Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2026
Views
10
Helpful
4
Replies

OSPF and HSRP on Layer 3 Switch

Go to solution
kirk.brookover
Level 1
Level 1

‎06-17-2010 01:38 PM - edited ‎03-06-2019 11:37 AM

When using Wireshark to sniff traffic on the LAN we see OSPF and HSRP advertisements on port terminating client machines.  Is there a method for preventing the swich from flooding the keepalives/advertisments out all ports?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

‎06-17-2010 11:15 PM 

When using Wireshark to sniff traffic on the LAN we see OSPF and HSRP
advertisements on port terminating client machines.  Is there a method
for preventing the swich from flooding the keepalives/advertisments out
all ports?

Hi,

Genrally  with multicast traffic you can turn on IGMP snooping on your switch and this will stop multicast being sent to all ports.But with HSRP and OSPF IGMP snooping wont work.

Some switches do have comamnds to block multicast on ports,Check out the below link for multicast blocking on individual ports on switch.

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a008081dfa8.html#wp1087814

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

View solution in original post

0 Helpful
4 Replies 4

Go to solution
glen.grant
VIP Alumni
VIP Alumni

‎06-17-2010 05:33 PM

    To eliminate the ospf  advertisements under the ospf process , enter " passive interface default" .  You then "no passive interface " the ports that go to other  ospf  links to other routers or layer 3 switches .  Obviously this should be done under a change window as possible disruption could occur.  I'm not sure there is any way to block the hsrp stuff as it is a multicast  which gets passed to all ports in the same vlan .

Go to solution
Hitesh Vinzoda
Level 4
Level 4

‎06-17-2010 11:01 PM

Hi,

The addresses used by HSRP and OSPF are link local multicast addresses so they are flooded out the link

224.0.0.5 all OSPF speaking router

224.0.0.2 all routers on the segment

These is the normal operation of link local multicast addresses, used to find out any OSPF speaking router on that segment or HSRP router...

Passive interface on a switch with make the interfaces not to participate in OSPF, but if you have another switch connected on the port where you dont have passive interface enabled just to advertise that interface in OSPF, the downstream switch connected with hosts still receive the OSPF hellos

IMO its better not to filter out these messages as they are meant for routers (224.0.0.2/224.0.0.5)

HTH

Hitesh Vinzoda

Pls rate useful posts

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

‎06-17-2010 11:15 PM 

When using Wireshark to sniff traffic on the LAN we see OSPF and HSRP
advertisements on port terminating client machines.  Is there a method
for preventing the swich from flooding the keepalives/advertisments out
all ports?

Hi,

Genrally  with multicast traffic you can turn on IGMP snooping on your switch and this will stop multicast being sent to all ports.But with HSRP and OSPF IGMP snooping wont work.

Some switches do have comamnds to block multicast on ports,Check out the below link for multicast blocking on individual ports on switch.

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a008081dfa8.html#wp1087814

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

0 Helpful

Go to solution
kirk.brookover
Level 1
Level 1

‎06-18-2010 05:15 AM

Thank you all for the help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card