Network Management Strategies for the CIO
You may want to have passive interfaces for some of the subnets of your network. This is a good idea if you've set up static routing, for example, and there's no need to listen to dynamic routing updates that take up bandwidth to no purpose. There are other reasons as well, discussed in this tip excerpted from
Requires Free Membership to View
Managing IP Networks with Cisco Routers, by Scott M. Ballew, published by O'Reilly & Associates Inc.
Your network may have one of more links to which you do not want dynamic routing updates sent. One reason might be that you have a low-bandwidth link between two sites on which you have chosen to do static routing. Or there might not be any device on the link to listen to your updates, such as a stub network using a static default route. In this case, there is no reason to consume bandwidth with messages that no one cares about.
The interfaces to such links are knows as passive interfaces. Most routers and routing protocols allow you to specify that some or all interfaces on a router are passive. This mechanism varies, but it typically takes one of two forms. The first is to use the name that the configuration language of the router uses, such as "serial 2." The other is to use the interface's configured IP address. In either case, all interfaces are typically considered active until the router is told that they are passive. On a router running multiple protocols, each protocol usually maintains its own view of which interfaces are active and which are passive, so you must tell each protocol about passive interfaces separately.
In each of our examples, one Ethernet and one serial interface are listed as passive, so the router will not send protocol updates on them. The network or subnet number of the attached link will be included in the routing updates sent to other interfaces, if it would otherwise be included.
Declaring an interface to be passive does not mean you won't listen to routing updates that arrive on that interface. If a machine is sending updates on such a link, the router will lsten to and process them, whether or not the intercace is passive. This can lead to all kionds of routing problems. Consider that the router is using information it learns from the remote router, but it has no way to inform the remote router of its routes.
[This code will suppress advertisements.]
RIP router rip network 172.16.0.0 network 172.17.0.0 network 192.168.100.0 ! suppress advertisements on these interfaces passive-interface ethernet 1 passive-interface serial 0 OSPF router ospf 1 network 0.0.0.255.255.255.255 area 0 ! suppress advertisements on these interfaces passive-interface ethernet 1 passive-interface serial 0 EIGRP Router eigrp 1 network 172.16.0.0 network 172.17.0.0 network 192.168.100.0 ! suppress advertisements on these interfaces passive-interface ethernet 1 passive-interface serial 0
This was first published in March 2002
Join the conversationComment
Share
Comments
Results
Contribute to the conversation