今回はOSPFのPassive Interfaceと呼ばれる機能について解説します。
この記事の目次
座学
Passive Interface
下図の様に、R2に対してOSPF経由で10.1.1.0/24を通知したい場合、R1のg2でOSPFを有効にします。この結果、R1は10.1.1.0/24の情報をLSA Type 1に格納し、R2に広報可能です。
しかし、同時に、R1はg2からは定期的にOSPFのHelloパケットが送信します。しかし、10.1.1.0/24には、R1以外のルータは存在しないため、R1のg2から送信されたHelloパケットは誰にも受信されず、破棄されてしまいます。すなわち、10.1.1.0/24には無駄なHelloパケットが定期的に広報されることになります。
上図の様な、無駄なOSPFパケットの広報を抑制するための機能がPassive Interfaceになります。ルータはPassive Interfaceが有効なインタフェース上ではOSPFパケットの送受信を停止します。この結果、Helloパケットの送受信ができなるなるため、Passive Interface上ではOSPFネイバーは確立できなくなります。
また、Passive Interfaceが有効なインタフェースのルート情報は、他のルータに広報され続けます。
実機での動作確認
検証内容
R1のg2、R2のg2とR3、R3のg2でOSPF Area 0を有効にします。
Network TypeにはPoint-to-Pointを使用します。
R2のg2でPassive Interfaceを有効にして、状態を確認します。
初期設定
interface GigabitEthernet2
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
network 10.1.1.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.1.1.2 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet2
ip address 10.2.2.2 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 2.2.2.2
network 10.1.1.0 0.0.0.255 area 0
network 10.2.2.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.2.2.3 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 3.3.3.3
network 10.2.2.0 0.0.0.255 area 0
Passive Interfaceが無効な場合
Passive Interfaceの設定状態の確認
R2ではPassive Interfaceが無効なことが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
1.1.1.1 110 00:15:00
Distance: (default is 110)
OSPFが動作しているインタフェースの状態確認
R2のg2でPassive Interfaceが無効なことが確認できます。
R2
R2#show ip ospf interface GigabitEthernet2
GigabitEthernet2 is up, line protocol is up
Internet Address 10.1.1.2/24, Interface ID 6, Area 0
Attached via Network Statement
Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:03
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 1.1.1.1
Suppress hello for 0 neighbor(s)
OSPFネイバーの状態確認
R2はR1とOSPFネイバーを確立していることが確認できます。
R2
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:31 10.2.2.3 GigabitEthernet3
1.1.1.1 0 FULL/ - 00:00:35 10.1.1.1 GigabitEthernet2
LSDBの状態確認
R2が生成したLSA Type 1には、10.1.1.0/24のルート情報とネイバーであるR1のRouter IDが格納されていることが確認できます。
R2
R2#show ip ospf database router adv-router 2.2.2.2
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 701
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 2.2.2.2
Advertising Router: 2.2.2.2
LS Seq Number: 80000019
Checksum: 0xB3DE
Length: 72
Number of Links: 4
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 10.2.2.2
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 1.1.1.1
(Link Data) Router Interface address: 10.1.1.2
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.1.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
ルーティングテーブルの状態確認
R3のルーティングテーブルにOSPF経由で学習した10.1.1.0/24が存在することが確認できます。
R3
R3#show ip route ospf
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 10.1.1.0/24 [110/2] via 10.2.2.2, 00:22:21, GigabitEthernet2
R1のルーティングテーブルにOSPF経由で学習した10.2.2.0/24が存在することが確認できます。
R1
R1#show ip route ospf
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 10.2.2.0/24 [110/2] via 10.1.1.2, 00:13:34, GigabitEthernet2
Passive Interfaceが有効な場合(passive-interface defaultコマンドは未使用)
Passive Interfaceの設定
Passive Interfaceの設定方法は2種類存在しまし。1つ目の設定方法は、passive-interface <if>コマンドを使用し、特定のインタフェースでPassive Interfaceを有効化します。
今回はR2のg2でPassive Interfaceを有効化します。
R2
router ospf 1
passive-interface GigabitEthernet2
Passive Interfaceの設定状態の確認
R2のg2でPassive Interfaceが有効なことが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Passive Interface(s):
