Passive-interface default resets configuration

Similar Messages

• Passive-interface default on eigrp

  When using the passive-interface default on a router, to advertise networks you have to use the no passive-interface Vlan20, for example, what happens to the following network statements, are they ignored? For example, I have the following config:
  router eigrp 1
  passive-interface default
  no passive-interface vlan 1
  no passive-interface vlan 2
  no passive-interface vlan 3
  no passive-interface vlan 4
  network 10.0.0.0
  network 172.0.0.0
  no auto-summary
  Will I still advertise the networks defined over the vlan interfaces?
  Just curious.

  Hi Mason,
  There is some historical reasoning here. Until IOS release 12.0(4)T, you could not specify a wildcard mask when configuring the 'network' statement for EIGRP. In fact, the 'network' statement would only accept classful (i.e. major) networks at that time. So the ability to add a wildcard mask has been a relatively recent invention.
  However, there is absolutely no problem with using a '0.0.0.0' wildcard in order to limit the network statement to a single IP address. From a convenience perspective, though, people tend to use a wildcard mask that reflects the actual subnet mask used on the interface. Either way is perfectly acceptable.
  Now, if you are using a protocol such as OSPF, the wildcard mask becomes a bit more significant. The following link describes why that is so:
  http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009405a.shtml
  Hope that helps - pls do rate the post if it does.
  Paresh

• IOS-XR: EIGRP passive-interface default?

  It appears there's no ability to make all interfaces passive by default in XR as there is in IOS.
  Is there a reason for this or is it just that it has not been included yet?
  Workaround is to configure all unnecessary interfaces as passive but I prefer to have all passive and then only enabled where needed.
  TIA,

  Hi Gary,
  I filed request CSCug38048 for this. It may take a day or so for it to show up in teh bug toolkit, but then you have something for tracking. I dont have a definitive release for this either, but I am trying to see if we can do this short(er) term.
  As for the other question on the use of passive sparingly. I don't necessarily agree with that statement. Passive is very useful to include prefixes in the advertisement, but to prevent forming adj. Loopbacks are to be made passive, because it is a waste of cpy cycles trying to generate a hello on that stub interface and then drop it in software. Passive is the proper solution. Same thing with access facing interfaces that dont need adj to the CE's, but have to be included in the routing.
  The alternative of using redistribute connected is indeed an option, but the disadvantage for that is that it creates EXTERNAL routes, in both OSPF and EIGRP, with different metric calculations.
  The magnitude of "many" in this regard is dependent on the number of times you don't mind configuring "passive-interface" under the eigrp enabled interface configuration. For me personally that would be about 20
  What I mean to say is, it is not dependent on a scaling limitation or anything other then operator/user.
  cheers!
  xander

• EIGRP network vs. no passive-interface

  What is the difference between configuring EIGRP with the "network" command, then specifying the IP addresses of the interfaces you want to use OR using the no passive-interface command.
  The examples below might make more sense:
  gi0/0.1 has an IP of 192.168.1.1
  gi0/0.2 has an IP of 192.168.2.1
  s1/0 has an IP of 192.168.3.1
  s1/0 has an IP of 192.168.4.1
  router eigrp 100
  passive-interface default
  no passive-interface GigabitEthernet0/0.1
  no passive-interface GigabitEthernet0/0.2
  no passive-interface Serial1/0
  no passive-interface Serial1/1
  network 192.168.0.0
  no auto-summary
  router eigrp 100
  network 192.168.1.1
  network 192.168.2.1
  network 192.168.3.1
  network 192.168.4.1
  no auto-summary
  Don't both of these configurations accomplish the same thing? If so, is there any advantage to using one over the other?
  Thanks,
  Nate

