GOOGLE Search

Google
 

Tuesday, August 28, 2007

IS-IS Topic

ISIS - Topic


ISIS – Intermediate System to Intermediate System

- Links-State, use SPF algorithm,VLSM

- Uses helo to establish adjacencies

- Open Standard , comparable to OSPF

- was originally designed as IGP for CLNS Connectionless Network Service

- the OSI Layer 3 protocol is the CLNP Connectionless Network Protocol(unreliable like IP)

- uses CLNS address to identify routers and build the LSDB

Supports 2 Routing Levels

Level 1:

- occurs w/in an IS-IS area, routing is accomplished by looking at the lowest significant address portion (systemID) and choose the lowest-cost path

- Level 1 routing all devices having the same address

Level 2:

- learn the locations of L1 routing areas and build an interarea routing table

- all IS in L2 routing used the destination address to route traffic using the lowest cost path

Note:

- in ISIS design , NO ABR/NO Backbone Area/No Area 0

ISIS Router Types

a. L1 Routers: (intra-area)

- learn about paths w/in the areas they connect

- maintain topology database on their area

b. L2 Routers: (interarea)

- learn about paths between areas

- backbone routers

c. L1/L2 Routers:

- acts as borders between L1 and L2

- similar to OSPF ABR, learn about paths both within and between areas

Note:

- the path of connected L2 and L1-2 routers is called backbone

Integrated or (Dual) IS-IS Routing

- for multiple protocols, IP and CLNS

- combines ISO CLNS and IP routing in one protocol

- uses its own PDUs to transport IP routing info and ISIS info are not carried within a network-layer but carried directly within datalink layer frames

IS-IS Design

- metric is not based on bandwidth

- value of 0-63 and 10 is the default

- narrow metrics are limited to max of interface metric of 63(6 bits) and max total path metric of 1,023(10 bit)

ES-IS Protocol

- End System to Intermediate System

- permits ESs(host) and ISs(routers) to discover one another

ES-IS performs the ff task:

  1. ESs send End System Hellos (ESHs) to well known address to announce presense to IS
  2. Routers (IS) listen to ESH to find the ES on a segment
  3. Routers (IS) transmits Intermediate System Hellos (ISHs) to well-known address announcing their presense to ES
  4. ESs listens for these ISH and randomly pick an IS to which they will forward all their packet
  5. When an ES needs to send a packet to another ES, it sends packet to one the IS on its directly attached network

Note:

- Routers uses IS-IS Hellos (IIHs) for establishing and maintaining adjacencies between ISs (Routers)

- IP systems do not use ES-IS

OSI Routing Levels

Level 0 Routing:

- ES to IS, within the same domain

- ES discover the nearest IS by listening to ISH packets

- when ES needs to send packets to another ES, it sends the packet to the IS on an attached network

Level 1 Routing:

- IS to IS within the same domain

Level 2 Routing

- IS to IS between different area within the same domain

- Also called interarea routing

- if a destination is in another area, the L1 IS sends the packet to the nearest L1-L2 IS, then forwards to L2 IS until reaches a L1-L2 or Level2 IS in the destination area

Level 3 Routing

- routing between separate domain

- comparable to BGP

- passes traffic to different AS

- not specified on Cisco routers but being accomplished through IDRP (Interdomain Routing Protocol)

Comparing IS-IS to OSPF

Similarities:

- both open standard link-state protocols

- both support VLSM

- similar mechanisms, LSAs, aging timers, LSDB synchronization to maintain LSDB

- uses SPF algorithm, similar update, decision and flooding process

- converge quickly after network changes

Differences

OSPF

Integrated ISIS

Area border inside routers

Area border on links

Each link in only one area

Each router in only one area

More complex to extend backbone

Simple extension of backbone

Many small LSAs sent

Fewer LSPs sent

Runs on top of IP

Runs on top of Data Link Layer

Requires IP address

Requires IP and CLNS addresses

Default metric is scaled on interface bandwidth

Default metric is always 10 for all interfaces

Not easy to extend

Easy to support new protocols with new TLS tuples

Equipment personnel and information more available

Not as available

II. IS-IS Routing Operations

- unlike IP addresses, CLNS addresses apply to entire nodes and not to interface

- requires CLNS addresses, are used by routers care called NSAP (Network Service Access Points)

- one part of NSAP is the NSAP selector (NSEL) byte

- when NSAP selector is 0, then the NSAP is called NET (Network Entity Title)

NSAP Address

- OSI network layer addressing is implemented with NSAP address

- An NSAP address identifies a system in the OSI network, an address represents an entire node, not an interface

