Ospf passive interfaces, Ospf passive interfaces -16 – Enterasys Networks Security Router X-PeditionTM User Manual

IP Routing Protocols

5-16 Configuring IP

Each LSA type configurable for database overflow can generate a log to reflect pending overflow,
overflow entered and exited logs in this format:

–

Date and time stamp

–

Router ID (IP address)

–

Module (OSPF)

–

Log Description

–

LSA Type

–

Current LSA count

The following is a high priority Pending Overflow log report:

May 2 12:11:32 42.42.42.2 OSPF: Database Pending Overflow, Lsa Type: router, Count: 2

The following is a high priority Overflow Entered log report:

May 2 12:13:41 42.42.42.2 OSPF: Database Entered Overflow, Lsa Type: router, Count: 2

The following is a high priority Overflow Exited log report:

May 2 12:14:24 42.42.42.2 OSPF: Database Exited Overflow, Lsa Type: router, Count: 2

OSPF Passive Interfaces

In some situations it is desirable to include a subnet in the OSPF routing process (and Link-State
Database), without actually running OSPF on the interface of the XSR connected to that subnet.
This is particularly useful for interfaces that are used as BGP peering links or for customer
connectivity.

You have two choices to incorporate this subnet into OSPF:

•

Redistribute it as an external route into OSPF.

•

Include the interface in OSPF.

Typically, the later approach is preferred because it injects the route as a native OSPF route, subject
to address summarization at an Area Border Router, while the first approach injects it as a non-
summarizable external. But the first approach creates a security hole as it opens the possibility of
establishing an unintended OSPF adjacency.

Passive interfaces, entered with the

ip ospf passive

command, suppress OSPF packet

transmissions through the specified interface so there is no chance of establishing an OSPF
adjacency. Also, loopback interfaces enabled in OSPF could be considered passive interfaces and
treated the same way.

The XSR’s passive interface functionality performs as follows:

•

Hellos are not sent out or received on passive OSPF interfaces.

•

OSPF adjacencies are not established on passive OSPF interfaces.

•

OSPF passive interfaces are advertised as stub networks in the self- originated router LSA.

•

When the passive parameter is changed on an operational OSPF interface, it will be
administratively disabled and re-enabled.

Refer to the XSR CLI Reference Guide for more information and this chapter for a sample OSPF
configuration.