  Actually, on a technecality, they do not do the same thing. And it is one of the subtlties of the behavior of EIGRP that may be important to understand when preparing for the CCIE or when administering an EIGRP network.
  The important aspect to recognize here is the classful network boundaries. The first example had network 192.168.0.0. This happens to be a class C network. And EIGRP would be looking for interfaces that are in that particular network. And it would not process the interfaces on 192.168.1.0 or 192.168.2.0 etc. Even though EIGRP works very well in a classless addressing environment, its roots are in a classful background. And one manifestation of that is the default behavior to treat the network statement as looking for classful boundaries. So in fact if you configure EIGRP with network 192.168.1.1 and then do a show run what you will see is 192.168.1.0 because EIGRP is processing classful network boundaries.
  If the example had used a class B like 172.16.1.1 and 172.16.2.1 etc then the two approaches would have produced the same results.
  There are two more aspects of this I would like to comment on. One is the background of the passive default. This ties back to the essentially classful nature of the processing that EIGRP does on the network statement. If you were bringing up a router that would eventually have many interfaces that would be subnets of the same classful network and you put in network 172.16.0.0 then EIGRP would attempt to process every interface with an address in the subnets of that network. But you might not want them to be advertised when they were configured, you might want to wait till there was actually something deployed there, or perhaps you might not want EIGRP to process a particular interface at all (perhaps that interface connected to something external to your network. Cisco introduced the passive default to accomodate this situation. With passive default EIGRP does not process the interface till you specifically activate it.
  Another interesting aspect is that Cisco then introduced the ability within EIGRP to use a netmask on the network statement which allows you to specifically identify the particular interface you want to process. This addresses the classful default behavior and makes EIGRP truly more of a classless routing protocol.
  So lets take the example that started this discussion and change it a little bit. Suppose there was a router with interfaces 172.16.1.1, 172.16.2.1, 172.16.3.1, and 172.16.4.1. And suppose that you wanted (for whatever reason) to include 1, 2, and 4 but not 3. How could you do it?
  The more traditional solution would be to use passive default and leave the 3 as passive. Or the more recent solution would be to use network statements with netmask to include only the specific interfaces that you wanted.
  HTH
  Rick

• Passive-interface

  Hi
  10xs ankur for ur previous link;so i need to control route propogation to access layer switchs using dist-list;and allow only default route to be advertised to the access layer(i'll configure access as eigrp stub.have a check to this config
  access-switch
  router eigrp 1
  eigrp stub connected
  Dist-node
  Dist-node EIGRP configuration:
  interface Port-channel1
  description to Core
  ip address 10.1.0.1 255.255.255.252
  ip hello-interval eigrp 1 1
  ip hold-time eigrp 1 3
  ip summary-address eigrp 10 10.2.0.0 255.255.0.0
  interface GigabitEthernet1/1
  description To Access (L3)
  ip address 10.1.0.9 255.255.255.252
  ip hello-interval eigrp 1 1
  ip hold-time eigrp 1 3
  router eigrp 1
  passive-interface default
  no passive-interface Port-channel1
  no passive-interface GigabitEthernet1/1
  network 10.0.0.0
  distribute-list Default out GigabitEthernet1/1
  no auto-summary
  ip Access-list standard Default
  permit 0.0.0.0.
  do i need inverse maske when i advertise the 10.0.0.0?like this config i prevent access switch to act as transit node?why should only permit default route?
  10xs for ur reply
  ali

  Hi,
  do i need inverse maske when i advertise the 10.0.0.0? ?
  The answer depends on details of how you configure EIGRP. You have configured it like this:
  router eigrp 1
  network 10.0.0.0
  then EIGRP will look for every interface on the router which is in 10.0.0.0 and include that interface into EIGRP processing.
  If you want to configure it like this
  router eigrp 1
  network 10.0.0.0 0.0.0.3
  then EIGRP will look for the interface that matches the address and mask and will find at most one interface that matches and that interface will be included into EIGRP processing.
  HTH, Please rate if it does.
  -amit singh

• Passive interface on a SVI, does that work or not?

  Hello all,
  At my office, I am trying to clean some of the routing table and fix some routing issues. We run eigrp for internal network. In one of the routers, eigrp neighbor relationship is through SVIs only. I'm actively trying to use "passive interface default" for all the L3 devices, and doing "no passive... " for the interfaces that are currently forming neighbor relationship. So, does that work the same for SVIs? Do I just do "no passive interface default int vlan XX" for all the SVI that are forming the neighbor relationship? will that work the same as for a physical interface? or do I need to track the physical ports that are actively using that vlan? I have looked around and haven't found a definitive answer. I would really appreciate some help.
  Thank you in advance.