- NSAP address are maximum of 20 bytes

- Higher-order bits identify the interarea structure

- Lower-order bits identify the systems within area

- ISIS Link-State Packets (LSPs) use NSAP addresses to identify the router and build the topology table

- NSAP address is equivalent to the combination of the IP address and upper-layer protocol in an IP header


Three Fields of NSAP Address (Cisco)

  1. Area Address
  2. System ID
  3. NSEL

IDP (Initial Domain Part)

- (AFI) Authority and Format Identifier and ( IDI) Initial Domain Identifier

- correspond to major network

AFI(Authority and Format Identifier) Value

- specifies the format of the address and the authority that is assigned

39 – ISO Data Country Code (DCC\

45 – E.164

47 – ISO 6523 International Code Designator (ICD)

49 – Private Locally Administered

IDI (Initial Domain Identifier)

- corresponds to subdomain under AFI, example: 47.0005 assigned to US govt., 47.0006 assigned to US DoD

DSP Domain Specific Part

- contributes to routing within an IS-IS routing domain

- comprises of HO-DSP (High-Order DSP), the system ID and the NSEL

- HO-DSP subdivides the domain into areas, equal to subnet in IP

- System ID identifies an individual OSI device

- NSEL identifies a process on the device and corresponds to a port or socket in IP, not used in routing decision

Typical NSAP Address Strucure

Example: HEX

49.1234.AA15.B322.1B41.00

49.1234 – area ID with the AFI of 49 means private

AA15.B322.1B41 – system ID, MAC address

00 – NSEL, zero means router

Rules for IS-IS as IGP:

1. Area address must be at least 1 Byte, separated into 2 parts

1st. the AFI set to 49 (private)

2nd. Area Identifies I, the octets of the area address after the AFI

2. System Id requires 6-byte , compliant with Govt. OSI Profile GOSIP version 2.0

3. NSEL always set to 0 for a router, 1 byte

Note:

- NSAP is called the NET when it has a NSEL of 0, router use NET to identify themselves in the ISIS PDUs

49.0001.0000.0c12.3456.00

AFI of 49

Area ID of 0001

Systemd ID of 0000.0c12.3456, the MAC address of a LAN interface

NSEL of 00

Note:

- the area address is also referred to as the prefix

- some documents uses the terms area ID and area address as synonyms

Area Address

- area address uniquely identifies the routing area and is associated with routing process

- system id identifies each node and used only in Level 1 routing and must be unique w/in an area

- all routers within the area must use the same area address

- an ES may be adjacent to a router only if they share a common area address

- area address is used in Level 2 routing

- ES recognize only IS and other ES on the same subnetworks that share the same area address

NET Address

- includes NSEL field(process of port number)

- NET is called when NSEL field of 0

- NET address refers to the device itself (equivalent to Layer3 OSI), used in routers to identify themselves in the LSP and to form the basis of routing calculations (SPF)

SNPA, Circuit and Link

- SNPA (Subnetwork Point of Attachment) is the point subnetwork services, equivalent of the Layer 2 address

- SNPA is assigned using the MAC address, virtual circuit ID from X.25 or ATM, DLCI form FR, HDLC

- Circuit is the ISIS termo for an interface, circuit ID distinguished a particular interface

- Link is the path between two neighbor IS

Intra-Area and InterArea Addressing and Routing

- area address is used to route between areas, system ID is no considered

- system Id is used to route within area, area address is not considered

How to Forward packet

1. IS checks a packet destination

- different area, routed based on the area addres

- same area, routed based on system id

2. If you are a L1 router

- interarea packet sent closest to L1/L2 router

- intra-area packet are routed based on L1 database

3. IF you are a L1/L2 router

- inter-area packets are routed based on L2 database

- intra-area packets are routerd based on L1 database

Route Leaking

- helps reduce suboptimal routing by allowing Level 2 information to be leaked into Level 1

- use up/down bit in TLV (Type,Length,Value) field

if set to 0 the route originated w/in that Level 1 area

if set to 1 the route is redistributed into the area from Level 2

ISIS PDUs

PDU (OSI) ----- Packet (TCPIP )

OSI PDU

- Network PDU = datagram, packet

- Data-Link PDU = frame

4 Types of PDUs

- ISIS PDU are encapsulated directly into a data-link fram anre no CLNP or IP Header on a PDU

