Downloads |
Table Of Contents
Default Passive Interface Feature
Configuring Default Passive Interfaces
Verifying Default Passive Interfaces
Default Passive Interface Feature
Feature Overview
In Internet service provider (ISP) and large enterprise networks, many of the distribution routers have more than 200 interfaces. Before the Default Passive Interface feature, there were two possibilities for obtaining routing information from these interfaces:
•
Configure a routing protocol such as Open Shortest Path First (OSPF) on the backbone interfaces and redistribute connected interfaces.
•
Network managers may not always be able summarize type-5 link-state advertisements (LSAs) at the router level where redistribution occurs, as in the first possibility. Thus, a large number of type-5 LSAs can be flooded over the domain.
In the second possibility, large type-1 link-state LSAs might be flooded into the area. The area border router (ABR) creates type-3 LSAs, one for each type-1 LSAs, and floods them to the backbone. It is possible, however, to have unique summarization at the ABR level, which will inject just one summary route into the backbone, thereby reducing processing overhead.
The solution to this problem has been to configure the routing protocol on all interfaces and manually set the passive-interface command on the interfaces where adjacency was not desired. In some networks, this meant coding 200 or more passive interface statements. With the Default Passive Interface feature, this problem is solved by allowing all interfaces to be set as passive by default using a single passive-interface default command, then configuring individual interfaces where adjacencies are desired using the no passive-interface command.
Benefits
The Default Passive Interface feature simplifies the configuration of distribution routers and allows the network manager to obtain routing information from the interfaces in large ISP and enterprise networks.
Restrictions
This feature works for all routing protocols that support the passive-interface command, and has been tested with all supported Cisco routing protocols.
Note
Supported Platforms
This feature has been tested and found to work on all Cisco router platforms and media that support Cisco IOS Release 12.0.
Supported MIBs and RFCs
MIBs
None
For descriptions of supported MIBs and how to use MIBs, see the Cisco MIB web site on CCO at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
RFCs
None
Configuration Tasks
Perform the following tasks to configure the Default Passive Interface feature:
•
•
•
•
These tasks are described in the following sections:
•
•
Configuring Default Passive Interfaces
In the following tasks, refer to the Cisco IOS Release 12.0 Network Protocols Configuration Guide, Part 1 and Cisco IOS Release 12.0 Network Protocols Command Reference, Part 1, for information about configuring the routing protocol on your network.
Verifying Default Passive Interfaces
To verify that interfaces on your network have been set to passive, you could enter a network monitoring command such as show ip ospf interface, or you could verify the interfaces you enabled as active using a command such as show ip interface.
The following is an example of verifying passive interfaces in an OSPF network:
•
Router(config)# show ip ospf interfaceEthernet0 is up, line protocol is upInternet Address 171.69.232.70/28, Area 4Process ID 100, Router ID 171.69.232.70, Network Type BROADCAST, Cost: 10Transmit Delay is 1 sec, State DR, Priority 1Designated Router (ID) 171.69.232.70, Interface address 171.69.232.70No backup designated router on this networkTimer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5No Hellos (Passive interface)Neighbor Count is 0, Adjacent neighbor count is 0Suppress hello for 0 neighbor(s)Serial0 is up, line protocol is upInternet Address 172.24.101.14/30, Area 4Process ID 100, Router ID 171.69.232.70, Network Type POINT_TO_POINT, Cost: 64Transmit Delay is 1 sec, State POINT_TO_POINT,Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5Hello due in 00:00:07Neighbor Count is 1, Adjacent neighbor count is 1Adjacent with neighbor 172.24.101.15Suppress hello for 0 neighbor(s)TokenRing0 is up, line protocol is upInternet Address 140.10.10.4/24, Area 0Process ID 100, Router ID 171.69.232.70, Network Type BROADCAST, Cost: 6Transmit Delay is 1 sec, State DR, Priority 1Designated Router (ID) 171.69.232.70, Interface address 140.10.10.4No backup designated router on this networkTimer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5No Hellos (Passive interface)Neighbor Count is 0, Adjacent neighbor count is 0Suppress hello for 0 neighbor(s)This is just one example of how to verify status of your network interfaces. Refer to the Cisco IOS Release 12.0 Network Protocols Configuration Guide, Part 1 and Cisco IOS Release 12.0 Network Protocols Command Reference, Part 1, for more information about monitoring your network interfaces.
Configuration Example
The following example configures the network interfaces, sets all interfaces running OSPF as passive, then enables the serial 0 interface:
interface Ethernet0ip address 172.19.64.38 255.255.255.0 secondaryip address 171.69.232.70 255.255.255.240no ip directed-broadcast!interface Serial0ip address 172.24.101.14 255.255.255.252no ip directed-broadcastno ip mroute-cache!interface TokenRing0ip address 140.10.10.4 255.255.255.0no ip directed-broadcastno ip mroute-cachering-speed 16!router ospf 100passive-interface defaultno passive-interface Serial0network 140.10.10.0 0.0.0.255 area 0network 171.69.232.0 0.0.0.255 area 4network 172.24.101.0 0.0.0.255 area 4!Command Reference
This section documents the modified passive-interface command. All other commands used with this feature are documented in the Cisco IOS Release 12.0 command reference publications.
passive-interface
To disable sending routing updates on an interface, use the passive-interface router configuration command. To reenable the sending of routing updates, use the no form of this command.
passive-interface [default] {interface-type number}
no passive-interface interface-type numberSyntax Description
interface-type
Interface type.
number
Interface number.
default
(Optional) All interfaces become passive.
Defaults
Routing updates are sent on the interface.
Command Modes
Router configuration
Command History
Usage Guidelines
If you disable the sending of routing updates on an interface, the particular subnet will continue to be advertised to other interfaces, and updates from other routers on that interface continue to be received and processed.
For OSPF, OSPF routing information is neither sent nor received through the specified router interface. The specified interface address appears as a stub network in the OSPF domain.
The default keyword sets all interfaces as passive by default. You can then configure individual interfaces where adjacencies are desired using the no passive-interface command. The default keyword is useful in Internet service provider and large enterprise networks where many of the distribution routers have more than 200 interfaces.
For IS-IS, this command instructs IS-IS to advertise the IP addresses for the specified interface without actually running IS-IS on that interface. The no form of this command for IS-IS disables advertising IP addresses for the specified address. For IS-IS you must keep at least one active interface and configure the interface with the ip router isis command.
Enhanced IGRP is disabled on an interface that is configured as passive although it advertises the route.
Examples
The following example sends IGRP updates to all interfaces on network 131.108.0.0 except Ethernet interface 1:
router igrp 109network 131.108.0.0passive-interface ethernet 1The following example enables IS-IS on interfaces Ethernet 1 and serial 0 and advertises the IP addresses of Ethernet 0 in its Link State PDUs:
router isis Financepassive-interface Ethernet 0interface Ethernet 1ip router isis Financeinterface serial 0ip router isis FinanceThe following example sets all interfaces as passive then activates the Ethernet 0 interface:
router ospf 100passive-interface defaultno passive-interface ethernet0network 131.108.0.1 0.0.0.255 area 0
