Courseiva
OSPFCCNA 200-301

OSPF Passive-Interface Blocking Needed Adjacency

Presenting Symptom

Two directly connected routers running OSPF fail to form an adjacency, with the neighbor state stuck in INIT or DOWN.

Network Context

A small branch office network with two Cisco routers (R1 and R2) connected via a single Ethernet link. Both routers run OSPF in area 0. The network uses IOS 15.x. The problem occurs after an administrator configured OSPF on both routers but one router's interface is set as passive.

Diagnostic Steps

1

Check OSPF neighbor status

show ip ospf neighbor
R1# show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
10.0.0.2          1   INIT/DROTHER    00:00:32    192.168.1.2     GigabitEthernet0/0

If the neighbor state is INIT or DOWN, the adjacency is not fully established. A normal state would be FULL. This confirms a problem with OSPF neighbor formation.

2

Verify OSPF interface configuration

show ip ospf interface GigabitEthernet0/0
R1# show ip ospf interface GigabitEthernet0/0
GigabitEthernet0/0 is up, line protocol is up
  Internet Address 192.168.1.1/24, Area 0
  Process ID 1, Router ID 10.0.0.1, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 10.0.0.1, Interface address 192.168.1.1
  Backup Designated router (ID) 10.0.0.2, Interface address 192.168.1.2
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:07
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 0, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)
  Passive interface: Yes

Look for 'Passive interface: Yes'. If passive, OSPF will not send Hellos out this interface, preventing neighbor discovery. Normal output shows 'Passive interface: No'.

3

Check OSPF configuration for passive-interface

show running-config | section router ospf
router ospf 1
 network 192.168.1.0 0.0.0.255 area 0
 passive-interface GigabitEthernet0/0

The presence of 'passive-interface GigabitEthernet0/0' under router ospf confirms the interface is configured as passive, blocking OSPF Hellos.

4

Verify OSPF packets are not being sent

debug ip ospf hello
R1# debug ip ospf hello
OSPF: Send hello to 224.0.0.5 on GigabitEthernet0/0 area 0
  (if passive, no output appears)

If no 'Send hello' messages appear for the interface, it confirms that OSPF is not sending Hellos due to passive-interface. Normal operation shows periodic hello messages.

Root Cause

The OSPF interface on R1 is configured as passive using the 'passive-interface GigabitEthernet0/0' command under router ospf. This prevents OSPF from sending Hello packets out that interface, so the neighbor router never receives Hellos and the adjacency cannot form.

Resolution

Remove the passive-interface configuration on the interface to allow OSPF Hellos: R1(config)# router ospf 1 R1(config-router)# no passive-interface GigabitEthernet0/0 Alternatively, if the intent is to make only certain interfaces passive, use 'passive-interface default' and then 'no passive-interface' on the desired interfaces.

Verification

R1# show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.0.0.2 1 FULL/DR 00:00:35 192.168.1.2 GigabitEthernet0/0 Also verify with 'show ip ospf interface GigabitEthernet0/0' that 'Passive interface: No'.

Prevention

1. Use 'passive-interface default' and then selectively enable OSPF on interfaces that need to form adjacencies with 'no passive-interface'. 2. Always verify OSPF neighbor formation after configuration changes using 'show ip ospf neighbor'. 3. Document which interfaces are intended to be passive to avoid accidental misconfiguration.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where OSPF neighbors are not forming. The exam may present a drag-and-drop or multiple-choice question asking to identify the cause (e.g., passive-interface blocking Hellos). Candidates must know that passive-interface suppresses OSPF Hellos and prevents adjacency formation.

Exam Tips

1.

Remember that 'passive-interface' only affects OSPF Hellos; the interface remains up/up and can still route traffic via other protocols.

2.

The exam may show 'show ip ospf interface' output with 'Passive interface: Yes' — immediately recognize this as the problem.

3.

Know that 'no passive-interface' under router ospf re-enables Hellos on that specific interface.

Commands Used in This Scenario

show ip ospf interface

Displays OSPF interface parameters and status, used to verify OSPF configuration and troubleshoot neighbor relationships.

show ip ospf neighbor

Displays OSPF neighbor information to verify adjacency formation and troubleshoot OSPF neighbor relationships.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions