Cisco Systems 3560-X, 3750-X Setting Passive Interfaces, Controlling Advertising and Processing in Routing Updates

42-101

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-21521-01

Chapter 42 Configuring IP Unicast Routing Configuring Protocol-Independent Features

Note When routes are redistributed between OSPF processes, no OSPF metrics are preserved.

Setting Passive Interfaces

To prevent other routers on a local network from dynamically learning about routes, you can use the

passive-interface router configuration command to keep routing update messages from being sent

through a router interface. When you use this command in the OSPF protocol, the interface address you

specify as passive appears as a stub network in the OSPF domain. OSPF routing information is neither

sent nor received through the specified router interface.

In networks with many interfaces, to avoid having to manually set them as passive, you can set all

interfaces to be passive by default by using the passive-interface default router configuration command

and manually setting interfaces where adjacencies are desired.

Beginning in privileged EXEC mode, follow these steps to configure passive interfaces:

Use a network monitoring privileged EXEC command such as show ip ospf interface to verify the

interfaces that you enabled as passive, or use the show ip interface privileged EXEC command to verify

the interfaces that you enabled as active.

To re-enable the sending of routing updates, use the no passive-interface interface-id router

configuration command. The default keyword sets all interfaces as passive by default. You can then

configure individual interfaces where you want adjacencies by using the no passive-interface router

configuration command. The default keyword is useful in Internet service provider and large enterprise

networks where many of the distribution routers have more than 200 interfaces.

Controlling Advertising and Processing in Routing Updates

You can use the distribute-list router configuration command with access control lists to suppress routes

from being advertised in routing updates and to prevent other routers from learning one or more routes.

When used in OSPF, this feature applies to only external routes, and you cannot specify an interface

name.

You can also use a distribute-list router configuration command to avoid processing certain routes listed

in incoming updates. (This feature does not apply to OSPF.)

Command Purpose

Step 1 configure terminal Enter global configuration mode.

Step 2 router {bgp | rip | ospf | eigrp}Enter router configuration mode.

Step 3 passive-interface interface-id Suppress sending routing updates through the specified Layer 3

interface.

Step 4 passive-interface default (Optional) Set all interfaces as passive by default.

Step 5 no passive-interface interface type (Optional) Activate only those interfaces that need to have

adjacencies sent.

Step 6 network network-address (Optional) Specify the list of networks for the routing process. The

network-address is an IP address.

Step 7 end Return to privileged EXEC mode.

Step 8 copy running-config startup-config (Optional) Save your entries in the configuration file.