Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Best Eigrp practice question

Hi,

Which practice is most prevalently used and ideal for setting up eigrp routing?

1. make all vlan's and interfaces passive, then allow each to be enabled and add a network statement to reflect the ip details on the vlan or interface

e.g

router eigrp 100

passive-interface default

no passive-interface vlan 25

no passive-interface gigabitethernet 1/4

network 10.55.10.0 0.0.0.3

network 10.55.25.0 0.0.0.255

no auto-summary

exit

2) Or is it better to do a passive-interface for all vlan's and interfaces and allow each interface by disabling the passive-interface and then have a network statement that has allow all e.g.

router eigrp 100

passive-interface default

no passive-interface vlan 25

no passive-interface gigabitethernet 1/4

network 10.0.0.0 0.255.255.255

no auto-summary

exit

Please can you explain the merits and disadvantages of each method?

Thanks

Dan

1 REPLY
Hall of Fame Super Bronze

Re: Best Eigrp practice question

Both options provide the 'passive-interface default' which is considered Best Practice while the first option provides a more granular control on the advertised subnets into EIGRP.

On the 2nd option, you are automatically advertising any local link within the 10.0.0.0/8 subnet into EIGRP.

In some networks, this can be flagged as a network security issue.

HTH,

__

Edison.

132
Views
0
Helpful
1
Replies
CreatePlease to create content