introduction to intermediate system-to-intermediate systen protocol
TRANSCRIPT
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 1/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 1 of 25
Overview
Introduction to IntermediateSystem-to-Intermediate System Protocol
In recent years, the IS-IS routing protocol
has become increasingly popular, w ith
w idespread usage among Service Providers.
It is a link state protocol, w hich enables
very fast convergencew ith large scalability.
It is also a very exible protocol a nd ha s
been extended to incorporate leading edge
features such as MPLS Trafc Engineering.
The IS-IS routing protocol is a link-state
protocol, as o pposed to distance-vector
protocols such as Interior Ga tewa y Routing
Protocol (IG RP) and Routing Information
Protocol (RIP). Link-state offers several
adva ntages over d istance-vector protocols.
It is faster converging, supportsmuch larger
internetw orks, a nd is less susceptible to
routing loops. Features of IS-IS include:
• Hiera rch ica l rout ing• Classless behavior
• Rapid ooding of new information
• Fast Convergence
• Ver y sca la ble
• Flexible t imer tuning
• Cisco IOSimplementationof multi -area
routing
• Cisco IOS implementation of
route-leaking
• Cisco IOS implementation of
overload-bit
Intermediate System-to-Intermediate
System (IS-IS) Protocol is an intradomain
Open System Interconnection (OSI)
dyna mic routing protocol specied
in International Organization for
Standa rdization (ISO) 10589. The
protocol is designed to operate in OSI
C onnectio nless Netw ork Service (CLN S).
Data is carried using the protocol specied
in ISO 8473.
A tw o-level hierar chy is used to support
largerout ing domains. A largedomain maybe administratively divided into areas. Each
system resides in exactly one area. 1 Routing
w ithin an a rea is referred to as Level 1
routing. R outing betw een a reas is referred
to as Level 2 routing. A Level 2
Intermediate System (IS) keeps track of the
paths to destination areas. A Level 1 IS
keeps track of the routing w ithin its own
area. For a packet destined for ano ther
area, a Level 1 IS sends the packet to the
nearest Level 2 IS in itsow n area, regardlessof w hat the destination area is. Then the
packet travels via Level 2 routing t o the
destination a rea, w here it may t ravel via
Level 1 routing to the destination. It should
beno ted tha t selec ting an ex it f rom an area
based on Level 1 routing to theclosest Level
2 IS might result in suboptimal routing. 2
1. Multiarea support per Intermediate System wasintroduced in later implementations of IS-IS toaccommoda te OSI telecommunications mana gementnetworks needs, but this functiona lity is generally notuseful for IP netwo rk design.2. A new extension proposed in D omain-W ide Prex D istribution with Mult i-Level IS-IS [RFC 2966], allowsrouting informat ion ava ilable at Level 2 to be leakedinto a stub area relying on Level 1 routing. Thismechanism addresses thesuboptimalrouting problem inan Integrated IS-IS environment at the expense ofscalability. However, it does not apply to a CLNSenvironment.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 2/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 2 of 25
On broa dcast multiaccess media (LAN), a D esignated Intermediate System (DIS) is elected and w ill conduct the
ooding over themedia. The DIS isanalogousto thedesignated router in Open Shortest Path First (OSPF) Protocol,
even though the details including election process and adjacencies within a multiaccessmedia differ signicantly.The
DIS is elected by priority. The highest priority becomes the DIS. Thisis congurable on an interfacebasis. In the case
of a tie, the router with the highest SNPA (M AC) address will become the DIS.
CLNS
OSI C LNS is a netwo rk layer service similar to bare IP service. A CLNS entity com municates over C onnectionless
Netw ork Proto col (CLN P) with its peer CLNS entity.
In the O SI architecture there are “ systems” : R outers are ISs, a nd ho sts are End Systems (ESs).
ESs themselves have no routing information; they discover ISs (routers) by listening to Intermediate System Hellos
(ISHs)and sending trafc to any random router. ESs send End System Hellos(ESHs); they do not choose a designated
router to hand le all traf c, and o ptimal routing is accomplished via redirects.
ISs discover ESs by listening to ESHs, and ISs send ISHs to ESs.
There is no AddressR esolution Protocol (ARP), Internet Control Message Protocol (ICMP) or Interdomain Routing
Protocol (IDRP) for CLNS, but End System-to-Intermediate System (ES-IS) Protocol provides the same kind of
reporting functions for ISs and ESs. The ES-IS Protocol is dened in ISO 9542.
IS-ISis an Interior Gateway Protocol (IGP)for rout ing OSI. IS-ISpackets are not encapsulated in CLNS or IP but are
encapsulated directly in the data-link layer. The IS-IS protocol family is OSI, and values such as 0xFE and 0xFEFE
are used by t he data -link protoco l to identify the Layer 3 protocol as O SI.
Tab le 1 show s a basic compa rison of IP a nd O SI services.
Table 1 Comparing IP and OSI Services
Basic connectionless service:IP (RFC 791) CLNS (ISO 8473)
Neighbor greeting and errorReports to source about packet delivery:ICMP (RFC 792)ARP (RFC 826), IRDP (RFC 1256)
CLNP (ISO 8743)ES-IS (ISO 9542)
Routing:Integrated IS-IS (RFC 1195)Participants are routers and hosts
IS-IS (ISO 10589)Participants are ISs and ESs
IP autonomous system ISO routing domain
Interior Gateway Protocol (IGP) Intradomain Routing Protocol
Exterior Gateway Protocol (EGP)Border Gateway Protocol (BGP) for IP (RFC 1105)Static IP routes
Interdomain Routing Protocol (IDRP)ISO IDRP (proposal)Static CLNS routes
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 3/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 3 of 25
Integrated or Dual IS-IS
The IS-IS Routing Protocol may be used as an IGP to support IP as well as OSI. This al lows a single rout ing protocolto be used to support pure IP environments, pure OSI environments, and dual environments. Integrated IS-IS is
deployed extensively in an IP-only environment in the top-tier Internet service provider (ISP) networks. The IS-IS
w orking g roup o f the Internet Engineering Task Force (IETF) developed the speci cat ion fo r Integra ted IS-IS
(RFC 1195).
Two primary methods are avail ab le fo r rou ting protoco ls to suppor t dua l OSI and IP rou ters. One method , known
as “ Ships in theNight,” makes use of completely independent rout ing protocols for each of the two protocol suites.
This speci cation presents an a lternative approach, w hich makes use of a single integrated protoco l for interior
routing (that is, for calculating routes within a routing do main) for both prot ocol suites.
By supporting both IP and OSI tra f c, this integrated protocol design supports traf c to IP hosts, OSI end systems,
and dual end systems. The IS-IS Protocol can be used to support pure-IP environments, pure-OSI environments, and
dual environments. IS-IS al lows the interconnection of dual (IP and OSI) rout ing domains with other dual domains,
with IP-only domains, and with OSI-only domains.
IS-IS Operations
From a high level, IS-IS operates as follow s:
• Routers running IS-IS will send hel lo packets out al l IS-IS-enabled interfaces to discover neighbors and establish
adjacencies.
• Routers sharing a common data link wi ll become IS-IS neighbors if thei r hello packet s conta in in fo rmation tha t
meets the criteria for forming an adjacency. The criteria differ slightly depending on the typeof media being used
(p2p or broadcast). The main criteria are matching authentication, IS-type and MTU size).
• Routers may build a link-state packet (LSP) based upon their local interfaces that a re con gured for IS-IS andprexes learned fro m ot her adjacent routers.
• G enerally, routers o od LSPs to all adjacent neighbors except the neighbor from which they received the same
LSP. H ow ever, there are different forms of o oding and also a number of scenarios in w hich the ooding
operation ma y differ.
• All routers will construct their link-state database from these LSPs.
