Configuring OSPF Passive Interface

As like EIGRP, the OSPF routing protocol also supports the passive interface where you have the ability to enable OSPF on the interface but not form relationships with neighbors on it. This lab will discuss and demonstrate the configuration and verification of passive OSPF interfaces.

Real World Application & Core Knowledge

If you’ve completed Lab 8-7 – Configuring EIGRP Passive Interface then you should have a firm understanding of how passive interface works and what it does.

If not then to summarize passive-interface up in one paragraph; its a feature you enable on a per interface basis which allows a particular interface to participate in a routing process but prevents that interface from forming neighbor relationships by not sending hello packets and discarding received hello packets.

So you’re probably wondering what is this feature good for? Lets say you have a layer 2 access switch and all layer 3 functions of the network occur at the distribution layer. In this case you would not want the router(s) sending hello packets down to the access switch but you’d still want the links participating in a routing protocol to be advertised dynamically. In this case you’d need to use the passive interface feature.

You configure a passive interface in OSPF the same way you do in EIGRP and RIP by using the passive-interface interfacename#/# in router configuration mode.

In this lab you’ll be configuring the LAN interfaces on R4 and R5 as passive interfaces to ensure they do not form a neighbor relationship with each other however they must advertise the LAN network 10.90.145.0/24 into the OSPF autonomous system.

Familiarize yourself with the following new command(s);

Command	Description
passive-interface interfacename#/#	This command is executed in router configuration mode to specify a particular interface as a passive-interface in the dynamic routing process. A passive interface does not send or process received hello’s thus not forming a neighbor relationship or advertising routes.

The following logical topology shown below is used in labs found through out Section 9 – Configuring OSPF;

Lab Prerequisites

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by copying the config from the textbox and pasting it into the respected routers console.

