4.4.1. Neighbor Adjacencies
OSPF routers are paranoid—they won't trust a router and share their link-state database until they've verified that router is legitimate and compatible. This verification process creates a neighbor relationship that progresses through several states before reaching full adjacency.
Why neighbors matter: If routers can't become neighbors, they can't exchange routes. Neighbor issues are the #1 OSPF troubleshooting problem. When OSPF "isn't working," the first command is always show ip ospf neighbor.
Neighbor Requirements (ALL must match):
- Area ID: Both routers must be in the same OSPF area
- Hello/Dead intervals: Must match exactly (default: 10/40 seconds on broadcast networks)
- Authentication: If enabled, both sides need the same password
- Subnet: Routers must be on the same IP subnet
- MTU: Mismatched MTU prevents reaching FULL state (this one's sneaky)
What happens when requirements don't match: The neighbor relationship gets stuck. Mismatched timers = stuck in Init. Mismatched authentication = stuck in Init. Mismatched MTU = stuck in ExStart/Exchange. The state tells you where to look.
Adjacency Formation States:
| State | What's Happening | Troubleshooting Hint |
|---|---|---|
| Down | No Hello received | Check Layer 1/2, ACLs blocking OSPF |
| Init | Hello received but not bidirectional | Timer or authentication mismatch |
| 2-Way | Bidirectional communication confirmed | DR/BDR election happens here |
| ExStart | Master/slave negotiation for DB exchange | MTU mismatch stops progress here |
| Exchange | Database Description packets exchanged | Still checking MTU |
| Loading | Requesting missing LSAs | Almost there |
| Full | Databases synchronized | Normal operating state |
⚠️ Exam Trap: On broadcast/multi-access networks, not all neighbors reach FULL state. Non-DR/BDR routers (DROthers) stay in 2-Way with each other—that's normal. They only form FULL adjacency with the DR and BDR.