IS-IS - univ-reims.frlsteffenel/cours/FC/BSCI4.pdf · IS-IS Protocol Options IS-IS (ISO 10589)...

IS-ISIS IS

I t di t S t t I t di t S tIntermediate System to Intermediate System

IS-IS, which stands for Intermediate System to Intermediate System, is therouting protocol for the ISO's Connectionless Network Protocol (CLNP) It is

© 2006 Cisco Systems, Inc. All rights reserved.

routing protocol for the ISO s Connectionless Network Protocol (CLNP). It isdescribed in ISO 10589. The first production incarnation of the protocol wasdeveloped by Digital Equipment Corporation for its DECnet Phase V.

IS-IS OSPF comparison - Terminologyp gy

IS-IS OSPF CommentsES (End System) HostIS (Intermediate System) RouterCircuit LinkSNPA (S b t k P i t f D t li k AddSNPA (Subnetwork Point of Attachment)

Datalink Address

PDU (Protocol Data Unit) PacketDIS (Designated Intermediate System)

DR (Designated Router)

N/A BDR


N/A BDRIIH (IS-to-IS Hello Packet) Hello packet

IS-IS OSPF comparison - Terminology

IS-IS OSPF CommentsLSP (Link-State Packet) LSA (Link -State

Ad ertisement)LSAs are actually comparable to TLVs used Advertisement) pin LSPs.

CSNP (Complete Sequence Number PDU or Packet)

DBD (Data Base Description Packet)

PSNP (Partial Sequence Number PDU or Packet)

LSAck or LSR (Link State Request)

Routing Domain AS The term routing domain is Routing Domain AS also used with OSPF.

Level 1 Area Area (non-backbone) Level 2 Area Backbone area (Area 0) IS-IS uses a backbone path

connected by contiguous


( )connected by contiguous L2 routers. There is no backbone area in IS-IS

IS-IS OSPF comparison – ISs (Routers)p ( )

IS-IS OSPF CommentsIS IS OSPF CommentsLevel 1 IS (router) Internal Non-

backbone RouterInternal, non-backbone router in a Totally Stubby Area

A L l 2 tLevel 2 IS (router) Internal Backbone Router or ASBR

Any Level 2 router can distribute externals into the domain. No special name. (Cisco IOS allows Level 1 routers to distribute externals.)

Level 1-2 IS (router) ABRSystem ID Router ID The System ID is the key for System ID Router ID

SPF calculations. Sometimes the NETaddress is thought of as the Router ID.

AFI i t f th NSAP


AFI = 49 RFC 1918 Addresses

AFI is part of the NSAP.

IS-IS OSPF comparison - Timers

Interface IS-IS OSPFPoint to Point Hello 10 sec Hello 10 secPoint-to-Point Hello – 10 sec

Holdtime – 30 secHello – 10 secDead – 40 sec

Broadcast Hello – 10 sec Hello – 10 secHoldtime – 30 sec Dead – 40 sec

NBMA N/A Hello – 30 secDead – 120 secDead 120 sec

Other IS-IS OSPFLS Aging 1,200 sec or 20 min 3,600 sec or 60 ming g , ,LS Refresh Every 15 min Every 30 minSPF Delay/Holdtime 5.5 sec / 10 sec 5 sec / 10 sec


Introduction to IS-IS

ProtocolRoutersAreasAreas


OSI: Two Network Services, Two Network ProtocolsTwo Network Protocols

CMNS (Connection Mode Network Service) – Requires establishment of a path between transport layer entities.

––CONPCONP (Connection-Oriented Network Protocol) – OSI network layer protocol ( ) y pthat carries upper layer data over connection-oriented links.

CLNS (Connectionless Network Service) – Performs datagram support, does not


CLNS (Connectionless Network Service) Performs datagram support, does not require circuit to be established

––CLNPCLNP (Connectionless Network Protocol) – OSI network layer protocol that carries upper layer data over connectionless links. (Similar to IP)

IS-IS Protocol Options

IS-IS (ISO 10589)–Dynamic link state routing protocol used in an ISO CLNSCLNS

i tenvironment.

ISO-IGRP–Cisco IOS offers proprietary routing protocol for CLNSCLNS–Cisco IOS offers proprietary routing protocol for CLNSCLNS.–Based on IGRPIGRP, distance vector technology.–Can be used for Level 3 RoutingLevel 3 Routing, between IS-IS domains.

Integrated IS-IS (RFC 1195)–IS-IS for mixed ISO CLNS and IP environments.Eith–Either:

•Purely ISO•Purely IP


•Both

OSI Routing Protocols: ES-IS and IS-IS

ISH ESH

ES-IS

Analogous to Address Resolution Protocol (ARPARP) in IP

Not technically a routing protocol

Sometimes referred to as Level 0 routingLevel 0 routing.