!################################################## !# Free CCNA Workbook Lab 9-12 R1 Initial Config # !################################################## ! enable configure terminal ! hostname R1 no ip domain-lookup ! interface Loopback0 description ### SIMULATED NETWORK ### ip address 10.90.10.1 255.255.255.0 ip ospf 1 area 1 ! interface Serial0/0 description ### PHYSICAL FRAME RELAY INTERFACE ### ip address 10.90.245.1 255.255.255.248 ip ospf 1 area 0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 10.90.245.5 125 broadcast frame-relay map ip 10.90.245.4 124 broadcast frame-relay map ip 10.90.245.2 122 broadcast no frame-relay inverse-arp no shut exit ! router ospf 1 router-id 1.1.1.1 log-adjacency-changes auto-cost reference-bandwidth 100000 neighbor 10.90.245.2 neighbor 10.90.245.4 neighbor 10.90.245.5 ! line con 0 logging sync no exec-timeout ! end !################################################## !# Free CCNA Workbook Lab 9-12 R2 Initial Config # !################################################## ! enable configure terminal ! hostname R2 no ip domain-lookup ! interface Loopback0 description ### SIMULATED NETWORK ### ip address 10.90.20.1 255.255.255.0 ip ospf 1 area 2 ! interface Serial0/0 description ### PHYSICAL FRAME RELAY INTERFACE ### ip address 10.90.245.2 255.255.255.248 encapsulation frame-relay ip ospf priority 0 ip ospf 1 area 0 serial restart-delay 0 no frame-relay inverse-arp frame map ip 10.90.245.1 221 broadcast frame map ip 10.90.245.4 221 frame map ip 10.90.245.5 221 no shut ! interface Serial0/2 ### POINT-TO-POINT LINK TO R3 ### ip address 10.90.23.1 255.255.255.252 ip ospf 1 area 3 ip ospf hello-interval 1 encapsulation ppp serial restart-delay 0 no shut exit ! router ospf 1 router-id 2.2.2.2 auto-cost reference-bandwidth 100000 log-adjacency-changes area 3 stub no-summary ! line con 0 logging sync no exec-timeout ! end !################################################## !# Free CCNA Workbook Lab 9-12 R3 Initial Config # !################################################## ! enable configure terminal ! hostname R3 no ip domain-lookup ! interface Loopback0 description ### SIMULATED NETWORK ### ip address 10.90.30.1 255.255.255.0 ip ospf 1 area 3 ! interface Serial0/1 description ### POINT-TO-POINT LINK TO R2 ### ip address 10.90.23.2 255.255.255.252 ip ospf 1 area 3 ip ospf hello-interval 1 encapsulation ppp no shut exit ! router ospf 1 router-id 3.3.3.3 log-adjacency-changes auto-cost reference-bandwidth 100000 area 3 stub ! line con 0 logging sync no exec-timeout ! end !################################################## !# Free CCNA Workbook Lab 9-12 R4 Initial Config # !################################################## ! enable configure terminal ! hostname R4 no ip domain-lookup ! interface Loopback0 description ### SIMULATED NETWORK ### ip address 10.90.40.1 255.255.255.0 ip ospf 1 area 4 ! interface FastEthernet0/0 description ### REAL NETWORK ### ip address 10.90.145.1 255.255.255.0 ip ospf 1 area 45 no shut ! interface Serial0/0 description ### PHYSICAL FRAME RELAY INTERFACE ### ip address 10.90.245.4 255.255.255.248 encapsulation frame-relay ip ospf priority 0 ip ospf 1 area 0 serial restart-delay 0 no frame-relay inverse-arp frame map ip 10.90.245.1 421 broadcast frame map ip 10.90.245.2 421 frame map ip 10.90.245.5 421 no shut ! interface Serial0/1 description ### POINT-TO-POINT LINK TO R5 ### ip address 10.90.45.1 255.255.255.252 ip ospf 1 area 45 encapsulation ppp serial restart-delay 0 no shut exit ! router ospf 1 router-id 4.4.4.4 auto-cost reference-bandwidth 100000 log-adjacency-changes ! line con 0 logging sync no exec-timeout ! end !################################################## !# Free CCNA Workbook Lab 9-12 R5 Initial Config # !################################################## ! enable configure terminal ! hostname R5 no ip domain-lookup ! interface Loopback0 description ### SIMULATED NETWORK ### ip address 10.90.50.1 255.255.255.0 ip ospf 1 area 5 ! interface FastEthernet0/0 description ### REAL NETWORK ### ip address 10.90.145.2 255.255.255.0 ip ospf cost 100 ip ospf 1 area 45 no shut ! interface Serial0/0 description ### PHYSICAL FRAME RELAY INTERFACE ### ip address 10.90.245.5 255.255.255.248 encapsulation frame-relay ip ospf priority 0 ip ospf 1 area 0 serial restart-delay 0 no frame-relay inverse-arp frame map ip 10.90.245.1 521 broadcast frame map ip 10.90.245.2 521 frame map ip 10.90.245.4 521 no shut ! interface Serial0/1 description ### POINT-TO-POINT LINK TO R4 ### ip address 10.90.45.2 255.255.255.252 ip ospf 1 area 45 encapsulation ppp serial restart-delay 0 no shut exit ! router ospf 1 router-id 5.5.5.5 log-adjacency-changes auto-cost reference-bandwidth 100000 ! line con 0 logging sync no exec-timeout ! end !################################################## !# Free CCNA Workbook Lab 9-X SW1 Initial Config # !################################################## ! enable configure terminal ! hostname SW1 no ip domain-lookup ! line con 0 logging sync no exec-timeout ! end

Lab Objectives

Configure R4 and R5’s LAN interfaces (FastEthernet0/0) as passive interfaces to ensure R4 and R5 never become neighbors over through the LAN.
Verify on R1 that the routes to R4 and R5’s connected LAN is still in the routing table.

Lab Instruction

Objective 1. – Configure R4 and R5’s LAN interfaces (FastEthernet0/0) as passive interfaces to ensure R4 and R5 never become neighbors over through the LAN.

