Hello Narad
For all routing protocols including RIP, EIGRP, and OSPF, by definition, a passive interface will not send out any hello packets (EIGRP and OSPF) or routing updates (RIP). Therefore, you cannot establish a neighbor relationship for EIGRP or OSPF, nor can you inform potential RIP routers connected to such an interface.
For RIP, a passive interface is able to receive and process RIP updates.
I hope this has been helpful!
Laz
HI all,
thanks for the explanation !
Maybe a stupid questionâŚ
Should I put in passive mode an interface who doesnât partecipate in the routing instance ?
Example
interface vlan 10
description LAN A
192.168.10.1 255.255.255.0
interface vlan 20
description LAN B
192.168.20.1 255.255.255.0
interface vlan 100
description P2P network
192.168.100.1 255.255.255.252
router ospf 10
network 192.168.100.0 0.0.0.3 area 0
network 192.168.10.0 0.0.0.255 area 10
passive interface vlan 10
Should I add to this process âpassive interface vlan 20â too ?
I think that i donât need it, but would like to be sure 
Thanks
Bye
Aronne
Hello Aronne
An interface on an OSPF-enabled switch or router should be set to passive only if there is no other OSPF router connected to the subnet hanging off of that interface. Ask yourself the question, âwill another OSPF router communicate with this particular interface to create an OSPF adjacency?â If the answer is no, then you can make that interface passive.
So if you have no other OSPF router on VLAN 20, there is no need to send out any OSPF messages, so you can make that VLAN interface passive.
For more information, take a look at the NetworkLessons Note on Passive interfaces.
Thereâs no such thing as a stupid question! All questions help us learn!
I hope this has been helpful!
Laz
Hi All,
I love your very effective , super-clear lessons !!
I wish you have specific lesson on the OSPF Forwarding Address. It would rescue me from confusions:
I have a couple of questions in mind :
Say, enable the interface for OSPF, instead of using the network command.
For example , We can enable the interface to become an OSPF internal route. See diagram below,
R1 (config)# interface f0/0
R1 (config-if)# ip ospf 1 area 0
Now If your answer is "Yesâ, that we can actually enable ASBR R1âs interface , so that this interface would automatically issue hello packets;
I understand , we can use the Redistribute command, but because, I am trying to satisfy the special conditions for the T5 LSA Forwarding Address assignment by:
enabling OSPF on the ASBRâs RIP-facing interface and also make this yellow-highlighted link non-passive* (ie the portion of the ethernet segment, facing the RIP router).
I hope , I had highlighted the correct portion of the ethernet segment, to designate as ASBRâs next hop interface ( ie the Forwarding Address as contained in T5 LSA) .
In the diagram, you can see another edge router R2, along with the RIP router R3, all of these 3 routers , were directly connected on the same ethernet segment.
See ASBRâs next hop, as highlighted in yellow, which we had made it OSPF-enabled with the above configuration. Then T5 LSAâs Forwarding Address will be set to R3âs IP address on that ethernet subnet.
Thanking you so much for your good knowledge, many thanks !!
Hi Laz,
I need your knowledge-hammer to smash my confusion :
I am trying to comprehend the important information that : [ despite turning an interface into passive interface , it will STILL advertise its connected subnet.]
How can OSPF possibly advertise a passive link without using Updates, or LSA packets ?
So , the answer could be, you are still sending out LSAs about that passive link, but just not toward the directly connected interface.
Because, you are using the Network command , thus you can still advertise that Passive interface, to other interfaces, via OSPF LSAs.
This effectively means : a passive interface will simply stop sending hello packets and other OSPF packets ( eg LSAs ) over that particular interface. Hence no neighbour relationship can be established with the directly connected router.
But, it will still have its connected network advertised via OSPF LSAs to other routers, (if it is included in the subnets of the Network command) .
This Network command was needed, because you want the prefix associated with the interface , added into the LSDB.
What are the important consequences of the LSA advertisements ? Say, if you configure a host route to be passive, then this **host entry ( ie /32) ** would disappear completely from the RIB, because neighbour can not be discovered on a passive link.
But , if you configure a subnet link ( /24 ) to be passive, then other OSPF routers would still show the passive link (as a stub link) , in their routing tables, but this passive link could only be reach-able , through a different next hop IP address.
Hello Jenny
You can achieve what you need by simply enabling OSPF on the F0/0 interface of R1 as you have already done so, and then make that interface passive by issuing the passive-interface FastEthernet 0/0 command under the router ospf configuration mode. By making an interface passive, you are not removing its participation from OSPF, but you are simply disabling the sending of any OSPF messages from that interface.
Yes, this is indeed the case. Keep in mind that enabling or disabling that yellow interface as passive or non-passive will have no effect on the appearance of the forwarding address in the Type 5 LSAs.
The following Cisco documentation is an excellent example of if this very situation (minus the passive-interface) and it describes in great detail the operation of the forwarding address for Type 5 LSAs.
I hope this has been helpful!
Laz
Bulls eye Laz !! that was the awesome detail I needed , to complete my jigsaw puzzle !!!
Smashing my confusion with a clear-cut hammer !! 
Router 2 Network command is missing the area
Hello David
Yes, you are correct, in the configurations listed at the bottom of the lesson, the area keyword is missing. I will let Rene know to make the correction.
Thanks for pointing it out!
Laz