cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1892
Views
10
Helpful
4
Replies

OSPF and HSRP on Layer 3 Switch

kirk.brookover
Level 1
Level 1

When using Wireshark to sniff traffic on the LAN we see OSPF and HSRP advertisements on port terminating client machines.  Is there a method for preventing the swich from flooding the keepalives/advertisments out all ports?

1 Accepted Solution

Accepted Solutions

Ganesh Hariharan
VIP Alumni
VIP Alumni
When using Wireshark to sniff traffic on the LAN we see OSPF and HSRP
advertisements on port terminating client machines.  Is there a method
for preventing the swich from flooding the keepalives/advertisments out
all ports?

Hi,

Genrally  with multicast traffic you can turn on IGMP snooping on your switch and this will stop multicast being sent to all ports.But with HSRP and OSPF IGMP snooping wont work.

Some switches do have comamnds to block multicast on ports,Check out the below link for multicast blocking on individual ports on switch.

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a008081dfa8.html#wp1087814

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

View solution in original post

4 Replies 4

glen.grant
VIP Alumni
VIP Alumni

    To eliminate the ospf  advertisements under the ospf process , enter " passive interface default" .  You then "no passive interface " the ports that go to other  ospf  links to other routers or layer 3 switches .  Obviously this should be done under a change window as possible disruption could occur.  I'm not sure there is any way to block the hsrp stuff as it is a multicast  which gets passed to all ports in the same vlan .

Hitesh Vinzoda
Level 4
Level 4

Hi,

The addresses used by HSRP and OSPF are link local multicast addresses so they are flooded out the link

224.0.0.5 all OSPF speaking router

224.0.0.2 all routers on the segment

These is the normal operation of link local multicast addresses, used to find out any OSPF speaking router on that segment or HSRP router...

Passive interface on a switch with make the interfaces not to participate in OSPF, but if you have another switch connected on the port where you dont have passive interface enabled just to advertise that interface in OSPF, the downstream switch connected with hosts still receive the OSPF hellos

IMO its better not to filter out these messages as they are meant for routers (224.0.0.2/224.0.0.5)

HTH

Hitesh Vinzoda

Pls rate useful posts

Ganesh Hariharan
VIP Alumni
VIP Alumni
When using Wireshark to sniff traffic on the LAN we see OSPF and HSRP
advertisements on port terminating client machines.  Is there a method
for preventing the swich from flooding the keepalives/advertisments out
all ports?

Hi,

Genrally  with multicast traffic you can turn on IGMP snooping on your switch and this will stop multicast being sent to all ports.But with HSRP and OSPF IGMP snooping wont work.

Some switches do have comamnds to block multicast on ports,Check out the below link for multicast blocking on individual ports on switch.

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a008081dfa8.html#wp1087814

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

kirk.brookover
Level 1
Level 1

Thank you all for the help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: