Regarding usage of passive-interface default

Answered Question
Dec 16th, 2008
User Badges:

Dear friends,


I am running OSPF on Ten Gig interfaces between Core and Distribution switches.

I want Distribution 1 and Distribution 2 switch (redundant switches) to not be OSPF adjancent.


I wanted to know that if i apply the following commands, will it be ok.


router ospf 10

no passive-interface t2/3

no passive-interface t3/3

passive-interface default


T2/3 and T3/3 are Core-1 and Core-2 connecting interfaces. Will applying the command passive-interface default override the previous 2 "no passive-interface commands" or no??


Just wanted to double check this part.


Thanks a lot

Gautam


Correct Answer by Jon Marshall about 8 years 4 months ago

Gautam


Yes this should be fine. You can verify the interface settings once you have added this config -


http://www.cisco.com/en/US/docs/ios/12_0t/12_0t2/feature/guide/defint.html#wp10202


Edit - apologies i completely misread the question. Rick is correct - the passive-interface default will not override the previous no passive-interface commands. It will just make all other interfaces than t2/3 & t3/3 passive.


Jon

Correct Answer by Giuseppe Larosa about 8 years 4 months ago

hello Gautam,

you still need to add the network area commands for the interfaces of interest.


2) if the default becomes passive-interface you need no passive-interface for interfaces where you want OSPF hellos to be sent out so the more specific command applies:

no passive for interfaces t2/3 and t3/3 passive for all the other ones whose IP subnets match a network area command


Hope to help

Giuseppe


Correct Answer by Richard Burts about 8 years 4 months ago

Gautam


No the passive interface default will not override the the no passive-interface commands. It makes the default behavior to become passive. But any interface configured with no passive-interface will become active.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Richard Burts Tue, 12/16/2008 - 12:40
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Gautam


No the passive interface default will not override the the no passive-interface commands. It makes the default behavior to become passive. But any interface configured with no passive-interface will become active.


HTH


Rick

Correct Answer
Giuseppe Larosa Tue, 12/16/2008 - 12:42
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

hello Gautam,

you still need to add the network area commands for the interfaces of interest.


2) if the default becomes passive-interface you need no passive-interface for interfaces where you want OSPF hellos to be sent out so the more specific command applies:

no passive for interfaces t2/3 and t3/3 passive for all the other ones whose IP subnets match a network area command


Hope to help

Giuseppe


Correct Answer
Jon Marshall Tue, 12/16/2008 - 12:43
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Gautam


Yes this should be fine. You can verify the interface settings once you have added this config -


http://www.cisco.com/en/US/docs/ios/12_0t/12_0t2/feature/guide/defint.html#wp10202


Edit - apologies i completely misread the question. Rick is correct - the passive-interface default will not override the previous no passive-interface commands. It will just make all other interfaces than t2/3 & t3/3 passive.


Jon

Chalermchai D H... Mon, 05/07/2012 - 10:45
User Badges:
  • Cisco Employee,

This not true.  If you add passive interface default, it will wipe out other 'no passive-interface ' commands.. at least in 12.2(33)SXI5 and 12.4(15)T8.


r2#show run | be router ospf

router ospf 1

log-adjacency-changes

passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!



r2#

r2#conf

r2#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

r2(config)#router ospf 1

r2(config-router)#pass

r2(config-router)#passive-interface default

r2(config-router)#end

r2#show run | be

00:01:46: %SYS-5-CONFIG_I: Configured from console by console

r2#show run | be router ospf

router ospf 1

log-adjacency-changes

passive-interface default

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!

r2#sh ver

Cisco IOS Software, Solaris Software (UNIX-P-M), Version 12.2(33)SXI5, DEVELOPMENT TEST SOFTWARE

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2011 by Cisco Systems, Inc.

Compiled Thu 03-Feb-11 08:47 by prod_rel_team



r3#show run | section router ospf

router ospf 1

log-adjacency-changes

passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

network 3.3.3.3 0.0.0.0 area 0

network 10.1.23.0 0.0.0.255 area 0

network 10.1.34.0 0.0.0.255 area 0

r3#

r3#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

r3(config)#router ospf 1

r3(config-router)#pass

r3(config-router)#passive-interface default

r3(config-router)#do show run | sec router ospf

router ospf 1

log-adjacency-changes

passive-interface default

network 3.3.3.3 0.0.0.0 area 0

network 10.1.23.0 0.0.0.255 area 0

network 10.1.34.0 0.0.0.255 area 0

r3(config-router)#do sh ver

Cisco IOS Software, Solaris Software (UNIX-P-M), Version 12.4(15)T8, DEVELOPMENT TEST SOFTWARE

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2008 by Cisco Systems, Inc.

Compiled Wed 03-Dec-08 14:46 by prod_rel_team

Joseph W. Doherty Mon, 05/07/2012 - 17:51
User Badges:
  • Super Bronze, 10000 points or more

Disclaimer


The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.


Liability Disclaimer


In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.


Posting


Just wanted to also confirm Chalermchai's post, i.e. sequence of these commands can matter.


On some version of 6500 IOS, I've found OSPF's passive-interface or no passive-interface only take if they are contrary to the current default setting.


e.g.


router ospf 1

passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0


or


router ospf 1

no passive-interface default

passive-interface Ethernet0/0

passive-interface Ethernet1/0


are okay but


router ospf 1

!already no passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

passive-interface default


or


router ospf 1

!already passive-interface default

passive-interface Ethernet0/0

passive-interface Ethernet1/0

no passive-interface default


were not okay.

Richard Burts Tue, 05/08/2012 - 06:30
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

This is certainly an interesting and unexpected behavior. As I think about it I would certainly agree with Joseph's point that sometimes the order of commands can affect how things work. And in a sense it is logical that if you have an existing configuration and you change the default behavior of the routing protocol (from default not passive to default passive) that it might reset the existing config to conform to the new default behavior.


I wonder if this represents a change in behavior introduced at some release? I thought that I remembered having configured a routing protocol, added the passive-interface default and not having impacted the existing config.


HTH


Rick

Actions

This Discussion