Menu
passive-interface

How to Configure RIP Passive Interface

By default, Routing Information Protocol (RIP) sends its routing table updates on all interfaces on which Routing Information Protocol (RIP) is enabled after every 30 seconds. However, RIP updates only required to be sent out interfaces connecting to other RIP enabled routers. This required to stop sending an update on interfaces where not needed. The passive-interface can stop sending update where not needed. Sending out un-needed updates on all interfaces affect the network in the following ways:

Contents show
  • Security Risk– Advertising routing table updates on the form of broadcasting is a security risk. Anybody can intercept the routing table updates using packet sniffing tools and software. So, the attacker can use routing table updates to corrupting the routing table with false metrics and route the traffic to the wrong path.
  • Wasted Resources–All devices on network received the routing table update and they process the update which wasted the resources of the network devices.
  • Wasted Bandwidth– An un-necessary update is broadcast to each device on the network which consumes the bandwidth of the link casing bandwidth waste.

To overcome all above mention problems we can use the passive interface command. The passive-interface prevents the transmission of routing updates through a router specific interface. The command stops broadcasting routing table updates to the specified interface where the routing table update not needed.

Configurations of Passive-interfaces and verify the interface

Refer to the reference topology; there is no need for Router0 to forward RIP updates to the LAN interface. But, the Router0 is sending RIP updates to all computers on the LAN. We can verify this by enabling a debug on Router0 using the <debug ip rip> command in privileged exec mode. We can also verify the interface passive configuration using the show ip protocol command.

RIP Passive Interface Configuration

So, we need to configure the interface fast Ethernet 0/0 connected to LAN as a passive interface. The process to configure the passive-interface is following.

  • Router0>enable
  • Router0#config terminal
  • Router0(config)#router rip
  • Router0(config-router)#passive-interface FastEthernet 0/1

We can also configure the passive-interface for all dynamic protocol. If we want to cancel the passive-interface configuration from any interface we can use no passive-interface <interface-Id> command. We can also use the passive-interface default command to configure all interfaces as passive by default.

Asad Ijaz

My Name is Asad Ijaz Khattak and I am the writer and blogger, known for my website "networkustad.com". I have writes about various topics related to technology, networking, and cybersecurity. I am also a Cisco Certified Network Professional (CCNP) and Cisco Certified Network Associate (CCNA). I have written several articles and tutorials on the website which can be used as a learning resource for people interested in networking and cybersecurity. I am the member and Editor of Proudly Team NetworkUstad

→ Asad Ijaz

Related Posts

Leave a Reply