Overview and topology
This post is a review of basic ISIS on IOS and IOS-XR. It reviews how to configure basic settings in order to get ISIS working. The topology used is as follow :
Enabling ISIS
The very first thing to do is to enable the ISIS process. The process is similar on IOS and IOS-XR, the only difference is that IOS-XR requires a process tag :
IOS :
R1#conf t
R1(config)#router isis
R1(config-router)#
IOS-XR
RP/0/0/CPU0:XR1# RP/0/0/CPU0:XR1#conf t RP/0/0/CPU0:XR1(config)#router isis 0 RP/0/0/CPU0:XR1(config-isis)#commit
Configuring the ISIS NET
Like OSPF, ISIS needs a way to uniquely identify a system which is running the protocol. This is defines with the ISIS NET address which is in NSAP format. A NSAP address is a variable length and because of this, the best way to read a NSAP address is from right to left. The NET address is mandatory on both IOS and IOS-XR. The NSAP NET address can be complete or simplified, nowadays the simplified address is used :
- Usually the first two digit (first byte) are numerically set to 49, this is used to identify a local AFI.
- Most of the time, the next four digits (two bytes) are used to identify the area. The area can be defined with more than four digits as this is a variable length part.
- Then the System ID is used to uniquely identify the device, six bytes are used for this. A good practice is to used an IP address for this.
- Last, the NSEL is the last byte and is always numerically set with 00
The same command is used on IOS and IOS-XR for this :
IOS:
R1(config)#router isis R1(config-router)#net 49.0001.0000.0000.0001.00
IOS-XR :
RP/0/0/CPU0:XR1(config)#router isis 0 RP/0/0/CPU0:XR1(config-isis)#net 49.0001.0000.0000.0011.00 RP/0/0/CPU0:XR1(config-isis)#commit
Enabling ISIS on interfaces
The next step is to enable ISIS on interfaces. This configuration will allow ISIS to send Hello packets to find neighbors. Depending on the interface type, different types of Hello packets can be sent. Following the topology, I want to build and adjacency between R1 and XR3. The NET addresses have been set to :
- R1 = 49.0001.0000.0000.0001.00
- XR3 = 49.0001.0000.0000.0033.00
On R1 running IOS :
R1#sh run int G0/13 interface GigabitEthernet0/13 ip address 172.16.13.1 255.255.255.0
On XR3 running IOS-XR :
router isis 0 net 49.0001.0000.0000.0033.00 interface GigabitEthernet0/0/0/11 address-family ipv4 unicast
The difference is where the configuration applies. On regular IOS the configuration must be applied under the interface configuration but on IOS-XR the configuration is done under the configuration of the routing process. We must also specify the address family on IOS-XR. Configured interfaces and neighbors can be checked : On IOS, there is multiple ways to see which interfaces have been enabled. My way is to used the CLNS command, but show ip protocols will also display some useful information :
R1#show clns interface GigabitEthernet0/13 is up, line protocol is up Checksums enabled, MTU 1497, Encapsulation SAP ERPDUs enabled, min. interval 10 msec. CLNS fast switching disabled CLNS SSE switching disabled DEC compatibility mode OFF for this interface Next ESH/ISH in 21 seconds Routing Protocol: IS-IS Circuit Type: level-1-2 Interface number 0x0, local circuit ID 0x1 Level-1 Metric: 10, Priority: 64, Circuit ID: XR3.03 DR ID: XR3.03 Level-1 IPv6 Metric: 10 Number of active level-1 adjacencies: 1 Level-2 Metric: 10, Priority: 64, Circuit ID: XR3.03 DR ID: XR3.03 Level-2 IPv6 Metric: 10 Number of active level-2 adjacencies: 1 Next IS-IS LAN Level-1 Hello in 4 seconds Next IS-IS LAN Level-2 Hello in 4 seconds
To display the neighbors in IOS, the command is very easy :
R1#show isis neighbors System Id Type Interface IP Address State Holdtime Circuit Id XR3 L1 Gi0/13 172.16.13.33 UP 7 XR3.03 XR3 L2 Gi0/13 172.16.13.33 UP 8 XR3.03
So here we see two adjacencies have been built, one is type L1 and the other one is type L2. On IOS-XR, we can see one interface has been enabled and we have one adjacency on L1 and one adjacency on L2
RP/0/0/CPU0:XR3#show isis interface brief Sat Sep 19 12:50:14.432 UTC IS-IS 0 Interfaces Interface All Adjs Adj Topos Adv Topos CLNS MTU Prio OK L1 L2 Run/Cfg Run/Cfg L1 L2 ----------------- --- --------- --------- --------- ---- ---- -------- Gi0/0/0/11 Yes 1* 1* 1/1 1/1 Up 1497 64 6
The neighbors can also be checked on IOS-XR :
RP/0/0/CPU0:XR3#show isis neighbors IS-IS 0 neighbors: System Id Interface SNPA State Holdtime Type IETF-NSF R1 Gi0/0/0/11 fa16.3e08.da4d Up 26 L1L2 Capable
ISIS Adjacency types
By default if two routers are located in the same ISIS Area, they will build both Layer 1 and Layer 2 adjacency because Hello PDUs will be sent for both levels. ISIS is different from OSPF because there is no one are that defines what is the backbone (like in OSPF area 0). With ISIS the backbone is build with the collection on L2 links. A router can be :
- An L1 router, which doesn’t have a direct link to the ISIS Backbone (intra-area router)
- An L2 router, which has a direct like to the Backbone and will be able to do inter-area routing.
