When you use the EIGRP network command, two things will happen:
- All interfaces that have a network that falls within the range of your network command will be advertised in EIGRP.
- EIGRP hello packets will be sent on these interfaces.
Sometimes however you might want to advertise a network in EIGRP but you don’t want to send hello packets everywhere. Take a look at the topology below for an example:
Above we have two routers, R1 and R2. On the left side there’s the 192.168.10.0 /24 network with a switch and some computers. R1 wants to advertise this network to R2 but since there are no other EIGRP routers in the 192.168.10.0 /24 network, it’s pointless to send EIGRP hello packets on the FastEthernet 0/1 interface.
It’s also a security risk, when someone connects a router in the 192.168.10.0 /24 network (or starts a virtual router on their computer) they will be able to become EIGRP neighbors with R1.
To prevent this from happening, we will use the passive-interface command. This will ensure that the network is advertised in EIGRP but it will disable hello packets on the interface.
Let me show you how to configure this.
Configuration
Here’s the EIGRP configuration of R1 and R2:
R1(config)#router eigrp 12
R1(config-router)#network 192.168.12.0
R1(config-router)#network 192.168.10.0 R2(config)#router eigrp 12
R2(config-router)#network 192.168.12.0As a result, R2 will learn network 192.168.10.0 /24:
R2#show ip route eigrp
D 192.168.10.0/24 [90/307200] via 192.168.12.1, 00:00:59, FastEthernet0/0The problem however is that R1 is sending hello packets towards our computers. You can verify this by enabling a debug:
R1#debug eigrp packets hello
EIGRP Packets debugging is on
(HELLO)
EIGRP: Sending HELLO on FastEthernet0/0
AS 12, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
EIGRP: Sending HELLO on FastEthernet0/1
AS 12, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0Above you can see that the hello packets are going in both directions.
Let’s use the passive interface command to disable the hello packets towards the switch:
tnks rene bedant
Great and easy to understand lesson. I would only make one request on this for something to be added.
in my lab of this lesson everything went smoothly. Only thing I had some hiccups on that I had to search was the following.
I knew how to setup from the lesson the default command for passive interface. However, for some reason I was thinking “incorrectly” that I needed to setup the no passive-interface command under the interfaces… I tried a few times but it was not working for obvious reasons as that was the wrong place. Its small thing and I quickly d
... Continue reading in our forumHello Brian
In EIGRP just like in OSPF, it is possible to set the default state of an interface as passive with the
... Continue reading in our forumpassive-interface defaultcommand under therouter eigrpconfiguration. This is explicitly explained in the OSPF passive interface lesson found below, but not in the EIGRP passive interface lesson.In your introduction video to EIGRP and every other book that I read, it says that
but this debug says otherwise. Can you please clarify?
R1#debug eigrp packets hello
EIGRP Packets debugging is on
(HELLO)
Update: find out why
... Continue reading in our forumHello Takele
Let’s say you have a router R1 with the following configuration:
FastEthernet 0/1 has an IP address of 192.168.10.1/24
FastEthernet 0/2 has an IP address of 10.10.10.1/24
FastEthernet 0/3 has an IP address of 172.16.2.1/24
Here’s the topology:
//cdn-forum.networklessons.com/uploads/default/original/2X/6/6adf8e1034b79b6e6f60d528edc5fc644bae4348.png
Now let’s say that we’ve included all three subnets in the EIGRP process using the
... Continue reading in our forumnetworkcommand. This means that all updates R1 sends will contain all three subnets. Now by default, EIGRP will sent o