cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1612
Views
10
Helpful
2
Replies

Passive interface - RIP

janesh_abey
Level 1
Level 1

Hi Folks,

My understanding of the passive interface command is that once configured, the particular interface will not send rip updates but it can still receive updates.

However,when I try it on the IOS it does not seem to work according to my expectations.

Lab setup is very simple and routers R1 and R2 are connected via ethernet. On R2 we are using sub interfaces and on R1 we are using the main interface to form neighborships.

If passive is configured for interface f0/0.23 and f0/0.24 R1 should not have networks 10.1.24.0/24 and 10.1.23.0 in the  routing table but this is not the case.

Configs relating to the rip section and show commands are  attached.IOS on both routers is 12.4(15)T9.

Any help is much appreciated.

cheers,

Janesh

1 Accepted Solution

Accepted Solutions

Peter Paluch
Cisco Employee
Cisco Employee

Hello Janesh,

The behavior you are seeing is correct, as you have two passive and one "active" interface on R2 towards R1. You have configured the Fa0/0.23 and Fa0/0.24 on R2 as passive which is OK. However, there is also the Fa0/0.12 on R2 which is still active and able to form an adjacency with R1. R2 announces all its networks from the 10.0.0.0/8 scope over the Fa0/0.12 to R1, and that is the reason why R1 is still able to see all networks on R2.

My understanding of the passive interface command is that once  configured, the particular interface will not send rip updates but it  can still receive updates.

That is correct but in addition to that, you still have to bear in mind that the network from a passive interface itself will be advertised through all non-passive interfaces. This is what is happening in your topology - the Fa0/0.23 and Fa0/0.24 do not send RIP updates but the networks on Fa0/0.23 and Fa0/0.24 interfaces will be advertised through non-passive interfaces.

Passive interfaces are not intended to filter the contents of routing updates. Instead, they are used to advertise particular interfaces' networks as stub networks, i.e. not creating any adjacencies over such interfaces but still advertising the networks from these interfaces.

This all may sound a little confusing at first. Please feel welcome to ask further!

Best regards,

Peter

View solution in original post

2 Replies 2

Peter Paluch
Cisco Employee
Cisco Employee

Hello Janesh,

The behavior you are seeing is correct, as you have two passive and one "active" interface on R2 towards R1. You have configured the Fa0/0.23 and Fa0/0.24 on R2 as passive which is OK. However, there is also the Fa0/0.12 on R2 which is still active and able to form an adjacency with R1. R2 announces all its networks from the 10.0.0.0/8 scope over the Fa0/0.12 to R1, and that is the reason why R1 is still able to see all networks on R2.

My understanding of the passive interface command is that once  configured, the particular interface will not send rip updates but it  can still receive updates.

That is correct but in addition to that, you still have to bear in mind that the network from a passive interface itself will be advertised through all non-passive interfaces. This is what is happening in your topology - the Fa0/0.23 and Fa0/0.24 do not send RIP updates but the networks on Fa0/0.23 and Fa0/0.24 interfaces will be advertised through non-passive interfaces.

Passive interfaces are not intended to filter the contents of routing updates. Instead, they are used to advertise particular interfaces' networks as stub networks, i.e. not creating any adjacencies over such interfaces but still advertising the networks from these interfaces.

This all may sound a little confusing at first. Please feel welcome to ask further!

Best regards,

Peter

Hi Peter,

Thanks a lot for your reply.Very well explained.

It makes perfect sense to me now.

cheers,

Janesh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco