Configuring Default Passive Interfaces

Configuring IP Routing Protocol-Independent Features

Filtering Routing Information

In Internet service provider (ISP) and large enterprise networks, many of the distribution routers have more than 200 interfaces. Before the introduction of the Default Passive Interface feature, there were two possibilities for obtaining routing information from these interfaces:

•Configure a routing protocol such as OSPF on the backbone interfaces and redistribute connected interfaces.

•Configure the routing protocol on all interfaces and manually set most of them as passive.

Network managers may not always be able to summarize type 5 link-state advertisements (LSAs) at the router level where redistribution occurs, as in the first possibility. Thus, a large number of type 5 LSAs can be flooded over the domain.

In the second possibility, large type 1 LSAs might be flooded into the area. The Area Border Router (ABR) creates type 3 LSAs, one for each type 1 LSA, and floods them to the backbone. It is possible, however, to have unique summarization at the ABR level, which will inject only one summary route into the backbone, thereby reducing processing overhead.

The prior solution to this problem was to configure the routing protocol on all interfaces and manually set the passive-interfacerouter configuration command on the interfaces where adjacency was not desired. But in some networks, this solution meant coding 200 or more passive interface statements. With the Default Passive Interface feature, this problem is solved by allowing all interfaces to be set as passive by default using a single passive-interface default command, then configuring individual interfaces where adjacencies are desired using the no passive-interfacecommand.

Thus, the Default Passive Interface feature simplifies the configuration of distribution routers and allows the network manager to obtain routing information from the interfaces in large ISP and enterprise networks.

To set all interfaces as passive by default and then activate only those interfaces that need to have adjacencies set, use the following commands beginning in global configuration mode:

	Command		Purpose
Step 1
Step 1	Router(config)# router	protocol	Configures the routing protocol on the network.
Step 2
Step 2	Router(config-router)#	passive-interface default	Sets all interfaces as passive by default.
Step 3
Step 3	Router(config-router)#	no passive-interface	Activates only those interfaces that need to have
	interface-type		adjacencies set.
Step 4
Step 4	Router(config-router)#	network network-address	Specifies the list of networks for the routing process.
	[options]		The network-addressargument is an IP address
			written in dotted decimal notation—172.24.101.14,
			for example.

See the section “Default Passive Interface Example” at the end of this chapter for an example of a default passive interface.

To verify that interfaces on your network have been set to passive, you could enter a network monitoring command such as the show ip ospf interface EXEC command, or you could verify the interfaces you enabled as active using a command such as the show ip interface EXEC command.

Cisco IOS IP Configuration Guide

Cisco Systems 78-11741-02 manual Configuring Default Passive Interfaces, IPC-371

Models: 78-11741-02

Configuring Default Passive Interfaces

Command

IPC-371