RE: OSPF with passive interface [7:71395]
Shibu Nair wrote: If the interface configured as passive under OSPF routing protocol, will there be any neighbor relationship establish on that interface ? No. Passive interface means it doesn't send Hellos, which it would need to do to establish a neighbor relationship. Priscilla (assume OSPF is on both router interfaces connected with a T1 circuit) Thank you Shibu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71405t=71395 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP passive-interface [7:52453]
It depends, if you are using backup interfaces then EIGRP won't bring the line up obviously. I suspect that you are using floating statics though, in which case, if you just specify passive interface then no adjacency will be formed regardless of the state of the interface. If you then specify a neighbor so it is unicast, it will bring the line up (an keep it up) if it is defined as interesting traffic. If it isn't seen as interesting, it will form an adjacency when the line is up (by some other interesting traffic) which will then break when the line goes down again. Regards Jon CCIE R/S Nottingham UK. james kang wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi, anyone I am preparing the CCIE lab. there r one question about eigrp on BRI. i am using bri to backup frame relay connection. to prevent the eigrp from bring up the isdn line, i prefer the command passive-interface than filter list. but i am wondering whether the router can form the eigrp adjacency with other guys after the primary link is down. any guide will be appreciate. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52486t=52453 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP passive-interface [7:52453]
Jon, thanks a lot. your explanation is very clear. best regards james Jon wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... It depends, if you are using backup interfaces then EIGRP won't bring the line up obviously. I suspect that you are using floating statics though, in which case, if you just specify passive interface then no adjacency will be formed regardless of the state of the interface. If you then specify a neighbor so it is unicast, it will bring the line up (an keep it up) if it is defined as interesting traffic. If it isn't seen as interesting, it will form an adjacency when the line is up (by some other interesting traffic) which will then break when the line goes down again. Regards Jon CCIE R/S Nottingham UK. james kang wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi, anyone I am preparing the CCIE lab. there r one question about eigrp on BRI. i am using bri to backup frame relay connection. to prevent the eigrp from bring up the isdn line, i prefer the command passive-interface than filter list. but i am wondering whether the router can form the eigrp adjacency with other guys after the primary link is down. any guide will be appreciate. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52497t=52453 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP passive-interface [7:52453]
Another option could be to use dialer watch. By making sure the EIGRP traffic is clearly identified as NOT interesting, the same results will be achieved. Since bri's are in use as the backup and frame is the primary, I would probably lean towards dialer watch so you can use a single bri interface to potentially provide cover for multiple pvc's. S. -Original Message- From: james kang [mailto:[EMAIL PROTECTED]] Sent: Monday, 2 September 2002 7:14 AM To: [EMAIL PROTECTED] Subject: Re: EIGRP passive-interface [7:52453] Jon, thanks a lot. your explanation is very clear. best regards james Jon wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... It depends, if you are using backup interfaces then EIGRP won't bring the line up obviously. I suspect that you are using floating statics though, in which case, if you just specify passive interface then no adjacency will be formed regardless of the state of the interface. If you then specify a neighbor so it is unicast, it will bring the line up (an keep it up) if it is defined as interesting traffic. If it isn't seen as interesting, it will form an adjacency when the line is up (by some other interesting traffic) which will then break when the line goes down again. Regards Jon CCIE R/S Nottingham UK. james kang wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi, anyone I am preparing the CCIE lab. there r one question about eigrp on BRI. i am using bri to backup frame relay connection. to prevent the eigrp from bring up the isdn line, i prefer the command passive-interface than filter list. but i am wondering whether the router can form the eigrp adjacency with other guys after the primary link is down. any guide will be appreciate. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52502t=52453 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP passive-interface [7:52453]
hi, anyone I am preparing the CCIE lab. there r one question about eigrp on BRI. i am using bri to backup frame relay connection. to prevent the eigrp from bring up the isdn line, i prefer the command passive-interface than filter list. but i am wondering whether the router can form the eigrp adjacency with other guys after the primary link is down. any guide will be appreciate. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52453t=52453 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive Interface Help [7:30648]