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  I know it works for OSPF, I would assume it would for EIGRP too, but cannot say for sure.

• Passive interface command on RIP

  Hi all,
  This command below
  passive-interface command give additional information to RIP, that it can't send updates via this particular interface ---
  As per my understanding is this if we have 2 routers that are directly connected with each other and we enable this command on the interface of one of
  routers then that router will not send any RIP updates to other router right?
  secondly if these 2 routers are point to point connection we can ping directly conencted interfaces IP of  routers because they are directly connected even though there is no routing protocol running between these two right?
  3rd thing when i run sh ip protocols on one of router it shows
  Routing Protocol is "rip"
    Sending updates every 30 seconds, next due in 1 seconds
    Invalid after 180 seconds, hold down 180, flushed after 240
    Outgoing update filter list for all interfaces is not set
    Incoming update filter list for all interfaces is not set
    Redistributing: rip
    Default version control: send version 2, receive version 2
      Interface             Send  Recv  Triggered RIP  Key-chain
      FastEthernet0/0       2     2
    Automatic network summarization is in effect
    Maximum path: 4
    Routing for Networks:
      192.168.4.0
    Routing Information Sources:
      Gateway         Distance      Last Update
      192.168.4.2          120      00:23:38 ****************************************************
  here last update time keeps on incrementing but  sh ip route does not show now that rip is running.
  so this line means
  Invalid after 180 seconds, hold down 180, flushed after 240
  that after 240 secs router will flush the rip routes fron the routing table right?
  but sh ip protocol  will always show rip as routing protocol as we have config the rip and last update time will keep on incrementing right?
  thanks
  mahesh

  Hi Mahesh,
  From the config guide:
  To control the set of interfaces with which you  want to exchange routing updates, you can disable the sending of routing  updates on specified interfaces by configuring the
  passive-interface
  here is the link:
  http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1crip.html
  Correct, you do not need a routing protocol.  The interfaces are directly connected.  Now, if for example you add a loopback address to each router, you need a routing protocol or static router to reach the opposite router's loopback address.
  The reason the interfaces/IPs do not show up in the RIP routing table is because they are directly connected and directly connected routes have a lower admin distance (1) which is preferred over rip which is 120.
  yes
  HTH

• "No default browser configured"

  When I press F1 in VC++ 2010 Express to get an explanation about a Win32 function from MSDN, a message box pops up saying "No default browser configured on this machine. Help cannot be displayed until a default browser is installed/configured." 
  How can I configure a default browser? What kind of file does VC++ want me to specify a default browser to open? I've installed Opera on my computer, as well as IE.

  Hi xiaokaoy,
  Based on your issue, as far as I know that the F1 function is used to open the MSDN help page for the object on which the cursor lies in VS IDE. So when your cursor is on Win32 function , it will launch the corresponding MSDN page in web browser.
  As you said the you get the error: "No default browser configured", I suggest you could try to make the IE as default browser by referring the following document check this issue.
  http://windows.microsoft.com/en-hk/internet-explorer/make-ie-default-browser#ie=ie-11
  If the above suggestion still could not help you, please you
  reset your VS setting file by going to the Tools->Impoat and Export the settings... and then check this issue.
  Or maybe you will need to repair or re-install the VC++ 2010 express and then check this issue again.
  Best Regards,
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Pix/Asa OSPF passive interface

  Hi.
  I am going to have an OSPF process for two internal interfaces. But I also have one external interface where I do not want any OSPF traffic going out. I have not so far found any OSPF PASSIVE INTERFACE type of commands om PIX/ASA. Is there any one out there who knows if there is one command like that or how one can stop OSPF packet from going out. I presume that an outgoing access-list will not stop this traffic.
  Regards Bjorn

  Hi,
  Don't define external interface as partecipating to OSPF process.
  That is you have to define the two interface partecipating to OSPF process:
  view: "Enabling OSPF ". Here is the link:http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/ip.html#wp1041629.
  I hope this helps.
  Best regards.
  Massimiliano.

• Passive interface vlan 50

  Hi
  i need to know with detail what does it mean this command"passive interface vlan 50"?;description;usefulllink it is very much appreciated.
  10xs
  ali

  Hi Ali,
  "passive-interface" router configuration command is applied to stop sending routing updates on an interface.
  It behaves different for different routing protocol like for EIGRP the passive-interface command disables the transmission and receipt of EIGRP hello packets on an interface so the neighborship will not form on that interface which is configured as passive interface.
  In OSPF, hello packets are not sent on an interface that is specified as passive. Hence, the router will not be able to discover any neighbors, and none of the OSPF neighbors will be able to see the router on that network.
  But for RIP and IGRP it does not send the routing updates out on that interface which is configured as passive but still that interface will be advertised out from other interfaces.
  Have a look at this link for more details
  http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a008008784e.html#wp11573
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfindep.htm#wp1019396
  Now depending upon the routing protocol you have configured interface vlan 50 will not advertise the routes out from the interface vlan 50 and if you have configured eigrp or ospf it will not form any neighborship with peer on interface vlan 50.
  HTH, if yes please rate the post.
  Ankur

• VRF & OSPF passive interfaces

  Hello,
  if configuring OSPF for a VRF you cannot configure passive interfaces! The command does not even exist!
  This seems to be related to CSCeb86068.
  Does anyone have experiences with that issue??
  Any intelligent solution??
  Thanks
  Juerg

  1.For no neighbor in your VPN, you can try BGP as PE-CE routing protocol.
  router bgp 65000
  address-family ipv4 vrf school
  network x.x.x.x mask x.x.x.x
  no auto-summary
  no synchronization
  exit-address-family
  R1#v all 172.16.1.0
  BGP routing table entry for 172:16:172.16.1.0/24, version 373
  Paths: (1 available, best #1, table school)
  Flag: 0x820
  Advertised to update-groups:
  1 2
  Local
  0.0.0.0 from 0.0.0.0 (172.16.0.1)
  Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, local, best
  Extended Community: RT:172:16
  2.If you still need use ospf and passive interface in your ospf vrf, upgrade to 12.4.2 or above. :)

• Permanently change default error configuration in Analysis Services 2005

  Hi,
  Currently, I am working on a BPC 5.1 application.  The data for this application is loaded(inserted via SQL statement) right to the FACT table and then a full process is run for that cube via an SSIS package using the Analysis Services Processing Task.  Often records are loaded this way where a dimension member for some of the records has not been added to the Account dimension yet.  These records after loading are considered 'orphan records' until the accounts are added to the account dimension.
  This loading process is used because of the volume of records loaded(over 2 million at a time) and the timing of the company's business process.  They will receive data sometimes weeks before the account dimension is updated in BPC with the new dimension members.
  If I try and process the application from the BPC Administration area with these orphan records in the FACT table, the processing stops and an error displays.  Then when I process the cube from Analysis services, an error is displayed telling me that orphan data was found.
  A temporary work-around is to go into the cube properties in Analysis Services 2005, click on Error Configuration, uncheck 'Use default error configuration' and select 'Ignore errors'. Then you can process the application from BPC's Administration page successfully.  But, the problem is that after processing the application successfully, the Analysis Services Error Configuration automatically switches back from 'Ignore errors' to 'Use default error configuration'.
  Does anyone have any suggestions on how to permanently keep the 'Ignore errors' configuration selected so it does not automatically switch back to 'Use default error configuration'?  Prior to BPC 5.0 this was not occurring.
  Also, does anyone know why this was changed in BPC 5.0/5.1?
  Thanks,
  Glenn

  Hi Glenn,
  I understood the problem but I can say that it was a bad migration of appset from 4.2 to 5.0.
  Any way they are using a dts package to import data into our fact table. That's means they have to add another step into that package where they have to do the verfications of records before to insert into fact table. Verfications can be done using the same mechanism from our standard import. Just edit that package and add similar steps into customer package.
  Attention you need somebody with experience developing DTS packages with for BPC to avoid other problems.
  One of big benefits from 5.X compare with 4.2 was the fact that we are able to use optimization schema and aggregations for cubes.
  Heaving that orphan records it is not possible to use optimization schema for cubes and you are not able to create good aggregation into your cube.
  So my idea is to provide all these information to customer and to try to modify that package instead to enable that option which can cause many other issues.
  Sorin

• How to get rid of text in bookmark toolbar? the default reset will not work

  my bookmark toolbar has changed. I clicked on default reset so just icons show but it will not work. can not get rid of text.

  The Bookmarks Toolbar, by default, shows both icons and text. Here is an Add-on that will allow you to show only the icons.
  *'''''Roomy Bookmarks Toolbar''''': https://addons.mozilla.org/en-US/firefox/addon/roomy-bookmarks-toolbar/
  '''If this reply solves your problem, please click "Solved It" next to this reply when <u>signed-in</u> to the forum.'''
  Not related to your question, but...
  You may need to update some plug-ins. Check your plug-ins and update as necessary:
  *Plug-in check: https://www-trunk.stage.mozilla.com/en-US/plugincheck/
  *Adobe Shockwave for Director Netscape plug-in: [https://support.mozilla.com/en-US/kb/Using%20the%20Shockwave%20plugin%20with%20Firefox#w_installing-shockwave Installing ('''''or Updating''''') the Shockwave plugin with Firefox]
  *Adobe PDF Plug-In For Firefox and Netscape: [https://support.mozilla.com/en-US/kb/Using%20the%20Adobe%20Reader%20plugin%20with%20Firefox#w_installing-and-updating-adobe-reader Installing/Updating Adobe Reader in Firefox]
  *Shockwave Flash (Adobe Flash or Flash): [https://support.mozilla.com/en-US/kb/Managing%20the%20Flash%20plugin#w_updating-flash Updating Flash in Firefox]
  *Next Generation Java Plug-in for Mozilla browsers: [https://support.mozilla.com/en-US/kb/Using%20the%20Java%20plugin%20with%20Firefox#w_installing-or-updating-java Installing or Updating Java in Firefox]

• How Do I Create Default System Configurations for On- and Off-Dock?

  I recently purchased a T510 laptop with WIndows 7 Professional 64-bit and a Series 3 minidock. I would like two create two default system configurations (namely specifying active montiors, screen resolutions, networking options, and power management). I'd also like the laptop to detect the presence or absence of the dock and automatically switch accordingly. How can I do this? Thank you.

      Dear DavidLeon65,
  Good afternoon. I am sorry to learn of the difficulties you are experiencing with the bluetooth connection in your car. I know this can be frustrating. It would be my pleasure to address your bluetooth concerns.
  When the bluetooth connection drops out, is the phone near you? Also, do you have Wi-Fi turned on? If so, please turn off Wi-Fi, then test. What software version do you have? For directions on how to check the software verison on your phone, click http://vz.to/SrMyDh
  Thank You,
  MichelleS_VZW
  VZW Support
  Follow us on Twitter @VZWSUPPORT

• Bug in APEX 4.2.4 User Interface defaults

  Hi,
  I set the user defaults in a table. I select to create a static set of values for a field. All is good. Saved and used in a form like a charm.
  When I go back to edit and add a new set of values to an existing List, I click on Add Row Button but nothing happens.
  the path is: SQL Workshop > Utilities > User Interface Defaults > Table Dictionary > Table and Column Properties > Column Defaults > Static List of Values
  Am I missing something? or is this a bug?

  I tried (SELECT ...) UNION (SELECT ...) as simple Interactive Report query in APEX 4.1.0.00.32 and received "SQL statement needs to start with SELECT".
  What version are you upgrading from?
  I was able to do this in a Classic Report but it complained, wanting a unique key in the Interactive Report.
  select * from ((select 1, EMPNO from EMP) UNION (select 2, EMPNO from EMP))
  Howard