We have configured OSPF on Router_1, Router_2 and 2 more routers in OSPF area 0. Router_1 is connected to network 10.1.1.1/8 which has some computers connected to a switch. We want Router_1 should advertise 10.1.1.1/8 network to all the routers in area 0.

But there is one problem once we configure the network command on router_1 to advertise 10.1.1.1/8 in OSPF area 0. Router_1 will immediately send OSPF hello packets to switch. Well this is not a good thing because we do not have routers there on that network and second there is danger security risk. Why there is security risk? What if someone on the computer start an application which replies OSPF hello packets and obviously router_1 will try to become neighbors? The hacker could advertise fake routes using that technique.

We do not want that happen in our network to prevent that happening, we use the passive interface. In OSPF passive interface command tells OSPF router no to send hello packets on passive interfaces.





configure the topology as per the diagram

assign IP address to their interface

configure OSPF 1 and advertise all the routes

configure passive interface serial 3/0 and serial 3/2 on router 5



R1(config-if)#No shutdown

R1(config-if)#No keepalive

R1(config-if)#Exit



R1(config)#Interface serial 3/0

R1(config-if)#Ip address 1.1.1.1 255.0.0.0

R1(config-if)#No shutdown

R1(config-if)#Exit



R2(config)#Interface fastethernet 0/0 R2(config-if)#Ip address 20.1.1.1 255.0.0.0 R2(config-if)#No shutdown R2(config-if)#No keepalive R2(config-if)#Exit

R2(config)#Interface serial 3/1 R2(config-if)#Ip address 2.2.2.1 255.0.0.0 R2(config-if)#No shutdown R2(config-if)#Exit



R3(config)#Interface fastethernet 0/0 R3(config-if)#Ip address 30.1.1.1 255.0.0.0 R3(config-if)#No shutdown R3(config-if)#No keepalive R3(config-if)#Exit

R3(config)#Interface serial 3/1 R3(config-if)#Ip address 3.3.3.1 255.0.0.0 R3(config-if)#No shutdown R3(config-if)#Exit



R4(config)#Interface fastethernet 0/0 R4(config-if)#Ip address 40.1.1.1 255.0.0.0 R4(config-if)#No shutdown R4(config-if)#No keepalive R4(config-if)#Exit

R4(config)#Interface serial 3/1 R4(config-if)#Ip address 4.4.4.1 255.0.0.0 R4(config-if)#No shutdown R4(config-if)#Exit



R5(config)#Interface fastethernet 0/0 R5(config-if)#Ip address 50.1.1.1 255.0.0.0 R5(config-if)#No shutdown R5(config-if)#No keepalive R5(config-if)#Exit

R5(config)#Interface serial 3/0 R5(config-if)#Ip address 1.1.1.2 255.0.0.0 R5(config-if)#No shutdown R5(config-if)#Exit

R5(config)#Interface serial 3/1 R5(config-if)#Ip address 2.2.2.2 255.0.0.0 R5(config-if)#No shutdown R5(config-if)#Exit

R5(config)#Interface serial 3/2 R5(config-if)#Ip address 3.3.3.2 255.0.0.0 R5(config-if)#No shutdown R5(config-if)#Exit

R5(config)#Interface serial 3/3 R5(config-if)#Ip address 4.4.4.2 255.0.0.0 R5(config-if)#No shutdown





R1#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 10.1.1.1 YES manual up up

Serial3/0 1.1.1.1 YES manual up up





R2#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 20.1.1.1 YES manual up up Serial3/1 2.2.2.1 YES manual up up



R3#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 30.1.1.1 YES manual up up

Serial3/2 3.3.3.1 YES manual up up



R4#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 40.1.1.1 YES manual up up Serial3/3 4.4.4.1 YES manual up up

R5#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 50.1.1.1 YES manual up up Serial3/0 1.1.1.2 YES manual up up Serial3/1 2.2.2.2 YES manual up up Serial3/2 3.3.3.2 YES manual up up Serial3/3 4.4.4.2 YES manual up up





R1(config)#router ospf 1

R1(config-router)#network 1.0.0.0 0.255.255.255 area 0

R1(config-router)#network 10.0.0.0 0.255.255.255 area 0

R1(config-router)#end



*Dec 4 23:52:33.531: %OSPF-5-ADJCHG: Process 1, Nbr 50.1.1.1 on Serial3/0 from LOADING to FULL, Loading Done R5(config-if)#Exit R1(config-if)#Ip address 10.1.1.1 255.0.0.0R1(config-if)#No shutdownR1(config-if)#No keepaliveR1(config-if)#ExitR1(config)#Interface serial 3/0R1(config-if)#Ip address 1.1.1.1 255.0.0.0R1(config-if)#No shutdownR1(config-if)#Exit





