Intermediate-System to Intermediate-System (IS-IS)

Intermediate-System to Intermediate-System (IS-IS)

Some important points to cover this topic. Source Cisco.com

IS-IS is an IGP protocol commonly used in Service Provider networks. The term integrated IS-IS is used for routing of internet protocol.

IS-IS Areas
In OSPF protocol any of the router’s interfaces can be assigned to a particular area, however the concept of area in IS-IS is different. Here in general, every single router belongs to an Area. The idea of this comes from the fact that IS-IS was initially created to route Connectionless Network Protocol (CLNP) where the address belongs to a device (Router), whereas in Internet Protocol (IP) the address belongs to the particular interface.

Routers, not interfaces are associated to an area

The protocol has two levels of hierarchy, Level-1 and Level-2. Level-1 corresponds to OSPF intra-area routing whereas Level-2 corresponds with the OSPF backbone area 0. In Cisco implementation every router by default becomes L1-L2 for each configuration and deployment.

  • Level 1 router can become adjacent with the Level 1 and Level-1-2 (L1/L2) router.
  • Level 2 router can become adjacent with the Level 2 or Level 1-2 (L1/L2) router.
  • There is no adjacency between a Level 1 and Level 2 only router.

An IS-IS L1/L2 router maintains two link state database information. One is for Level 1 and the other for Level 2.Hence two distinct Shortest Path First (SPF) calculations are run, one on Level 1 link state database and other on the Level 2 link state database. IS-IS Level 1-2 router behaves very close to OSPF Area Border Router (ABR). L1/L2 router sends both L1 and L2 hellos.

As default behaviour L1/L2 router will only allow one way passage of prefixes from L1 Area to L2 Area, but not in reverse.. Will show you further down in this topic.

Name Destination MAC Address
All L1 IS Devices 0180.c200.0014
All L2 IS Devices 0180.c200.0015
All IS Devices 0900.2b00.0005

IS-IS Packet Types

IS-IS has three types of PDUs (packets)

  • IS-IS Hello (IIH) Packets – Used to establish/monitor neighbors
  • Link State Packets (LSPs) – used to build a topology and share routes
  • Sequence Number Packets (SNPs) – used to synchronize LSPs

IS-IS Interfaces

There are two types of interface in IS-IS:

  • Broadcast – This is the default. Allows for more than one neighbor to connect on this medium. Requires the election of a pseudonode called a Designated Intermediate System (DIS)
  • Point-to-Point – Used to reduce some of the overhead mechanisms with broadcasts networks if only 2 devices exist on a segment.

Lab Topology

ISISlab.png

The configuration already completed on these routers and this is how the topology looks like.

  • R1 and R8 configured as L1/L2 routers.
  • R2, R3, R4 are in Area Level-1
  • R5, R6, R7 are in Area Level-2
  • IS-IS is only configured on the service provider network routers.

Let's look at the configuration on R1.

R1                                                                            
router isis SP                         
 net 49.0000.0000.0001.00              
 metric-style wide                     
 log-adjacency-changes                 
!                                      
interface Loopback0                    
 ip address 1.1.1.1 255.255.255.255    
 ip router isis SP                     
!                                      
interface Ethernet0/0                  
 description to R2                     
 ip address 10.10.12.1 255.255.255.252 
 ip router isis SP                     
!                                      
interface Ethernet0/2                  
 description to R5                     
 ip address 10.10.15.1 255.255.255.0   
 ip router isis SP

The configuration is complete on the remaining routers in a similar way.

Now let's check the IS-IS neighbors.

R1#show isis neighbors 

Tag SP:
System Id      Type Interface   IP Address      State Holdtime Circuit Id
R2             L1   Et0/0       10.10.12.2      UP    9        R2.02              
R5             L2   Et0/2       10.10.15.5      UP    7        R5.01             

!-- Another command to check the neighbors;
R1#show clns neighbors 

Tag SP:
System Id      Interface   SNPA                State  Holdtime  Type Protocol
R2             Et0/0       aabb.cc00.0200      Up     8         L1   IS-IS
R5             Et0/2       aabb.cc00.0520      Up     8         L2   IS-IS

How does R1 find out the system-id of R2 and R5?
Answer is it uses TLV#137

Let's check the ISIS interface details.

