OSPF enabled for interface and network

getaway51 · ‎07-09-2019

Hi,

For ospf config below.

1)May I knw wht the command no passive-interface TenGigabitEthernet1/0/2 does? Wht happen to those interface without this command?

2) network 192.168.70.133 0.0.0.0 area 0, is this command needed for every network tht we wish to include in ospf broadcast under area 0?

3)Does it means that we need "no passive-interface TenGigabitEthernet x/y/z" and "network 192.168.70.133 0.0.0.0 area 0" for ospf broadcast enabled? both needs to enabled for a particular interface and its associated subnet?

router ospf 1
auto-cost reference-bandwidth 100000
redistribute static metric 1000 subnets
passive-interface default
no passive-interface Vlan99
no passive-interface TenGigabitEthernet1/0/2
no passive-interface TenGigabitEthernet1/0/3
no passive-interface TenGigabitEthernet1/0/4
no passive-interface TenGigabitEthernet1/0/5
network 192.168.70.133 0.0.0.0 area 0
network 192.168.70.149 0.0.0.0 area 0
network 192.168.70.161 0.0.0.0 area 0
network 192.168.70.173 0.0.0.0 area 0
network 192.168.13.3 0.0.0.0 area 0
network 192.168.13.66 0.0.0.0 area 0
network 192.168.13.74 0.0.0.0 area 0
default-information originate

GRANT3779 · ‎07-09-2019

The OSPF Passive Interface means the interface will not participate in trying to establish adjacencies with other OSPF routers, e.g sending Hellos. However if you include the interface subnets in your network statements, the network will still be advertised.

It allows you to still advertise a network attached to an Interface without turning OSPF "on" on the Interface.

Think of a company "core" switch as an example. These tend to have many vlan interfaces with many different subnets attached. If you establish an OSPF adjacency from the Core switch to another device and want to advertise all the Core switch subnets, you would include these subnets in your network statements whilst also passive interfacing them. No point sending OSPF hellos out of interfaces you don't actually want to peer over.
Only the interfaces you want to use for building neighbors/adjacency would be configured as "non passive"

Mark Malone · ‎07-09-2019

1 good practice to passify the interface and only unpassify it when you want it to join the OSPF and form neighbours
In your instance its allowing it become a neighbour , you should be able to see if with show ip ospf neig

2 there specific interfaces thats forming neighbours as its locked down to host specific with 0.0.0.0 , again thats good practice to make sure only that interface IP specifically can become a neighbour

3 You dont have to but again its good practice the way thats done , passify all interfaces and only specifically enable the IPs you want to become a neighbour so its a more controlled setup

paul driver · ‎07-09-2019

Hello

Passive interfaces dont allow any routing information to pass through them- so in ospf this means they wont be allowed to form any ospf adjecencys and will be seen in opsf databse as stub networks.

The passive -interafce default is a good feature to have enabled when you are running an IGP on a device that has lots of routed interfaces and you dont wont all of them by default to have the protential to send/recive routing information, However when you do wish to have a specific interface to actively partcipate in the routing process then you canmake that inerface no passvie by specifiying no passive-inteface xxx

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

getaway51 · ‎09-16-2019

How can I know whether the loopback IP address of connected devices was OSPF dynamically learn from the back-to-back or LAN interfaces?

how can i see OSPF learned subnets (Loopback IP /128, default routing,etc) in the switch?