Skip to main content

EIGRP Passive interface

Image
By Edgar C Francis Internetworks

EIGRP Passive Interface

EIGRP does not send any hello messages on the passive interface. EIGRP router ignores any EIGRP messages received on the interface which means no neighbors relation but EIGRP still advertises about the connected subnet only if matched with an EIGRP network command.



let's understand it more clearly


In our diagram, we have 4 Routers and a switch, Router_1 and Router_2. Down side there’s the network 10.1.1.1/8 with a switch connected to Router_1 and come computers. We need Router_1 to advertise the network 10.1.1.1/8 to our Autonomous system and of course router_2 but we have one problem there is no router on the 10.1.1.1/8 network. There is no reason to send EIGRP hello packets on the interface FastEthernet 0/0

There is also one big problem it’s a security risk if someone connects his computer to our switch with an application that advertises fake routes and becomes EIGRP neighbors with our router1 this is a nightmare.

We do not allow this to be happening in our autonomous system. To prevent this from happening we need a passive-interface command and this feature ensures that the network is advertised in EIGRP but this feature disable  hello packets on the interface ( in our case fatethernet 0/0 )


There is option redistribution with the help of this command we can prevent our nightmare. 


let see the configuration:

Topology:-



TASK:

  • configure the topology as per the diagram 
  • assign IP addresses to their interfaces 
  • configure EIGRP 61234 and advertise all the interfaces 
  • configure serial 3/1 and 3/3 passive interfaces 


R1(config)#Interface fastethernet 0/0
R1(config-if)#Ip address 10.1.1.1   255.0.0.0
R1(config-if)#No shutdown
R1(config-if)#No keepalive
R1(config-if)#Exit

R1(config)#Interface serial 3/0
R1(config-if)#Ip address  1.1.1.1 255.0.0.0
R1(config-if)#No shutdown
R1(config-if)#Exit

R2(config)#Interface fastethernet 0/0
R2(config-if)#Ip address 20.1.1.1   255.0.0.0
R2(config-if)#No shutdown
R2(config-if)#No keepalive
R2(config-if)#Exit

R2(config)#Interface serial 3/1
R2(config-if)#Ip address  2.2.2.1  255.0.0.0
R2(config-if)#No shutdown
R2(config-if)#Exit


R3(config)#Interface fastethernet 0/0
R3(config-if)#Ip address 30.1.1.1   255.0.0.0
R3(config-if)#No shutdown
R3(config-if)#No keepalive
R3(config-if)#Exit

R3(config)#Interface serial 3/1
R3(config-if)#Ip address  3.3.3.1  255.0.0.0
R3(config-if)#No shutdown
R3(config-if)#Exit


R4(config)#Interface fastethernet 0/0
R4(config-if)#Ip address 40.1.1.1   255.0.0.0
R4(config-if)#No shutdown
R4(config-if)#No keepalive
R4(config-if)#Exit

R4(config)#Interface serial 3/1
R4(config-if)#Ip address  4.4.4.1  255.0.0.0
R4(config-if)#No shutdown
R4(config-if)#Exit


R5(config)#Interface fastethernet 0/0
R5(config-if)#Ip address 50.1.1.1   255.0.0.0
R5(config-if)#No shutdown
R5(config-if)#No keepalive
R5(config-if)#Exit

R5(config)#Interface serial 3/0
R5(config-if)#Ip address  1.1.1.2  255.0.0.0
R5(config-if)#No shutdown
R5(config-if)#Exit

R5(config)#Interface serial 3/1
R5(config-if)#Ip address  2.2.2.2 255.0.0.0
R5(config-if)#No shutdown
R5(config-if)#Exit

R5(config)#Interface serial 3/2
R5(config-if)#Ip address  3.3.3.2 255.0.0.0
R5(config-if)#No shutdown
R5(config-if)#Exit

R5(config)#Interface serial 3/3
R5(config-if)#Ip address  4.4.4.2 255.0.0.0
R5(config-if)#No shutdown
R5(config-if)#Exit


R1#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        10.1.1.1        YES manual up                    up
Serial3/0                    1.1.1.1         YES manual up                    up



R2#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        20.1.1.1        YES manual up                    up
Serial3/1                    2.2.2.1         YES manual up                    up


R3#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        30.1.1.1        YES manual up                    up
Serial3/2                    3.3.3.1         YES manual up                    up


R4#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        40.1.1.1        YES manual up                    up
Serial3/3                    4.4.4.1         YES manual up                    up

R5#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        50.1.1.1        YES manual up                    up
Serial3/0                    1.1.1.2         YES manual up                    up
Serial3/1                    2.2.2.2         YES manual up                    up
Serial3/2                    3.3.3.2         YES manual up                    up
Serial3/3                   4.4.4.2         YES manual up                    up



R1(config)#router eigrp 61234
R1(config-router)#network 1.0.0.0
R1(config-router)#network 10.0.0.0
R1(config-router)#no auto-summary
R1(config-router)#end


R2(config)#router eigrp 61234
R2(config-router)#network 2.0.0.0
R2(config-router)#network 20.0.0.0
R2(config-router)#no auto-summary
R2(config-router)#end


R3(config)#router eigrp 61234
R3(config-router)#network 3.0.0.0
R3(config-router)#network 30.0.0.0
R3(config-router)#no auto-summary
R3(config-router)#end


R4(config)#router eigrp 61234
R4(config-router)#network 4.0.0.0
R4(config-router)#network 40.0.0.0
R4(config-router)#no auto-summary
R4(config-router)#end


