The passive-interface command stops routing updates from exiting that interface or--in the case of EIGRP, OSPF, and IS-IS--it stop hello packets from exiting which keeps neighbor relationships from forming.
This command won't keep a connected network from showing up in your routing table. If you are connected to another router via ethernet, the ethernet network is directly connected and does not need to be advertised by a routing protocol to show up in your routing table. To test this, add a loopback address on the remote router that is in the same major network as the ethernet address. You shouldn't be able to ping that because your local router should not be aware of it. HTH, John >>> "[EMAIL PROTECTED]" 1/2/02 12:03:49 AM >>> Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is "not" directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 1000000 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 4000000 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000>ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124 ms Cisco_4000>ping 12.11.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.11.12.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) Cisco_4000> Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=30676&t=30648 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
