Basic ISIS on IOS and IOS-XR (Part 1)

Overview and topology

This post is a review of basic ISIS on IOS and IOS-XR. It reviews how to configure basic settings in order to get ISIS working. The topology used is as follow :

Enabling ISIS

The very first thing to do is to enable the ISIS process. The process is similar on IOS and IOS-XR, the only difference is that IOS-XR requires a process tag :

IOS :

R1#conf t
R1(config)#router isis
R1(config-router)#

IOS-XR

RP/0/0/CPU0:XR1#
RP/0/0/CPU0:XR1#conf t
RP/0/0/CPU0:XR1(config)#router isis 0
RP/0/0/CPU0:XR1(config-isis)#commit

Configuring the ISIS NET

Like OSPF, ISIS needs a way to uniquely identify a system which is running the protocol. This is defines with the ISIS NET address which is in NSAP format. A NSAP address is a variable length and because of this, the best way to read a NSAP address is from right to left. The NET address is mandatory on both IOS and IOS-XR. The NSAP NET address can be complete or simplified, nowadays the simplified address is used :

  • Usually the first two digit (first byte) are numerically set to 49, this is used to identify a local AFI.
  • Most of the time, the next four digits (two bytes) are used to identify the area. The area can be defined with more than four digits as this is a variable length part.
  • Then the System ID is used to uniquely identify the device, six bytes are used for this. A good practice is to used an IP address for this.
  • Last, the NSEL is the last byte and is always numerically set with 00

The same command is used on IOS and IOS-XR for this :

IOS:

R1(config)#router isis
R1(config-router)#net 49.0001.0000.0000.0001.00

IOS-XR :

RP/0/0/CPU0:XR1(config)#router isis 0
RP/0/0/CPU0:XR1(config-isis)#net 49.0001.0000.0000.0011.00
RP/0/0/CPU0:XR1(config-isis)#commit

Enabling ISIS on interfaces

The next step is to enable ISIS on interfaces. This configuration will allow ISIS to send Hello packets to find neighbors. Depending on the interface type, different types of Hello packets can be sent. Following the topology, I want to build and adjacency between R1 and XR3. The NET addresses have been set to :

  • R1 = 49.0001.0000.0000.0001.00
  • XR3 = 49.0001.0000.0000.0033.00

On R1 running IOS :

R1#sh run int G0/13
interface GigabitEthernet0/13
 ip address 172.16.13.1 255.255.255.0

On XR3 running IOS-XR :

router isis 0
 net 49.0001.0000.0000.0033.00
 interface GigabitEthernet0/0/0/11
  address-family ipv4 unicast

The difference is where the configuration applies. On regular IOS the configuration must be applied under the interface configuration but on IOS-XR the configuration is done under the configuration of the routing process. We must also specify the address family on IOS-XR. Configured interfaces and neighbors can be checked : On IOS, there is multiple ways to see which interfaces have been enabled. My way is to used the CLNS command, but show ip protocols will also display some useful information :

R1#show clns interface
GigabitEthernet0/13 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching disabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 21 seconds
  Routing Protocol: IS-IS
    Circuit Type: level-1-2
    Interface number 0x0, local circuit ID 0x1
    Level-1 Metric: 10, Priority: 64, Circuit ID: XR3.03
    DR ID: XR3.03
    Level-1 IPv6 Metric: 10
    Number of active level-1 adjacencies: 1
    Level-2 Metric: 10, Priority: 64, Circuit ID: XR3.03
    DR ID: XR3.03
    Level-2 IPv6 Metric: 10
    Number of active level-2 adjacencies: 1
    Next IS-IS LAN Level-1 Hello in 4 seconds
    Next IS-IS LAN Level-2 Hello in 4 seconds

To display the neighbors in IOS, the command is very easy :

R1#show isis neighbors
System Id      Type Interface   IP Address      State Holdtime Circuit Id
XR3            L1   Gi0/13      172.16.13.33    UP    7        XR3.03
XR3            L2   Gi0/13      172.16.13.33    UP    8        XR3.03

So here we see two adjacencies have been built, one is type L1 and the other one is type L2. On IOS-XR, we can see one interface has been enabled and we have one adjacency on L1 and one adjacency on L2

RP/0/0/CPU0:XR3#show isis interface brief
Sat Sep 19 12:50:14.432 UTC
IS-IS 0 Interfaces
    Interface      All     Adjs    Adj Topos  Adv Topos  CLNS   MTU    Prio
                   OK    L1   L2    Run/Cfg    Run/Cfg                L1   L2
-----------------  ---  ---------  ---------  ---------  ----  ----  --------
Gi0/0/0/11         Yes    1*   1*     1/1        1/1     Up    1497   64   6

The neighbors can also be checked on IOS-XR :

RP/0/0/CPU0:XR3#show isis neighbors
IS-IS 0 neighbors:
System Id      Interface        SNPA           State Holdtime Type IETF-NSF
R1             Gi0/0/0/11       fa16.3e08.da4d Up    26       L1L2 Capable

ISIS Adjacency types

By default if two routers are located in the same ISIS Area, they will build both Layer 1 and Layer 2 adjacency because Hello PDUs will be sent for both levels. ISIS is different from OSPF because there is no one are that defines what is the backbone (like in OSPF area 0). With ISIS the backbone is build with the collection on L2 links. A router can be :