• A shortest-path tree (SPT) is calculated by each IS, and f rom this SPT the routing table is built.
IS-IS Data-Flow Diagram
In IS-IS, routers may have adjacencies with other routers on point-to-point links. In a LAN environment, routers
report their adjacencies to a D esignated Intermediate System (DIS), w hich generates an add itional LSP, commo nly
known as thepseudonodeLSP. The DIS isresponsible for conducting ooding over the LAN and also for maintaining
synchronization.
The ow of informatio n w ithin the IS-IS routing function is represented by the IS-IS data -ow diagra m (Figure 1),
which consists of four processes and a Routing Information Base (RIB). The RIB consists of the l ink-state database
and t he forw arding d ata base. The four processes in the IS-IS data -o w diagra m are: receive, update, decision ,
and forward.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 4/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 4 of 25
Figure1 IS-IS Data-Flow Diagram
The receive process isthe entry point for all data, including user data, error reports, routing information, and control
packets. It passes user data and error reports to the forw ard process and passes routing information a nd control
packets (hellos, LSPs, and sequence number packets) to the update process.The update process generates local link information tha t is ood ed to a djacent routers; in add ition, the update
process receives, processes, and forwards link information received from adjacent routers. This process manages the
Level 1 a nd Level 2 link-state da tab ases and ood s Level 1 and Level 2 LSPs throughout a n area.
Each LSP that resides in the link-state database has a remaining lifetime, a checksum, and a sequence number.
The LSP remaining lifetime counts down from 1200 seconds (20 minutes)to 0. The LSP originator must periodically
refresh i ts LSPs to prevent theremaining l ifet ime from reaching 0. The refresh interval is15 minutes, with a random
jitter of up to 25 percent. If the remaining lifetime reaches 0, the expired LSP will be kept in the database for an
additional 60 seconds (known as ZeroAgeLifetime) before it is purged.
If a router receives an LSP w ith an incorrect checksum, the router w ill cause a purge of the LSP by setting the
remaining lifetime value to 0, removing the bod y a nd reo oding it. This triggers the LSP originator to send a new LSP. This behavior is different from that of OSPF, where only the originating router can purge an LSP. IS-IS can be
con gured so that LSPs w ith incorrect checksums are not purged, but the router that o riginated the LSP will not
know that the LSP was not received.
The decisio n process runs shortest-path-rst (SPF) algorithm on the link-state database, and creates the forwarding
database. I t computes next-hop information and computes sets of equal-cost paths, creat ing an adjacency set that is
used fo r load bala ncing. On a Cisco router, IS-IS supports load b alancing over and up to six equa l-cost paths.
The forward process gets itsinput from the receive process and uses theforwarding database to forward data packets
tow ard their destination. It also redirects load sharing and generates error reports.
Areas and the Rou t ing Dom ainAn IS-IS rout ing domain is similar to a BGP autonomous system. A rout ing domain is a col lection of areas under an
administration t hat implements routing policies w ithin the doma in.
Backbone
IS-IS does not have a backbone area like the OSPF area 0. The IS-IS backbone is a contiguous collection of Level
2-capable routers, each of which can be in a different area (Figure 2).
Input
Update
Decision Output
Forward
Link-State Database
Forwarding Database
Routing Information BaseRECEIVER
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 5/25
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 6/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 6 of 25
Figure 4 IS-IS Areas: Area Borders Are on Links Between Routers
IS-IS has a two-level hierarchy. Contiguous Level 2-capable routers form the backbone. Both Level 2 and Level 1
routers live in a reas. R outers ca n be Level 1 (L1), Level 2 (L2), o r bo th (L1/L2). Within C isco IO S ® Software, the
defaul t congurat ion isboth Level 1 and Level 2 at thesame timew hich al lows an IS-ISnetwork to run with minimal
conguration in a plug-and-play fashion. Level 2-capable routers connect all areas within a routing domain. Level 2
routers ad vertise their ow n area ad dresses (NSAP) to t he other Level 2 routers in the backbo ne. All Level 1 rout ers
and ho sts in an a rea must have an NSAP with the same area ad dress.
Level 1 Router
A Level 1 router knows thetopology only of i ts own area and has Level 1 or Level1/Level2 neighbors in th is area. I t
has a Level 1 link-state da taba se with a ll the information for intra -area ro uting. It uses the closest Level 2-capablerouter in its ow n area to send packets out of the area, a scenario tha t may result in suboptimal routing.
Figure 5 provides an example of sub-opt imal rout ing: The cost on al l l inks is 10. Router A (L1) in Area X will send
al l t rafc dest ined for outsideArea X to Router B (L1/L2) because Router B is the closest L1/L2 neighbor. Router B
isdirectly connected to Area Y. Router C, also L1/L2, is in Area X and isdirectly connected to Area Z. Router A will
send packet s dest ined fo r Area Z to Router B , and because Router B , Router E, and Router C arebackbone rou ters,
Router B wi ll send this packet to Router C through Router E fo r del ivery into Area Z. Themore opt imal path wou ld
be for Router A to send the packet directly to R outer C thro ugh Router D .
Figure 5 Example of Sub-opt imal Routing
Area 3 Area 1
Area 2
Area 4
L1 L1L1/L2
L1L1
L1/L2
L1L1/L2
L1 L1
L2 L2
Area 3Area Y
Router B
Router E
Area XRouter A
Router C
Router D
Area Z
L1/L2 L1/L2
L1/L2 L1/L2
L1 L1
L1/L2
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 7/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 7 of 25
This mechanism is used to inform the Level 1 router about the closest Level 2-capable router:
A Level 1 /Level 2 rou ter tha t i sa t t ached to another a rea wi ll set the “ a t tached b it” in it s Level 1 LSP; a ll the Level 1ISs in an area wi ll get a copy of thi sLSP and know where to fo rward packet s to dest ina tions out side the area . I f the
routers are running Integrated IS-IS, a defaul t IP route wil l automatically be installed in theLevel 1 routers point ing
tow ard the nearest Level 1/Level 2 router th at origina lly set the a tta ched bit in its Level 1 LSP. A Level 1/Level 2
router that is not a ttached to anot her area can also detect that a Level 2-only neighbor is attached to a nother area
and set the “ atta ched bit” on behalf of this Level 2-only neighbor.
If there is more than one point to exit the area (multiple Level 2-capable routers), the closest Level 1/Level 2 router
is selected based on the cost. If there are two equal cost paths then the traf c may loa d ba lance over the tw o pat hs.
Level 2 Router
A Level 2 router may ha ve neighbors in the same or in d ifferent a reas, and it has a Level 2 link-state da taba se with
al l information for inter-area rout ing. Level 2 routers know about other areas but will not have Level 1 information
from its own area. In the OSI world, a router must know the topology of its own area; so a Level 2 router should
not be con gured when only O SI traf c is being routed. If the traf c in an area is IP-only, all the routers can be
con gured as Level 2.
Level 1/Level 2 Router
A Level 1/Level 2 router may haveneighbors in any area. It has two link-state databases: a Level 1 link-state database
for intra-area routing and a Level 2 link-state database for inter-area routing. A Level 1/Level 2 router runs two SPFs
and may require more memory a nd processing as a result.
A Level 1/Level 2 router running Integrated IS-IS will leak all the IP subnets from Level 1 into Level 2; these subnets
can be summarized w here this is desirab le.
When designing a network (see gure 6), careshould be taken to choosethe correct setting, Level 1, Level 2, or Level
1/Level 2. When IS-IS is con gured o n a C isco ro uter, the defa ult sett ing is Level 1/Level 2.
All IS-IS areas are “ stub” areas, although with Cisco IOS Software Release12.0T, it has becomepossibleto leak Level
2 routes into Level 1, creating a sort of IS-IS not-so-stubby area.