ESs (hosts) discover nearest IS (router) by listening to IS Hello (ISH) packets


ISs (routers) know which hosts are on their subnetwork by listening to ES Hello (ESH) packets.

Not applicable for IP networks

OSI Routing Protocols: ES-IS and IS-IS

Boundary areas in IS-IS exists on a link between routers andbetween routers and not on a router itself

as in OSPF.

These routers should be entirely in Area 1

IS-IS

be entirely in Area 1 and Area 2.

OSI distinguishes between Level 1, Level 2, and Level 3 routing.

Level 1 Routing–If DA is an ES on another subnetwork in the same area, the IS knows the correct route and

for ards packet appropriatelforwards packet appropriately.

Level 2 Routing –If DA is an ES on another area, the Level 1 IS sends the packet to the nearest Level 2 IS.

L l 3 R ti i b t t d i


Level 3 Routing is between separate domains. ––Pure CLNSPure CLNS environment IDRP (Inter-domain Routing Protocol) or ISO-IGRP can be used,

in IP, BGP is used. (Not applicable to CCNP only for CCIECCIE--SPSP)

IS-IS Areas

IS-IS Routers:Level 1 IS (L1 IS, router)

–Analogous to OSPF Internal non-backbone router (Totally Stubby)–Responsible for routing to ESs inside an area.

Level 2 IS (L2 IS, router)( , )–Analogous to OSPF Internal Backbone router–Responsible for routing between areas

Level 1 and Level 2 IS (L1 L2 IS router)


Level 1 and Level 2 IS (L1-L2 IS, router)–Analogous to OSPF ABR router–Participate in both L1 intraL1 intra--areaarea routing and L2 interL2 inter--areaarea routing.

Level 1 Router

L l 1 IS (L1 IS t )Level 1 IS (L1 IS, router)–Analogous to OSPF Internal non-backbone router (Totally Stubby)–Responsible for routing to ESs inside an area.p g

A contiguous group of Level 1 routers define an area.

Level 1 routers maintain the Level 1 database for the area and exit i t t i hb i


points to neighboring areas.

Level 2 Router

L l 2 IS (L2 IS t )Level 2 IS (L2 IS, router)–Analogous to OSPF Internal Backbone router–Responsible for routing between areasp g

Also referred to as area routers.

May interconnect the Level 1 areas


Store separate database of only inter-area topology

Level 1 – Level 2 Router

Level 1 and Level 2 IS (L1-L2 IS router)Level 1 and Level 2 IS (L1-L2 IS, router)–Analogous to OSPF ABR router–Participate in both L1 intra-area routing and L2 inter-area routing.

M i t i b th L l 1 d L l 2 LSDBMaintain both Level 1 and Level 2 LSDBSupport Level 1 function communicating with other Level 1 routers in their area

–Inform other Level 1 routers that they are the exit point (default route) from the


area.

Support Level 2 function communicating with the rest of the backbone path.

IS-IS Backbone

IS-IS does not share the concept of a backbone area 0 with OSPF.

An IS-IS backbone can appear as a set of distinct areas interconnected bybyAn IS IS backbone can appear as a set of distinct areas interconnected by by a a chain of chain of Level 2 Level 2 routersrouters, weaving their way through and between the Level 1 Areas.

The IS-IS backbone (path) consists of a contiguous set of Level 1-2 and


The IS-IS backbone (path) consists of a contiguous set of Level 1-2 and Level 2 routers.

OSI Add iOSI Addressing

NSAP (Area, System ID, NSEL)

SNPA


NSAP Address StructureThe Cisco implementation of Integrated IS-IS divides the NSAP address intothree fields:

•Area addressArea address•System ID•NSEL

The variable-length area address is used for Level 2 routing, while the systemID and NSEL fields are used for Level 1 routing.

Cisco routers routing CLNS use addressing that conforms to the ISO 10589


Cisco routers routing CLNS use addressing that conforms to the ISO 10589standard.

NSAP Address Structure

IDP

The initial domain part (IDP) corresponds to an IP classful major network. The IDP consists of an authority and format identifier (AFI), and an initial domain identifier (IDI):( )

Addresses starting with the AFI value of 49 are private addresses, analogous to RFC 1918 for IP addresses.


The IDI identifies a subdomain under the AFI. For instance, 47.0005 is assigned to civilian departments of the U.S. government, and 47.0006 is assigned to the U.S. Department of Defense.

NSAP Address Structure

DSP

The domain specific part (DSP) contributes to routing within an IS-IS routingdomain The DSP comprises the high-order DSP (HO-DSP) the system ID anddomain. The DSP comprises the high-order DSP (HO-DSP), the system ID, andthe NSEL.

The HO-DSP subdivides the domain into areas. It is basically the OSI equivalent ofa subnet in IPa subnet in IP.