  1. Hello (ESH,ISH,IIH)

- used to maintain and establish adjacencies

- ESH is ES to IS

- ISH is IS to ES

- IIH is IS to IS, between IS sent every 10 secs

  1. LSP (Link-State Packet)

- used to distribute link-state information

  1. PSNP (Partial Sequence Number PDU)

- used to acknowledge and request missing pieces of link-state information

- sent evry 3 secs

  1. CSNP (Complete Sequence Number PDU)

- used to describe/distribute the complete list of LSPs in the LSDB of a router, summary of LSDB

- periodically sent every 10 secs (broadcast) and only once for point-to-point

LSP

- router LSPs contain an LSP header and TLV fields

LSP Header – PDU type, length, LSP ID, LSP sequence number to identify duplicate, remaining lifetime of LSP

- area sequenced to avoid duplication of LSPs, begin at 1

- assist with synchronization,

- sequenced numbers are increased to indicate the newest LSP

- remaining lifetime is used for removal of outdated and invalid LSP from the topology table, known as count to zero operation, 1200 seconds is the default start value

TLV Fields – IS neighbor, ES neighbors, authentication info, attached IP subnet

- TLV examples. Area address type code is 1, IS neighbor type code is 2

Implementing ISIS on NBMA Networks

- ISIS supports Broadcast for LAN and multiple WAN links

- Point-to-Point for all other media

- Has no concept of NMBA networks, it is recommended to use p2p over NBMA networks such as ATM,FR or X.25

- In broadcast mode, you must use enable CLNS mapping and include broadcast keyword

Implementing ISIS in Broadcast Networks

- used for LAN and multipoint WAN interface

- DIS (Designated IS) creates psuedonode and represents LAN

- DIS is electected based on 1. only routers with adjacencies, 2. highest interface priority, 3. highes SNPA (MAC) break ties, there is no backup DIS

Note:

- interface have a default Level and Level 2 priority of 64, you can configure from 0 to 127 using the < isis priority (number value) [level-1 level-2] > command

LSP and IIH Levels

- two levels nature of ISIS requires separate types of LSP

- DIS representative of LAN

- LSPs are sent as unicast on p2p

- LSPS are sent multicast on broadcast networks

- LAN uses separate Level 1 and Level 2 IIHs, sent as multicast

- P2p uses a common IIH format, sent as unicast

Comparing Broadcast and Point-to-point Topologies

LSDB Synchronization

- single procedure for flooding, aging and updating LSP

- Level 1 LSPs are flooded within an area

- Level 2 LSPs are flooded throughout the Level2 backbone

- Large PDUs are divided into fragments that are independently flooded

- Each PDU is assigned an LSP fragment number, starting at 0 and incrementing by 1

- Separate LSDBs are maintained for Level 1 and Level 2 LSPs

- An LSP is typically flooded to all adjacent neighbors except the neighbor from which it was received

- LSP are identified by the system ID of the originator and an LSP fragment number starting at 0

- If an LSP exceeds the max transmission unit MTU, it is fragmented into several LSPs numbered 1,2,3 and so on

- ISIS maintains the Level1 and Level2 in separate LSDBs

- When an IS receives an LSP, it examines the checksum and discards any invalid LSPs

- If the LSP is invalid and newer than what is currently in the LSDB, it is retained, ack, and given lifetime 1200 secs

- The age is decremented every second until it reaches 0, at which point the LSP is considered to have expired

- When the LSP has expired, it is kept for an additional 60 secs before it is flooded as an expired LSP

Sequence Number PDUs

SNP packets are used to acknowledge the receipt of LSPs and ensure synchronization and reliability

- separate CSNPs and PSNPs are used for Level1 and Level2 adjacencies

Two Types of SNP

1.PSNP are used for acknowledgement of LSP on p2p links and to request missing pieces of LSDB(subset only)

2.CSNP periodically multicast every 10 secs. by DIS on LAN to ensure LSDB accuracy and on p2p link when the link comes up

Neighbors and Adjacencies

- discover neighbors and from adjacencies by exchanging ISIS hello PDU

- transmitted every 10 secs , command <isis hello-interval>

- hello identify itself and describe the parameters of the interface

- neighbors can advertise different hello intervals

L1/L2 Adjacencies

- ISIS forms separate adjacencies for L1 and L2

- L1-only routers form L1 adjacency with L1 and L1/L2

- L2-only routers from L2 adjacency with L2 and L1/L2

- L1/L2 can form both L1 adj and L2 adj

- L1-only and L2-only router will not form adjacency

- Cisco routers default is L1/L2

Rules for Adjacency

  1. L1 to L1 adjacency – area id must match
  2. L2 to L2 adjacency – even area id is different
  3. L1-only forms L1 adj with L1/L2 only if area id match
  4. L2-only forms L2 adj with L1/L2 even area id is different
  5. L1/L2 form both L1 and L2 adj if their area id is match
  6. L1/L2 form only L2 adj if their area id don’t match