GigabitEthernet2
Routing Information Sources:
Gateway Distance Last Update
1.1.1.1 110 00:13:03
Distance: (default is 110)
OSPFが動作しているインタフェースの状態確認
R2のg2でPassive Interfaceが有効なことが確認できます。
R2
R2#show ip ospf interface GigabitEthernet2
GigabitEthernet2 is up, line protocol is up
Internet Address 10.1.1.2/24, Interface ID 6, Area 0
Attached via Network Statement
Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
No Hellos (Passive interface)
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
OSPFネイバーの状態確認
R2はR1とOSPFネイバーを確立していないことが確認できます。
R2
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:31 10.2.2.3 GigabitEthernet3
LSDBの状態確認
R2が生成したLSA Type 1からR1のRouter IDの情報が消失したことが確認できます。
R2
R2#show ip ospf database router adv-router 2.2.2.2
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 701
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 2.2.2.2
Advertising Router: 2.2.2.2
LS Seq Number: 8000001A
Checksum: 0x0xCAE7
Length: 60
Number of Links: 3
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 10.2.2.2
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.1.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
ルーティングテーブルの状態確認
R3のルーティングテーブルにOSPF経由で学習した10.1.1.0/24が存在することが確認できます。
R3
R3#show ip route ospf
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 10.1.1.0/24 [110/2] via 10.2.2.2, 00:22:21, GigabitEthernet2
R1のルーティングテーブルから10.2.2.0/24が消失することが確認できます。
R1
R1#show ip route ospf
Passive Interfaceが有効な場合(passive-interface defaultコマンドを使用)
Passive Interfaceの設定
Passive Interfaceの2つ目の設定方法は、passive-interface defaultコマンドで全インタフェースでPassive Interfaceを有効化し、その後、no passive-interface <if>コマンドでPassive Interfaceが不要なインタフェースを指定します。
今回はR2の全インタフェースでPassive Interfaceを有効化し、g3でPassive Interfaceを無効化します。
R2
router ospf 1
passive-interface default
no passive-interface GigabitEthernet3
Passive Interfaceの設定状態の確認
R2のg2でPassive Interfaceが有効なことが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Passive Interface(s):
GigabitEthernet2
Routing Information Sources:
Gateway Distance Last Update
1.1.1.1 110 00:13:03
Distance: (default is 110)
OSPFが動作しているインタフェースの状態確認
R2のg2でPassive Interfaceが有効なことが確認できます。
R2
R2#show ip ospf interface GigabitEthernet2
GigabitEthernet2 is up, line protocol is up
Internet Address 10.1.1.2/24, Interface ID 6, Area 0
Attached via Network Statement
Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
No Hellos (Passive interface)
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
OSPFネイバーの状態確認
R2はR1とOSPFネイバーを確立していないことが確認できます。
R2
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:31 10.2.2.3 GigabitEthernet3
LSDBの状態確認
R2が生成したLSA Type 1からR1のRouter IDの情報が消失したことが確認できます。
R2
R2#show ip ospf database router adv-router 2.2.2.2
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 701
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 2.2.2.2
Advertising Router: 2.2.2.2
LS Seq Number: 8000001A
Checksum: 0x0xCAE7
Length: 60
Number of Links: 3
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 10.2.2.2
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.1.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
ルーティングテーブルの状態確認
R3のルーティングテーブルにOSPF経由で学習した10.1.1.0/24が存在することが確認できます。
R3
R3#show ip route ospf
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 10.1.1.0/24 [110/2] via 10.2.2.2, 00:22:21, GigabitEthernet2
R1のルーティングテーブルから10.2.2.0/24が消失することが確認できます。
R1
R1#show ip route ospf
コメント