GOOGLE Search

Google
 

Wednesday, December 26, 2007

Linux Tip No. 4: Sorting the Biggest Directory

This command will show the biggest directory.

[root@nuxmachine admin]# du -Sh | sort -n
4.0K ./backup
9.8M ./backup/web
11G ./backup/home
16K ./.ssh
28K ./backup/Dovecot
28K ./backup/users/last-full
36K .
36K ./backup/users
40K ./backup-sh
328K ./backup/Postfix
628K ./backup/MailScanner

Monday, December 17, 2007

Linux Tip No. 3: How to Check NIC Settings in Tru64

How to Check NIC Speed and Negotiation

#hwmgr get attr -cat network | grep -E "name|speed|duplex"

Thursday, December 13, 2007

Linux Tip No. 2: Combining Tail and Awk

- you can use this command to provide a nice output of logs.

Command:
>tail -f logs.log | grep -e "word" | awk '{ print $12 "\t" $13' }'

"word" - any line containing "word" will be captured
$12 - column 12
"\t" - space

Tuesday, December 11, 2007

How To: Foward Tape Content in Tru64

How To: Forward Tape Content in Tru64

root@machine01:/home/data/backup/databases# mt fsf 1
root@machine01:/home/data/backup/databases# vrestore -t -f /dev/ntape/tape0
vrestore: Date of the vdump save-set: Mon Nov 5 22:22:07 2007
vrestore: Save-set source directory : /home/data/backup/
vrestore: Target directory : /usr1/data/backup/

Tuesday, December 4, 2007

Devices on AIX

Devices on AIX

Devices Information on AIX

1.List all devices on a system
lsdev
Device states are: Undefined; Supported Device, Defined; Not usable
(once seen), Available; Usable

2.List all disk devices on a system (Some other devices are: adapter,
driver, logical volume, processor)
lsdev -Cc disk

3.List all customized (existing) device classes (-P for complete list)
lsdev -C -r class

4.Remove hdisk5
rmdev -dl hdisk5

5.Get device address of hdisk1
getconf DISK DEVNAME hdisk1 or bootinfo -o hdisk1

6.Get the size (in MB) of hdisk1
getconf DISK SIZE hdisk1 or bootinfo -s hdisk1

7.Find the slot of a PCI Ethernet adapter
lsslot -c pci -l ent0

8.Find the (virtual) location of an Ethernet adapter
lscfg -l ent1

9.Find the location codes of all devices in the system
lscfg

10.List all MPIO paths for hdisk0
lspath -l hdisk0

11.Find the WWN of the fcs0 HBA adapter
lscfg -vl fcs0 | grep Network

12.Temporarily change console output to /console.out
swcons /console.out (Use swcons to change back.)

Monday, December 3, 2007

Router: Traffic Shaping

Traffic Shaping

class-map match-any IB-11.70
match access-group name IB-11.70
!
class-map match-any OB-11.70
match access-group name OB-11.70
!
!
policy-map To-Public
class OB-11.70
shape average 256000
!
policy-map To-Lan
class IB-11.70
shape average 256000
!
!
interface FastEthernet0
description ***LAN side***
ip address 20.18.11.65 255.255.255.224
service-policy output To-Lan
speed auto
!
interface Serial0
description *** To Public Serial 2/1 ***
bandwidth 2000000
ip address 20.18.11.98 255.255.255.252
service-policy output To-Public
load-interval 30
clockrate 2000000
!
ip route 0.0.0.0 0.0.0.0 20.18.11.97
!
!
ip access-list extended IB-11.70
permit ip any host 20.18.11.70
ip access-list extended OB-11.70
permit ip host 20.18.11.70 any

Note:
The service is always in the OUTPUT policy.
Service Policy To-LAN is inbound of LAN.
Service Pplicy To-Public is outbound of LAN.

Linux Tip No. 1: Change Timezone

Change Timezone on AIX
chtz (timezone eg GMT0BST) - Changes the timezone in /etc/environment file

Thursday, November 29, 2007

Router: NAT with DHCP

ip dhcp excluded-address 192.168.0.1 192.168.0.127
!
ip dhcp pool LANDHCP
network 192.168.0.0 255.255.255.0
domain-name jefferson.com
dns-server 20.18.11.34
netbios-name-server 20.18.11.34
default-router 192.168.0.1
!
interface Ethernet0/0
description **** To Public Interace Fa0/1 ****
ip address 20.18.10.2 255.255.255.252
ip nat outside
ip virtual-reassembly
full-duplex
!
interface Ethernet1/0
description ***Connection To LAN ***
ip address 192.168.0.1 255.255.255.0 secondary
ip address 20.18.10.129 255.255.255.128
ip nat inside
ip virtual-reassembly
full-duplex

ip route 0.0.0.0 0.0.0.0 20.18.10.1
!
ip nat inside source list 10 interface Ethernet0/0 overload
!
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 deny any

