OSPFRouter Config

passive-interface [intf]

Configures an OSPF interface as passive, preventing it from sending OSPF hello packets and forming neighbor adjacencies, while still advertising the network.

Syntax·Router Config

passive-interface [intf]

When to Use This Command

Prevent OSPF neighbor formation on a LAN interface connected to end hosts to reduce unnecessary overhead.
Secure a management interface by disabling OSPF adjacency while still including its subnet in OSPF updates.
Optimize OSPF on a hub-and-spoke topology where spoke routers should not form adjacencies with each other.
Simplify OSPF configuration on a router with many interfaces by using passive-interface default and then selectively enabling on specific interfaces.

Command Examples

Making a single interface passive

passive-interface GigabitEthernet0/1

Router(config-router)# passive-interface GigabitEthernet0/1
Router(config-router)#

No output is generated; the command is applied silently. Use 'show ip ospf interface GigabitEthernet0/1' to verify.

Making all interfaces passive by default and enabling one

passive-interface default
no passive-interface GigabitEthernet0/0

Router(config-router)# passive-interface default
Router(config-router)# no passive-interface GigabitEthernet0/0
Router(config-router)#

The first command sets all interfaces as passive. The second command overrides for GigabitEthernet0/0, allowing it to form adjacencies.

Understanding the Output

The 'passive-interface' command does not produce direct output. To verify, use 'show ip ospf interface [interface]' and look for 'No Hellos (Passive interface)' in the output. If the interface is passive, you will see that line; otherwise, you will see timer values for hello/dead intervals. In 'show ip ospf neighbor', a passive interface will not show any neighbors. In 'show ip route ospf', routes from the passive interface's network will still appear if learned via other routers. A common mistake is to forget that passive interfaces still advertise their subnet; they just don't form adjacencies.

CCNA Exam Tips

CCNA exam tip: Passive interfaces still advertise the network in LSAs; they just don't send hellos or form adjacencies.

CCNA exam tip: Use 'passive-interface default' to set all interfaces as passive, then 'no passive-interface' on specific interfaces that need to form adjacencies.

CCNA exam tip: Passive interfaces are commonly used on loopback interfaces or LAN segments with only end devices.

CCNA exam tip: In OSPF, a passive interface will not have any neighbors; verify with 'show ip ospf neighbor'.

Common Mistakes

Mistake 1: Forgetting that passive interfaces still advertise the network; this can cause routing loops if not intended.

Mistake 2: Applying 'passive-interface' to a WAN interface that needs to form an adjacency, breaking OSPF neighbor relationships.

Mistake 3: Using 'passive-interface default' without then enabling necessary interfaces, resulting in no OSPF adjacencies at all.

Related Commands

show ip ospf interface

Displays OSPF interface parameters and status, used to verify OSPF configuration and troubleshoot neighbor relationships.

show ip ospf neighbor

Displays OSPF neighbor information to verify adjacency formation and troubleshoot OSPF neighbor relationships.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions