Solved: Re: OSPF Question

lamav · ‎09-27-2008

What is the function and purpose of configuring OSPF characteristics under 2 vlan interface in an HSRP set up (OSPF timers, MD5 mssage digest key, etc), but not allowing the vlan interfaces to establish an adjacency with each other? The vlan interfaces are not exchanging Hellos -- passive interfaces.

See config:

ROUTER 1:

!

interface Vlan523

ip address 19.82.110.130 255.255.255.192

ip access-group Virus_LAN_PIM in

ip helper-address 19.91.56.19

no ip redirects

ip pim sparse-dense-mode

ip cgmp

ip ospf message-digest-key 1 md5 0 december96

ip ospf hello-interval 5

ip ospf dead-interval 15

logging event link-status

load-interval 30

arp timeout 300

standby 100 ip 19.82.110.129

standby 100 timers 1 3

standby 100 priority 115

standby 100 preempt delay minimum 15

standby 100 track Serial2/0/0:0 20

service-policy input EdgeMark2

no shutdown

!

router ospf 521

log-adjacency-changes

auto-cost reference-bandwidth 10000

area 200 authentication message-digest

area 200 nssa no-summary

passive-interface default

no passive-interface Serial2/0/0:0

no passive-interface Port-channel37

network 19.82.110.130 0.0.0.0 area 200

==================================================================================

ROUTER 2:

!

interface Vlan523

ip address 19.82.110.131 255.255.255.192

ip access-group Virus_LAN_PIM in

ip helper-address 19.91.56.19

no ip redirects

ip pim sparse-dense-mode

ip cgmp

ip ospf message-digest-key 1 md5 0 december96

ip ospf hello-interval 5

ip ospf dead-interval 15

logging event link-status

load-interval 30

arp timeout 300

standby 100 ip 19.82.110.129

standby 100 timers 1 3

standby 100 priority 115

standby 100 preempt delay minimum 15

standby 100 track Serial2/0/0:0 20

service-policy input EdgeMark2

no shutdown

!

router ospf 521

log-adjacency-changes

auto-cost reference-bandwidth 10000

area 200 authentication message-digest

area 200 nssa no-summary

passive-interface default

no passive-interface Serial2/0/0:0

no passive-interface Port-channel37

network 19.82.110.131 0.0.0.0 area 200

There are NO OSPF adjacencies established between the vlan interfaces on both routers. The interfaces are 'passived-out.' So why all the OSPF interface-level configs on the vlan interfaces?

Thanks

Richard Burts · ‎09-27-2008

Victor

You are correct that with the VLAN interfaces being set passive that configuring the OSPF parameters on the interface is not changing any behaviors. Without knowing a bit more about the environment it is hard to say for sure. But my guess is that there is a standard interface config for this environment, that the standard config uses these parameters, and that the VLAN interfaces were configured with them to conform to the standard.

I would also note that it may be wise to configure the VLAN interfaces with these parameters, especially if I am correct and this represents some standard in configuration. Today the interface is passive. But what if at some future time someone makes them non-passive? Would they remember at that time to add the standard parameters to the interface?

HTH

Ric

HTH

Rick

View solution in original post

Richard Burts · ‎09-27-2008

Victor

You are correct that with the VLAN interfaces being set passive that configuring the OSPF parameters on the interface is not changing any behaviors. Without knowing a bit more about the environment it is hard to say for sure. But my guess is that there is a standard interface config for this environment, that the standard config uses these parameters, and that the VLAN interfaces were configured with them to conform to the standard.

I would also note that it may be wise to configure the VLAN interfaces with these parameters, especially if I am correct and this represents some standard in configuration. Today the interface is passive. But what if at some future time someone makes them non-passive? Would they remember at that time to add the standard parameters to the interface?

HTH

Ric

HTH

Rick

lamav · ‎09-27-2008

Hey, Rick:

How you doin', bud?

Yes, I agree with your assessment.

I just posted this question to do a sanity check on my thinking. Was ondering if I was issing something....

The operations prsonnel at this client use a configuration tool that automatically generates a script when certain infomation is inputted into. So, I imagine tht they just allow this configuration to remain on the vlan interfaces for uniformity's sake and for future use, perhaps.

Thanks for the info.

Victor

Richard Burts · ‎09-28-2008

Victor

Sanity checks are a good thing :)

I am glad that you agree that my theory seems to fit the situation at this client. Thanks for the rating.

HTH

Rick

HTH

Rick