Guerra de OSPF entre dos routers

Fecha: 8 y 11 de septiembre del 2023

Escenario

Este laboratorio surge a partir de un caso real, desde un router que debe ponerse en producción en un sitio

remoto, entonces previamente y a modo de test se conecta localmente con resultados imprevistos, tal como

una “guerra de OSPF” entre los routers afectados, el que tendrá conectado definitivamente el router remoto,

y el router anfitrión de las pruebas.

Una vez develado el enigma no hubo otra alternativa que revalidarlo en una maqueta de testing.

Y allá vamos…

Captura de pantalla de los dias previos y mientras se realizaba el t-shoot:

1.- Verificación inicial:

1.1.- En Router-A:

1.1.1.- Adyancencias OSPF:

Router-A#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

192.168.2.1 0 FULL/DROTHER 00:00:36 10.0.0.2 Vlan10 (Router-B)

Router-A#

1.1.2.- En la tabla de enrutamiento:

Router-A#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

a - application route

+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 10.0.0.0/30 is directly connected, Vlan10

L 10.0.0.1/32 is directly connected, Vlan10

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/24 is directly connected, Vlan1

L 192.168.1.1/32 is directly connected, Vlan1

O 192.168.2.0/24 [110/2] via 10.0.0.2, 00:01:39, Vlan10 (via Router-B)

Router-A#

1.2.- En Router-B:

1.2.1.- Adyancencias OSPF:

Router-B# sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

192.168.1.1 255 FULL/DR 00:00:38 10.0.0.1 Vlan10 (Router-A)

Router-B#

1.2.2.- En la tabla de enrutamiento:

Router-B#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 10.0.0.0/30 is directly connected, Vlan10

L 10.0.0.2/32 is directly connected, Vlan10

O 192.168.1.0/24 [110/2] via 10.0.0.1, 00:00:43, Vlan10 (via Router-B)

192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.2.0/24 is directly connected, Vlan2

L 192.168.2.1/32 is directly connected, Vlan2

Router-B#

2.- Se conecta Router-C localmente y a modo maqueta para realizar pruebas/ajustes:

2.1.- Configuramos “la pata” al Router-C:

Router-A#conf t

Enter configuration commands, one per line. End with CNTL/Z.

Router-A(config)#int vlan 14

Router-A(config-if)#ip add 10.0.0.5 255.255.255.252

Router-A(config-if)#ip ospf priority 255 (para asegurarse ser el DR)

Router-A(config-if)#exit

Router-A(config)#

Router-A(config)#int fa1

Router-A(config-if)#sw mode access

Router-A(config-if)#sw access vlan 14

Router-A(config-if)#exit

Router-A(config)#

Router-A(config)#router ospf 1

Router-A(config-router)#network 10.0.0.4 0.0.0.3 area 0

Router-A(config-router)#end

Router-A#

Sep 8 13:39:52.608: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.3.1 on Vlan14 from LOADING to FULL, Loading Done

Router-A#

Router-C#

Sep 8 13:39:19: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.1 on FastEthernet0/1 from LOADING to FULL, Loading Done

Router-C#

2.2.- Verificamos adyacencias OSPF en el Router-A:

Router-A# sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

192.168.3.1 0 FULL/DROTHER 00:00:39 10.0.0.6 Vlan14 (Router-C)

192.168.2.1 0 FULL/DROTHER 00:00:39 10.0.0.2 Vlan10 (Router-B)

Router-A#

2.3.- Verificamos adyacencias OSPF en el Router-C:

Router-C#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

192.168.1.1 255 FULL/DR 00:00:37 10.0.0.5 FastEthernet0/1 (Router-A)

Router-C#

2.4.- Verificamos en la tabla de enrutamiento del Router-A:

Router-A#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

a - application route

+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks

C 10.0.0.0/30 is directly connected, Vlan10

L 10.0.0.1/32 is directly connected, Vlan10

C 10.0.0.4/30 is directly connected, Vlan14

L 10.0.0.5/32 is directly connected, Vlan14

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/24 is directly connected, Vlan1

L 192.168.1.1/32 is directly connected, Vlan1

O 192.168.2.0/24 [110/2] via 10.0.0.2, 00:19:10, Vlan10 (via Router-B)

O 192.168.3.0/24 [110/2] via 10.0.0.6, 00:03:41, Vlan14 (via Router-C)

Router-A#

2.5.- Verificamos en la tabla de enrutamiento del Router-C:

Router-C#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/30 is subnetted, 2 subnets

O 10.0.0.0 [110/2] via 10.0.0.5, 00:03:01, FastEthernet0/1 (segmento Router-A – RouterB)

C 10.0.0.4 is directly connected, FastEthernet0/1

O 192.168.1.0/24 [110/2] via 10.0.0.5, 00:03:01, FastEthernet0/1 (via Router-B / Router-A)

O 192.168.2.0/24 [110/3] via 10.0.0.5, 00:03:01, FastEthernet0/1 (via Router-A)

C 192.168.3.0/24 is directly connected, FastEthernet0/0

Router-C#

2.6.- Verificamos que Router-B no aprende la red 192.168.3.0:

Router-B#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 10.0.0.0/30 is directly connected, Vlan10

L 10.0.0.2/32 is directly connected, Vlan10

O 192.168.1.0/24 [110/2] via 10.0.0.1, 00:01:39, Vlan10 (via Router-A)

192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.2.0/24 is directly connected, Vlan2

L 192.168.2.1/32 is directly connected, Vlan2

Router-B#

2.7.- Comienzan los logs:

Router-A#

Sep 8 13:43:41.761: %OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:45:46.500: %OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:47:51.655: %OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:49:56.726: %OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:52:01.460: %OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:54:06.763: %OSPF-4-FLOOD_WAR: Process 1 re-originates LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Router-A#

Router-B#

Sep 8 13:43:41.399: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:45:50.439: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:47:55.455: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:49:00.475: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:52:05.495: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Sep 8 13:54:15.659: %OSPF-4-FLOOD_WAR: Process 1 flushes LSA ID 10.0.0.5 type-2 adv-rtr 192.168.1.1 in area 0

Router-B#

3.- Verificamos con una captura de Wireshark:

Frame 1: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on id 0

Ethernet II, Src: cc:46:d6:2b:5a:54, Dst: 01:00:5e:00:00:05

Internet Protocol Version 4, Src: 10.0.0.1, Dst: 224.0.0.5

Open Shortest Path First

OSPF Header

LS Update Packet

Number of LSAs: 1

LSA-type 2 (Network-LSA), len 32

.000 0000 0000 0001 = LS Age (seconds): 1

0... .... .... .... = Do Not Age Flag: 0

Options: 0x22, (DC) Demand Circuits, (E) External Routing

LS Type: Network-LSA (2)

Link State ID: 10.0.0.5

Advertising Router: 192.168.1.1

Sequence Number: 0x80000057

Checksum: 0x167d

Length: 32

Netmask: 255.255.255.252

Attached Router: 192.168.1.1

Attached Router: 192.168.3.1

Frame 2: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface id 0

Ethernet II, Src: 70:81:05:b5:77:82, Dst: 01:00:5e:00:00:06

Internet Protocol Version 4, Src: 10.0.0.2, Dst: 224.0.0.6

Open Shortest Path First

OSPF Header

LS Update Packet

Number of LSAs: 1

LSA-type 2 (Network-LSA), len 32

.000 1110 0001 0000 = LS Age (seconds): 3600 (si MaxAge es igual a 1 hora (3600 segundos) se purga de los cálculos OSPF)

0... .... .... .... = Do Not Age Flag: 0

Options: 0x22, (DC) Demand Circuits, (E) External Routing

LS Type: Network-LSA (2)

Link State ID: 10.0.0.5 (la IP duplicada en ambos routers que causa el war flooding)

Advertising Router: 192.168.1.1

Sequence Number: 0x80000057

Checksum: 0x167d

Length: 32

Netmask: 255.255.255.252 (la máscara del segmento en disputa)

Attached Router: 192.168.1.1

Attached Router: 192.168.3.1

4.- Verificamos con debug:

4.1.- En Router-A:

Router-A#debug ip ospf flood

OSPF flooding debugging is on

Router-A#

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl14: Add Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 to 192.168.3.1 retransmission list

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl14: Add Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 to flood list

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl14: Flooding update to 224.0.0.5 Area 0

