Regarding usage of passive-interface default

Answered Question
Dec 16th, 2008

Dear friends,

I am running OSPF on Ten Gig interfaces between Core and Distribution switches.

I want Distribution 1 and Distribution 2 switch (redundant switches) to not be OSPF adjancent.

I wanted to know that if i apply the following commands, will it be ok.

router ospf 10

no passive-interface t2/3

no passive-interface t3/3

passive-interface default

T2/3 and T3/3 are Core-1 and Core-2 connecting interfaces. Will applying the command passive-interface default override the previous 2 "no passive-interface commands" or no??

Just wanted to double check this part.

Thanks a lot

Gautam

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 11 months ago

Gautam

Yes this should be fine. You can verify the interface settings once you have added this config -

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t2/feature/guide/defint.html#wp10202

Edit - apologies i completely misread the question. Rick is correct - the passive-interface default will not override the previous no passive-interface commands. It will just make all other interfaces than t2/3 & t3/3 passive.

Jon

Correct Answer by Giuseppe Larosa about 7 years 11 months ago

hello Gautam,

you still need to add the network area commands for the interfaces of interest.

2) if the default becomes passive-interface you need no passive-interface for interfaces where you want OSPF hellos to be sent out so the more specific command applies:

no passive for interfaces t2/3 and t3/3 passive for all the other ones whose IP subnets match a network area command

Hope to help

Giuseppe

Correct Answer by Richard Burts about 7 years 11 months ago

Gautam

No the passive interface default will not override the the no passive-interface commands. It makes the default behavior to become passive. But any interface configured with no passive-interface will become active.

HTH

Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Richard Burts Tue, 12/16/2008 - 12:40

Gautam

No the passive interface default will not override the the no passive-interface commands. It makes the default behavior to become passive. But any interface configured with no passive-interface will become active.

HTH

Rick

Correct Answer
Giuseppe Larosa Tue, 12/16/2008 - 12:42

hello Gautam,

you still need to add the network area commands for the interfaces of interest.

2) if the default becomes passive-interface you need no passive-interface for interfaces where you want OSPF hellos to be sent out so the more specific command applies:

no passive for interfaces t2/3 and t3/3 passive for all the other ones whose IP subnets match a network area command

Hope to help

Giuseppe

Correct Answer
Jon Marshall Tue, 12/16/2008 - 12:43

Gautam

Yes this should be fine. You can verify the interface settings once you have added this config -

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t2/feature/guide/defint.html#wp10202

Edit - apologies i completely misread the question. Rick is correct - the passive-interface default will not override the previous no passive-interface commands. It will just make all other interfaces than t2/3 & t3/3 passive.

Jon

Chalermchai D H... Mon, 05/07/2012 - 10:45

This not true.  If you add passive interface default, it will wipe out other 'no passive-interface ' commands.. at least in 12.2(33)SXI5 and 12.4(15)T8.

r2#show run | be router ospf

router ospf 1

log-adjacency-changes

passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!

r2#

r2#conf

r2#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

r2(config)#router ospf 1

r2(config-router)#pass

r2(config-router)#passive-interface default

r2(config-router)#end

r2#show run | be

00:01:46: %SYS-5-CONFIG_I: Configured from console by console

r2#show run | be router ospf

router ospf 1

log-adjacency-changes

passive-interface default

network 2.2.2.2 0.0.0.0 area 0

network 10.1.12.0 0.0.0.255 area 0

network 10.1.23.0 0.0.0.255 area 0

!

r2#sh ver

Cisco IOS Software, Solaris Software (UNIX-P-M), Version 12.2(33)SXI5, DEVELOPMENT TEST SOFTWARE

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2011 by Cisco Systems, Inc.

Compiled Thu 03-Feb-11 08:47 by prod_rel_team

r3#show run | section router ospf

router ospf 1

log-adjacency-changes

passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

network 3.3.3.3 0.0.0.0 area 0

network 10.1.23.0 0.0.0.255 area 0

network 10.1.34.0 0.0.0.255 area 0

r3#

r3#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

r3(config)#router ospf 1

r3(config-router)#pass

r3(config-router)#passive-interface default

r3(config-router)#do show run | sec router ospf

router ospf 1

log-adjacency-changes

passive-interface default

network 3.3.3.3 0.0.0.0 area 0

network 10.1.23.0 0.0.0.255 area 0

network 10.1.34.0 0.0.0.255 area 0

r3(config-router)#do sh ver

Cisco IOS Software, Solaris Software (UNIX-P-M), Version 12.4(15)T8, DEVELOPMENT TEST SOFTWARE

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2008 by Cisco Systems, Inc.

Compiled Wed 03-Dec-08 14:46 by prod_rel_team

Joseph W. Doherty Mon, 05/07/2012 - 17:51

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Just wanted to also confirm Chalermchai's post, i.e. sequence of these commands can matter.

On some version of 6500 IOS, I've found OSPF's passive-interface or no passive-interface only take if they are contrary to the current default setting.

e.g.

router ospf 1

passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

or

router ospf 1

no passive-interface default

passive-interface Ethernet0/0

passive-interface Ethernet1/0

are okay but

router ospf 1

!already no passive-interface default

no passive-interface Ethernet0/0

no passive-interface Ethernet1/0

passive-interface default

or

router ospf 1

!already passive-interface default

passive-interface Ethernet0/0

passive-interface Ethernet1/0

no passive-interface default

were not okay.

Richard Burts Tue, 05/08/2012 - 06:30

This is certainly an interesting and unexpected behavior. As I think about it I would certainly agree with Joseph's point that sometimes the order of commands can affect how things work. And in a sense it is logical that if you have an existing configuration and you change the default behavior of the routing protocol (from default not passive to default passive) that it might reset the existing config to conform to the new default behavior.

I wonder if this represents a change in behavior introduced at some release? I thought that I remembered having configured a routing protocol, added the passive-interface default and not having impacted the existing config.

HTH

Rick

Actions

This Discussion