Figure 6 A simple network running IS-IS as a routing protocol
L1
L1
L1
Area 2 Area 3
Area 4Area 1
L1
L2
L1/L2
L1/L2
L1/L2
L1/L2
L1/L2
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 8/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 8 of 25
N S A P A d d r es s e s
NSAP is the netw ork-layer ad dress for C LNS packets. An NSAP d escribes an a ttachment to a pa rticular service at
the netw ork layer of a node, similar to the combination of IP destination add ress and IP proto col number in an IP
packet. N SAP encoding a nd fo rma t are speci ed by ISO 8348/Ad2.
ISO 8348/Ad2 uses the concept o f hierar chical a ddr essing do main s. The globa l domain is th e highest level. This
global domain is subdivided into sub-domains, and each sub-domain is associated with an addressing authority that
has a unique plan for constructing NSAP a ddresses.
An NSAP ad dress (gure 7) has tw o major pa rts: the initial dom ain part (IDP) and the domain speci c part (DSP)
(Figure 7). The IDP consists of a 1-byte authority and forma t identi er (AFI) and a variable-length initial d omain
ident ier (IDI), and the DSP is a str ing of digi ts ident ify ing a part icular t ransport implementation of a specied AFI
authority. Everything to the left of the system ID can be thought of as the area ad dress of a network no de.
Figu re 7 The NSAP add res s
A netw ork entity title (NET) is an N SAP wit h an n-selector of zero. All router NETs have an n-selector of zero,
implying the netw ork layer o f the IS itself (0 means no tra nsport layer). For this reason, t he NSAP of a router is
alw ay s referred to as a N ET. The NSEL (NSAP selector) is like a TCP po rt numb er: It indica tes the transpor t lay er.
Routers are identied with NETs of 8 to 20 bytes. ISO/IEC 10589 distinguishes only three eldsin the NSAP address
forma t: a variable-length area a ddress beginning w ith a single octet, a system ID , a nd a 1-byte n-selector. C isco
implements a xed length of 6 by tes for the system ID, w hich is like the OSPF router ID .
The LSP ident ier is derived from thesystem ID (along with thepseudonodeID and LSP number). Each IS isusual ly
con gured with o ne NET and in o ne area; each system ID w ithin an area must be unique.
The big difference between NSAP style add ressing and IP style add ressing is that, in general, t here will be a single
NSAP ad dress for the entire router, w hereas wit h IP there will be one IP ad dress per interfa ce. All ISs and ESs in a
rout ing domain must have system IDs of thesamelength . All routers in an area must have thesamearea address. All
Level 2 routers must have a unique system ID domain-wide, and all Level 1 routers must have a unique system ID
area-wide. All ESs in an area w ill form an a djacency with a Level 1 router on a shared media segment if they share
the same area address. If multiple NETs are congured on the same router, they must all have the same system ID.
There are several techniques for creating unique system IDs:
• Start numbering 1, 2, 3, 4, and so on.
• Use Media Access Control (MAC) addresses.
• Co nvert and use the loopback IP ad dress: 192.168.11.1 --> 192.168.011.001--> 1921.6801.1001.
IDP DSP
AFI IDI NSELHigh Order DSP
Variable Length Area Address 6 bytes 1 byte
Used by Level 2 Routing
• An NSAP Consists of 3 Parts:Area Address, System ID, and NSAP Selector
• Total Length Between 8 and 20 BytesExample: 49.0001.0000.0000.0007.00
Used by Level 1Routing
System ID
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 9/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 9 of 25
The pract iceo f using a mod ied loopback IP address as the system ID may now be considered outdated because o f
the dynamic hostname feature. This feature uses a new Type Length Value (TLV 137) to map the router ’s hostname
to the system ID.
Three NSAP formats are i llustrated in Figure 8. The rst isa simple 8-octet area ID/system ID format . The second is
an O SI NSAP forma t, and the third is a G overnment OSI Pro le (GO SIP) NSAP format.
Figu re 8 Three NSAP Format s
If an of cial prex is not required, you can use AFI 49, which d enotes private ad dress space, like IP add ress space
for private Internets as de ned in RFC 1918.
The AFI has a b inary value between 0 and 99; this va luespec ies the IDI fo rmat and the DSP syntax. The DSP is in
binary f ormat , a nd the ID P is in decimal. ISO recognizes seven top-level netw ork a ddressing autho rities; each
authority has its own addressing format represented by the IDI format eld.
Cisco technology supports all NSAP forma ts that are de ned by ISO 8348/Ad2.
It ispossibleto conguremult ip le NETs on a router, but no router isever in more than onearea. Conguring multiple
NETs causes theareasto merge into a common area, leaking the Level 1 databases into each other. The only reasons
to have multiple NETs are for spli tt ing, merging, or renumbering areas; th is method should only be used in periods
of transition. Cisco Systems limits the number of congurable NETs to three per router.
Packe t Types , Ne ighbor s , F lood ing , and A djacenc ies
Packet Types
There are four general types of packets, and each type can be Level 1 or Level 2.
• Intermediate System-to-Intermediate System Hello (IIH)—Used by routers to detect neighbors and form
adjacencies. In addit ion to theIIH, which isan IS-ISprotocol data uni t (PDU), thereis an ISH and an ESH, which
are End System-to-Intermedia te System (ES-IS) PDU s.
Area System ID SEL
07.0000.3090.c7df.00AreaDomain System ID SEL
47.0004.30ac.0007.0000.3090.c7df.00AreaRDIReservedAAIDFIAFI
AFI: Authority and Format IdentifierICD: International Code DesignatorDFI: Domain Specific Part (DSP) Format IdentifierAAI: Administrative Authority IdentifierRDI: Routing Domain Identifier (Autonomous System Number)SEL: Network Service Access Point (NSAP) Selector
ICD System ID
(a)
(b)
(c)
SEL
47.0005.80.0000a7.0000.ffdd.0007.0000.3090.c7df.00
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 10/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 10 of 25
• Link-state packet (LSP)—There are four types of LSPs: Level 1 pseudonod e, Level 1 nonpseudonod e, Level 2
pseudonod e, and Level 2 nonpseudonod e.
• Complete sequence number PD U (CSNP)—CSNPs contain a list of all LSPs from the current data base. CSNPs
are used to inform other routers of LSPs that may be outdated or missing from their own database. This ensuresthat all routers have the same informat ion and are synchronized. The packets are similar to a n O SPF datab ase
description packet.
• Partial sequence number PDU (PSNP)—PSNPs are used to request an LSP (or LSPs) and acknowledge receipt of
an LSP (or LSPs).
The following informa tion is included in IIH PD Us:
• Whether the PDU is a point-to-point (WAN) PDU o r a LAN PDU.
• Source ID—System ID of the sending router.
• Ho ld ing t ime—Timeper iod to wai t to hear a hello befo re declar ing the neighbor dead . Similar to the OSPF dead
interval, t he default va lue is three times the hello interva l but ca n be chang ed w ith the IS-IS hello-multiplier
command.
• Circuit type indicating whether the interface on w hich the PDU w as sent is Level 1, Level 2, or Level 1/Level 2.
• PD U length.
• Local circuit ID on the sending interface (in point-to-point hello PDUs).
• LAN ID —System ID of the DIS plus the pseudonode ID (circuit ID) to differentiate LAN ID s on the same DIS.
• Priori ty—Higher isbetter. Used in DIS election (in LAN hello PDUs, there isno DR (Designated Router)election
on a point-to-point link).
By default, IS-IS hellos are padded to the full maximum transmission unit (MTU) size.
The benet of padding IIHs to the ful l MTU is early detection of errors caused by transmission problems with large
frames or M TU mismatched on adjacent interfaces.