The system ID identifies an individual OSI device. In OSI, a device has an addressjust as it does in DECnet; while in IP, each interface has an address.

The NSEL identifies a process on the device and corresponds roughly to a port orsocket in IP. The NSEL is not used in routing decisions.


OSI AddressingAddressing

NSAPNSAP

OSI network layer addressing is done through the NSAPNSAP (Network Service Access Point) consisting of:

–OSI Address of the device–Link to higher layer protocol

A variety of NSAPNSAP formats exist, which we will not go into.

Represented in hexadecimal (up to 40 hex digits)


Represented in hexadecimal (up to 40 hex digits)

Cisco formatCisco format: Area – System ID – NSELNSEL (always 00 on ISs)

49.0001.2222.2222.2222.0000

NSAPs

Format of the Cisco NSAP address consists of three parts. 1. Area address2. System ID3. NSAP selector byte

Area address is a variable length field

The system ID is the ES or IS identifier in an area, similar to the OSPF router ID. – The system ID has a fixed length of six bytes as engineered in the Cisco IOS. – Cisco routers compliant with the U S Government OSI Profile (GOSIP) versionCisco routers compliant with the U.S. Government OSI Profile (GOSIP) version

2.0 standards require a 6-byte system ID. The NSAP selector byte is a service identifier. – Analogous to that of a port or socket in TCP/IP


Analogous to that of a port or socket in TCP/IP.

NSAP prefixes are required for CLNS routing, including IP only networks.

Even in IP only networks, IS-IS uses OSI addresses:–Identify the router (IS)–Identify the router (IS)–Build the topology table–Build the SPF tree–LSPs–Hello and other PDUs

NSAP dd i d f CLNS ti


NSAP addresses are required for CLNS routing.

NSAPs – Cisco Format

Area – System ID – NSEL

Area

Area – System ID – NSEL 49.0001.2222.2222.2222.00

Addresses starting with 49 (AFI=49) are considered private IP address, analogous to RFC 1918.

–Routed by IS-ISRouted by IS IS–Should not be advertised to other CLNS networks (outside this IS-IS domain)

Additi l 2 b t (HODSP Hi h O d DSP) dd d i th ID


Additional 2 bytes (HODSP – High Order DSP) are added in the area ID

All routers in the same area must have the same area address



System IDOSI requires it must be the same number of bytes throughout the domain

y49.0001.2222.2222.2222.00

OSI requires it must be the same number of bytes throughout the domain.

Cisco fixes the System ID at 6 bytes.Customary to use one of the following:y g

–MAC address from the router–IP address of loopback interface

172 16 150 9 172 016 150 009 1720 1615 0009


•172.16.150.9 -> 172.016.150.009 -> 1720.1615.0009Each device (IS and ES) must have a unique System ID within the area. (Recommended to make them unique within the domain.)



NSEL (NSAP Selector)

NSEL is a service identifier.

y49.0001.2222.2222.2222.00

Loosely equivalent to that of a port or socket in TCP/IP.

Must be specified by a single byte preceded by a period (.)

N t d i ti d i iNot used in routing decisions.

NET

When NSEL = 00, it identifies the device itself, the network level address.


The NSAP with a NSEL = 00 is known as a Network Entity Title (NET)

A NET is an NSAP with the NSEL set to (00)

NSAP (NETs)

Area – System ID – NSELArea System ID NSEL 49.0001.2222.2222.2222.00

NSAP 47.0001.aaaa.bbbb.cccc.00 NSAP 39.0f01.0002.0000.0c00.1111.00NSAP 47.0001.aaaa.bbbb.cccc.00

Area ID is 47.0001

System ID is aaaa.bbbb.cccc

NSAP 39.0f01.0002.0000.0c00.1111.00

Area ID is 39.0f01.0002

System ID is 0000.0c00.1111


NSAP selector byte is 00 NSAP selector byte is 00

Configuring IS-IS SanJose1interface FastEthernet0/0ip address 172.16.0.1 255.255.255.0ip router isis

router isisnet 49.0001.1111.1111.1111.00

Area 49.0001

SanJose3i t f F tEth t0/0

SanJose2interface FastEthernet0/0 interface FastEthernet0/0

ip address 172.16.0.3 255.255.255.0ip router isis

router isis

interface FastEthernet0/0ip address 172.16.0.2 255.255.255.0ip router isis

router isis

ip router isis: IS-IS must be enabled on the interface

router isisnet 49.0001.3333.3333.3333.00net 49.0001.2222.2222.2222.00

Area . System ID . NSEL


p

Note: IS-IS routing cannot be enabled on an interface until an IP address has been configured on the interface.