R2(config)#router ospf 1 R2(config-router)#network 2.0.0.0 0.255.255.255 area 0 R2(config-router)#network 20.0.0.0 0.255.255.255 area 0 R2(config-router)#end

*Dec 4 23:52:39.231: %OSPF-5-ADJCHG: Process 1, Nbr 50.1.1.1 on Serial3/1 from LOADING to FULL, Loading Done



R3(config)#router ospf 1 R3(config-router)#network 3.0.0.0 0.255.255.255 area 0 R3(config-router)#network 30.0.0.0 0.255.255.255 area 0 R3(config-router)#end

*Dec 4 23:52:45.555: %OSPF-5-ADJCHG: Process 1, Nbr 50.1.1.1 on Serial3/2 from LOADING to FULL, Loading Done



R4(config)#router ospf 1 R4(config-router)#network 4.0.0.0 0.255.255.255 area 0 R4(config-router)#network 40.0.0.0 0.255.255.255 area 0 R4(config-router)#end

*Dec 4 23:52:52.575: %OSPF-5-ADJCHG: Process 1, Nbr 50.1.1.1 on Serial3/3 from LOADING to FULL, Loading Done



R5(config)#router ospf 1 R5(config-router)#network 50.0.0.0 0.255.255.255 area 0 R5(config-router)#network 1.0.0.0 0.255.255.255 area 0 R5(config-router)#network 1.0.0.0 0.255.255.255 area 0 R5(config-router)#network 2.0.0.0 0.255.255.255 area 0 R5(config-router)#network 3.0.0.0 0.255.255.255 area 0 R5(config-router)#network 4.0.0.0 0.255.255.255 area 0 R5(config-router)#end





*Dec 4 23:52:33.559: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial3/0 from LOADING to FULL, Loading Done





*Dec 4 23:52:39.127: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial3/1 from LOADING to FULL, Loading Done





*Dec 4 23:52:45.687: %OSPF-5-ADJCHG: Process 1, Nbr 30.1.1.1 on Serial3/2 from LOADING to FULL, Loading Done





*Dec 4 23:52:52.451: %OSPF-5-ADJCHG: Process 1, Nbr 40.1.1.1 on Serial3/3 from LOADING to FULL, Loading Done





R5#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface 40.1.1.1 0 FULL/ - 00:00:30 4.4.4.1 Serial3/3 30.1.1.1 0 FULL/ - 00:00:37 3.3.3.1 Serial3/2 20.1.1.1 0 FULL/ - 00:00:34 2.2.2.1 Serial3/1 10.1.1.1 0 FULL/ - 00:00:39 1.1.1.1 Serial3/0



R5#show ip route ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override

Gateway of last resort is not set

O 10.0.0.0/8 [110/65] via 1.1.1.1, 00:03:59, Serial3/0 O 20.0.0.0/8 [110/65] via 2.2.2.1, 00:03:59, Serial3/1 O 30.0.0.0/8 [110/65] via 3.3.3.1, 00:03:49, Serial3/2 O 40.0.0.0/8 [110/65] via 4.4.4.1, 00:03:39, Serial3/3













R5(config)#router ospf 1 R5(config-router)#passive-interface serial 3/0 R5(config-router)#passive-interface serial 3/2 R5(config-router)#end





*Dec 4 23:58:19.571: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial3/0 from FULL to DOWN, Neighbor Down: Interface down or detached





*Dec 4 23:58:24.351: %OSPF-5-ADJCHG: Process 1, Nbr 30.1.1.1 on Serial3/2 from FULL to DOWN, Neighbor Down: Interface down or detached





R5#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface 40.1.1.1 0 FULL/ - 00:00:39 4.4.4.1 Serial3/3 20.1.1.1 0 FULL/ - 00:00:33 2.2.2.1 Serial3/1

R5#show ip route ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override

Gateway of last resort is not set

O 20.0.0.0/8 [110/65] via 2.2.2.1, 00:06:58, Serial3/1 O 40.0.0.0/8 [110/65] via 4.4.4.1, 00:06:38, Serial3/3





Let start our OSPF passive interface configuration_Topology:-TASKR1(config)#Interface fastethernet 0/0