Thank you for all your input. This has helped me a great deal. David - Original Message - From: Louie Belt To: CCIEn2002 Sent: Wednesday, January 02, 2002 2:53 PM Subject: RE: Passive Interface Help [7:30648] A passive interface prevents a routing protocol from advertising its routes via that interface. If you had a loopback interface is there any need to advertise routes out of it? No one would hear them - so why waste processor cycles sending a routing update to an interface that has nothing else connected. However, that same passive interface has it's IP address (or network) advertised to all other interfaces - therefore it is pingable. Other uses for passive interfaces would be when redistributing routing protocols (especially between FLSM and VLSM routing protocols), or even to limit an advertisement to a unicast (single destination instead of a broadcast) - for instance an interface advertising RIP (v1) uses a broadcast to make that advertisement out of each interface that is using RIP. By setting an interface to passive and using a neighbor statement in the routing protocol you can force RIP to only advertise its routes to a single unicast address instead of broadcasting it to every device on the IP network. Hope this helps. Louie A Belt CCIE #7054 Pomeroy Select Integration Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of CCIEn2002 Sent: Wednesday, January 02, 2002 1:01 PM To: [EMAIL PROTECTED] Subject: Re: Passive Interface Help [7:30648] Thank you for the info. Now I am a little confused still on the passive interface. If it prevents routing updates from being sent out, why would one want a passive interface. From my understanding, a passive interface would not advertise is routing updates to its neighbor. If that is the case, I am perplexed on why I can ping a passive interface that is being advertised thru a routing protocol. In my case, my neighbor router is seeing an IGRP update for the Ethernet network. Why would you make the Ethernet passive if you can still ping it and see its routing update from a neighboring router via the show ip route ? This is where I get confused by the definition of passive. Any help..I am a rookie as you can see David - Original Message - From: cheekin To: ; Sent: Wednesday, January 02, 2002 4:43 AM Subject: Re: Passive Interface Help [7:30648] Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0
Re: Passive Interface Help [7:30648]
Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124 ms Cisco_4000ping 12.11.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.11.12.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) Cisco_4000 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30653t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive Interface Help [7:30648]
The passive-interface command stops routing updates from exiting that interface or--in the case of EIGRP, OSPF, and IS-IS--it stop hello packets from exiting which keeps neighbor relationships from forming. This command won't keep a connected network from showing up in your routing table. If you are connected to another router via ethernet, the ethernet network is directly connected and does not need to be advertised by a routing protocol to show up in your routing table. To test this, add a loopback address on the remote router that is in the same major network as the ethernet address. You shouldn't be able to ping that because your local router should not be aware of it. HTH, John [EMAIL PROTECTED] 1/2/02 12:03:49 AM Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124 ms Cisco_4000ping 12.11.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.11.12.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) Cisco_4000 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30676t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive Interface Help [7:30648]
Thank you for the info. Now I am a little confused still on the passive interface. If it prevents routing updates from being sent out, why would one want a passive interface. From my understanding, a passive interface would not advertise is routing updates to its neighbor. If that is the case, I am perplexed on why I can ping a passive interface that is being advertised thru a routing protocol. In my case, my neighbor router is seeing an IGRP update for the Ethernet network. Why would you make the Ethernet passive if you can still ping it and see its routing update from a neighboring router via the show ip route ? This is where I get confused by the definition of passive. Any help..I am a rookie as you can see David - Original Message - From: cheekin To: ; Sent: Wednesday, January 02, 2002 4:43 AM Subject: Re: Passive Interface Help [7:30648] Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124 ms Cisco_4000ping 12.11.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.11.12.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) Cisco_4000 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30695t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive Interface Help [7:30648]
All part of traffic control. Why waste bandwidth for updates that are not
required.
example:
OSPF domainrouter--IGRP domain
the OSPF domain does not require direct knowledge of the IGRP domain, so why
send IGRP updates out the interface into the OSPF domain? or visa versa.
also, as a matter of basic security design, suppose you have:
bunch of usersethernet_interface-router--routing_domain
one might consider preventing routing advertisements into the user ethernet
domain as a precaution against users who may be running routing protocols on
their workstations and creating havoc as a result.
