IS-IS

  • Router to Router communication
  • link-state IGP similar to OSPF

Used in core of SP networks because

  • its very scalable for flat network designs
  • it has very simple design and implementation
  • supports both ipv4 and ipv6 routing
  • there is not as much functionality as in OSPF, because OSPF is designed to enterprise routing and IS-IS to flat SP networks.

IS-IS came from CLNS (connectionless network stack) stack it is not an IP protocol. Thats why we have to take into consideration transport protocol for IS-IS because not all transport protocols are supported. Check the drawing below. You can see that you have there Ethernet and above that there is no IP. The CLNS runs directly above the Ethernet.

clns

IS-IS NET Addressing

Network Entity Title

  • first we need to define the network entity title which is the CLNS Router-ID. We can think about it same as in OSPF Router ID.

Uses ISO NSAP Addressing Format

  • Maximum 20 bytes
  • Minimum 8 bytes

The format is like this:

  • AA.AAAA.AAAA.AAAA.AAAA.AAAA.AAAA.SSSS.SSSS.SSSS.NN
  • You see we have 3 fields in address, the area (not link-state area like OSPF), the system ID (router-ID inside area) and N-Selector. N-Selector is always zero.
  • The minimum 8 bytes long address is marked with bold.
  • OSPF uses AREAS for its hiearchy, where to flood its LSAs, however in case of IS-IS the area is not mapped to the flooding domain. In IS-IS  the AREA has an impact on who we can form adjacency with.
  • System-ID – This is the Router-ID inside an area, so must be unique within an area, but for the overall system the system-id can overlap in other areas.
  • Another restriction is that the address must be the even number of bytes. So minimum 8bytes or then 10 bytes or 12 bytes – you know the logic…

IS-IS Adjacency Levels

Once we specify the Network Entity Title we need to specify what is the level of the adjacency we want to form with the other intermediate systems. There are two levels of adjacency:

  • Level 2 (L2) – the L2 process is like are 0 in OSPF. So this is the backbone flooding domain. Here we can do the inter level routing where we have the routers on level 1 and level 2 and we can summarize on these border routers. So the level define the flooding domain. Just like in area 0 this must be contiguous. IOS doesnt support he IS-IS virtual links. Note to form level 2 adjacency you do not need to have the same area. The adjacency in L2 can be inter area or intra area.
  • Level 1 (L1) – this is like not so stubby area in OSPF. So you can form adjacency within your area, you are able to learn that intra-area routes, you use default routes to get to the level 2 domain and you are allowed to do the redistribution into the level 1. Note to form level 1 adjacency you must have the same area. The adjacency in L1 can be intraarea.
  • Level 1/ Level 2 (L1/L2) Router – Like ABR i nOSPF. Used as exit point from L1 to L2). This router injects the default route into the level 1 by setting the „attached“ bit. We can see this via the show is-is database where the ABRs will have the attached bit set to 1. So like in OSPF we are cutting the shortest path tree and the flooding domain when implementing the L1/L2 hierarchy.

IS-IS Level Manipulation

In OSPF the interface can belong just to one area. Here it is different and the interface can belong to both levels in same time. You can establish the L1 and L2 adjacency. This is actually the default behavior of the process. So esentially if you dont disable this you basically double the overhead of shortest path tree, because you run the SPF process for L1 and L2. This is one of the first thing you want to do in terms of optimization. You can globally turn this off – it affects all interfaces or under the interface. Clearly you dont want to turn this off globally in the ABR routers (L1/L2 routers)

IS-IS Network type

Supports only two network types – yeah! 😉

  • Broadcast – default on multipoint interfaces. (ethernet)
  • Point-to-Point – default on point-to-point interfaces. (PPP, HDLC, P2P GRE)
The reason for difference between them is same as in OSPF. In OSPF you specify in Broadcast the Designated router. In IS-IS you specify the Designated Intermediate System (DIS). There is no backup Designated Intermediate System like in OSPF backup designated router. Election of DIS occurs by highest priority or highest SNPA (subnet point of attachment = MAC) address. There is separate DIS for L1 and L2. However in vast majority of SP networks you dont run shared ethernet segment but point to point ethernet in order to remove the DIS, which is additional packet in LSP database. So same like in OSPF if you have just two routers interconnected via the ethernet link you specify the point to point link to remove the election of DR/BDR and remove the need of flooding the network LSA (LSA 2).

Forming IS-IS Adjacency

In terms of forming an adjacency there is really a 3 options that we need to take into an account.
  1. First is to ensure the transport – Can I send the CLNAS packet out and can the device receive it? This can be problem if we have IP tunnels like IPv6 IP (IPv6 encapsulated in IP). Because CLNS is not an IP protocol the encapsulation will fail and routers would not be able to form an adjacency. If we would run the GRE then the IS-IS should be able to form an adjacency. If I have some protocols that are IP only I can have a problems. For example the L2VPN interworking where this removes the L3 header and put it to L2 – I can have a problems.
  2. Level of adjacency must match. In Level 1 adjacency area must match.
  3. Network type (broadcast/point-to-point) must match
  4. Then there are others like authentication or MTU. These must match or adjacency is not formed.

IS-IS Route leaking

Level 2 domain knows all prefixes but Level 1 domain only knows L1 prefixes. By default the ABR (L2/L1) router sends default routes to level 1 only. You can tweak that via isis route leaking. So the level 1 propagates all routes to level 2 however level 2 propagates only default routes to level 1.  This is important because default route is 0.0.0.0/0 and MPLS VPN tunnels are not supported for /0 addresses it must be /32. So you cannot establish MPLS tunnel from level 1 to anything in level 2.

The Route Leaking can be used to selectively pass L2 routes into L1, or deny L1 rotues from passing into L2. For that you need to configure prefix-list/prefix-set and allow the network to be leaked via route-map/route-policy. Then you configure the redistribute from level 2 to level one with the route map/rpl.

IS-IS Troubleshoot

To see the neighbors you can put down:

  • show isis neighbors  – you can see this command below. The Circuit ID identifies the DIS, so we are in broadcast network type. Second figure below shows point-to-point mode, when in Circuit ID doesnt show the Router hostname.
  • show clns is-neighbors
  • show isis interface – to show if isis is enabled on interface
  • debug isis adj-packets – to debug isis adjacency
  • if your metric style doesnt match, adjacency is UP however you wont exchange any routes because the router doesnt understand the TLV field.

isis-neigh

isis-neigh2

IS-IS Path Selection

  • All links default to cost of 10 – this can be manually modified
  • Level 1 paths preffered over Level 2 paths – like in OSPF Intra-Area over Inter-Are (network LSA over summary LSA)
  • Neighbors must agree on metric style
    • Narrow (default)
    • Wide – needed for MPLS TE and IPv6
    • Transition – runs both wide and narrow at same time.
  • There is field in ISIS that is called TLV (type,length,value). That is used to encode the metric style. However that is not the only usage. You can also encode the ipv6 information or MPLS TE and this is important for us because in 99 % when you forming adjacency you would select metric style Wide. This type gives the TLV larger bit length which can then encode more information like IPv6 or MPLS TE.