Ethernet0/0 is up, line protocol is up
  Checksums enabled, MTU 1497, Encapsulation SAP
  ERPDUs enabled, min. interval 10 msec.
  CLNS fast switching disabled
  CLNS SSE switching disabled
  DEC compatibility mode OFF for this interface
  Next ESH/ISH in 40 seconds
  Routing Protocol: IS-IS (SP)
    Circuit Type: level-1-2     <---------------------- L1/L2 IS-type, check the Circuit Type to determine which IS-type level is configured.
    Interface number 0x0, local circuit ID 0x1
    Level-1 Metric: 10, Priority: 64, Circuit ID: R2.02
    DR ID: R2.02      <--------------------- DR is R2
    Level-1 IPv6 Metric: 10
    Number of active level-1 adjacencies: 1
    Level-2 Metric: 10, Priority: 64, Circuit ID: R1.01  <--------Level-2 information
    DR ID: 0000.0000.0000.00  
    Level-2 IPv6 Metric: 10
    Number of active level-2 adjacencies: 0
    Next IS-IS LAN Level-1 Hello in 386 milliseconds
    Next IS-IS LAN Level-2 Hello in 7 seconds

Now let's check the isis learned routes on R1.
R1#show ip route isis 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      8.0.0.0/32 is subnetted, 1 subnets
i L1     8.8.8.8 [115/50] via 10.10.12.2, 18:59:44, Ethernet0/0
      10.0.0.0/8 is variably subnetted, 10 subnets, 3 masks
i L1     10.10.23.0/24 [115/20] via 10.10.12.2, 1d19h, Ethernet0/0
i L1     10.10.34.0/30 [115/30] via 10.10.12.2, 18:59:44, Ethernet0/0
i L1     10.10.48.0/24 [115/40] via 10.10.12.2, 18:59:44, Ethernet0/0
Above routes are originated from within Level-1 Area. 
Below routes are all originated from within the backbone area (Level-2)
i L2     10.10.56.0/24 [115/20] via 10.10.15.5, 15:28:59, Ethernet0/2        <------Learned through R5 which is a Level-2 router
i L2     10.10.67.0/24 [115/30] via 10.10.15.5, 15:28:59, Ethernet0/2        <------Learned through R5 which is a Level-2 router
i L1     10.10.78.0/24 [115/50] via 10.10.12.2, 18:59:44, Ethernet0/0        <------Though this subnet is between a L2 and a L1/L2 router, it is being learned through R2.
      89.0.0.0/32 is subnetted, 1 subnets
i L1     89.89.89.89 [115/50] via 10.10.12.2, 18:59:44, Ethernet0/0          <-------Loopback interface on R8 learned via R2.

As mentioned above L1/L2 routers allow one way passage of prefixes i.e Level-1 area does not receive prefixes from Level-2, however Level-2 routers will be aware of all the Level-1 prefixes. In this case routers in L2 are able to ping L1 routers whereas L1 routers are not able to ping L2 routers/interfaces.

Let me first show you the neighbors on R6

R6#show clns neighbors        
Tag SP:
System Id      Interface   SNPA                State  Holdtime  Type Protocol
R5             Et0/1       aabb.cc00.0510      Up     29        L2   IS-IS
R7             Et0/2       aabb.cc00.0720      Up     9         L2   IS-IS

Both R5 and R7 are L2 neighbors.
Now let's look at the routing table of R6.
R6#show ip route 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
i L2     1.1.1.1 [115/30] via 10.10.56.5, 20:15:43, Ethernet0/1
      8.0.0.0/32 is subnetted, 1 subnets
i L2     8.8.8.8 [115/30] via 10.10.67.7, 23:43:00, Ethernet0/2
      10.0.0.0/8 is variably subnetted, 10 subnets, 3 masks
i L2     10.10.12.0/30 [115/30] via 10.10.56.5, 20:15:43, Ethernet0/1
i L2     10.10.15.0/24 [115/20] via 10.10.56.5, 20:15:43, Ethernet0/1
i L2     10.10.23.0/24 [115/40] via 10.10.56.5, 04:33:37, Ethernet0/1
i L2     10.10.34.0/30 [115/40] via 10.10.67.7, 04:06:49, Ethernet0/2
i L2     10.10.48.0/24 [115/30] via 10.10.67.7, 23:43:00, Ethernet0/2
C        10.10.56.0/24 is directly connected, Ethernet0/1
L        10.10.56.6/32 is directly connected, Ethernet0/1
C        10.10.67.0/24 is directly connected, Ethernet0/2
L        10.10.67.6/32 is directly connected, Ethernet0/2
i L2     10.10.78.0/24 [115/20] via 10.10.67.7, 23:43:00, Ethernet0/2
      89.0.0.0/32 is subnetted, 1 subnets
i L2     89.89.89.89 [115/30] via 10.10.67.7, 23:43:00, Ethernet0/2

R6 routing table shows that the prefix between R1 & R2, R2 & R3, R3 & R4, R4 & R8 are in the routing table and are appearing as IS-IS L2 routes.

But if we look at the routing table of R2, R3 and R4, we will not find the prefixes of L2. The route 10.10.78.0/24 appears due to R8 being a L1/L2 ABR.