The draw backs of IIH padd ing are that on high-speed interfaces it could be a strain on huge buffers, a nd on
low-speed interfaces large hello PDUs waste bandwidth. This could affect time-sensitive applications such as voice
over IP (VoIP).
The padding of IS-IS hellos can be turned off (in Cisco IOS Software Release 12.0[5]Ta nd 12.0[5]S)for all interfaces
on a router with the no hello padd ing command in router con guration mod e for the IS-IS routing process, or
selectively turned o ff fo r point-to-point or multipoint interfaces w ith the no hello pad ding multipoint or no hello
padding point-to-point command in router conguration mode for the IS-IS routing process. Hello padding can also
be turned off on an individual interface basis using the no i sis hello padding interface conguration command.
Table 2 Hello Message Types
1 Point-to-Point IIH Part of the IS-IS spec 10589; used by routers to form adjacencies
2 Point-to-Point IIH Part of the IS-IS spec 10589; used by routers to form adjacencies
3 Point-to-Point IIH Part of the IS-IS spec 10589; used by routers to form adjacencies
4 ESH Part of the ES-IS spec 9542; similar to ICMP Router Discovery Protocol (IRDP) in TCP/IP; used for routers (ISs) and End Systems (ESs) to detect each other
5 ISH Part of the ES-IS spec 9542; similar to IRDP in TCP/IP; used for ISs and ESs to detecteach other
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 11/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 11 of 25
Even though a router sends IIH to a router it know s is connected to a link, it w ill also send an ISH.
Figure 9 IS-IS LA N Level 1 and Level 2 IS-IS Hello Packet Format
IS-IS LAN hello elds:
• Intrado main Routing Proto col discriminator—The netwo rk-layer identier assigned to IS-IS in ISO 9577; its
binary value is 10000011 (0x83).
• Length indicator—This is the length of the xed header in octets.
• Version—It currently has value of 1.
• ID length—Length of the system ID eld; must be the same for all nodes in the doma in. If this is set to zero, it
implies 6 octets.
• PD U Types—Values are 15 and 16 for Level 1 and Level 2 LSPs, respectively.
• Version—Value is 1.• Ma ximum area add resses—Number of area ad dresses permitted for this IS area. Values are between 1 and 254
for a ctual number; 0 implies maximum o f three.
• Reserved/circuit type—Top 6 bits reserved; botto m 2 bits va lue = 0 indicates reserved; value = 1 indicates Level
1; value = 2 indicates Level 2; value = 3 indicates Level 1 and 2.
• Source ID—System ID of transmitting router.
• Ho lding time—Holding time as congured on this router.
• PDU length—Length of the entire PDU, xed header, and TLVs.
INTRADOMAIN ROUTINGPROTOCOL DISCRIMINATOR
LENGTH INDICATOR
VISION/PROTOCOL ID EXT
ID LENGTH
R R R TYPE
VERSION
RESERVED
MAXIMUM AREA ADDRESS
RESERVED/CIRCUIT TYPE
SOURCE ID
HOLDING TIMER
PDU LENGTH
VARIABLE-LENGTH FIELDS
RES PRIORITY
LAN ID
1No. of Octets
1
1
1
1
1
1
1
1
6
2
2
VARIABLE
1
7
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 12/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 12 of 25
• Reserved /p rio rity—Bit 8 reserved ; b it 1 i s used fo r p rio ri ty fo r being the Level 1 o r Level 2 DIS. Value i s copied
from the IIH of the DIS.
• LAN ID—A eld composed of the system ID of the DIS (1–8 octet s) p lu sa low-o rder octet assigned by the LAN
Level 1 DIS.
Notice the variable-type length elds at the bottom of the packet. This is where the TLV information is stored.
Di fferen t types o f PDUs have a set o f cur ren tly dened codes; any codes tha t a re not recogn ized aresupposed to be
ignored and passed thro ugh unchanged.
The n ine d ifferen t types o f IS-IS PDUs and the code valuefo r the opt ions tha t a reva lid fo r each o f them aredened
in Tab le 3 . Codes 1 through 10 aredened in ISO 10589 , and 128 through 133 aredened in RFC 1195. TLV Code
133 for authent ication information isspecied in RFC 1195, but Cisco technology uses theISO Code of 10 instead .
TLV Co de 4 is used f or pa rtition repair and is not supported by C isco technology.
Table 3 Valid Code Values for Nine Types of IS-IS PDUs
Level 1 LAN IS-to-IS Hello PDU Type 15
Code 1 =Area addressesCode 6 =IS neighbors (hellos)Code 8 =PaddingCode 10 =Authentication informationCode 129 =Protocols supportedCode 132 =IP interface address
Level 2 LAN IS-to-IS Hello PDU Type 16
Code 1 =Area addressesCode 6 =IS neighbors (hellos)Code 8 =PaddingCode 10 =Authentication informationCode 129 =Protocols supportedCode 132 =IP interface address
Point-to-point IS-IS Hello PDU Type 17
Code 1 =Area addressesCode 8 =PaddingCode 10 =Authentication informationCode 129 =Protocols supportedCode 132 =IP interface address
Level 1 Link-State PDU Type 18
Code 1 =Area addressesCode 2 =IS neighbors (LSPs)Code 3 =ES neighborsCode 6 =IS neighborsCode 10 =Authentication information
Code 128 =IP internal reachability informationCode 129 =Protocols supportedCode 132 =IP interface address
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 13/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 13 of 25
Figure 10 IS-IS Level 1 and Level 2 LSP Packet Format
Level 2 Link-State PDU Type 20
Code 1 =Area addressesCode 2 =IS neighbors (LSPs)Code 2 =IS neighbors
Code 4 =Partition designated Level 2 ISCode 5 =Prex neighborsCode 10 =Authentication informationCode 128 =IP internal reachability informationCode 129 =Protocols supportedCode 130 =IP external reachability informationCode 131 =IDRP informationCode 132 =IP interface address
Level 1 Complete Sequence Number PDU Type 24
Code 9 =LSP entriesCode 10 =Authentication information
Level 2 Complete Sequence Number PDU Type 25
Code 9 =LSP entriesCode 10 =Authentication information
Level 1 Partial Sequence Number PDU Type 26
Code 9 =LSP entriesCode 10 =Authentication information
Level 2 Partial Sequence Number PDU Type 27
Code 9 =LSP entriesCode 10 =Authentication information
Table 3 Valid Code Values for Nine Types of IS-IS PDUs
INTRADOMAIN ROUTINGPROTOCOL DISCRIMINATOR
LENGTH INDICATOR
VISION/PROTOCOL ID EXT
ID LENGTH
R R R PDU TYPE
VERSION
RESERVED
MAXIMUM AREA ADDRESS
PDU LENGTH
REMAINING LIFETIME
LSP ID
SEQUENCE NUMBER
CHECKSUM
TYPE LENGTH FIELDS
LSPDBOL IS TYPE
1
Octets
1
1
1
1
1
1
1
2
2
ID Length +2
4
VARIABLE
2
1P ATT
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 14/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 14 of 25
LSP format elds:
• Intradomain Routing Protocol discriminator—This is thenetwork-layer ident ier assigned to IS-IS in IS O9577;its binary value is 10000011.
• Length indicator—Length of the x ed header in octets.
• Version—Currently has value of 1.
• ID len gt h—Leng th o f t he sy st em ID eld . M ust b e t he sa me f or a ll n od es in t he d omain ; if set t o zer o, it implies
6 octets.
• PD U types—D ecimal values are 18 and 20 for Level 1 and Level 2 LSPs, respectively.
• Version—Value is 1.
• Ma ximum area add resses—Number of area ad dresses permitted for this IS area. Values are between 1 and 254
for a ctual number; 0 implies a maximum o f three.
• PDU length—Length of the entire PDU, xed header, and TLVs.• Remaining lifetime—Time in seconds before LSP expires.