I worked on a VPN/RLAN project for a major technology company a few months
back. The company had several thousand users on this network, most of whom
were engineers. The company had ongoing problems with these engineers
testing equipment and services and creating situations where the engineering
work caused major problems on their production network. So they opted for
static routing to the end user, and suppression of all routing
advertisements out any of the VPN tunnels and RLAN connections.
Make sense?
Chuck
CCIEn2002 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Thank you for the info. Now I am a little confused still on
the passive interface. If it prevents routing updates
from being sent out, why would one want a
passive interface. From my understanding, a
passive interface would not advertise is routing
updates to its neighbor. If that is the case, I am perplexed
on why I can ping a passive interface that is being advertised
thru a routing protocol. In my case, my neighbor router
is seeing an IGRP update for the Ethernet network.
Why would you make the Ethernet passive if you can still
ping it and see its routing update from a neighboring router
via the show ip route ?
This is where I get confused by the definition of passive.
Any help..I am a rookie as you can see
David
- Original Message -
From: cheekin
To: ;
Sent: Wednesday, January 02, 2002 4:43 AM
Subject: Re: Passive Interface Help [7:30648]
Hi,
When you make the ethernet interface passive, it means no igrp updates
will
be sent out on the ethernet interface. It doesn't stop the serial
interface
from advertising network 12.0.0.0 . Which explains why you can still
ping
to the ethernet interface. If for some reason you do not want network
12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use
distribute-list to filter out the route.
Regards,
cheekin
- Original Message -
From:
To:
Sent: Wednesday, January 02, 2002 15:03
Subject: Passive Interface Help [7:30648]
Happy New Year!!
I need a little help on what a passive
interface is. From what I can gather, a passive
interface does not advertise its route to its
neighbor ? Now if that is the case, why can
I still ping an interface that is set to passive.
Please note: This is excluding directly connected
routes.
For example, I set my Cisco 2509 ethernet interface
to passive. Why can I still ping the ethernet address
from my neighboring router Cisco 4000 ? I am
running IGRP. Why does the ethernet network show up in its routing
table
for
my Cisco 4000. From poking around with the passive interface command
it
seems that I can not ping my ethernet address only if I set the Serial
interfaces to passive also.
This seems odd. I thought if I made an ethernet interface passive, I
should
not be able to ping it from a neighboring router or any other router
since
it is not being
advertised.
Below is a sample of me being able to ping serial 1 off
my Cisco 2509 from my Cisco 4000. Serial 1 is not
directly connected. Serial 1 is being advertised.
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco2509
!
enable password router
!
ip subnet-zero
ipx routing 0010.7be8.22f4
!
!
!
!
!
interface Ethernet0
ip address 12.11.12.1 255.255.255.240
no ip directed-broadcast
delay 1000
!
interface Serial0
ip address 172.16.18.1 255.255.255.240
no ip directed-broadcast
no ip mroute-cache
ipx network 3
no fair-queue
clockrate 100
!
interface Serial1
ip address 172.17.18.2 255.255.255.240
no ip directed-broadcast
clockrate 400
!
router igrp 1
passive-interface Ethernet0
passive-interface Serial0
passive-interface Serial1
offset-list 2 out 11000 Serial0
network 12.0.0.0
network 172.16.0.0
network 172.17.0.0
!
ip classless
!
access-list 2 deny 12.11.12.1
!
!
!
!