R3#show ip route isis 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
i L1     1.1.1.1 [115/30] via 10.10.23.2, 23:51:57, Ethernet0/1
      8.0.0.0/32 is subnetted, 1 subnets
i L1     8.8.8.8 [115/30] via 10.10.34.2, 23:51:57, Ethernet0/2
      10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
i L1     10.10.12.0/30 [115/20] via 10.10.23.2, 23:51:57, Ethernet0/1
i L1     10.10.15.0/24 [115/30] via 10.10.23.2, 23:51:57, Ethernet0/1
i L1     10.10.48.0/24 [115/20] via 10.10.34.2, 23:51:57, Ethernet0/2
i L1     10.10.78.0/24 [115/30] via 10.10.34.2, 23:51:57, Ethernet0/2
      89.0.0.0/32 is subnetted, 1 subnets
i L1     89.89.89.89 [115/30] via 10.10.34.2, 23:51:57, Ethernet0/2

Solution:

One of the solutions is to inject a default route into area L1. So I will configure a route-map and add it to the default-information originate statement under the ISIS configuration.

Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#route-map L1-default-route permit 10
R1(config-route-map)#set level level-1
exit
!
R1(config)#router isis SP
R1(config-router)#default-information originate route-map L1-default-route

Now if we look at the routing table on a Level-1 router we will see a default route is present and we are not able to ping any router interface in area L2.

R3#show ip route isis 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 10.10.23.2 to network 0.0.0.0

i*L1  0.0.0.0/0 [115/20] via 10.10.23.2, 00:10:11, Ethernet0/1   <------------ Default route now in routing table
      1.0.0.0/32 is subnetted, 1 subnets
i L1     1.1.1.1 [115/30] via 10.10.23.2, 21:20:28, Ethernet0/1
      8.0.0.0/32 is subnetted, 1 subnets
i L1     8.8.8.8 [115/30] via 10.10.34.2, 21:20:28, Ethernet0/2
      10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
i L1     10.10.12.0/30 [115/20] via 10.10.23.2, 21:20:28, Ethernet0/1
i L1     10.10.15.0/24 [115/30] via 10.10.23.2, 21:20:28, Ethernet0/1
i L1     10.10.48.0/24 [115/20] via 10.10.34.2, 21:20:28, Ethernet0/2
i L1     10.10.78.0/24 [115/30] via 10.10.34.2, 21:20:28, Ethernet0/2
      89.0.0.0/32 is subnetted, 1 subnets
i L1     89.89.89.89 [115/30] via 10.10.34.2, 21:20:28, Ethernet0/2

R3#ping 10.10.56.6           <--------- ping to R6 interface connected to R5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.56.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/4 ms

R3#ping 10.10.67.7           <--------- ping to R7 interface connected to R6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.67.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/3/4 ms

Another method is of redistributing Level-2 routes into Level-1. Since I have default-originate on R1 I will do the redistribution on R8 which is also a ABR (L1/L2) router.

This is how the configuration will look like and the routing-table after we configure redistribution.

R8#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R8(config)#router isis SP
R8(config-router)#redistribute isis ip level-2 into level-1  route-map L2-to-L1
R8(config-router)#exit
R8(config)#route-map L2-to-L1 permit 10
R8(config-route-map)#match route-type level-2 
R8(config-route-map)#exit

Now we will check the routing table on any of the L1 area routers (R2, R3, R4).
R3#show ip route isis 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 10.10.23.2 to network 0.0.0.0

i*L1  0.0.0.0/0 [115/20] via 10.10.23.2, 00:00:19, Ethernet0/1
      1.0.0.0/32 is subnetted, 1 subnets
i L1     1.1.1.1 [115/30] via 10.10.23.2, 23:31:16, Ethernet0/1
      8.0.0.0/32 is subnetted, 1 subnets
i L1     8.8.8.8 [115/30] via 10.10.34.2, 23:31:16, Ethernet0/2
      10.0.0.0/8 is variably subnetted, 10 subnets, 3 masks
i L1     10.10.12.0/30 [115/20] via 10.10.23.2, 23:31:16, Ethernet0/1
i L1     10.10.15.0/24 [115/30] via 10.10.23.2, 23:31:16, Ethernet0/1
i L1     10.10.48.0/24 [115/20] via 10.10.34.2, 23:31:16, Ethernet0/2
i ia     10.10.56.0/24 [115/50] via 10.10.34.2, 00:03:25, Ethernet0/2       <--------- We now see the prefixes from backbone area as inter-area IS-IS
i ia     10.10.67.0/24 [115/40] via 10.10.34.2, 00:03:25, Ethernet0/2
i L1     10.10.78.0/24 [115/30] via 10.10.34.2, 23:31:16, Ethernet0/2
      89.0.0.0/32 is subnetted, 1 subnets
i L1     89.89.89.89 [115/30] via 10.10.34.2, 23:31:16, Ethernet0/2

Conclusion: We can do either method to have reachability to L2 backbone area routers, but I have done both for this lab scenario.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License