Wednesday, November 28, 2007

Router: NAT with Secondary IP Address

interface Ethernet0/0
description **** To Public Address ****
ip address 20.18.10.2 255.255.255.252
ip nat outside
ip virtual-reassembly
full-duplex
!
interface Ethernet1/0
description ***Connection To LAN ***
ip address 192.168.0.1 255.255.255.0 secondary
ip address 20.18.10.129 255.255.255.128
ip nat inside
ip virtual-reassembly
full-duplex


ip route 0.0.0.0 0.0.0.0 20.18.10.1
!
ip nat inside source list 10 interface Ethernet0/0 overload
!
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 deny any

Monday, November 19, 2007

Tape Commands in AIX

Useful Tape commands in AIX

1.Rewind and eject the rmt0 tape drive
# tctl -f /dev/rmt0 offline

2.Rewind the rmt0 tape drive
# mt -f /dev/rmt0 rewind

3.Check the content of the tape
#tctl -f /dev/rmt0.1 -b 1024 -n read

Tape Commands in Tru64

*****************************
Useful Tape Commands in Tru64
*****************************


Rewind and unload the tape
mt -t /dev/ntape/tape0 offline

1. rewind the tape
#mt -f /dev/ntape/tape0 rewind
or
#mt rewind

2. check the content
#vrestore -t -f /de/ntape/tape0

3. for interactive resotre
#vrestore -i

add - add the file
restore -restore the file

4. for manual restore
Example: restore jeff02.backup.log file from tape /dev/ntape/tape0/jeff02 to the current directory
# vrestore -x /jeff02/jeff02.backup.log

#vrestore -x -D /tmp /jeff02/jeff02.backup.log
root@jeff02:/tmp# cd /home
root@jeff02:/home# vrestore -x -D /tmp /jeff02/jeff02.backup.log
vrestore: Date of the vdump save-set: Mon Oct 22 20:33:06 2007
vrestore: Save-set source directory : /
vrestore: Target directory : /tmp

Monday, November 5, 2007

AIX as NTP Client

AIX as NTP Client
On machine that will be the client:
1. In file /etc/ntp.conf

Add:
server

prefer
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace


2. Issue command:
ntpdate


NOTE:If it doesn't say "No server suitable for synchronization found" proceed
to next step.


3. Start using:
#smitty xntpd -> Start at both system restart and now
or
#startsrc -s xntpd

and uncomment the line in /etc/rc.tcpip
start /usr/sbin/xntpd -x "$src_running"


Let the daemon run for 6 miuntes before proceeding to the next step - or
may get stratum 16 error.


4.
#lssrc -ls xntpd
Stratum should show between 3-4, but longer is okay so long as not 16.

#ntpdate -d
(to sync server to client)
# ntpq -p

remote refid st t when poll reach delay offset jitter
=====================================================================
LOCAL(0) LOCAL(0) 3 l 9 64 377 0.000 0.000 0.000
*swisstime.ethz. .DCFa. 1 u 17 64 377 25.088 -10.040 1.071

Thursday, October 25, 2007

NTP on UNIXTru64

NTP Information

NTP Version
1-ntpd daemon
2-xntpd
3-xntpd


SYSMAN
# /usr/bin/sysman ntp_config


# ntpq -p

remote refid st t when poll reach delay offset jitter
=====================================================================
LOCAL(0) LOCAL(0) 3 l 9 64 377 0.000 0.000 0.000
*xyzabc.ethz. .DCFa. 1 u 17 64 377 25.088 -10.040 1.071

% xntpdc -p
remote refid st when poll reach delay offset disp
==========================================================================
*hosta.corp.com hostj.corp.co 2 47 64 377 31.3 93.94 16.5
+hostb.corp.com hoste.corp.com 3 212 1024 377 33.8 89.58 16.9
.hostc.corp.com hostf.phi.edu 2 111 1024 377 39.1 46.98 17.7


Edit the configuration file /etc/ntp.conf

server 127.127.1.0 # local clock
server 129.132.2.21 # swisstime.ethz.ch (stratum 1)
driftfile /etc/ntp/drift
multicastclient # listen on default 224.0.1.1
broadcastdelay 0.008



Start NTP Server and check /var/log/messages
# /etc/rc.d/init.d/ntpd start



You can use sysman to configure NTP client.
Edit /etc/ntp.conf and add:

server version 3
server version 3
server version 3

In /etc/rc.config set:

XNTPD_CONF="YES"
XNTP_SERV1="ntp_server1"
export XNTP_SERV1
XNTP_SERV2="ntp_server2"
export XNTP_SERV2
XNTP_SERV3="ntp_server3"
export XNTP_SERV3