  • An L1 router, which doesn’t have a direct link to the ISIS Backbone (intra-area router)
  • An L2 router, which has a direct like to the Backbone and will be able to do inter-area routing.
  • An L1/L2 router, which is both in relation with an area and the ISIS Backbone (similar to an ABR)

If R2 is configured with another Area ID, the peering between R1 and R2 will be L2 only : R2:

router isis
 net 49.0002.0000.0000.0002.00
interface GigabitEthernet0/1
 ip address 192.168.12.2 255.255.255.0
 ip router isis

So do we need to have both L1 and L2 between R1 and XR3 ? It depends of the design. Here let’s consider that XR3 will not have a direct link to the backbone and need to go through R1 to access other areas. On XR3 we need to specify that XR3 is an L1 router only, which will disable the Hello PDUs for L2 on all its interfaces :

router isis 0
 is-type level-1

With that configuration, on L1 adjacency will be built and we can check this on R1 or XR3, here it is on R1 :

R1#sh isis neighbors
System Id      Type Interface   IP Address      State Holdtime Circuit Id
R2             L2   Gi0/2       192.168.12.2    UP    8        R2.01
XR3            L1   Gi0/13      172.16.13.33    UP    9        XR3.03

The very same configuration is available on IOS and it can only be done to get a router running as L2 only. Now does it mean that R1 will stop to send L2 adjacency packets to XR3 ? The following debug shows us that R1 still tries to build L2 adjacency with XR3 :

R1#debug isis adj-packets G0/13
IS-IS Adjacency related packets debugging is on for router process null
*Sep 20 14:31:02.871: ISIS-Adj: Rec L1 IIH from fa16.3ecd.3340 (GigabitEthernet0/13), cir type L1, cir id 0000.0000.0033.03, length 1497, ht(10)
*Sep 20 14:31:02.871: ISIS-Adj: he_knows_us 1, old state 0, new state 0, level 1
*Sep 20 14:31:05.466: ISIS-Adj: Sending L2 LAN IIH on GigabitEthernet0/13, length 1497

We are still sending L2 LAN IIH. On R1 we cannot specify the router to be L1 only because of the L2 link with R2. So we must find a way to do this on a per interface basis. This is done with the command isis circuit-type

interface GigabitEthernet0/13
 ip address 172.16.13.1 255.255.255.0
 ip router isis
 isis circuit-type level-1
end

And we can check this by running another debug or by checking that circuit-type on the show clns interface command :

R1#sh clns interface G0/13
GigabitEthernet0/13 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching disabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 22 seconds
  Routing Protocol: IS-IS
    Circuit Type: level-1
    Interface number 0x0, local circuit ID 0x1
    Level-1 Metric: 10, Priority: 64, Circuit ID: XR3.03
    DR ID: XR3.03
    Level-1 IPv6 Metric: 10
    Number of active level-1 adjacencies: 1
    Next IS-IS LAN Level-1 Hello in 5 seconds

ISIS Network Types

A last word on the basic ISIS configuratio – network types. In OSPF there is some network types that defines how the router will behave with its neighbor. ISIS works the same way except there is only two types of… network type:

  • LAN
  • Point to Point

With a LAN network type, which is by default on Ethernet link, a DIS will be elected. The DIS is very similar to a DR in OSPF with some differences:

  • There is no backup DIS in ISIS
  • There is no adjacency optimization with the DIS in ISIS
  • The DIS Role is preemptive in ISIS

In the ISIS database, the DIS will be considered as a pseudonode and from an exterior point of view, the routers which are attached to a LAN network type will be seen as attached to the DIS. The Network type can be change under the interface :

On IOS (R1) :

interface GigabitEthernet0/13
 ip address 172.16.13.1 255.255.255.0
 ip router isis
 isis circuit-type level-1
 isis network point-to-point
end

On IOS-XR (XR3) :

router isis 0
 is-type level-1
 net 49.0001.0000.0000.0033.00
 interface GigabitEthernet0/0/0/11
  point-to-point
  address-family ipv4 unicast

The DIS election is based on the priority. Cisco sets the default priority to 64 and a router with a priority of 0 does not participate to the election. The highest the priority the better the chances are to be elected DIS. In ISIS, the tie-breaker is the highest MAC Address. ON IOS the details can be found with a show clns interface :

R1#sh clns interface G0/2 | i DR|Priority
    Level-1 Metric: 10, Priority: 64, Circuit ID: R1.02
    DR ID: 0000.0000.0000.00
    Level-2 Metric: 10, Priority: 64, Circuit ID: R2.01
    DR ID: R2.01

On IOS-XR the details can be found with a show isis interface :

RP/0/0/CPU0:XR3#sh isis interface G0/0/0/11 | in "LAN ID|Priority"
    LAN ID:                 XR3.05
    Priority (Local/DIS):   64/64

Of course if the network is specified as point-to-point, no DIS will be elected. In the current lab, XR3 is the DIS as seen in the LAN ID information for IOS-XR or DR ID on IOS. This can be changed with the priority. On IOS the configuration is done under the interface with the command isis priority :

interface GigabitEthernet0/13
 ip address 172.16.13.1 255.255.255.0
 ip router isis
 isis circuit-type level-1
 isis priority 127
end

On IOS-XR the configuration is done under the routing process under the sub-configuration of the interface with the command priority :

router isis 0
 interface GigabitEthernet0/0/0/11
  priority 0
  address-family ipv4 unicast

Leave a Reply

Your email address will not be published. Required fields are marked *