SNPA (Subnetwork Point of Attachment) and Circuits IP dd IP ddand Circuits

NSAPNSAPIP address IP address

MAC (SNPA) address SNPA address

The router assigns a circuit ID of one octet to each interface on the router.

In the case of point-to-point interfaces, this is the sole identifier for the circuit, for example 03.p

In the case of LAN interfaces, the circuit ID is tagged to the end of the system ID of the designated IS to form a 7-byte LAN ID.

–For example, 1720.1615.0009.03o e a p e, 0 6 5 0009 03

The SNPA is taken from the following:–MAC address on a LAN interface

Vi t l Ci it ID f X 25 ATM


–Virtual Circuit ID for X.25 or ATM –Data link connection identifier (DLCI) for Frame Relay–High-Level Data Link Control (HDLC) for interfaces

Configuring IS-ISConfiguring IS ISArea

49.0001

To display both ES and IS neighborsTo display both ES and IS neighbors.

SNPA is the MAC address of the remote router.–If serial, would show encapsulation, I.e. HDLC


p

Cisco routers default to L1-L2 type routers.

S SIS-IS Adjacencies


Network RepresentationRepresentation

Broadcast

Point-to-Point

In OSI there are only two main types of physical links:In OSI there are only two main types of physical links:–Broadcast: Multiaccess media types, usually LANs–Nonbroadcast: Point-to-Point, Multipoint, and dynamically established links (WAN links)links (WAN links)

IS-IS has no concept of an NBMA network.


IS IS has no concept of an NBMA network.–Recommended that point-to-point links be used for native ATM, Frame Relay, or X.25

Hello Messages

IS-IS uses Hello PDUs to establish adjacencies with other routers (ISs) and ESs.

IS-IS has three types of Hello PDUs:–ESH, sent by ES to an IS–ISH sent by IS to an ESISH, sent by IS to an ES–IIH, used between two ISs (CCNPCCNP)

•Hello Level 1 LANH ll L l 2 LAN


•Hello Level 2 LAN•Hello Point-to-Point

Neighbors and AdjacenciesAdjacencies

IS-IS discover neighbors and forms adjacencies using IS-IS Hello PDUs.IS IS discover neighbors and forms adjacencies using IS IS Hello PDUs.

Transmitted every 10 secondsCan be changed using the interface command, isis hello-interval

Hold time defaults to 3 times the Hello time (30 seconds), before declaring a neighbor dead.

–Changed using the interface command isis hello-multiplier


Changed using the interface command isis hello multiplier

–Default is 3

LAN Representation and Adjacencies

DIS

Similar to the DR in OSPF…

DIS (Designated IS) is elected to generate the LSP (Link State Packet, ie. LSA) representing the virtual router, connecting all attached routers to a star-shared topology

For SPF, the whole network must look like a collection of nodes and point-to-point links

LAN uses a virtual node called pseudonode


LAN uses a virtual node called pseudonode.

LAN Representation and Adjacencies

DISDIS

Election of DIS:–Router with highest priority (Cisco default is 64)–Router with highest MAC addressoute t g est C add ess

No “BDR”New router (IS) can cause a new election, unlike OSPF

Used as circuit ID for all routers on LAN.

Periodically broadcasts CSNPs (OSPF DBD) every 10 seconds

E h t th LAN i l t i t f th d d


Each router on the LAN simulates an interface on the pseudonode.

Adjacencies

LAN Adjacencies

L1 routers form L1 adjacencies with L1 and L1-L2 routers in their area.

L2 routers form L2 adjacencies with L2 and L1-L2 routers in their area or another areaor another area.

L1L2 routers form L1 and L2 adjacencies with each other in their area or another area.


L1 router does not form an adjacency with an L2 router or other area

WAN AdjacenciesAdjacencies

On point-to-point links the IIH PDUs are common to both Level 1 and Level 2Level 1 and Level 2.

Announce both their Level type and Area ID in the Hellos.

R b t LSDB f diff t L l


Remember, separate LSDBs for different Levels.


The adjacencies also determine what type of routes the IS (router) willThe adjacencies also determine what type of routes the IS (router) will have in its routing table.

–L1 – Intra-area routes (routes only within that area)L2 I t t ( t f th )


–L2 – Inter-area routes (routes from other areas)–Or both


For an adjacency to be formed and maintained, routers must agree on:For an adjacency to be formed and maintained, routers must agree on:–If they are both Level 1, they must be in the same area–The System ID must be unique to each router.


–The Hello timers do not have to match.

