database

Displays the OSPF link-state database (LSDB) to verify OSPF adjacencies, check for missing or corrupt LSAs, and troubleshoot OSPF routing issues.

show ip ospf neighbor

Displays OSPF neighbor information to verify adjacency formation and troubleshoot OSPF neighbor relationships.

show processes cpu

Displays CPU utilization statistics for all processes running on the Cisco IOS device, used to identify processes consuming excessive CPU and diagnose performance issues.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions