Here’s another short (but hopefully useful) post. We’ll be going through IOS Macros.

I’ve never used IOS Macros before, but I was asked about a problem today, and a macro seems to be an ideal solution. A friend of mine is an engineer for a service provider with a very large network. He has been tasked with implementing passive interfaces as the default for OSPF across the network. Most of the devices which will be modified rely on OSPF for management connectivity. When he runs the “passive-interface default” command, he will lose connectivity before he is able to run “no passive-interface [interface]” to restore connectivity. Macros tell the router to run the predetermined commands for us, which will save us from getting locked out.

The topology is simple and not worth a diagram. R1 and R2 are connected via their FastEthernet0/0 interfaces. They are running OSPF on this interface.

Here’s the config:

macro name Passive-Interface-Default
router ospf 100
passive-interface default
no passive-interface fa0/0@

We give the macro a name, then we set the commands to be run, we close it out with the @ sign. Here are the commands entered on the router:

R1(config)#macro name Passive-Interface-Default
Enter macro commands one per line. End with the character '@'.
router ospf 100
passive-interface default
no passive-interface fa0/0@

First we’ll verify out neighbor relationship:

R1#sh ip ospf neigh
Neighbor ID     Pri   State           Dead Time   Address         Interface           1   FULL/DR         00:00:34       FastEthernet0/0

Neighbors are up, everything looks good.

Now we’ll try out the macro:

R1(config)#macro global apply Passive-Interface-Default
*Mar  1 00:06:44.111: %OSPF-5-ADJCHG: Process 100, Nbr on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar  1 00:06:44.511: %OSPF-5-ADJCHG: Process 100, Nbr on FastEthernet0/0 from LOADING to FULL, Loading Done

The command is “macro global apply [macro name]“. Notice that it is run from global config mode. We see that it worked, our neighbors dropped and reformed in under a second.

Let’s verify the config:

R1#sh run | sec ospf
router ospf 100
 passive-interface default
 no passive-interface FastEthernet0/0

No suprises there either, everything worked as expected.

Macros are another under-documented and likely under-used technology built into IOS. They can be very valuable if you need to make remote changes that are likely to affect your connectivity to the device.

Again, sorry for the lack of updates. Just got back from a four day Disaster Recovery test in Philadelphia and also still chugging away with ITIL. I’m expecting to be done with ITIL very soon at which point I will be back to Cisco study with a vengeance.


Colby Glass has been in IT since 2002. He is currently a Systems Engineer (presales) with a Cisco Gold partner and holds the CCNP R/S, CCNP DC, CCDP, CCIP, JNCIA-ER.

More Posts