• LSPID—Consists of three components: system ID, pseudonode ID, and LSP fragmentation number. Length isID
length + 2 bytes.
• Checksum—Checksum is computed from Source ID to end of PDU.
• Partition (P)—Bit 8 o f the octet; when set, means originator of LSP supports partition repair.
• Attached (ATT)—Bits 4–7 of the octet. When any o f these bits is set, it indicates the originato r is attached to
another area using the referred metric. For example, bit 4 set implies attached using the default metric.
• LSPDBOL—Bit 3 . When set , i t indicates theoriginator’s LSP database isoverloaded and should be circumvented
in path calculations to other destinations.
• IS type—Bits 1 and 2. O nly bit 1 set indicates Level 1 IS. If both a re set, it indicates Level 2 IS.Sec tion 9 of RFC 1142 (a rewr it e o f ISO 10589)g ives the deta il abou t the packet layou ts fo r each typeo f IS-ISPDU
as well as theTLV information supported for each type. The rst eight octets of al l IS-IS PDUs are header elds that
arecommon to al l PDU types. As Figure 11 indicates, theLevel 1 and Level 2 PDUs are ident ical, except for thePDU
type, w hich diff erentiates them as either Level 1 or Level 2.
The lengths for the various ID elds in the PDUs: “ LSP ID, SOUR CE ID , START LSP ID and EN D LSP ID ” all
assume tha t the length o f the system ID is xed a t 6 bytes. Under the co lumn fo r the number o f octet s, an “ 8” means
“ ID LENG TH + 2,” a “ 7” means “ ID LENG TH + 1,” and a “ 6” means “ ID LENGTH.” The protocol allows the
system ID to vary f rom three to eigh t bytes, but in pract icea six -byte system ID is a lways used . I f the ID LENGTH
eld is 0, it means that the system ID is using the default length of six bytes.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 15/25
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 16/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 16 of 25
Adjacency Building
Neighbors on point-to-point networks always become adjacent unless they do not seethemselves in their neighbors’hello PDU and match on certain parameters. On broadcast networks and nonbroadcast multiaccess (NBMA)
netwo rks, the DIS (D esignated Intermediate System) w ill become ad jacent w ith its neighbors.
Tw o ro uters will become neighbors if the follow ing para meters are agreed upon:
• Level 1—Thetwo rou ters shar ing a common network segmen t must have thei r inter faces congured to be in the
same area if they are to have a Level 1 a djacency.
• Level 2—The two ro uters sharing a common netw ork segment must be congured as Level 2 if they are in
different areas and w ant t o become neighbors.
• Authentication—IS-IS allows for conguration of a passwo rd for a specied link, for an area, or for an
entire domain.
The L ink-S ta t e Da tabase and Re l i ab le F lood ing
Link-State Database
All valid LSPs received by a router are stored in a link-state database. These LSPs describe the topology of an area.
Routers use this link-state database to calculate its shortest-path tree.
LSPs and Reliable Flooding
Each router oods i ts LSPs to adjacent neighbors, and theLSPs arepassed along unchanged to other adjacent routers
until all the routers in the area have received them. All the Level 1 LSPs received by one router in an area describe
the topology of the area.
The IS-IS l ink-state database consists of al l the LSPs therouter has received. Each node in thenetwork maintains anidentical link-state da taba se. A change in the topo logy means a change in one or more of the LSPs. The router that
has experienced a link going up or d ow n w ill resend its LSP to inform the other routers of the change.
The LSP seq uence number is increased by one to let the other rout ers know tha t the new LSP supersedes the older
LSP. When a router rst originates an LSP, the LSP sequence number is 1. If the sequence number increases to the
maximum (oxFFFFFFFF), the IS-IS process must shut down for at least 21 minutes (MaxAge + ZeroAgeLifetime) to
allow the old LSPs to age out of all the router databases.
Flooding is the process by which these new LSPs are sent throughout thenetwork to ensure that thedatabases in al l
routers remain identical.
When a rou ter receives a new LSP, it oods thi sLSP to it s neighbors, except the neighbor tha t sen t the new LSP. On
point-to-point links, theneighbors acknowledge thenew LSP with a PSNP, which holds theLSP ID, sequence number,checksum, and remaining lifetime. When the acknowledgment PSNP is received from a neighbor, the originating
router stops sending thenew LSP to that part icular neighbor al though it may continue to send thenew LSP to other
neighbors that have not yet acknowledged i t. On LANs there is no explici t acknowledgement with a PSNP. Missing
LSPs are detected w hen a C SNP is received and the list of LSPs within the CSN P is compared w ith the LSPs in a
router’s ow n da taba se. If a ny LSPs are missing or outd ated, t he router will send a request for these in the form of
a PSNP.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 17/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 17 of 25
If a router receives an LSP that has an older sequence number than the one in its IS-IS database, it sends the newer
LSP to t he router that sent the old LSP and keeps resending it until it receives an a cknowledgment PSNP from t he
originator of the old LSP.
LSPs must be ooded throughout an area for thedatabases to synchronizeand for theSPF tree to beconsistent within
an area . I t is not possible to con trol wh ich LSPs areooded by using a d ist ribu te l ist , a lthough i t i spossib le to use a
routemap to control w hich routes are redistributed into IS-IS from ano ther routing protocol.
Network Types
The types of netw orks tha t IS-IS denes include:
• Point-to-point networks
• B ro a dca st n et w o rks
Point -to-point netw orks, such as serial lines, connect a single pair of ro uters. A router running IS-IS w ill form a n
adjacency with the neighbor on theother side of a point-to-point interface. A DIS is not elected on this type of l ink.
The basic mechanism dened in the standard is that each side of a point-to-point link declares the other side to be
reachable if a hello pa cket is received f rom it. When this occurs, each side then sends a CSNP to trigger data base
synchronization.
Broadcast networks, such as Ethernet, Token Ring, and Fiber Distributed Data Interface (FDDI), are multiaccess in
that they are a ble to connect more tha n tw o d evices; all connected routers will receive a packet sent by one router.
On broadcast networks, oneIS will elect i tself theD IS. Hello packets on broadcast networks are sent to theAllL1ISs
or AllL2ISs MAC-layer broa dcast a ddresses. The D IS is responsible for ood ing; it w ill create a nd ood a new
pseudonod e LSP for each ro uting level it is participating in (Level 1 or Level 2) and fo r each LAN to w hich it is
connected. A router can be the D IS for a ll connected LANs or a subset of connected LANS, depending on the
con gured priority or, if no priority is congured, the Layer 2 add ress. The DIS w ill also create and ood a new pseudonod e LSP w hen a neighbor a djacency is established or t orn d ow n or the refresh interval timer for this LSP
expires. The D IS mechanism reduces the amo unt o f ood ing on LANs.
NB M A netw orks, such as Frame Relay, Asynchron ous Tran sfer Mod e (ATM ), and X .25, can conn ect multiple
devices but have no broadcast capabil ity. All theother routers at tached to thenetwork will not receive a packet sent
by a router. Special consideration should be taken when conguring IS-IS over NBMA networks. IS-IS considers these
med ia to be just like any o ther b roadcast med ia such as Ethernet o r Token Ring. In genera l, it i s bet ter to congure
point-to-point netw orks on WAN interfa ces and subint erfaces.
Unlike OSPF, no conguration is necessary to tell IS-IS what the network type is.
Designa ted In t e rmed ia t e Sys tem and Pseudonodes
The idea behind the DIS is similar to that behind the designated router in OSPF. The DIS creates a pseudonode (a
virtual node), and all the routers on a LAN, including the DIS, form a n adjacency w ith the pseudonode instead of
forming n*(n-1) order adjacencies with each other in a full mesh.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 18/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 18 of 25
On a LAN, one of the routers will elect itself the D IS based on interface priority (the default is 64). If a ll interface
priorities are the same, the router with the highest subnetwork point of attachment (SNPA) is selected. MAC
addresses are theSNPA on LANs. On Frame Relay networks, the local data-l ink connection ident ier (DLCI) is the
SNPA. If the SNPA is a D LCI a nd is the same at bot h sides of a link, the router w ith the higher system ID (in the
NSAP address) will become the DIS.
