Quit wasting bandwidth by controlling Cisco routing protocol updates

It's becoming increasingly more important to manage network bandwidth, and admins need to guard against the inefficient use of both network bandwidth and a router's resources. In this edition of Cisco Routers and Switches, David Davis explains how you can better control this by using the <i>passive-interface</i> command.

Managing network bandwidth is becoming more and more critical. There's no sense in routing broadcasts going out on network interfaces on networks that have no other routers. It's an inefficient use of both network bandwidth and your router's resources. Let's examine how to better control this by taking advantage of the passive-interface command.

When it comes to properly configuring routing protocols, the passive-interface command is one you need to know. However, if you aren't using dynamic routing protocols (such as OSPF, EIGRP, or RIP), you don't need this command.

The passive-interface command only works in Router Configuration Mode. You can tell when you're in this mode because the prompt looks like this:


You can use the passive-interface command to tell the dynamic routing protocol not to send network advertisements through an interface. This command works on all IP routing protocols except BGP.

However, the command works a little differently on OSPF and IS-IS. With OSPF, the network interface that's designated passive appears as a stub, and it doesn't send or receive any routing updates. With RIP, IGRP, and EIGRP, it doesn't send out any routes, but it can still receive them. Also, it will still advertise the network to all interfaces that aren't passive.

There are two ways to use the passive-interface command.

  • Specify a certain interface that will be passive, which means it won't send out routing updates.
  • Make all interfaces passive first. Then use the no passive-interface command on interfaces that you want to send routing updates.

Let's look at an example of each method. Note: Each example assumes that you have already added the network that's on the passive interfaces to the routing protocol (using the network command).

To make an interface passive, just specify the interface. Here's an example:

Router(config)# router rip
Router(config-router)# passive-interface Ethernet 0/0

To make all interfaces passive and then make a single interface active, just use the passive-interface and no passive-interface default commands (introduced in IOS 12.0). Here's an example:

Router(config)# router rip
Router(config-router)# passive-interface default
Router(config-router)# no passive-interface Serial 0/0

Let's look at a simple networking scenario to further demonstrate the use of this command. Let's say that you have two routers connected via a T1 circuit, and the routers are running RIP. Each router has a LAN with PCs connected to an Ethernet interface.

You need each router to know about the other router's LAN network, right? That's the whole purpose of using the dynamic routing protocol .But there are no other routers on the LAN with which these routers can exchange routing updates.

If that's the case, why would you want to broadcast routing updates every 30 seconds on the LAN interface forever? The answer is that you don't. It's a waste of LAN bandwidth and a waste of your router's CPU time. While it isn't really causing a problem because it's a small update, there's no need to send unwanted traffic if you can avoid it.

So how can you eliminate this unnecessary traffic? On each router, go into RIP Configuration mode, and use the passive-interface command to stop sending routing updates on the LAN interface. Here's an example:

Router(config)# router RIP
Router(config-router)# passive-interface Ethernet 0/0

This, of course, assumes that you've already configured the networks that you want to advertise using the network command. Here's an example:

Router(config-router)# network 1.0.0..0 (the Serial network)
Router(config-router)# network (the Ethernet network)

Keep in mind that this means the system will advertise both networks you've configured via the serial interface to the other router. However, this doesn't prevent your router from receiving routing updates on the LAN interface (with RIP). If another router happens to be on the LAN and does send updates to your router, it will still receive the updates.

For more information on the passive-interface command, check out Cisco's Preventing Routing Updates Through an Interface documentation as well as Cisco's documentation for the passive-interface command. Do you have a routing tip to share? What other switch topics would you like to see covered in this column? Share your thoughts in this article's discussion.

Miss a column?

Check out the Cisco Routers and Switches Archive, and catch up on David Davis' most recent columns.

Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!

David Davis has worked in the IT industry for 12 years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.

Editor's Picks

Free Newsletters, In your Inbox