Command
Passive-Interface Default
Use
This command prevents EIGRP from forming adjacencies on specified interfaces on the router. Using no passive-interface default will allow EIGRP communication.
Syntax
Router(config-router)#passive-interface <interface>
Example
In this example, we will use passive-interface default to block all EIGRP adjacencies. Then we will allow communication through R2’s Fa0/0
R2(config)#do show ip route eigrp 1.0.0.0/32 is subnetted, 3 subnets D 1.1.1.1 [90/156160] via 10.1.1.1, 00:49:20, FastEthernet0/0 D 1.3.3.3 [90/156160] via 10.1.1.1, 00:49:20, FastEthernet0/0 D 1.2.2.2 [90/156160] via 10.1.1.1, 00:49:20, FastEthernet0/0 192.168.13.0/30 is subnetted, 1 subnets D 192.168.13.0 [90/2172416] via 10.2.2.3, 00:49:22, FastEthernet1/0 [90/2172416] via 10.1.1.1, 00:49:22, FastEthernet0/0 33.0.0.0/32 is subnetted, 1 subnets D 33.33.33.33 [90/156160] via 10.2.2.3, 00:49:22, FastEthernet1/0 3.0.0.0/32 is subnetted, 1 subnets D 3.3.3.3 [90/156160] via 10.2.2.3, 00:49:22, FastEthernet1/0 111.0.0.0/32 is subnetted, 1 subnets D 111.111.111.111 [90/156160] via 10.1.1.1, 00:49:20, FastEthernet0/0 10.0.0.0/24 is subnetted, 3 subnets D 10.4.4.0 [90/2172416] via 10.2.2.3, 00:50:57, FastEthernet1/0 [90/2172416] via 10.1.1.1, 00:50:57, FastEthernet0/0 11.0.0.0/32 is subnetted, 1 subnets D 11.11.11.11 [90/156160] via 10.1.1.1, 00:49:20, FastEthernet0/0 133.133.0.0/32 is subnetted, 1 subnets D 133.133.133.133 [90/156160] via 10.2.2.3, 00:49:22, FastEthernet1/0
Here we enable passive-interface default on R2.
R2(config)#router eigrp 100 R2(config-router)#passive-interface default R2(config-router)# *Mar 1 01:06:46.775: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 10.1.1.1 (FastEthernet0/0) is down: interface passive *Mar 1 01:06:46.799: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 10.2.2.3 (FastEthernet1/0) is down: interface passive R2(config-router)#
We can see there are no longer any EIGRP routes on R2.
R2(config-router)#do show ip route eigrp R2(config-router)#
Now we will use no passive-interface fa0/0 to allow communication through R2’s Fa0/0
R2(config)#router eigrp 100 R2(config-router)#no passive-interface fa0/0 R2(config-router)# *Mar 1 01:07:55.815: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 10.1.1.1 (FastEthernet0/0) is up: new adjacency R2(config-router)#
After that, we have routes coming in from Fa0/0 but not any other interface.
R2(config)#do show ip route eigrp 1.0.0.0/32 is subnetted, 3 subnets D 1.1.1.1 [90/156160] via 10.1.1.1, 00:01:06, FastEthernet0/0 D 1.3.3.3 [90/156160] via 10.1.1.1, 00:01:06, FastEthernet0/0 D 1.2.2.2 [90/156160] via 10.1.1.1, 00:01:06, FastEthernet0/0 192.168.13.0/30 is subnetted, 1 subnets D 192.168.13.0 [90/2172416] via 10.1.1.1, 00:01:06, FastEthernet0/0 33.0.0.0/32 is subnetted, 1 subnets D 33.33.33.33 [90/2300416] via 10.1.1.1, 00:01:06, FastEthernet0/0 3.0.0.0/32 is subnetted, 1 subnets D 3.3.3.3 [90/2300416] via 10.1.1.1, 00:01:06, FastEthernet0/0 111.0.0.0/32 is subnetted, 1 subnets D 111.111.111.111 [90/156160] via 10.1.1.1, 00:01:06, FastEthernet0/0 10.0.0.0/24 is subnetted, 3 subnets D 10.4.4.0 [90/2172416] via 10.1.1.1, 00:01:06, FastEthernet0/0 11.0.0.0/32 is subnetted, 1 subnets D 11.11.11.11 [90/156160] via 10.1.1.1, 00:01:06, FastEthernet0/0 133.133.0.0/32 is subnetted, 1 subnets D 133.133.133.133 [90/2300416] via 10.1.1.1, 00:01:06, FastEthernet0/0