!
line con 0
transport input none
line 1 8
line aux 0
line vty 0 4
password cisco
login
!
end
Cisco2509#
Cisco_
Re: Re: Passive Interface Help [7:30648]
As I mentioned in my first reply, the passive-interface command operates a little differently depending on the protocol you're using. For protocols that need to establish neighbors--such as EIGRP, OSPF, and IS-IS--this command stops those relationships from forming so no routes will ever be exchanged. In RIP and IGRP, no neighbor relationship is formed. The passive-interface command simply stops the router from sending updates out that interface but it will *not* stop updates from coming in on that interface. This can be a handy feature if you only want to receive routes but not send them. If you are receiving IGRP routes that you don't want to receive, then you need to make sure that you apply this command to both sides of the connection. HTH, John Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag On Wed, 2 Jan 2002, CCIEn2002 ([EMAIL PROTECTED]) wrote: Thank you for the info. Now I am a little confused still on the passive interface. If it prevents routing updates from being sent out, why would one want a passive interface. From my understanding, a passive interface would not advertise is routing updates to its neighbor. If that is the case, I am perplexed on why I can ping a passive interface that is being advertised thru a routing protocol. In my case, my neighbor router is seeing an IGRP update for the Ethernet network. Why would you make the Ethernet passive if you can still ping it and see its routing update from a neighboring router via the show ip route ? This is where I get confused by the definition of passive. Any help..I am a rookie as you can see David - Original Message - From: cheekin To: ; Sent: Wednesday, January 02, 2002 4:43 AM Subject: Re: Passive Interface Help [7:30648] Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124
Re: Passive Interface Help [7:30648]
Are these routers directly connected? If so, that explains why you would still be able to ping. Did you try to use loopback interfaces and see if those routes are being announced? ms --- CCIEn2002 wrote: Thank you for the info. Now I am a little confused still on the passive interface. If it prevents routing updates from being sent out, why would one want a passive interface. From my understanding, a passive interface would not advertise is routing updates to its neighbor. If that is the case, I am perplexed on why I can ping a passive interface that is being advertised thru a routing protocol. In my case, my neighbor router is seeing an IGRP update for the Ethernet network. Why would you make the Ethernet passive if you can still ping it and see its routing update from a neighboring router via the show ip route ? This is where I get confused by the definition of passive. Any help..I am a rookie as you can see David - Original Message - From: cheekin To: ; Sent: Wednesday, January 02, 2002 4:43 AM Subject: Re: Passive Interface Help [7:30648] Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124 ms Cisco_4000ping 12.11.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.11.12.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) Cisco_4000 [EMAIL PROTECTED] __ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30699t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive Interface Help [7:30648]
I should also mention that in the ISP environment, this is particularly useful and particularly necessary. According to my reading, ISP's will habitually place all interfaces to the customer side as passive ( for the ISP IGP ) and will then specifically activate interfaces where route and routing protocol advertising should occur. All of the examples surrounding the passive-interface default command ( available in IOS 12.0 and higher ) that I have seen on CCO specifically reference ISP requirements. Essentially, why advertise internal routes and updates out every dial up and DSL connection? Why do your average Joe customers require this? So save their bandwidth for the things they really want - transferring megabytes of pictures via e-mail ;- Chuck Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All part of traffic control. Why waste bandwidth for updates that are not required. example: OSPF domainrouter--IGRP domain the OSPF domain does not require direct knowledge of the IGRP domain, so why send IGRP updates out the interface into the OSPF domain? or visa versa. also, as a matter of basic security design, suppose you have: bunch of usersethernet_interface-router--routing_domain one might consider preventing routing advertisements into the user ethernet domain as a precaution against users who may be running routing protocols on their workstations and creating havoc as a result. I worked on a VPN/RLAN project for a major technology company a few months back. The