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl14: Send Type 2, LSID 10.0.0.5, Adv rtr 192.168.1.1, age 1, seq 0x80000057 (0)

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl14: Remove Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 flood list

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl14: Stop flood timer

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl10: Add Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 to 192.168.2.1 retransmission list

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl10: Add Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 to flood list

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl10: Flooding update to 224.0.0.5 Area 0

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl10: Send Type 2, LSID 10.0.0.5, Adv rtr 192.168.1.1, age 1, seq 0x80000057 (0)

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl10: Remove Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 flood list

Sep 11 15:38:12.079: OSPF-1 FLOOD Vl10: Stop flood timer

Sep 11 15:38:11.751: OSPF-1 FLOOD Vl10: Received update from 192.168.2.1 (Router-B)

Sep 11 15:38:11.751: OSPF-1 FLOOD Vl10: Rcv Update Type 2, LSID 10.0.0.5, Adv rtr 192.168.1.1, age 3600, seq 0x80000057 Mask /30

Sep 11 15:38:11.751: OSPF-1 FLOOD Vl10: we received our own old net lsa |

Router-A# (si MaxAge es igual a 1 hora (3600 segundos) se purga de los cálculos OSPF)

4.2.- En Router-B:

Router-B#debug ip ospf flood

OSPF flooding debugging is on

Router-B#

Sep 11 15:38:11.231: OSPF: received update from 192.168.1.1, Vlan10 (Router-A)

Sep 11 15:38:11.231: OSPF: Rcv Update Type 2, LSID 10.0.0.5, Adv rtr 192.168.1.1, age 1, seq 0x80000057

Sep 11 15:38:11.231: Mask /30

Sep 11 15:38:11.235: OSPF: Remove Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 from 192.168.1.1 retransmission list

Sep 11 15:38:11.235: OSPF: Add Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 to Vlan10 192.168.1.1 retransmission list

Sep 11 15:38:11.235: OSPF: Add Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 to Vlan10 flood list

Sep 11 15:38:11.235: OSPF: Sending update over Vlan10 without pacing

Sep 11 15:38:11.235: OSPF: Flooding update on Vlan10 to 224.0.0.6 Area 0

Sep 11 15:38:11.235: OSPF: Send Type 2, LSID 10.0.0.5, Adv rtr 192.168.1.1, age 3600, seq 0x80000057 (0)

Sep 11 15:38:11.235: OSPF: Remove Type 2 LSA ID 10.0.0.5 Adv rtr 192.168.1.1 Seq 80000057 from Vlan10 flood list

Sep 11 15:38:11.235: OSPF: Stop Vlan10 flood timer

Sep 11 15:38:13.735: OSPF: Sending delayed ACK on Vlan10

Sep 11 15:38:13.735: OSPF: Ack Type 2, LSID 10.0.0.5, Adv rtr 192.168.1.1, age 1, seq 0x80000057

Router-B#

5.- Verificamos las IP de los routers:

5.1.- en Router-A:

Router-A#sh ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0 unassigned YES unset up up (el segmento Router-A – Router-B)

FastEthernet1 unassigned YES unset up up (el segmento Router-A – Router-C)

FastEthernet2 unassigned YES unset up up (el segmento LAN 192.168.1.0/24)

FastEthernet3 unassigned YES unset down up

Vlan1 192.168.1.1 YES manual up up

Vlan10 10.0.0.1 YES manual up up

Vlan14 10.0.0.5 YES manual up up (el segmento de test Router-A - Router-C)

Router-A#

5.2.- en Router-B:

Router-B#sh ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0 unassigned YES unset up up (el segmento Router-B – Router-A)

FastEthernet1 unassigned YES unset down down (el segmento Router-B – Router-C)

FastEthernet2 unassigned YES unset up up (el segmento LAN 192.168.2.0/24)

FastEthernet3 unassigned YES unset down down

Vlan1 unassigned YES NVRAM up up

Vlan2 192.168.2.1 YES manual up up

Vlan10 10.0.0.2 YES manual up up

Vlan14 10.0.0.5 YES manual down down (el segmento de real Router-B - Router-C)

Router-B#

6.- Verificamos OSPF en Router-B:

Router-B#sh ip protocol

Routing Protocol is "ospf 1"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 192.168.2.1

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

10.0.0.0 0.0.0.3 area 0

10.0.0.4 0.0.0.3 area 0 (el segmento de test Router-A - Router-C)

192.168.2.0 0.0.0.255 area 0

Passive Interface(s):

Vlan2

Routing Information Sources:

Gateway Distance Last Update

192.168.1.1 110 00:02:26

192.168.3.1 110 00:02:26

Distance: (default is 110)

Router-B#

7.- Eliminamos temporalmente la IP de la Vlan14 en Router-B:

Router-B#conf t

Enter configuration commands, one per line. End with CNTL/Z.