A pseudonode LSP represents a LAN, including all ISs attached to that LAN, just as a non-pseudonode LSP
represents a rout er, including a ll ISs and LANs connected w ith the rout er.
Figu re 12 The pseudonode concept
The DIS election ispre-emptive (unlike with OSPF). If a new router boots on theLAN with a higher interfacepriority,
it becomes the DIS, purges the old pseudonode LSP, a nd a new set of LSPs will be o oded.
The DIS sends CSNPs descr ib ing a ll the LSPs in the da tabase every 3 seconds. I f a rou ter needs an LSP because i t is
o ld er t ha n t he L SP a d ver tised b y t he D I S i n it s C S N P o r it is missin g a n LSP t ha t is list ed in t he C SN P, it w i ll sen d a
PSNP to the DIS and receive the LSP in return. This mechanism can w ork bot h w ays: If a router sees that it has a
newer version o f an LSP, o r it hasan LSP tha t the DIS does not adver tise in i ts CSNP, the rou ter wi ll send the newer
or missing LSP to the D IS.
Metr i cs
The original IS-IS specication denes four different types of metrics. Cost, being the default metric, is supported by
all routers. Delay, expense, and error are optional metrics. The delay metric measures transit delay, the expense
metric measures the monetary cost of link utilization, and the error metric measures the residual error probability
associated with a link.
The Cisco implementation uses cost only. If the optional metrics were implemented, there would be a link-state
dat aba se for each metric and SPF would b e run for each link-state data base.
Default Metric
While some routing protocols calculate the link metric automa tically based on band w idth (OSPF) or ba ndw idth/
delay (Enhanced Interior G atew ay R outing Proto col [EIG RP]), there is no automa tic calculation f or IS-IS. Using
old-sty le metrics, an interface cost is between 1 and 63 (6 bit metric value). All l inks use themetric of 10 by defaul t.
Thetotal cost to a dest inat ion is thesum of thecostson al loutgoing interfaces along a part icular path from thesource
to the destination, a nd t he least-cost paths a re preferred.
RTA RTARTD (DIS)
PSTN
RTB RTB
RTD (DIS)
RTCRTC
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 19/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 19 of 25
The total pa th metric wa s limited to 1023 (the sum of a ll link metrics along a pa th betw een the calculating router
and any other node or prex). This small metric value proved insufcient for large networks and provided too l it t le
granularity for new features such as Trafc Engineering and other applications, especially with high bandwidth links.
Wide metrics are also required if route-leaking is used.
Extended Metric
Cisco IOS Software addresses th is issue with the support of a 24-bit metric eld , the so-called “ wide metric”. Using
the new metric style, link metrics now have a maximum va lue of 16777215 (224-1) with a tota l path metric of
4261412864 (254 x 2 24 ).
Deploying IS-ISin theIP network with wide metricsis recommended to enable ner granularity and to support future
applications such as Trafc Engineering.
Running different metric styles within one network poses one serious problem: Link-state protocols calculate
loop-free routes because all routers (within one area) calculate their routing table based on the same link-state
database. This principle is violated if some routers look at old-style (narrow), and some at new-style (wider) TLVs.
However, if the same interface cost is used for both the old- and new-style metrics, then the SPF will compute a
loop-free topology.
Shor t e s t -Pa th F ir s t and L ink -S ta t e Da tabase
SPF Algorithm
This section discusses the SPF algorithm for calculating routes with the IS-IS routing protocol, for support of both
TC P/IP a nd O SI. This is ba sed on an ext ension to th e algor ithm specied in ISO /IEC 10589.
An algorithm proposed by Edsger D ijkstra know n as shortest-path rst (SPF) is the basis for the route calculation.
This algorithm computes the shortest paths from a single source vertex to all other vertices in a weighted, directed
graph. Within the Cisco IO S implementat ion, w eight assigned to bra nches of the tree is a con gurable metric and
spans 2 24 per individual link and 2 32 per path (root to leaf).
IS-IS is a link-state protocol. A distinguishing featureof a link-state protocol as it relates to distancevector protocols
is that using a link-state protocol provides full visibility of the network topology, whereas distance vector protocols
use informat ion ba sed o n hearsay t o build f orw arding tables. This visibility provided by t he link-state protocol is
atta ined through a o oding mechanism that ensures that each ro uter in the netw ork (more precisely in an area)
receives informa tion tha t ca n be used to build the netwo rk map. In IS-IS, this information is ood ed via link-state
protocol data units, 3 and each Intermediate System or router advertises information pertaining to itself and its links.
Once theinformation is ooded and al l routers obtain thesameinformation , theSPF algorithm isrun separately per
router to process thetopology and extract theshortest path from therouter i tself (automatical ly assigned at theroot
of t he tree) to all th e leaves of the tree. This is like putting a jigsaw puzzle together (Figure 13). The info rma tion
derived fro m this process is used to populate the forw arding t able on the router.
3. Also know n as link-state packets (RFC 1195)
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 20/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 20 of 25
Figure 13 LSP advertised by routers can be modeled by the jigsaw puzzle pieces
Link-State Database
• PATHS —This representsa n acyclic directed graph of shortest pathsfrom thesystem S performing thecalculation.
It is stored as a set of triples of the fo rm <N, d(N ), {Adj(N)}>, w here:
N is a system iden tier. In the Level 1 a lgor ithm, N isa 6 -octet ID fo r OSI End Systems, a 7 -octet ID fo r rou ters,
or a n 8-octet IP internal reachability informa tion entry. For a router that is not a pseudonod e, it is the 6-octet
system ID, with a 0-appended octet . For a pseudonode, i t is a true 7-octet quanti ty, composed of the6-octet DIS
ID and the extra octet assigned by the designated router. The IP internal reachability information entries consist
of a 4-octet IP add ress plus a 4-octet subnet mask and w ill alwa ys be a leaf, that is, “ End System” in PATH S.In the Level 2 a lgorithm, N is either a 7-octet router o r pseudonod e ID (as in the Level 1 algorithm); a va riable
length O SI address pre x; a n 8-octet IP internal reachability informa tion entry, or an 8-octet IP external
reachability information entry. The variable-length OSI address prexes and 8-octet IP reachability information
entries will alw ays be a leaf, that is, “ End System” in PATH S. As above, the IP reachability informa tion entries
consist of an IP add ress-subnet ma sk combination.
d(N) is N’s distance from S (that is, the to tal metric value from N to S).
{Adj(N)} is a set of va lid adjacencies that S ma y use for forw arding t o N .
When a system is placed on PATHS, the path(s) designated by its position in the graph is guaranteed to be a
shortest pat h, and this will be reected in the routing ta ble, given that the route is not learned through anot her
routing protocol with a lower administrative distance.
• TENT —This isa list of triples of theform <N, d(N), {Adj(N)}>, where N, d(N), and {Adj(N)}are as dened above
fo r PATH S.
TENTcan intui tively be thought of as a tentative placement in PATHS. In other words, thetr iple <N, x, {A}> in
TENT means that if N were placed in PATHS, d(N) would be x, but N cannot be placed on PATHS until is
guaranteed that no path shorter than x exists.
Similarly, the triple <N, x , {A, B}> in TENT means that if N w ere placed in PATH S, then d(N) w ould b e x via
either adjacency A or B.