R4#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#passive-interface FastEthernet0/0
%OSPF-5-ADJCHG: Process 1, Nbr 5.5.5.5 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R4(config-router)#end
R4#
%SYS-5-CONFIG_I: Configured from console by console
R4#

R5#
%OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on FastEthernet0/0 from FULL
to DOWN, Neighbor Down: Interface down or detached
R5#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R5(config)#router ospf 1
R5(config-router)#passive-interface FastEthernet0/0
R5(config-router)#end
R5#
*Jul 12 20:06:16.183: %SYS-5-CONFIG_I: Configured from console by console
R5#

Objective 2. – Verify on R1 that the routes to R4 and R5’s connected LAN is still in the routing table.

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
O IA    10.90.50.1/32 [110/64767] via 10.90.245.5, 00:46:01, Serial0/0
O IA    10.90.40.1/32 [110/64767] via 10.90.245.4, 00:46:01, Serial0/0
O IA    10.90.23.0/30 [110/129532] via 10.90.245.2, 00:45:51, Serial0/0
O IA    10.90.30.1/32 [110/129533] via 10.90.245.2, 00:36:08, Serial0/0
O IA    10.90.145.0/24 [110/64866] via 10.90.245.5, 00:00:27, Serial0/0
O IA    10.90.45.0/30 [110/129532] via 10.90.245.5, 00:45:51, Serial0/0
                     [110/129532] via 10.90.245.4, 00:45:51, Serial0/0
O IA    10.90.20.1/32 [110/64767] via 10.90.245.2, 00:46:02, Serial0/0
C       10.90.10.0/24 is directly connected, Loopback0
C       10.90.245.0/29 is directly connected, Serial0/0
R1#

As you can see from the routing table of R1 shown above that to get to the 10.90.145.0/24 network from R1 the next hop is R5. If you view the interface configuration on R5 you’ll see it has an ospf cost of 100 as previously configured in Lab 9-10 – Configuring OSPF Interface Cost before the auto-cost reference-bandwidth was changed in Lab 9-11 – Configuring OSPF Auto Cost Reference Bandwidth to ensure traffic coming from R1 would take R4 to get to 10.90.145.0/24 as R4 used the default cost reference which gave its FastEthernet0/0 interface a cost of 1 thus the ip ospf cost 100 on R5’s FastEthernet0/0 interface would be a higher. But after the auto cost reference bandwidth change R5 became the preferred route as OSPF dynamically calculated a higher cost then 100 for R4 to its FastEthernet0/0.

To resolve this you can change the cost on R5’s FastEthernet0/0 interface to 65535 as shown below;

R5#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R5(config)#interface FastEthernet0/0
R5(config-if)#ip ospf cost 65535
R5(config-if)#end
R5#

View R1’s routing table as shown below; you’ll notice that the R1 now has the correct route to 10.90.145.0/24 through R4.

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
O IA    10.90.50.1/32 [110/64767] via 10.90.245.5, 00:55:05, Serial0/0
O IA    10.90.40.1/32 [110/64767] via 10.90.245.4, 00:55:05, Serial0/0
O IA    10.90.23.0/30 [110/129532] via 10.90.245.2, 00:54:55, Serial0/0
O IA    10.90.30.1/32 [110/129533] via 10.90.245.2, 00:45:11, Serial0/0
O IA    10.90.145.0/24 [110/65766] via 10.90.245.4, 00:01:05, Serial0/0
O IA    10.90.45.0/30 [110/129532] via 10.90.245.5, 00:54:55, Serial0/0
                     [110/129532] via 10.90.245.4, 00:54:55, Serial0/0
O IA    10.90.20.1/32 [110/64767] via 10.90.245.2, 00:55:05, Serial0/0
C       10.90.10.0/24 is directly connected, Loopback0
C       10.90.245.0/29 is directly connected, Serial0/0
R1#

◄ Previous Lab

Next Lab ►