Configuring IS-IS SanJose1interface FastEthernet0/0ip address 172.16.0.1 255.255.255.0ip router isisisis priority 100router isisnet 49.0001.1111.1111.1111.00

DIS

Area 49.0001

SanJose3i t f F tEth t0/0

SanJose2interface FastEthernet0/0 interface FastEthernet0/0

ip address 172.16.0.3 255.255.255.0ip router isisrouter isisnet 49 0001 3333 3333 3333 00

interface FastEthernet0/0ip address 172.16.0.2 255.255.255.0ip router isisrouter isisnet 49.0001.2222.2222.2222.00

isis priority: Sets DIS priority on a LAN interface default 64

net 49.0001.3333.3333.3333.00Area . System ID . NSEL


isis priority: Sets DIS priority on a LAN interface, default 64

IS-IS Link State

Database Synchronization


LSDB Synchronization and Update Process

X

LSP (LSA)

XPSNP

(LSAck)

IS-IS LSDB is accomplished by using special PDUs, known as SNPs(Sequence Number PDUs):

–CSNP (Complete Sequence Number PDU) – (OSPF: DBD)CSNP (Complete Sequence Number PDU) (OSPF: DBD)•List of LSPs held by the router

–PSNP (Partial Sequence Number PDU) – (OSPF: LSAck/LSR)


•Acknowledge the receipt of a LSP•Request a complete LSP for a missing entry

Update Process

Point-to-Point networks:–Once an LSP is sent, router sets a timer (minimumLSPTransmissionInterval) of 5 seconds


(minimumLSPTransmissionInterval) of 5 seconds–If PSNP is not received, it resends LSP.

Update ProcessProcessPSNP (OSPF LSR)

goes to DIS.

CSNP (DBD)

LSP 77 (LSA)

gIII. LSP 77 is sent

by DIS to R1 PSNP(LSR)

PSNP(LSAck)

On Broadcast networks:–LSPs are not acknowledged by each receiving router.–DIS periodically multicasts a CSNP (to all L1ISs 0180.c200.0014 and to all L2 ISs 0180.c200.0015)(OSPF DBD) that describes every LSP in LSDB.

D f lt i 10 d


•Default is every10 seconds–L1 CSNPs are multicast to AllL1ISs–L2 CSNPs are multicast to AllL2ISs

Decision ProcessO S SOnce the update process has built the LSDB, the Decision Process uses the LSDB to calculate the SPF.

Separates SPF for L1 routes and L2 routes.

Four types of metrics:1. Default – Cisco only supports this metric.2. Delay3. Expense4 Error4. Error

Each metric is expressed as an integer between 0 and 63.B(config-router)#metric ?<1-63> Default metric

B(config-router)#metric-style ?narrow Use old style of TLVs with narrow metrictransition Send and accept both styles of TLVs during transitionwide Use new style of TLVs to carry wider metric

B(config-if)#isis metric ?<1 16777214> Default metric


<1-16777214> Default metricmaximum Maximum metric. All routers will exclude this link from their SPF

MetricCisco assigns a default metric of 10 to every interface regardless of interfaceCisco assigns a default metric of 10 to every interface regardless of interface type.

Left to the default, IS-IS metric becomes a simple measure of hop count.Use the interface command isis metric to change the default valueUse the interface command isis metric to change the default value.

The total cost of any route is a sum of the individual metrics of the outgoing interfaces.This is known as the narrow metric which uses 6 bits for the interface metricThis is known as the narrow metric, which uses 6 bits for the interface metric and 10 bits for the total path metric.

The maximum interface metric value is 63.

Th i t t l th t i l i 1023The maximum total path metric value is 1023.

Extended Metric–Cisco IOS software addresses this issue with the support of a 24-bit metric field for the interface and a 32 bit metric for the total path, called the wide metric. Using the new metric style link metrics now have a maximum value of


–Using the new metric style, link metrics now have a maximum value of 16’777’215 (224 - 1) with a total path metric of 4’261’412’864 (232 - 225).

MetricsOdds and EndsOdds and Ends

Supports VLSM

L1 routers calculate path to the nearest L2 router for inter-area routing (OSPF: TotallyL1 routers calculate path to the nearest L2 router for inter-area routing (OSPF: Totally Stubby Area)

–When an L2 or L1L2 router is attached to another area, the router will advertise this fact –The Decision Process in L1 routers will choose the metrically closest L1L2 router as

th d f lt tthe default router.–An L1 0.0.0.0/0 route will be entered into the routing table.

IS IS d dd t k k i d t fi i tiIS-IS command - summary-address network mask is used to configure summarization (Level 1, Level 2 or both).

B(config-router)#summary-address 10.0.0.0 255.240.0.0 ?level-1 Summarize into level-1 arealevel-1 Summarize into level-1 arealevel-1-2 Summarize into both area and sub-domainlevel-2 Summarize into level-2 sub-domainmetric Set metric for summay route


metric Set metric for summay routetag Set tag<cr>

MetricsOdds and EndsOdds and EndsOdds and EndsOdds and Ends

Cisco’s IS-IS implementation will perform equal cost load balancing up to six paths.