To C
To A
To D
To B
To E
To D
To A
ISP forRouter E
To B
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 21/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 21 of 25
Not e: It is suggested t hat the implementation ma intain the da tab ase TENT as a set of list of triples of t he form
<*,Dist,*>, sorted by Dist. In addition, it is necessary to be able to process those systems, which are pseudonodes
before any nonpseudonodes at the same distance Dist.
The 8-octet system identierstha t specify IP reachability entries must alw ays be distinguishable from other system
ident iers. Two IP reachabil ity entries that d iffer only in the subnet mask are st il l considered to be separate and
will therefore have distinct system identiers N. The SPF algorithm will therefore calculate routes to each such
entry, a nd t he correct entry w ill be selected in the fo rw arding process.
Algorithm
The funct ion of thealgori thm is to calculate theshortest path to al l o ther nodes. To do this, a spanning tree needs to
be constructed. This necessitates a logical model of nodes interconnected by point-to-point links. 4 The basic
algorithm, which builds PATHS from scratch, starts out by putting the system doing the computation on PATHS (no
shorter path t o SELF can possibly exist). TENT is then preloaded from the local a djacency data base.
For each step a node is moved into the PATHS list• Thenodeamong all nodes on TENTtha t has the lowest cost f rom comput ing node is iden tied and moved from
TENT to PATH S.
• All prexes advertised by this node are installed in the RIB.
• All neighbors reachable from through node and moved to TENT list.
Considerations:
• If a node is directly connected to computing node, the rst-hop information is obtained from the adjacency
database.
• If a nodeis not directly connected to computing node, the rst-hop information is inherited from parent node(s).
• For each node on TENT, the cost to get there from the root, and the rst-hop information, is maintained.
Note that a system is not placed on PATHS unless it is the shortest path to that system. When a system N is placedo n PATH S, t he pa t h t o a n eig hb or o f N , sy st em M , is ex a min ed , a s t he pa th t o N plus t he lin k f ro m N t o M . If <M ,
*, * > is in PATH S, this new pa th w ill be longer a nd thus ignored.
I f <M, * , *> is in TENTand the new path i s sho rter, the o ld en try is removed from TENTand the new path is p laced
in TENT. If the new path is thesame length as the one in TENT, then theset of potent ial adjacencies {Adj(M)}is set
to the union o f the o ld set (in TENT) and the new set {Ad j(N)}. I f M isno t in TENT, then the path i sadded to TENT.
Next , the algo rithm nds the triple <N, x , {Adj(N)}> in TENT, w ith minima l x.
N isp laced in PATHS. No path to N can besho rter than x a t this poin t because a ll paths through systemsa l ready in
PATHS have already been considered , and paths through systems in TENTstil l have to be greater than x because x
is minimal in TENT.
When TENT is empty, PATH S is complete.
Note that external metrics can only occur in IP external reachabil ity information entries, which correspond to a leaf
(that is, “ End System” in PATH S). Any route using an entry w ith an external metric w ill alwa ys be considered less
desirable than any entry using an internal metric . This implies that in the addit ion of systems to PATHS, al l systems
reachable via internal routes are alwa ys add ed before any system reachable via external routes.
4. Multiaccess links violatethis model because multiplenodes are connected to the same link. The pseudonode was introduced to address this issue.In the shortest-path tree, a multiaccess link is modeled as a pseudonode with point-to-point links to each IS connected to the multiaccess link.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 22/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 22 of 25
Fast Convergence at Adjacency Setup
An IS that runs out of system resources (memory, CPU, and so on)to store and process thew hole l ink-statedatabaseis supposed to discard LSPs and to alert o ther routers within i ts area by set t ing the overload-bit in orig inated LSPs.
Other routes within this area will still route packets to the overloaded router ’s directly connected networks, but they
w ill not use this router for transit traf c.
When a router reloads, packets forwarded to therouter could be lost , and therouter would effectively behave l ike a
black ho le, dropping a ll the received packets for a short w hile. This could ha ppen because IS-IS considers an
adjacency to be established a nd va lid before CSNP packets have been exchanged and thus before the link-state
dat aba ses of neighbors have been fully synchronized.
Figu re 14 Fas t Convergence
\Consider Figure 14 in the event of router B reloading. Router B would drop trafc if i ts neighbors include router B
in their LSP while router B wo uld not ha ve a fully populated routing table. Thus router B w ould at tract tra f c but
then not ha ve enough informa tion to be able to fo rw ard the traf c. This would result in packets being lost even
though a valid alternate pat h (as used w hen router B is dead) exists.
Assume tha t the shor test path f rom rou ter C to network N is through router B and rou ter A. Router B crashes, and
thenetwork reconverges. The new path from router C to prex N is through router F->router E ->router D->router
A. Ho w ever, the LSP originated from ro uter B does not expire from the link-state da taba ses on a ll routers (except
router B itself). Once router B completes the reload and is back up, adjacencies with router C, router E, and Router
A are established. How ever, before the CSNP, PSNP and full link-state database exchange is complete, router C runs
SPF and uses the old version of router B LSP, hence rediscovering the old ro ute to prex N. Thus traf c to N is
forw arded to Router B from Router C before Router B has received all LSPs, completed the SPF algorithm, and
imported theprex N into i ts rout ing table. This results in dropped packets. When router B runs an SPF based on a
complete link-state dat aba se, Ro uter B recovers full visibility and t raf c to prex N is forw arded a ppropriately.
In a recent IS-IS implementation in IS-IS, a ro uter w ill immediately ood its ow n LSP even before sending CSNP
packets. This does not eliminate theblack-hole problem previously illustrated. How ever, given that theLSP is ooded
immediately, theoverload bit can be set to advise therest of thenetwork not to try rout ing transi t t rafc through thenewly reloaded router. The router can be congured to advert ise i ts LSP with the overload bit for a specic amount
of time after reload.
Once the specied t imer tr iggers, by which t ime the router would have a complete l ink-state database, the overload
bit is cleared a nd t he LSP is reo oded.
Router A Router B Router C
RouterAdvertising
Prefix N
Router D Router FRouter E
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 23/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 23 of 25
IP Addressing
Default Routing
Defa ult routing is achieved in two distinct wa ys with Integrat ed IS-IS:
• At tached bit —Set by a Level 1/Level 2 router in its ow n Level 1 LSP and used to ind icate to all Level 1 routers
(within the area) that t his router is a pot ential exit point of the a rea. Level 1-only routers w ill default to the
nearest attached Level 2 router.
• D efault inform ation originate —Ca n be con gured in Level 1 as w ell as Level 2. The defa ult rout e (0.0.0.0/0) is
inserted in the router LSP (Level 1 or Level 2, a ccording to the con guration command) a nd the LSP is o oded
according to therouter type (Level 1 or Level 2). A Level 2 router doesn’t need to have a defaul t routeto orig inate
a default route.
Level 1 routers w ill alw ay s prefer the explicit default ro ute (0.0.0.0/0) found in an LSP befo re considering the
attached bit.
Redistribution
The Integrated IS-IS specica tion d escribes the w ay ro uters are allow ed to redistribute external pre xes. The Cisco
implementation diff ers from the speci cation a nd a llows more exibility.
Redistr ibut ion from any other rout ing protocol, stat ic congurat ion , or connected interfaces is al lowed in any type
o f rou ter (Level 1 and Level 2 ). By defaul t the met ric typew ill be set as int ernal , wh ich means tha t the met ric o f the
rou te wi ll compete wi th a ll o ther interna l rou tes. Met ric typemay be set to ex terna l. In tha t way the p rex wi ll have
a metric equal to the cost speci ed in the redistribution comma nd plus a value of 64. 5 Although the metric is
increased if the metric is agged as external on redistribution, the internal/external bit used to increase the metric is
actually ignored w hen calculating routes unless the use of external metric is specied in the con guration.
