Hi everyone, recently we have had some issues of OSPF sessions losing neighbors on some of our CORE routers.
Symptoms
Sometimes all OSPF sessions are affected one at a time. Reboot can seem to clear the issue but i think its just relieving symptoms and not resolving the actual cause. Sometimes only some OSPF sessions are affect, in the most recent incident last week only 1 OSPF was affected and none others.
Equipment
2 x CCR1036, version 6.46.8 and 6.45.7 respectively.
There are some things that I am already aware that should not be on out core, fixed, updated and/or removed when required.
* OSPF backbone too large - +-3700 routes on backbone
* NAT on Edge/CORE - There is NAT for some specific functions, this is planned to be removed and have connection tracking disabled.
* Firewalling before CORE to filter out unnecessary traffic like attacks/DDoS
Some other items we are already doing
* Updating the routers to the latest long-term release when possible.
Are there any other things to consider or be aware of beside the items above?