Thank you.

However you may want the IP subnet configured on that interface to be advertised to other L3 devices reachable via other interfaces.

Can you add some more color to this? Example?

Thanks

visitor,

It means that you are advertising that particular network in the ospf domain so that other devices can reach that particular network.

Hope this clarifies.

Regards

Inayath

The "network" statement under OSPF tells the router which interfaces to run OSPF on.

When OSPF then runs on that interface it takes the IP subnet configured on that interface and advertises it out.

Technically with OSPF it sends an LSA but you get the idea.

So a common scenario where you see the passive interfaces in the configuration is with a pair of L3 switches connected via a trunk responsible for routing vlans and running OSPF.

These switches are peering with each other over the trunk link and with other L3 devices eg. a WAN router.

Without passive interfaces the L3 switches would peer with each other over every SVI which can be a lot of peerings you don't need. So you allow the peering between a pair of SVIs but then you make all the other SVIs passive in your configuration.

But you have to have network statements for all the SVIs otherwise the switches would not advertise those subnets to the router.

This principle is the same for all IGPs but not BGP where the network statement does actually tell BGP what to advertise.

Jon

Thanks to everyone.

Jon, let me see if I got this straight.

An interface that has been made part of the OSPF process through the use of the network command and has NOT been made passive (in other words a normal situation) will send out Hello packets in an attempt to create a neighborship with a peer. Then, depending on the role of the interface, it will attempt to create an OSPF adjacency by sending out LSAs as part of the DBD exchange process. That is when the router interface enters the EXSTART state. Moreover, one of those LSAs that the interface will send will be a router LSA (type 1) for the IP address/mask combo applied to itself.

Furthermore, let's assume that other interfaces on that router have indeed been made passive BUT the IP networks to which they belong have been made part of the OSPF process through the use of the network command. (For example, the VLAN interfaces you mention - and yes, that was a great example because I have seen that many times). In that case, the active OSPF interface, which has established an OSPF adjacency with a peer interface, will send router LSAs for those passive interfaces that belong to the OSPF process, too. YES?

OK, getting back to those passive interfaces, they will NOT send Hellos, they will NOT try to establish a neighborship, let alone an adjacency, and for all intents and purposes, they are NOT participating in any OSPF protocol semantics. However, assuming their IP address is encompassed in one of the OSPF network statements, a router LSA will need to be sent on its behalf by the active OSPF interface, which has established an adjacency with a peer interface. YES?

Lastly, what does a passive interface do if it indeed receives a Hello packet? I guess it will just ignore it.

Joe, would have given you a '5,' but this statement confused the hell out of me. :-)

Both an active and passive interface, that join OSPF, will advertise their interface network, but passive interfaces will not try to establish an OSPF adjacency with other OSPF routers on that interface.  So, they won't provide transit.

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

When confused, please ask for clarification.

What part of those two statements are unclear?  Or, you're just totally lost with what I'm trying to tell you?

Regardless of whether an OSPF interface is passive or active, it will advertise the network on the interface to the rest of the OSPF topology.  But passive interfaces will not form an adjacency with another OSPF router.  For example, given:

R1-192.168.1.0/24-R2-192.168.2.0/24-R3-192.168.3.0/24-R4

If all the connection interfaces are active (and other OSPF parameter are correctly set), R1 "knows" of 192.168.3.0/24 and R4 "knows" of 192.168.1.0/24.  They also both "know" of 192.168.2.0/24.  Basically all four routers "know" of all three networks.

Now, if you change either or both interfaces on R2 or R3 that connect to 192.168.2.0/24 to passive, R1 and R2 will "know" of 192.168.1.0/24 and 192.168.2.0/24 while R3 and R4 will "know" of 192.168.2.0/24 and 192.168.3.0/24.  Or, R1 and R2 will not "know" of 192.168.3.0/24 while R3 and R4 will not "know" of 192.168.1.0/24.  Basically,  R2 and R3, again when either/both passive, will not share their routing information with each other.

You asked why you would do this.  The most common reason is, R2 and R3 share multiple networks between them (assume there's a trunk between them), and having them share routing across each network, only adds to the OSPF processing load.

Joe, thanks again, but I find one of your statements troubling.

Regardless of whether an OSPF interface is passive or active, it will advertise the network on the interface to the rest of the OSPF topology.  But passive interfaces will not form an adjacency with another OSPF router. 

I'm not sure that is correct. An interface will only send LSAs if it has established an adjacency with a peer interface. If it has been made passive, then we all acknowledge that the interface will NOT try to establish a neighborship with Hello packets nor will it attempt an adjacency. That being the case, how can it be that the interface will nonetheless send a router LSA for itself to anyone?

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Ah, sorry, not clearly worded.

Instead of ". . ., it will advertise the network on the interface to the rest of the OSPF topology. "

maybe:

". . ., it will advertise the network defined on the interface to the rest of the OSPF topology. "

or

". . ., it will advertise the interface's network to the rest of the OSPF topology."

Joe, no. The interface that has been made passive wont advertise anything, period. You still havent addressed what I am saying. If it does not form an adjacency, it will not send an LSA. The network to which the passive interface belongs will be advertised by the active OSPF interface, assuming of course the IP address is encompassed in one of the network statements under the OSPF process.

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

OK, thanks for engaging me, Joe. Appreciate your time and effort.