|
|
In Internet service provider (ISP) and large enterprise networks, many of the distribution routers have more than 200 interfaces. Before the Default Passive Interface feature, there were two possibilities for obtaining routing information from these interfaces:
Network managers may not always be able summarize type-5 link-state advertisements (LSAs) at the router level where redistribution occurs, as in the first possibility. Thus, a large number of type-5 LSAs can be flooded over the domain.
In the second possibility, large type-1 link-state LSAs might be flooded into the area. The area border router (ABR) creates type-3 LSAs, one for each type-1 LSAs, and floods them to the backbone. It is possible, however, to have unique summarization at the ABR level, which will inject just one summary route into the backbone, thereby reducing processing overhead.
The solution to this problem has been to configure the routing protocol on all interfaces and manually set the passive-interface command on the interfaces where adjacency was not desired. In some networks, this meant coding 200 or more passive interface statements. With the Default Passive Interface feature, this problem is solved by allowing all interfaces to be set as passive by default using a single passive-interface default command, then configuring individual interfaces where adjacencies are desired using the no passive-interface command.
The Default Passive Interface feature simplifies the configuration of distribution routers and allows the network manager to obtain routing information from the interfaces in large ISP and enterprise networks.
There are no known restrictions. This feature works for all routing protocols that support the passive-interface command, and has been tested with all supported Cisco routing protocols.
This feature has been tested and found to work on all Cisco router platforms and media that support Cisco IOS Release 12.0.
None
For descriptions of supported MIBs and how to use MIBs, see the Cisco MIB web site on CCO at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
None
Perform the following tasks to configure the Default Passive Interface feature:
These tasks are described in the following sections:
In the following tasks, refer to the Cisco IOS Release 12.0 Network Protocols Configuration Guide, Part 1 and Cisco IOS Release 12.0 Network Protocols Command Reference, Part 1, for information about configuring the routing protocol on your network.
| Step | Command | Purpose | ||
|---|---|---|---|---|
| Router(config)# router protocol | Configures the routing protocol on the network. | ||
| Router(config-router)# passive-interface default | Sets all interfaces as passive by default. | ||
| Router(config-router)# no passive-interface interface-type | Activates only those interfaces that need to have adjacencies set. | ||
| Router(config-router)# network network-address [options] | Specifies the list of networks for the routing process. The network-address is an IP address written in dotted decimal notation - 172.24.101.14, for example. |
To verify that interfaces on your network have been set to passive, you could enter a network monitoring command such as show ip ospf interface, or you could verify the interfaces you enabled as active using a command such as show ip interface.
The following is an example of verifying passive interfaces in an OSPF network:
Router(config)# show ip ospf interface
Ethernet0 is up, line protocol is up Internet Address 171.69.232.70/28, Area 4 Process ID 100, Router ID 171.69.232.70, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 171.69.232.70, Interface address 171.69.232.70 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 No Hellos (Passive interface) Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial0 is up, line protocol is up Internet Address 172.24.101.14/30, Area 4 Process ID 100, Router ID 171.69.232.70, Network Type POINT_TO_POINT, Cost: 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 172.24.101.15 Suppress hello for 0 neighbor(s) TokenRing0 is up, line protocol is up Internet Address 140.10.10.4/24, Area 0 Process ID 100, Router ID 171.69.232.70, Network Type BROADCAST, Cost: 6 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 171.69.232.70, Interface address 140.10.10.4 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 No Hellos (Passive interface) Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s)
The following example configures the network interfaces, sets all interfaces running OSPF as passive, then enables the serial 0 interface:
interface Ethernet0 ip address 172.19.64.38 255.255.255.0 secondary ip address 171.69.232.70 255.255.255.240 no ip directed-broadcast ! interface Serial0 ip address 172.24.101.14 255.255.255.252 no ip directed-broadcast no ip mroute-cache ! interface TokenRing0 ip address 140.10.10.4 255.255.255.0 no ip directed-broadcast no ip mroute-cache ring-speed 16 ! router ospf 100 passive-interface default no passive-interface Serial0 network 140.10.10.0 0.0.0.255 area 0 network 171.69.232.0 0.0.0.255 area 4 network 172.24.101.0 0.0.0.255 area 4 !
This section documents the modified passive-interface command. All other commands used with this feature are documented in the Cisco IOS Release 12.0 command reference publications.
To disable sending routing updates on an interface, use the passive-interface router configuration command. To reenable the sending of routing updates, use the no form of this command.
passive-interface [default] {interface-type number}
interface-type | Interface type. |
number | Interface number. |
default | (Optional) All interfaces become passive. |
Routing updates are sent on the interface.
Router configuration
| Release | Modification |
|---|---|
10.0 | This command was first introduced. |
12.0 | The default keyword was added. |
If you disable the sending of routing updates on an interface, the particular subnet will continue to be advertised to other interfaces, and updates from other routers on that interface continue to be received and processed.
For OSPF, OSPF routing information is neither sent nor received through the specified router interface. The specified interface address appears as a stub network in the OSPF domain.
The default keyword sets all interfaces as passive by default. You can then configure individual interfaces where adjacencies are desired using the no passive-interface command. The default keyword is useful in Internet service provider and large enterprise networks where many of the distribution routers have more than 200 interfaces.
For IS-IS, this command instructs IS-IS to advertise the IP addresses for the specified interface without actually running IS-IS on that interface. The no form of this command for IS-IS disables advertising IP addresses for the specified address.
Enhanced IGRP is disabled on an interface that is configured as passive although it advertises the route.
The following example sends IGRP updates to all interfaces on network 131.108.0.0 except Ethernet interface 1:
router igrp 109 network 131.108.0.0 passive-interface ethernet 1
The following example enables IS-IS on interfaces Ethernet 1 and serial 0 and advertises the IP addresses of Ethernet 0 in its Link State PDUs:
router isis Finance passive-interface Ethernet 0 interface Ethernet 1 ip router isis Finance interface serial 0 ip router isis Finance
The following example sets all interfaces as passive then activates the Ethernet 0 interface:
router ospf 100 passive-interface default no passive-interface ethernet0 network 131.108.0.1 0.0.0.255 area 0
Posted: Tue Dec 21 15:51:59 PST 1999
Copyright 1989-1999©Cisco Systems Inc.