Advice for NSa3700 drops/ignores OSFP IPv4 routing
I have a NSa3700 pair where the primary stops using OSPF IPv4 route data. Traffic stops because IP Spoofing check incoming traffic against known routes. When the routes are ignored, all traffic from inside the company is dropped. The firewall logs show "IP spoof dropped".
- Quick Fix: Reboot the SonicWall, which is enough to switch to the secondary. OSPF works again and traffic flows.
- Longer Fix: Install static routes
- ?? Is there a way to just restart the OSPF process?
The NSa3700 pairs replaced NSA3650 pairs. The conversion tool at mysonicwall.com was used to copy the configuration. In the 3650 OSPF worked flawlessly, so it took a while to understand the fault.
- firmware-version "SonicOS 7.0.1-5145"
- rom-version 188.8.131.52
- CLI "show routing ospf" shows the expected content
- CLI "show routing ospf neighbor" shows the other routers in the network, which are Cisco ISR4331 routers
- CLI "show routing ospf routes" lists the expected routes
- CLI "show routing ospf database" shows the correct information, now after rebooting. I did not check during the failure.
Most Recent Occurrence: Multiple sites are connected via a Comcast ENS network. The SonicWalls and Cisco routers all have addresses on the same network 192.168.154.0/24. One router was offline for 2 hours due to fiber repairs in the city. When the fiber was repaired and the router rejoined the network one SonicWall pair stopped using the OSPF data. ??
- Has anyone had a similar OSPF instability?
- Does running IPv6 and IPv4 together make the issue worse?
- Do you have any suggestions?