R5(config)#router eigrp 61234
R5(config-router)#network 50.0.0.0
R5(config-router)#network 4.0.0.0
R5(config-router)#network 3.0.0.0
R5(config-router)#network 3.0.0.0
R5(config-router)#network 2.0.0.0
R5(config-router)#network 1.0.0.0
R5(config-router)#no auto-summary
R5(config-router)#end

*Dec  4 23:22:09.967: %DUAL-5-NBRCHANGE: EIGRP-IPv4 61234: Neighbor 4.4.4.1 (Serial3/3) is up: new adjacency

*Dec  4 23:22:14.343: %DUAL-5-NBRCHANGE: EIGRP-IPv4 61234: Neighbor 3.3.3.1 (Serial3/2) is up: new adjacency

 *Dec  4 23:22:19.375: %DUAL-5-NBRCHANGE: EIGRP-IPv4 61234: Neighbor 2.2.2.1 (Serial3/1) is up: new adjacency

 *Dec  4 23:22:25.239: %DUAL-5-NBRCHANGE: EIGRP-IPv4 61234: Neighbor 1.1.1.1 (Serial3/0) is up: new adjacency

 R5#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(61234)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
3   1.1.1.1                 Se3/0                    12 00:04:14   78   468  0  3
2   2.2.2.1                 Se3/1                    12 00:04:20   79   474  0  5
1   3.3.3.1                 Se3/2                    14 00:04:25   57   342  0  7
0   4.4.4.1                 Se3/3                    14 00:04:30   67   402  0  9

R5#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

 Gateway of last resort is not set

 D     10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:04:21, Serial3/0
D     20.0.0.0/8 [90/2172416] via 2.2.2.1, 00:04:27, Serial3/1
D     30.0.0.0/8 [90/2172416] via 3.3.3.1, 00:04:32, Serial3/2

D     40.0.0.0/8 [90/2172416] via 4.4.4.1, 00:04:37, Serial3/3

R5(config)#router eigrp 61234
R5(config-router)#passive-interface serial 3/1
R5(config-router)#passive-interface serial 3/3
R5(config-router)#end

 *Dec  4 23:29:34.627: %DUAL-5-NBRCHANGE: EIGRP-IPv4 61234: Neighbor 2.2.2.1 (Serial3/1) is down: interface passive

 *Dec  4 23:29:40.855: %DUAL-5-NBRCHANGE: EIGRP-IPv4 61234: Neighbor 4.4.4.1 (Serial3/3) is down: interface passive



R5#show ip eigrp interfaces
EIGRP-IPv4 Interfaces for AS(61234)
                              Xmit Queue   PeerQ        Mean   Pacing Time   Multicast    Pending
Interface              Peers  Un/Reliable  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Routes
Fa0/0                    0        0/0       0/0           0       0/0            0           0
Se3/2                    1        0/0       0/0          60       0/16         236           0
Se3/0                    1        0/0       0/0          66       0/16         272           0

R5#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(61234)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
3   1.1.1.1                 Se3/0                    10 00:08:32   66   396  0  7
1   3.3.3.1                 Se3/2                    11 00:08:43   60   360  0  11

R5#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

D     10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:08:39, Serial3/0
D     30.0.0.0/8 [90/2172416] via 3.3.3.1, 00:08:50, Serial3/2


Labels:

Comments

Post a Comment

Popular posts from this blog

What is Classification and marking? What is IP Precedence and DSCP Values? What is AF and EF?

By Edgar C Francis Internetworks
  Classification and Marking Classification and marking are the processes of identifying the priority of each packet. This is the first step of QOS control and should be done near the source hosts. Classification is the process of identifying and categorising traffic into classes, typically based upon incoming interface IP precedence, DSCP Source or Destination address. Application classification is the most fundamental QOS building block. Without classification, all packets are treated the same.   The table lists the criteria of classification                                  Marking  Marking is the QOS feature component that colours a packet so it can be identified and distinguished from other packets in QOS treatment. Commonly used markers: link-layer: COS (ISL, 802.1q), MPLS EXP bits,...
Post a Comment
Read more

OSPF default routing

By Edgar C Francis Internetworks
  OSPF Default Route Configuring OSPF Default route is not a big problem. We have couple of options when we want to OSPF default route. Here is an example R1(config)#router ospf 1  R1(config-router)#default-information originate ?   always       Always advertise default route   metric       OSPF default metric   metric-type  OSPF metric type for default routes   route-map    Route-map reference   <cr> We can change numbers of things for example metric or metric type but most of the people forget about the most important thing is the always keyword.  If we add the always command this feature advertises the default route even if we do not have in our routing table. It will look like that route is installed in routing table.   When we use the default information originate we can advertise a default route in OSPF. But OSPF won’t...
Post a Comment
Read more

BGP Local preference configuration

By Edgar C Francis Internetworks
BGP Local preference (Local_Pref) Path attribute gives the router inside a single autonomous system a value that they can set per-route and advertise to all iBGP routers inside the autonomous system, so that all routers in the autonomous system agree about which routers is the best exit point for packet destined for that prefix. Local preference (Local_Pref) is the second BGP attribute. We can use the local preference to choose the outbound external BGP path. Local preference is sent to all internal BGP (iBGP) routers in our autonomous system. Local preference (Local_Pref) is not exchanged between external BGP routers. It’s a well-known and discretionary BGP attribute. Default value is 100. The path with the highest local preference is desirable  Topology:- TASK: To reach 50.1.1.1, 15.0.0.1 network router 2 and router 3 using 3.1.1.2 path ( AS 65144) because it has less numbers of au...
Post a Comment
Read more