- An L1/L2 router, which is both in relation with an area and the ISIS Backbone (similar to an ABR)
If R2 is configured with another Area ID, the peering between R1 and R2 will be L2 only : R2:
router isis net 49.0002.0000.0000.0002.00 interface GigabitEthernet0/1 ip address 192.168.12.2 255.255.255.0 ip router isis
So do we need to have both L1 and L2 between R1 and XR3 ? It depends of the design. Here let’s consider that XR3 will not have a direct link to the backbone and need to go through R1 to access other areas. On XR3 we need to specify that XR3 is an L1 router only, which will disable the Hello PDUs for L2 on all its interfaces :
router isis 0 is-type level-1
With that configuration, on L1 adjacency will be built and we can check this on R1 or XR3, here it is on R1 :
R1#sh isis neighbors System Id Type Interface IP Address State Holdtime Circuit Id R2 L2 Gi0/2 192.168.12.2 UP 8 R2.01 XR3 L1 Gi0/13 172.16.13.33 UP 9 XR3.03
The very same configuration is available on IOS and it can only be done to get a router running as L2 only. Now does it mean that R1 will stop to send L2 adjacency packets to XR3 ? The following debug shows us that R1 still tries to build L2 adjacency with XR3 :
R1#debug isis adj-packets G0/13 IS-IS Adjacency related packets debugging is on for router process null *Sep 20 14:31:02.871: ISIS-Adj: Rec L1 IIH from fa16.3ecd.3340 (GigabitEthernet0/13), cir type L1, cir id 0000.0000.0033.03, length 1497, ht(10) *Sep 20 14:31:02.871: ISIS-Adj: he_knows_us 1, old state 0, new state 0, level 1 *Sep 20 14:31:05.466: ISIS-Adj: Sending L2 LAN IIH on GigabitEthernet0/13, length 1497
We are still sending L2 LAN IIH. On R1 we cannot specify the router to be L1 only because of the L2 link with R2. So we must find a way to do this on a per interface basis. This is done with the command isis circuit-type
interface GigabitEthernet0/13 ip address 172.16.13.1 255.255.255.0 ip router isis isis circuit-type level-1 end
And we can check this by running another debug or by checking that circuit-type on the show clns interface command :
R1#sh clns interface G0/13 GigabitEthernet0/13 is up, line protocol is up Checksums enabled, MTU 1497, Encapsulation SAP ERPDUs enabled, min. interval 10 msec. CLNS fast switching disabled CLNS SSE switching disabled DEC compatibility mode OFF for this interface Next ESH/ISH in 22 seconds Routing Protocol: IS-IS Circuit Type: level-1 Interface number 0x0, local circuit ID 0x1 Level-1 Metric: 10, Priority: 64, Circuit ID: XR3.03 DR ID: XR3.03 Level-1 IPv6 Metric: 10 Number of active level-1 adjacencies: 1 Next IS-IS LAN Level-1 Hello in 5 seconds
ISIS Network Types
A last word on the basic ISIS configuratio – network types. In OSPF there is some network types that defines how the router will behave with its neighbor. ISIS works the same way except there is only two types of… network type:
- LAN
- Point to Point
With a LAN network type, which is by default on Ethernet link, a DIS will be elected. The DIS is very similar to a DR in OSPF with some differences:
- There is no backup DIS in ISIS
- There is no adjacency optimization with the DIS in ISIS
- The DIS Role is preemptive in ISIS
In the ISIS database, the DIS will be considered as a pseudonode and from an exterior point of view, the routers which are attached to a LAN network type will be seen as attached to the DIS. The Network type can be change under the interface :
On IOS (R1) :
interface GigabitEthernet0/13 ip address 172.16.13.1 255.255.255.0 ip router isis isis circuit-type level-1 isis network point-to-point end
On IOS-XR (XR3) :
router isis 0 is-type level-1 net 49.0001.0000.0000.0033.00 interface GigabitEthernet0/0/0/11 point-to-point address-family ipv4 unicast
The DIS election is based on the priority. Cisco sets the default priority to 64 and a router with a priority of 0 does not participate to the election. The highest the priority the better the chances are to be elected DIS. In ISIS, the tie-breaker is the highest MAC Address. ON IOS the details can be found with a show clns interface :
R1#sh clns interface G0/2 | i DR|Priority Level-1 Metric: 10, Priority: 64, Circuit ID: R1.02 DR ID: 0000.0000.0000.00 Level-2 Metric: 10, Priority: 64, Circuit ID: R2.01 DR ID: R2.01
On IOS-XR the details can be found with a show isis interface :
RP/0/0/CPU0:XR3#sh isis interface G0/0/0/11 | in "LAN ID|Priority" LAN ID: XR3.05 Priority (Local/DIS): 64/64
Of course if the network is specified as point-to-point, no DIS will be elected. In the current lab, XR3 is the DIS as seen in the LAN ID information for IOS-XR or DR ID on IOS. This can be changed with the priority. On IOS the configuration is done under the interface with the command isis priority :
interface GigabitEthernet0/13 ip address 172.16.13.1 255.255.255.0 ip router isis isis circuit-type level-1 isis priority 127 end
On IOS-XR the configuration is done under the routing process under the sub-configuration of the interface with the command priority :
router isis 0 interface GigabitEthernet0/0/0/11 priority 0 address-family ipv4 unicast
Leave a Reply