company had several thousand users on this network, most of whom were engineers. The company had ongoing problems with these engineers testing equipment and services and creating situations where the engineering work caused major problems on their production network. So they opted for static routing to the end user, and suppression of all routing advertisements out any of the VPN tunnels and RLAN connections. Make sense? Chuck CCIEn2002 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thank you for the info. Now I am a little confused still on the passive interface. If it prevents routing updates from being sent out, why would one want a passive interface. From my understanding, a passive interface would not advertise is routing updates to its neighbor. If that is the case, I am perplexed on why I can ping a passive interface that is being advertised thru a routing protocol. In my case, my neighbor router is seeing an IGRP update for the Ethernet network. Why would you make the Ethernet passive if you can still ping it and see its routing update from a neighboring router via the show ip route ? This is where I get confused by the definition of passive. Any help..I am a rookie as you can see David - Original Message - From: cheekin To: ; Sent: Wednesday, January 02, 2002 4:43 AM Subject: Re: Passive Interface Help [7:30648] Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable
Re: Passive Interface Help [7:30648]
For that matter, why advertise routes on any leaf network that only has end nodes? In the IP world, most end nodes (workstations) don't care about routing updates. (It could be argued that it would be better if they did so you wouldn't need kludges like HSRP, but in fact, most workstation operating systems don't understand routing updates.) Priscilla At 03:06 PM 1/2/02, Chuck Larrieu wrote: I should also mention that in the ISP environment, this is particularly useful and particularly necessary. According to my reading, ISP's will habitually place all interfaces to the customer side as passive ( for the ISP IGP ) and will then specifically activate interfaces where route and routing protocol advertising should occur. All of the examples surrounding the passive-interface default command ( available in IOS 12.0 and higher ) that I have seen on CCO specifically reference ISP requirements. Essentially, why advertise internal routes and updates out every dial up and DSL connection? Why do your average Joe customers require this? So save their bandwidth for the things they really want - transferring megabytes of pictures via e-mail ;- Chuck Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All part of traffic control. Why waste bandwidth for updates that are not required. example: OSPF domainrouter--IGRP domain the OSPF domain does not require direct knowledge of the IGRP domain, so why send IGRP updates out the interface into the OSPF domain? or visa versa. also, as a matter of basic security design, suppose you have: bunch of usersethernet_interface-router--routing_domain one might consider preventing routing advertisements into the user ethernet domain as a precaution against users who may be running routing protocols on their workstations and creating havoc as a result. I worked on a VPN/RLAN project for a major technology company a few months back. The company had several thousand users on this network, most of whom were engineers. The company had ongoing problems with these engineers testing equipment and services and creating situations where the engineering work caused major problems on their production network. So they opted for static routing to the end user, and suppression of all routing advertisements out any of the VPN tunnels and RLAN connections. Make sense? Chuck CCIEn2002 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thank you for the info. Now I am a little confused still on the passive interface. If it prevents routing updates from being sent out, why would one want a passive interface. From my understanding, a passive interface would not advertise is routing updates to its neighbor. If that is the case, I am perplexed on why I can ping a passive interface that is being advertised thru a routing protocol. In my case, my neighbor router is seeing an IGRP update for the Ethernet network. Why would you make the Ethernet passive if you can still ping it and see its routing update from a neighboring router via the show ip route ? This is where I get confused by the definition of passive. Any help..I am a rookie as you can see David - Original Message - From: cheekin To: ; Sent: Wednesday, January 02, 2002 4:43 AM Subject: Re: Passive Interface Help [7:30648] Hi, When you make the ethernet interface passive, it means no igrp updates will be sent out on the ethernet interface. It doesn't stop the serial interface from advertising network 12.0.0.0 . Which explains why you can still ping to the ethernet interface. If for some reason you do not want network 12.0.0.0 to be advertised, remove the network 12.0.0.0 statement or use distribute-list to filter out the route. Regards, cheekin - Original Message - From: To: Sent: Wednesday, January 02, 2002 15:03 Subject: Passive Interface Help [7:30648] Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should
