I think we are on the same page in terms of passive interface behavior for OSPF. The use case I have here is from a customer who is in the process of migrating Cisco switches to Aruba CX. For whatever reason, the customer has "no ip ospf passive" configured on their Cisco switches' loopback interface in the design, and they wanted to do the same with Aruba CX. After some discussions, customer is convinced that it would be a best practice to configure loopbacks as passive interfaces for OSPF since there's no way for a loopback to form adjacencies. As long as a loopback is configured with "ip ospf process <id> area <area>", the loopback ip/subnet can still be advertised to the neighbors regardless of whether passive or not. Thank you for the response and looking into the question!
Original Message:
Sent: Mar 22, 2024 04:06 AM
From: Ian Nightingale
Subject: "ip ospf passive" on loopback interface in CX switches
Hi, this is an interesting question. I hadn't even considered passive interfaces in the context of loopbacks before. Since passive simply controls which interfaces send hello and therefore form adjacencies, and since that isn't possible on a loopback, I assumed all loopbacks were implicitly passive.
However, I find that the output in CX is:
Codes: DR - Designated router BDR - Backup Designated router
Interface loopback0 is up, line protocol is up
-----------------------------------------------
VRF : default Process : 1
IP Address : 10.192.0.10/32 Area : 0.0.0.0
Status : Up Network Type : Loopback
Hello Interval : 10 sec Dead Interval : 40 sec
Transit Delay : 1 sec Retransmit Interval : 5 sec
BFD : Disabled Link Speed : NA
Cost Configured : NA Cost Calculated : NA
State/Type : Loopback Router Priority : 1
DR : No BDR : No
Link LSAs : 0 Checksum Sum : 0
Authentication : No Passive : No
Which suggests they are not passive. However they are network type loopback and so treated as a stub Host.
The only reason I can think of to alter this behaviour is described here where the operator wants this to not be advertised as a /32. However, turning OSPF off and importing directly connected networks should achieve the same?
So I can confirm with 10.10.x that there is no command to change the passive nature.
Maybe if you described the end goal you want to achieve the community might know of a way to achieve that outside of the passive command?
Original Message:
Sent: Mar 21, 2024 12:24 AM
From: henry.wang
Subject: "ip ospf passive" on loopback interface in CX switches
I'm looking for a way to configure "passive-interface default" in router ospf and then configure "no ip ospf passive" on a few specific interfaces, including a loopback. While I'm able to configure "no ip ospf passive" on physical routed interfaces with no issue, it doesn't appear that "no ip ospf passive" is supported on a loopback interface?
6405(config)# int loopback 0
6405(config-loopback-if)# no ip ospf
<1-63> Specify the OSPF Process ID
shutdown Disable OSPF
Is this a known limitation on CX switches? Or is there another way to configure ospf active/passive interface on a loopback? Thank you.