JNCIE. 17 years of ISP & DC networks. And last week I caught myself reading an RFC line by line, feeling like a fool.
When I shut a router down in our lab, OSPF didn’t forget it for up to an hour. The link to that dead router stayed in every other router’s database too.
I always treated the LSDB as a black box. Dijkstra runs, paths appear, done. This time, working on a HORA investigation with Nicolai Moraru, I had to step back and actually re-read the RFCs.
What happens when you disable a node:
1. The dead router’s Router-LSA stays in the LSDB until the MaxAge timer expires, which is by default 3,600s in OSPFv2 (RFC 2328). 1,200s default in IS-IS (ISO/IEC 10589). Only the originator can flush its own LSA early (RFC 2328 section 14.1).
2. The neighbor’s LSA gets updated and no longer lists the dead node. The LSDB now has an asymmetric edge: A->B exists, B->A doesn’t.
3. SPF doesn’t care. RFC 2328 section 16.1 step 2(b): “…or it does not have a link back to vertex V, examine the next link in V’s LSA.” The half-edge fails the two-way / bidirectionality check and is silently ignored. IS-IS does the same via the TwoWayConnectivity check, per ISO/IEC 10589.
The link isn’t “marked unidirectional.” It just fails the SPF gate.
Why is it engineered this way?
– Defends against one-way failures (broken Tx, asymmetric MTU/ACL).
– Lets the LSDB re-converge consistently while flooding propagates.
– Prevents one router from forging the deletion of another’s topology.
There’s a local saying: “live a century, learn a century.”
JNCIE, dozens of complex networks in production, and I still find details like this. Things I should have known years ago and they make me feel like a fool. It happens. Periodically. And I’m fine saying it out loud.
Hopefully this post refreshes a memory for some, or teaches a couple of engineers something so they don’t have to bump into it the way I did.
I’m curious, what’s something you discovered embarrassingly late that you assumed you knew?