Re: Passive Interface Help [7:30648]
Kludge!!! I'd rather refer to these features as job security :-) Dave Priscilla Oppenheimer wrote: For that matter, why advertise routes on any leaf network that only has end nodes? In the IP world, most end nodes (workstations) don't care about routing updates. (It could be argued that it would be better if they did so you wouldn't need kludges like HSRP, but in fact, most workstation operating systems don't understand routing updates.) Priscilla David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30716t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive Interface Help [7:30648]
Dave, If you want job security, become a tenured professor. Low pay but lots of security! :) Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco Regional Networking Academy MADMAN wrote: Kludge!!! I'd rather refer to these features as job security :-) Dave Priscilla Oppenheimer wrote: For that matter, why advertise routes on any leaf network that only has end nodes? In the IP world, most end nodes (workstations) don't care about routing updates. (It could be argued that it would be better if they did so you wouldn't need kludges like HSRP, but in fact, most workstation operating systems don't understand routing updates.) Priscilla David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30750t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passive Interface Help [7:30648]
Happy New Year!! I need a little help on what a passive interface is. From what I can gather, a passive interface does not advertise its route to its neighbor ? Now if that is the case, why can I still ping an interface that is set to passive. Please note: This is excluding directly connected routes. For example, I set my Cisco 2509 ethernet interface to passive. Why can I still ping the ethernet address from my neighboring router Cisco 4000 ? I am running IGRP. Why does the ethernet network show up in its routing table for my Cisco 4000. From poking around with the passive interface command it seems that I can not ping my ethernet address only if I set the Serial interfaces to passive also. This seems odd. I thought if I made an ethernet interface passive, I should not be able to ping it from a neighboring router or any other router since it is not being advertised. Below is a sample of me being able to ping serial 1 off my Cisco 2509 from my Cisco 4000. Serial 1 is not directly connected. Serial 1 is being advertised. Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cisco2509 ! enable password router ! ip subnet-zero ipx routing 0010.7be8.22f4 ! ! ! ! ! interface Ethernet0 ip address 12.11.12.1 255.255.255.240 no ip directed-broadcast delay 1000 ! interface Serial0 ip address 172.16.18.1 255.255.255.240 no ip directed-broadcast no ip mroute-cache ipx network 3 no fair-queue clockrate 100 ! interface Serial1 ip address 172.17.18.2 255.255.255.240 no ip directed-broadcast clockrate 400 ! router igrp 1 passive-interface Ethernet0 passive-interface Serial0 passive-interface Serial1 offset-list 2 out 11000 Serial0 network 12.0.0.0 network 172.16.0.0 network 172.17.0.0 ! ip classless ! access-list 2 deny 12.11.12.1 ! ! ! ! ! line con 0 transport input none line 1 8 line aux 0 line vty 0 4 password cisco login ! end Cisco2509# Cisco_4000ping 172.17.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.18.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 120/120/124 ms Cisco_4000ping 12.11.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.11.12.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) Cisco_4000 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30648t=30648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passive-interface in OSPF
Hi, in p.463 of Building Scalable Cisco Networks --- During testing with debug commands, it was found that OSPF does send Hello and DBD packets on passive interfaces, but does not send LSUs. EIGRP does not send anything on passive interfaces. - I tested it by myself, Yes, it is true when you believe what the debugger says, "debug ip packet" reports it's sending hellos on a passive interface, But on the other end, the same "debug ip packet" says no hellos from the passive interface are received. So what's going on here? I still firmly believe no hellos are sent on a passive interface. Then is it a BUG in IOS? Thanks in advance. Jaeheon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive-interface in OSPF