B(config-router)#router isisB(config-router)#router isis

B(config-router)#maximum-paths ?

<1-32> Number of paths

B(config-router)#maximum-paths 32

B(config-router)#do sh ip protocols | inc path

Maximum path: 32

B(config router)#


B(config-router)#

Odds and EndsOdds and EndsOdds and EndsOdds and Ends

Level 2 routers are expected to know about all routesLevel 2 routers are expected to know about all routesLevel 2 routers are expected to know about all routesLevel 2 routers are expected to know about all routes.–ISIS command: default-information originate is used to advertise a default route into the backbone path.

L1L2 routers run two IS-IS processes, one for its L1 LSDB and another for its L2 LSDB.

Once a packet is accepted by a router the System ID and NSEL are stripped.


Multi-Area IS-ISMulti Area IS IS Example


LevelsL1L2SanJose1 L1L2

interface Loopback0ip address 192.168.10.1 255.255.255.252ip router isisinterface FastEthernet0/0ip address 172.16.0.1 255.255.255.0

L1 L2

pip router isisinterface Serial0/0ip address 10.0.0.2 255.255.255.252ip router isis

router isisrouter isisnet 49.0001.1111.1111.1111.00is-type level-1-2

SanJose2 PhoenixSanJose2interface FastEthernet0/0ip address 172.16.0.2 255.255.255.0ip router isisinterface FastEthernet0/1ip address 192 168 20 1 255 255 255 0

Phoenixinterface Serial0/0ip address 10.0.0.1 255.255.255.252ip router isis

interface FastEthernet0/1i dd 192 168 30 1 255 255 255 0ip address 192.168.20.1 255.255.255.0

ip router isisrouter isisnet 49.0001.2222.2222.2222.00is-type level-1

ip address 192.168.30.1 255.255.255.0ip router isis

router isisnet 49.0002.3333.3333.3333.00is-type level-2-only


•is-type {level-1 | level-1-2 | level-2-only}

show clns neighL1L2

• System ID – Cisco IOS uses the hostname.

• SNPA is the MAC of the remoteremote

L1L2

router or HDLC on the serial link.• The Type is the is-type of the

remoteremote router. L1 L2

SanJose1#show clns neighbors

System Id Interface SNPA State Holdtime Type Protocol

SanJose2 Fa0/0 0003 6be9 d480 Up 26 L1 IS ISSanJose2 Fa0/0 0003.6be9.d480 Up 26 L1 IS-IS

Phoenix Se0/0 *HDLC* Up 28 L2 IS-IS

SanJose2#show clns neighborsg


SanJose1 Fa0/0 0002.b9ee.5ee0 Up 4 L1 IS-IS


Phoenix#show clns neighbors


SanJose1 Se0/0 *HDLC* Up 27 L2 IS-IS

show isis dataL1L2

• SanJose1 has a L1 LSDB and a L2 LSDB.

• Use detail option for complete

L1L2

p pLSDB.

L1 L2SanJose1#show isis database

IS-IS Level-1 Link State Database:

LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OLLSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL

SanJose1.00-00 * 0x00000005 0xDE15 916 1/0/0

SanJose1.01-00 * 0x00000003 0xBBFE 1165 0/0/0

SanJose2.00-00 0x00000006 0xBDFB 470 0/0/0

IS-IS Level-2 Link State Database:

LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL

SanJose1.00-00 * 0x0000001B 0xAB48 914 0/0/0


SanJose1.01-00 * 0x0000001B 0x5526 480 0/0/0

Phoenix.00-00 0x0000001E 0xA3D3 912 0/0/0

Phoenix.01-00 0x00000002 0x54A6 826 0/0/0

show ip routeL1L2

• Because SanJose1 is an L1L2 router, it contains both:

L1 routes for Area 49.0001

L1 L2

and L2 routes for the other area 49.0002.

SanJose1#show ip route

Gateway of last resort is not setGateway of last resort is not set

i L2 192.168.30.0/24 [115/20] via 10.0.0.1, Serial0/0

C 192.168.10.0/24 is directly connected, FastEthernet0/1

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.0.0 is directly connected, FastEthernet0/0

i L1 192.168.20.0/24 [115/20] via 172.16.0.2, FastEthernet0/0


10.0.0.0/30 is subnetted, 1 subnets

C 10.0.0.0 is directly connected, Serial0/0

The IS-IS Routing Process SummarizationProcess, Summarization and Additional Notes

Additional information helpful to understandAdditional information helpful to understand…


TerminologyTerminology

CLV (Code/Length/Value) and TLV (Type/Length/Value)CLV (Code/Length/Value) and TLV (Type/Length/Value)–Are the same thing, CLV is more of the OSI term.–There are variable length fields in a PDU.

•Code or Type specifies the type of information.•Length specifies the size of the Value field.•Value is the information itself•Value is the information itself.