It is recommend ed tha t the metric type internal a lw ay s be used when redistribut ing. Wide-metric TLVs do not use
and discriminate betw een internal and external.
Summarization
Summarization is one of the key fa ctors affecting scalability of a routing proto col. Summarization w ill reduce the
amount of routing updates that will be ooded across the areas and the routing domain.
The use of IS-IS (especially with area routing) requires a good addressing scheme to aid summarization and avoid
having a huge Level 2 data base (populated w ith updates originated f rom Level 1 areas).
For IP w e can summarize only na tive IS-IS routes into Level 2 from t he Level 1 dat ab ase. It is not possible to
summarize IS-IS internal routes at Level 1, although it is possible to summarize external (redistributed) routes at
Level 1.
5. In earlier releases of Cisco IO S Softw are, the reserved bit (bit 8) w as set as o pposed to the internal/external bit 7. Thus external metrics were inincrements of 128 rather t han 64.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 24/25
Cisco Systems, Inc.All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 24 of 25
If the congured metric type is external (the default) or the metric type is not specied (and therefore defaults to
external), redistributio n w ill not ta ke place. This can be confusing because the metric type do es not a ppear in the
router con guration, regardless of w hether it is specied.
According to RFC 1195, the external reachabil ity TLV is not permitted in Level 1 LSPs. Therefore, i t is not possible
to express an externa l metric type in a Level 1 LSP. This constrain t w ill be relax ed in the future to a llow Level 1
external routes to have either an internal or external metric type.
Even though the con gured metric type is internal, the LSP w ill show that the route is “ IP external” because the
external IP reachability TLV is used t o hold t he informat ion.
Route Leaking
Level 1 routers within an IS-IS area by defaul t do not carry any rout ing information external to thearea they belong
to. They use a default route to exit the area. Whilethis setup isdesirable for scalability reasons, it interferes with BGP
routing and Multiprotoco l Label Switching (MPLS) and M PLS-VPN w here all BG P next-hop addresses must be
present in the local routing table. IS-IS now supports 6 a feature called “ route leaking,” in w hich selected Level 2
routes can be ad vertised by a Level 1/Level 2 router into Level 1. Those leaked rout es are specially t ag ged so th ey
w ill not be re-ad vertised into Level 2 by a not her Level 1/Level 2 router.
Route-leaking imposes some risks if used in an unstable environment. An IS-IS area concept with summarization
usually prevents the instabilities in one area (link or route apping) to have an effect on other areas. Routes leaked
from Level 2 into Level 1 are generally not summarized. Each t ime a topology change occurs in an area, al l Provider
Edge router addresses of this area may changemetric (becauseof thechange), and thereforethe Level 1/Level 2 router
tha t w ill have to pro paga te the PE ad dresses into the Level 2 core will ha ve to recreate its Level 2 LSP. This means
that leaking will have to recur and lead to a situation where for any topology change in one area you will have to
re-compute (via Pa rtial R oute C alculation) many routes in (all) other a reas as w ell. R oute-leaking should therefore
be planned a nd d eployed ca refully.
Secur i ty The Cisco IS-IS implementation offers an authentication mechanism to prevent unauthorized routers from forming
adjacencies or injecting TLVs. Currently, o nly plain-text authentication is ava ilable w here the cong ured password
is transmit ted inside the IS-IS PDUs unencrypted in plain text . As such, the password can be determined by snifng
thepackets. Future Cisco IOS Software releases will also contain Hashed Message Authenticat ion Codes with MD5
(HM AC-M D5) w ith encrypted pa ssw ords a s specied in the corresponding IETF draf t. 7
The key concepts for summarization of IP routes are as follows:• Internal routes can be redistributed and summarized from Level 1 into Level 2. Summarization should be
congured on the Level 1/Level 2 router, which injects the Level 1 routes into Level 2.• If summarization is being used, all Level 1/Level 2 routers in an area must be summarizing into the backbone. If
one of them is advertising more specic routes, all the trafc from the backbone will be sent toward this routerbecause of longest-match routing.
• Internal routes cannot be summarized at Level 1 because this is not permitted by the protocol.
6. This feature is also supported on O SPF ABRs to leak Type 3 link-state a dvertisements (LSAs) into an OSPF a rea.
8/9/2019 Introduction to Intermediate System-To-Intermediate Systen Protocol
http://slidepdf.com/reader/full/introduction-to-intermediate-system-to-intermediate-systen-protocol 25/25
Corporate HeadquartersCisco Systems, Inc.170 West Tasm an D riveSan Jo se, CA 95134-1706USAwww.cisco.com
Tel: 408 526-4000800 553-NETS (6387)Fax: 408 526-4100
European HeadquartersCisco Systems Europe11, Rue Camille Desmoulins92782 Issy-les-MoulineauxCedex 9France
www-europe.cisco.comTel: 33 1 58 04 60 00Fax: 33 1 58 04 61 00
Americas HeadquartersCisco Systems, Inc.170 West Tasma n D riveSan Jo se, CA 95134-1706USAwww.cisco.com
Tel: 408 526-7660Fax: 408 527-0883
Asia Pacic HeadquartersCisco Systems, Inc.Ca pital Tow er168 Robinson Road#22-01 to #29-01Singapore 068912
www.cisco.comTel: 65 317 7777Fax: 65 317 7799
Cisco Systems has more than 200 ofces in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on theCisc o Web site at www.ci sco.com/go/offic es
Argent ina • Austra lia • Aust r ia • Belg ium • Bra zil • Bulga ria • C a na d a • C hile • C hina PR C • C o lo mb ia • C o sta R ica • C ro a tiC zech R epub lic • D enma rk • D ub a i, UAE • Finla nd • Fra nce • G erma ny • G reece • H ong Kong SAR • H unga ry • Ind ia • Ind o nesia • Irela ndIsra el • Ita ly • Ja pa n • Ko rea • Lux emb o urg • M ala y sia • M ex ico • The N etherla nd s • N ew Z ea la nd • N orw ay • Peru • Philippines • Po la ndPo rtuga l • Puerto R ico • R o ma nia • R ussia • Sa ud i Ara b ia • Sco tla nd • Singa po re • Slo va kia • Slo venia • So uth Africa • Spa in • Sw ed enSw it z er la nd • Ta iw a n • Th a i la nd • Tu r k ey • U k r a in e • U n i t ed K in g d o m • U n i t ed St a te s • Ven ez u e la • Vi et n a m • Z im b a bw e
All content sare Copyr ight © 1992–2002 Cisco Sys tems, Inc. All r ight s reserved. Cisco, Cisco IOS, Cisco Systems, and the Cisco Systems logo are are regi st e red t rademarks of Cisco Systems, Inc. and/or i t s aff i li a t es in the
IS-IS authentication is congured independently for adjacency establishment (hello) and for LSP authentication. The next sections describe
both cases. If only LSP authent ication is used, an unauthorized neighbor can st il l form an adjacency, but LSP packets cannot be exchanged.
The ISIS dat aba se will not cont ain a ny entries for this neighbor.
LSP Authentication (Area- or Network-Wide)
Do main a nd a rea authentication ca n be con gured separat ely. It is also possible to run either one or both types of authentication.
The area pa ssw ord is inserted a nd checked fo r Level 1 LSPs, the doma in password for Level 2 LSPs.
Interface PasswordThis authentication can be used t o ma ke sure that o nly autho rized neighbors form an IS-IS adjacency over a given interface. The passw ord
is congured on a per-interface base and must be specied for Level 1 and Level 2 independently.
Note : Over point-to-point interfaces, only one hello packet is sent for Level 1/Level 2 adjacencies. On those interfaces, the same password
must be congured as a Level 1 and Level 2 password .
7. http ://w w w.ietf. org/internet-draf ts/dra ft-ietf-isis-hmac-03.tx t