Unless specifically stated in the debug output that these are OSPF neighbor hello's then the hello's you are seeing sent are not to verify the neighbor still exists, rather the link/interface. To test you can specify a longer hello-interval for OSPF, and then debug. If you set the OSPF neighbor hello-interval to say 15 secs and leave the interface default to say 8/10 secs, and if you debug and see the hello packet sent at 8/10 secs you'll know it's the link hello.. If you see the hello sent at 15 secs you'll know its the OSPF hello.. Can't explain why the other side debug doesn't show receipt... unless debug doesn't pickup receipt of interface hellos, but the routing protocol instead. enough contemplation.. :) "Jaeheon Yoo" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, in p.463 of Building Scalable Cisco Networks --- During testing with debug commands, it was found that OSPF does send Hello and DBD packets on passive interfaces, but does not send LSUs. EIGRP does not send anything on passive interfaces. - I tested it by myself, Yes, it is true when you believe what the debugger says, "debug ip packet" reports it's sending hellos on a passive interface, But on the other end, the same "debug ip packet" says no hellos from the passive interface are received. So what's going on here? I still firmly believe no hellos are sent on a passive interface. Then is it a BUG in IOS? Thanks in advance. Jaeheon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive-interface
was wondering...as Cisco says...passive interface is there to block routing updates from going across. Hello packets do not contain routing updates...they are a mechanism of keeping a router connected and alive in the OSPF n/w Deepak Ravindra CCNA,ACRC... "Dave" [EMAIL PROTECTED] wrote in message 8gmhrl$hg6$[EMAIL PROTECTED]">news:8gmhrl$hg6$[EMAIL PROTECTED]... Yes it will stop Hello's there are no reason for them if the interface is passive, as it cannot form an ajacency anyways... -- Dave CCNP/CCDP/CCAI ""Thorne, Magnus"" [EMAIL PROTECTED] wrote in message 8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01">news:8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01... Will the passive-interface command stop OSPF's hellos? -Magnus Magnus Thorne eVoice, Inc. 1394 Williow Road Menlo Park, CA 94025 Direct: 650.330.3974 Main: 650.330.3700 Fax: 650.330.3901 eVoice. The best voicemail you can buy is free. Sign up at www.evoice.com or call 1.800.GET.EVOICE ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive-interface
yes, but there is no reason for OSPF routers to know about each other unless they are going to exchange topology databases. Look it up in Cisco Documentation, Hello's will not be passed on a passive-interface. -- Dave CCNP/CCDP/CCAI ""Deepak Ravindra"" [EMAIL PROTECTED] wrote in message 8h092q$8qc$[EMAIL PROTECTED]">news:8h092q$8qc$[EMAIL PROTECTED]... was wondering...as Cisco says...passive interface is there to block routing updates from going across. Hello packets do not contain routing updates...they are a mechanism of keeping a router connected and alive in the OSPF n/w Deepak Ravindra CCNA,ACRC... "Dave" [EMAIL PROTECTED] wrote in message 8gmhrl$hg6$[EMAIL PROTECTED]">news:8gmhrl$hg6$[EMAIL PROTECTED]... Yes it will stop Hello's there are no reason for them if the interface is passive, as it cannot form an ajacency anyways... -- Dave CCNP/CCDP/CCAI ""Thorne, Magnus"" [EMAIL PROTECTED] wrote in message 8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01">news:8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01... Will the passive-interface command stop OSPF's hellos? -Magnus Magnus Thorne eVoice, Inc. 1394 Williow Road Menlo Park, CA 94025 Direct: 650.330.3974 Main: 650.330.3700 Fax: 650.330.3901 eVoice. The best voicemail you can buy is free. Sign up at www.evoice.com or call 1.800.GET.EVOICE ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passive-interface
Will the passive-interface command stop OSPF's hellos? -Magnus Magnus Thorne eVoice, Inc. 1394 Williow Road Menlo Park, CA 94025 Direct: 650.330.3974 Main: 650.330.3700 Fax: 650.330.3901 eVoice. The best voicemail you can buy is free. Sign up at www.evoice.com or call 1.800.GET.EVOICE ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passive-interface
Yes it will stop Hello's there are no reason for them if the interface is passive, as it cannot form an ajacency anyways... -- Dave CCNP/CCDP/CCAI ""Thorne, Magnus"" [EMAIL PROTECTED] wrote in message 8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01">news:8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01... Will the passive-interface command stop OSPF's hellos? -Magnus Magnus Thorne eVoice, Inc. 1394 Williow Road Menlo Park, CA 94025 Direct: 650.330.3974 Main: 650.330.3700 Fax: 650.330.3901 eVoice. The best voicemail you can buy is free. Sign up at www.evoice.com or call 1.800.GET.EVOICE ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