–Example: CLV or TLV 128 defines the capability to carry IP routes in IS-IS packets, while TLV 128 is Integrated Integrated ISIS ISIS while TLV 3 defineswhile TLV 3 defines ESESISIS--IS, IS, while TLV 3 defines while TLV 3 defines ESES..


IS IS Routing ProcessIS-IS Routing Process

IS IS Routing Process is divided into four stages:IS-IS Routing Process is divided into four stages:

Update–Update–Decision–Forwarding–Receive


IS IS Routing Process: UpdateIS-IS Routing Process: Update

The Update ProcessThe Update Process

Routers can only forward data packets if they have an understanding of the network topology.

LSPs are generated and flooded throughout the network whenever:whenever:

–An adjacency comes up or down (example: a new router comes online).A i t f t h t t i i d–An interface on a router changes state or is assigned a new metric.

–An IP route changes (example: because of redistribution)


IS-IS Routing Process: UpdatePropagating (sending) LSPs on a Point-to-Point Interface

–When an adjacency is established both routers send a CSNP (OSPF DBD) summary of their LSDBDBD) summary of their LSDB.

–If the receiving router has any LSPs that were not present in the CSNP it received, it sends a copy of the missing LSP to the other routerrouter.

CSNP CSNPYou are missing LSP 3missing LSP 3

LSP 3PSNP (Ack)


IS-IS Routing Process: UpdatePropagating (sending) LSPs on a Point to Point InterfacePropagating (sending) LSPs on a Point-to-Point Interface

–Likewise, if the receiving router is missing any LSPs received in the CSNP, the receiving router sends a PSNP (OSPF LSR) requesting the full LSP to be sentfull LSP to be sent.

–LSPs are acknowledges with a PSNP (OSPF LSAck)–When the LSP is sent, the router sets a timer.

•If the acknolwedgement (PSNP) is not received within 5 seconds (Cisco default), the LSP is resent.

CSNP CSNP

PSNP 3

I am missing LSP 3

LSP 3PSNP (Ack)

PSNP 3


LSP 3


Propagating (sending) LSPs on a Broadcast InterfacePropagating (sending) LSPs on a Broadcast Interface–The DIS (OSPF DR) takes on much of the responsibility for synchronizing the databases on behalf of the pseudonode.

–DIS has three tasks:••Creating and maintaining adjacenciesCreating and maintaining adjacencies••Creating and updating theCreating and updating the pseudonodepseudonode LSPLSPCreating and updating the Creating and updating the pseudonodepseudonode LSPLSP••Flooding the LSPs over the Flooding the LSPs over the LANLAN..


IS-IS Routing Process: UpdatePropagating (sending) LSPs on a Broadcast InterfacePropagating (sending) LSPs on a Broadcast Interface

–On receiving a CSNP the router compares it with its LSDB…–If the receiving router has a newer version of the LSP then what was sent in the CSNP or if the CSNP did not contain one of its LSPs the routerthe CSNP, or if the CSNP did not contain one of its LSPs, the router multicasts the LSP to all routers on the LAN.

CSNPCSNP (DBD)

LSP 88I have a newer version

of LSP 88


Receipt of LSP 88 is acknowledged by all routers with a PSNP.

IS-IS Routing Process: Update

Propagating (sending) LSPs on a Broadcast Interface–On receiving a CSNP the router compares it with its LSDB…–If the database is missing an LSP that was in the CSNP, it sends a PSNP requesting the full LSP.

–The DIS sends the LSP.

CSNP

LSP 77 (LSA)

CSNP (DBD)

PSNP (LSR)

PSNP (LSAck)


( )


Receiving an LSP–If the LSP is already present in the database (LSDB), the router y p ( )(IS) acknowledges (PSNP) and ignores it.

•The router sends the duplicated LSP to its neighbors.•Level 1 LSPs are flooded throughout the areaLevel 1 LSPs are flooded throughout the area•Level 2 LSPs are sent across all L2 adjacencies.


IS-IS Routing Process: UpdateDetermining if an LSP is valid:

–Receiving router uses three fields to help determine if the received LSP is more recent than the one in its LSDB.R i i Lif ti–Remaining Lifetime

•Used to age-out or delete LSPs•Lifetime is set to 0 and flooded•Receiving routers recognize this means the route is bad and deletes the LSP from their LSDB, rerunning SPF algorithm, new SPT, new routing table.•Note: LSPs have a maximum age of 20 minutes in an IS-IS LSDB, and are re-flooded (refreshed) every 15 minutesre flooded (refreshed) every 15 minutes.

–Sequence Number•First LSP starts with a sequence number of 1, with following LSPs incremented by 1.y

–Checksum•If received LSP’s checksum does not computer correctly, the LSP is flushed and the lifetime set to 0.