Configuring Basic Integrated ISIS

- NET address identifies a device, an IS or ES and not an interface

- The OSI hello PDUs are sued to form the neighbor relationship between routers and SPF rely on configured NET address to identify the routers

-

Building the OSI Forwarding Database

1. ISIS uses an OSI forwarding table (routing table) to select the best path to a destination

2. When the database are synchronized, routers use the LSDB to calculate the SPF tree to OSI destinations, the NETs

3. The total of the link metrics along each path determines the shortest path to any given destination

4. Level 1 and Level 2 routers have separate LSDBs and therefore may run the SPF algorithm twice

5. Routers insert the best paths in the CLSN routing table (OSI Forwarding database)

Building an IP Routing Table

1. Routers find the best way to reach each other based on the lowest cost (SPF algorithm)

2. L1 Router and L2 router performs completely separate route calculations

3. All the best paths are added to the routing table

4. A second algorithm is run (PRC) Partial Route Calculation for the ip routing table

5. Best path from the PRC algorithm end up in the IP Routing table

Integrated ISIS Configuration Steps

1. Define areas, prepare the addressing plan (NET) for routers and determine interface

CLNS addreess of a router is called the NET, consist of 3 main parts

    1. prefix – defines the area that the router is a part of
    2. system ID – which uniquely identifies each device
    3. NSAP selector NSEL which must be 0

2. Enable ISIS on the router
Router(config)# router isis [area-tag]

- this enables ISIS routing protocol

- area-tag – name for process

- when CLNS packets is also needed, CLSN routing is disabled by default clns routing command

3. Configure the NET

Router(config-router)#net

- configures an ISIS NET address for the routing process

- the NET is a combination of area number, system id and NSEL of 00 at the end

- the area number must be at least 1 byte in length and can be as long as 13 bytes

- system id has a fixed length of 6 bytes

4. Enable Integrated ISIS on the appropriate interfaces.

Router(config-if)#ip router isis [area-tag]

- includes an interface in an ISIS routing process

- use the clsn router issi [area-tag] command to enable ISIS routing process on an interface to support CLNS routing


Example:

1. Simple Integrated ISIS example

The configured router acts as an IP-only Level1-2 router. CLNS routing is not enabled. This configuration specifies only one ISIS process, thus the optional tag is not used. The net command configures the router to be in area 49.0001 and assigns a system id of 0000.0000.0002. ISIS has been enabled on FastEthernet 0/0 and Serial 0/0 interface. Because no level has been configured under the ISIS routing process, the router acts as a Level1-2 router by default.

interface FastEthernet0/0

ip address 10.1.1.2 255.255.255.0

ip router isis

!

interface Serial 0/0

ip address 10.2.2.2 255.255.255.0

ip router isis

!

router isis

net 49.0001.0000.0000.0002.00

Optimizing ISIS

Changing ISIS Router Level

Router(config-router)#is-type [level-1 | level1-2 | level 2-only]

Changing ISIS Interface Level

Router(config-if)#isis circuit-type [level-1 | level-1-2 | level-2-only]

Changing ISIS Metric

Router(config-if)#isis metric [level-1 | level-2]

-configures metric on interface, form 1 to 63, default is 10

Router(config-router)#metric [level-1 | level-2]

Example:


R3 – it is appropriate to change the IS type to Level 2 only since it only needs Level 2 routing

R1 – is internal router, does not connect to in any other area and appropriate to configure it to IS type Level 1

R2 – must do both Level 1 and Level 2 routing, left by default. It is appropriate to set the ISIS circuit type of Fa0/0 to Level 1 since there is no need to send Level 2 hellos to R1. Similarly to Serail 0/0/1 should be set to Level2 only

Remember that the metric for all interface is 10 regardless of the speed of the serial or FastEthernet.

Configuring Route Summarization in ISIS

Router(config-router)#summary-address

[level-1 | level-2 | level-1-2]

- creates summary, default is Level 2

Example:

Router3(config-router)# summary-address 10.3.2.0 255.255.254.0 level-1-2

- summarizes 10.3.20/23 into Level 1-2

Verifying ISIS Configuration

show ip protocols


Verifying CLNS Structures




Thursday, August 16, 2007

Router Simulator

Checkout this cool router simulator.

http://dynagen.org/