[quagga-dev 5915] Re: OSPF, passive interface question
Andrew J. Schorr
aschorr at telemetry-investments.com
Thu Sep 4 13:55:00 BST 2008
On Thu, Sep 04, 2008 at 02:36:33PM +0200, Joakim Tjernlund wrote:
> Dunno, but the text pasted by Everton from the Cisco manual makes me
> .... "the particular subnet will continue to be advertised to other
> interfaces, and updates from other routers on that interface continue to
> be received and processed."
I'm afraid Everton quoted the wrong part of the manual. His quote
pertains to the generic passive-interface case, but ospf is special:
If you disable the sending of routing updates on an interface, the
particular subnet will continue to be advertised to other interfaces, and
updates from other routers on that interface continue to be received and
For the Open Shortest Path First (OSPF) protocol, OSPF routing information
is neither sent nor received through the specified router interface. The
specified interface address appears as a stub network in the OSPF domain.
> This suggests to me that passive interfaces should receive as normal.
> Now I am confused :(
No, in ospf, passive interfaces to dnot receive packets.
> What is the proper way to publish an subnet much like passive interface
> does, but not send or receive OSPF traffic on interfaces that belongs
> to that subnet?
I think there are 2 ways to do this:
1. Enable ospf on the interface, but make it passive using passive-interface
2. Do not enable ospf on the interface (so no need to set it passive),
but use something like "redistribute connected" to advertise
I tend to use the 1st approach, but I will note that our current implementation
of passive-interface has some performance problems. I think the interfaces
are basically enabled for ospf, and various timers are popping, but then
the passive status tells the code to ignore it. If you have many passive
interfaces, this may lead to performance problems. It would be nice if the
code were patched to short-circuit this and avoid all processing on
passive interfaces. But for now it works fine for me as long as you don't
have too many interfaces. I have used it with 5 or 10 interfaces with
no problems. I think there have been reports of performance problems in the
past when there are hundreds or thousands of passive interfaces.
More information about the Quagga-dev