•The receiving router floods the LSP with the lifetime set to 0.•When the originating router gets this LSP (lifetime = 0) it retransmits a new LSP.

IS-IS Routing Process: Decision

The Decision Process–Uses Dijkstra’s algorithm to build a SPT (Shortest Path Tree)–The SPT is used to create the forwarding table, also known as the routing table.

–Several tables are used during this process:Several tables are used during this process:•PATH table

–PATH table is the SPT during the construction of the LSDBLSDB–Each candidate route is placed in the PATH table while the metric is examined to determine if it is the shortest path to the destinationpath to the destination.

•TENT is the tentative databasetentative database (a scratchpad) during this process


IS-IS Routing Process: DecisionDetermining the best route

Criteria by which the lowest cost paths are selected and placed in the forwarding database are:g

–Cisco allows up to six equalsix equal--cost pathscost paths, four by defaultfour by default.–Cisco only supports the default metricdefault metricI t l th h b f t l th t id th ti–Internal paths are chosen before external paths outside the routing domain, to prevent sub-optimal routes and routing loops.

–Level 1 paths within the area are “more attractive”“more attractive” than Level 2 th t id th t t bt t b ti l t d titi l t d tipaths outside the area, to prevent subto prevent sub--optimal routes and routing optimal routes and routing

loops.loops.–Longest match or most specific address in IP ensures that the

l t t i hclosest router is chosen.––ToSToS (Type of Service)(Type of Service) in IP header is used, if configured.–If there is no path, the forwarding database sends the packet to the


p , g pnearest Level 2 router, which is the which is the default routerdefault router.

IS-IS Routing Process: Forwarding and Receiving

Forwarding process–After the SPT has been built the forwarding database can be created.

–The forwarding table is the lookup table for the longest matchlookup table for the longest match.–The forwarding table for IS-IS is more relevant to CLNS than to IPmore relevant to CLNS than to IPThe forwarding table for IS IS is more relevant to CLNS than to IPmore relevant to CLNS than to IP, because the IP routing information is entered directly into the IP IP routing information is entered directly into the IP routing table.routing table.

Receive process–If the frame is valid, the receive process passes user data and error

t t th f direports to the forwarding process.–Whereas routing information: Hellos, LSPs, and SNPs are sent to the update process.


–Receive process is primarily concerned with CLNS routing and is primarily concerned with CLNS routing and not IP.not IP.

Route Summarization

Rules for IS-IS route summarization similar to that of OSPF

Level 1-2 routers (L1L2)–Similar to OSPF ABR –Configured at the L1L1L2L2 router at the edge of an area.router at the edge of an area.Configured at the L1L1L2L2 router at the edge of an area.router at the edge of an area.–L1L2 routers can summarize the routes within their area to within their area to L1L1L2L2 or or L2 routers L2 routers in another area.in another area.

–This is an efficient method of establishing prefix (network addresses)prefix (network addresses)–This is an efficient method of establishing prefix (network addresses) prefix (network addresses) routing into other areas.routing into other areas.

If one edge If one edge L1L1L2L2 router in an arearouter in an area is summarizing routes for that area, is summarizing routes for that area, other edgeother edge L1L1L2L2 routersrouters in that area must also be summarizing routesin that area must also be summarizing routesother edge other edge L1L1L2L2 routersrouters in that area must also be summarizing routesin that area must also be summarizing routes.

–If other L1L2 routers are summarizing and one edge L1L2 router is notnot summarizingsummarizing, all traffic destined for that area will be sent to the non-summarizing router because of longest match routing.


non summarizing router because of longest match routing.

IS-IS Authentication IS-IS authentication can use cleartext passwords or HMAC-MD5.

Cisco IOS supports IS-IS authentication on three levels: between neighbors, area-wide, and domain-wide. The three authentication levels can be used by themselves or together. The rules for IS-IS authentication are.g

When authenticating between neighbors, the same password must be configured on the connecting interfaces.

When authenticating between neighbors authentication may be configuredWhen authenticating between neighbors, authentication may be configured separately for L1 and L2 adjacencies.

When authenticating between neighbors, either clear text or MD5 may be used.

When performing area-wide authentication, every router in the area must use the same authentication mode and must have a common key-string.

When performing domain-wide authentication every L2 and L1/L2 router


When performing domain-wide authentication, every L2 and L1/L2 router in the IS-IS domain must utilize the same mode of authentication and must use a common key-string.

IS-IS Authentication


IS-IS - univ-reims.frlsteffenel/cours/FC/BSCI4.pdf · IS-IS Protocol Options IS-IS (ISO 10589)...

Documents

Transcript of IS-IS - univ-reims.frlsteffenel/cours/FC/BSCI4.pdf · IS-IS Protocol Options IS-IS (ISO 10589)...