Troubleshooting OSPF Neighbor Problems
When OSPF neighbors will not form, it is almost always a mismatch. Work down this checklist — hello/dead timers, area ID, subnet/mask, authentication, MTU, network type — and the stuck adjacency state tells you where to look.
What the stuck state tells you
- Stuck in INIT — one side hears the other but not vice-versa. Usually an ACL or authentication blocking hellos one way.
- Stuck in 2-WAY — normal between two non-DR routers on a multi-access segment. Only a problem if you expected full adjacency.
- Stuck in EXSTART/EXCHANGE — classic MTU mismatch. The routers cannot agree on database packets.
The mismatch checklist
OSPF hellos must agree on all of these, or neighbors never form:
- Hello and Dead timers — must match on both sides.
- Area ID — the interfaces must be in the same area.
- Subnet and mask — both interfaces must be on the same subnet.
- Authentication — type and key must match (or both be off).
- MTU — must match (or use
ip ospf mtu-ignore). - Network type & area type — e.g. one stub, one not, breaks it.
- Same primary subnet, and OSPF actually enabled on the interface.
The commands to run
show ip ospf neighbor # what state are we stuck in? show ip ospf interface brief # area, timers, network type debug ip ospf adj # watch the adjacency attempt show ip ospf interface <int> # hello/dead, MTU, auth
Compare the two routers side by side — the first value that differs is your fault.
Frequently asked questions
Why are my OSPF neighbors stuck in EXSTART?
Almost always an MTU mismatch between the two interfaces. Match the MTU on both sides, or configure ip ospf mtu-ignore as a workaround.
What must match for OSPF neighbors to form?
Hello and dead timers, area ID, subnet and mask, authentication, MTU, and network/area type. Any mismatch prevents the adjacency.
What does OSPF stuck in INIT mean?
One router receives the other's hello but its own hellos are not getting through — commonly an ACL or one-way authentication problem.
Is 2-WAY state a problem in OSPF?
Not on a multi-access network between two non-DR/BDR routers — that is normal. It is only a problem if you expected a full adjacency, such as on a point-to-point link.
Related articles
Want hands-on training?
Learn this on real Cisco lab devices with placement support at Attila Technologies, Ahmedabad.