Router-B(config)#int vlan 14

Router-B(config-if)#no ip address

Router-B(config-if)#end

Router-B#

8.- Verificamos:

8.1.- Direcciones IP en el Router-B:

Router-B#sh ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0 unassigned YES unset up up (el segmento Router-B – Router-A)

FastEthernet1 unassigned YES unset down down (el segmento Router-B – Router-C)

FastEthernet2 unassigned YES unset up up (el segmento LAN 192.168.2.0/24)

FastEthernet3 unassigned YES unset down down

Vlan1 unassigned YES NVRAM up up

Vlan2 192.168.2.1 YES manual up up

Vlan10 10.0.0.2 YES manual up up

Vlan14 unassigned YES manual down down (el segmento de real Router-B - Router-C)

Router-B#

8.2.- Verificamos OSPF en Router-B:

Router-B#sh ip protocol

*** IP Routing is NSF aware ***

Routing Protocol is “ospf 1”

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 192.168.2.1

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

10.0.0.0 0.0.0.3 area 0

10.0.0.4 0.0.0.3 area 0 (sigue estando declarada en OSPF pero no influye)

192.168.2.0 0.0.0.255 area 0

Passive Interface(s):

Vlan2

Routing Information Sources:

Gateway Distance Last Update

192.168.1.1 110 00:00:07

192.168.3.1 110 00:00:07

Distance: (default is 110)

Router-B#

8.3.- Tabla de enrutamiento en Router-B:

Router-B#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

C 10.0.0.0/30 is directly connected, Vlan10

L 10.0.0.2/32 is directly connected, Vlan10

O 10.0.0.4/30 [110/2] via 10.0.0.1, 00:00:55, Vlan10

O 192.168.1.0/24 [110/2] via 10.0.0.1, 00:38:54, Vlan10

192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.2.0/24 is directly connected, Vlan2

L 192.168.2.1/32 is directly connected, Vlan2

O 192.168.3.0/24 [110/3] via 10.0.0.1, 00:00:56, Vlan10 (via Router-C / Router-A)

Router-B#

9.- Resumen:

Para tener en cuenta: si el router tiene una interface down con una IP configurada, esta participa igualmente del proceso

OSPF y su publicación tiene alcance dentro del área en la que participe.

De haber un conflicto de IP duplicadas (detalle: en un ambiente LAN estos conflictos son de ARP), los routers reclamarán

su “identifdad OSPF” (independientemente del router-id) generando dentro del área un flooding del LSA del “rival” con un

tiempo (age) máximo, similar a un timeout, para invalidarlo.

Esto nos coloca en la situación de ser cautos a la hora de conectar un equipo en una red de producción, ya que ademas de

los logs nos genera una percepción erronea en las tablas de enrutamiento, y si el router es una maqueta para reemplazar

otro en producción (por ejemplo el futuro reemplazo de un equipo obsoleto) y tuviese una IP que se solape con un segmento

activo podemos causar una auto DoS (denegación de servicio). Cosas del networking…

10.- Fuentes de referencia para el troubleshooting:

Me tranquilizó que la respuesta estuviese en una página que comience con “Complex” 😊

En el Issue 1 hay una explicación que me aproxima a la causa del problema:

https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/118880-technote-ospf-00.html

En esta página encontré otra explicación donde ya especifica que pueden haber IP duplicadas en el area 0:

https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/9237-9.html#wat

En esta página encontré el issue de que aunque la interface esté down y la IP está configurada dispara el problema.

https://knowtoshare.wordpress.com/2012/05/31/ospf-inconsistent-ospf-route/

En estos libros encontré de que nunca se termina de aprender OSPF…

(2023) Route to madness

Rosario, Argentina