Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1611
Views
5
Helpful
9
Replies

passive-interface command

Go to solution
sarahr202
Level 5
Level 5

‎03-24-2009 08:55 PM - edited ‎03-06-2019 04:47 AM

Hi every body!

I just want to confirm one thing.

Does passive-interface tell the router not to send any routing protocol related packets on the specified interface or it also tell the router ignore the received routing protocol related packets on the interface?

Thanks a lot!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mohamad Qayoom
Level 3
Level 3
In response to sarahr202

‎03-24-2009 09:50 PM

Here is what Cisco has to say:

With most routing protocols, the passive-interface command restricts outgoing advertisements only. However, when used with Enhanced Interior Gateway Routing Protocol (EIGRP), the effect is slightly different. The use of the passive-interface command in EIGRP suppresses the exchange of hello packets between two routers, which results in the loss of their neighbor relationship. This stops not only routing updates from being advertised, but it also suppresses incoming routing updates.

Thanks,

Mohamad

View solution in original post

0 Helpful
9 Replies 9

Go to solution
sarahr202
Level 5
Level 5

‎03-24-2009 09:30 PM

I found out passive-int command only stops the routing protocols packets such as update, hell0 etc from being transmitted on the interface configured with passive-int command.

Thanks a lot !

Go to solution
Mohamad Qayoom
Level 3
Level 3
In response to sarahr202

‎03-24-2009 09:50 PM

Here is what Cisco has to say:

With most routing protocols, the passive-interface command restricts outgoing advertisements only. However, when used with Enhanced Interior Gateway Routing Protocol (EIGRP), the effect is slightly different. The use of the passive-interface command in EIGRP suppresses the exchange of hello packets between two routers, which results in the loss of their neighbor relationship. This stops not only routing updates from being advertised, but it also suppresses incoming routing updates.

Thanks,

Mohamad

0 Helpful

Go to solution
viyuan700
Level 5
Level 5

‎03-24-2009 09:53 PM

in RIP and EIGRP

router dont send routing updates but receive and process routing updates with passive interface

in OSPF & IS-IS

routing information is neither sent nor received through passive interface

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to viyuan700

‎03-25-2009 02:20 AM

Hello Vivuyan,

EIGRP has a neighbor state machine so I think only RIP is able to accept routing updates on a passive-interface.

EIGRP, OSPF, and IS-IS have the neighbor-state machine concept : updates are exchanged in a controlled way only after a certain state is reached that implies two way communication (like the OSPF state called in the same way)

Hope to help

Giuseppe

0 Helpful

Go to solution
viyuan700
Level 5
Level 5
In response to Giuseppe Larosa

‎03-25-2009 06:50 AM

Hi Giuseppe ,

Thanks for pointing out.

I have to keep in mind that few things are specific to IOS what i said is true for IOS XR but not for IOS.

"Use the passive-interface command to disable the sending of routing updates on an interface. The particular subnet continues to advertise to other interfaces, and updates from other routers on that interface continue to be received and processed."

http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.7/routing/command/reference/rr37egp.html#wp1024986

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to viyuan700

‎03-25-2009 07:49 AM

Hello Viyaun,

yes IOS XR is different in this or this document is not correct.

Edit:

I mean in theory the right behaviour is that of IOS.

Hope to help

Giuseppe

0 Helpful

Go to solution
viyuan700
Level 5
Level 5
In response to Giuseppe Larosa

‎03-25-2009 08:52 AM

Hi Giuseppe,

IGRP was working the way RIP works for passive interface.

Maybe cisco have seen some advantage of changing with EIGRP like OSPF etc.

With distribute list you can stop send routing updates but EIGRP can form neighbor adjacencies. A behavior like RIP, IGRP.

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml

I have no intension of arguing as you certainly have more knowledge on these topics.:)

0 Helpful

Go to solution
badalam_nt
Level 1
Level 1
In response to Giuseppe Larosa

‎03-25-2009 07:50 AM

From what I know, no matter what routing protocol is used, the router accepts the incoming routing protocol specific packets. It only does not transmit anymore on that interface routing protocol specific packets.

But because EIGRP, OSPF and IS-IS first have to establish neighbourship through the Hello packets, this phase will fail, as the neighbour routers will not receive from this router the Hello packets, so no routing updates will be sent to this router anymore.

In other words it is not that the router does not listen anymore to routing updates on that passive-interface updates, it is because the router does not get anymore the routing updates on that interface in case of EIGRP, OSPF and IS-IS.

Giuseppe could confirm/deny if my understanding is correct.

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to badalam_nt

‎03-25-2009 08:00 AM

Hello Petru,

my understanding confirmed on tests on OSPF and IS-IS is what you say:

on the link other routers can form neighborships and exchange updates using well known multicast addresses.

So the router with the passive interface could listen to the multicast messages but cannot send acknowledgments for example and the others are not aware of its presence on the link.

So the update can be received but shouldn't be processed not coming from a valid neighbor (I'm sure of this for OSPF and IS-IS)

Hope to help

Giuseppe

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card