# ntpdc monlist

to get the lis

#ntpdate -b

How To: AIX Networking

Network Administration on AIX

1.TCP/IP related daemon startup script
/etc/rc.tcpip

2.To view the route table
netstat -r

3.To view the route table from the ODM DB
lsattr -EHl inet0 -a route

4.Temporarily add a default route
route add default 192.168.1.1

5.Temporarily add an address to an interface
ifconfig en0 192.168.1.2 netmask 255.255.255.0

6.Temporarily add an alias to an interface
ifconfig en0 192.168.1.3 netmask 255.255.255.0 alias

7.To permanently add an IP address to the en1 interface
chdev -l en1 -a netaddr=192.168.1.1 -a netmask=0xffffff00

8.Permanently add an alias to an interface
chdev -l en0 -a alias4=192.168.1.3,255.255.255.0

9.Remove a permanently added alias from an interface
chdev -l en0 -a delalias4=192.168.1.3,255.255.255.0

10.List ODM (next boot) IP con guration for interface
lsattr -El en0

11.Permanently set the hostname
chdev -l inet0 -a hostname=www.tablesace.net

12.Turn on routing by putting this in rc.net
no -o ipforwarding=1

13.List networking devices
lsdev -Cc tcpip

14.List Network Interfaces
lsdev -Cc if

15.List attributes of inet0
lsattr -Ehl inet0

16.List (physical layer) attributes of ent0
lsattr -El ent0

17.List (networking layer) attributes of en0
lsattr -El en0

18.Speed is found through the entX device
lsattr -El ent0 -a media speed

19.Set the ent0 link to Gig full duplex
(Auto Negotiation is another option)
chdev -l ent0 -a media speed=1000 Full Duplex -P

20.Turn off Interface Speci c Network Options
no -p -o use isno=0

21.Get (long) statistics for the ent0 device (no -d is shorter)
entstat -d ent0javascript:void(0)
Save Now

22.List all open, and in use TCP and UDP ports
netstat -anf inet

23.List all LISTENing TCP ports
netstat -na | grep LISTEN

Timezone on Tru64

Change Timezone on Unix Tru64
/etc/zoneinfo
/etc/zoneinfo/localtime
/etc/zoneinfo/sources
zic(8)

Changing localtime to New York
# ln -sf /etc/zoneinfo/America/New_York /etc/zoneinfo/localtime
# ln -sf /etc/zoneinfo/Hongkong /etc/zoneinfo/localtime

Tuesday, August 28, 2007

IS-IS Topic

ISIS - Topic


ISIS – Intermediate System to Intermediate System

- Links-State, use SPF algorithm,VLSM

- Uses helo to establish adjacencies

- Open Standard , comparable to OSPF

- was originally designed as IGP for CLNS Connectionless Network Service

- the OSI Layer 3 protocol is the CLNP Connectionless Network Protocol(unreliable like IP)

- uses CLNS address to identify routers and build the LSDB

Supports 2 Routing Levels

Level 1:

- occurs w/in an IS-IS area, routing is accomplished by looking at the lowest significant address portion (systemID) and choose the lowest-cost path

- Level 1 routing all devices having the same address

Level 2:

- learn the locations of L1 routing areas and build an interarea routing table

- all IS in L2 routing used the destination address to route traffic using the lowest cost path

Note:

- in ISIS design , NO ABR/NO Backbone Area/No Area 0

ISIS Router Types

a. L1 Routers: (intra-area)

- learn about paths w/in the areas they connect

- maintain topology database on their area

b. L2 Routers: (interarea)

- learn about paths between areas

- backbone routers

c. L1/L2 Routers:

- acts as borders between L1 and L2

- similar to OSPF ABR, learn about paths both within and between areas

Note:

- the path of connected L2 and L1-2 routers is called backbone

Integrated or (Dual) IS-IS Routing

- for multiple protocols, IP and CLNS

- combines ISO CLNS and IP routing in one protocol

- uses its own PDUs to transport IP routing info and ISIS info are not carried within a network-layer but carried directly within datalink layer frames

IS-IS Design

- metric is not based on bandwidth

- value of 0-63 and 10 is the default

- narrow metrics are limited to max of interface metric of 63(6 bits) and max total path metric of 1,023(10 bit)

ES-IS Protocol

- End System to Intermediate System

- permits ESs(host) and ISs(routers) to discover one another

ES-IS performs the ff task:

  1. ESs send End System Hellos (ESHs) to well known address to announce presense to IS
  2. Routers (IS) listen to ESH to find the ES on a segment
  3. Routers (IS) transmits Intermediate System Hellos (ISHs) to well-known address announcing their presense to ES
  4. ESs listens for these ISH and randomly pick an IS to which they will forward all their packet
  5. When an ES needs to send a packet to another ES, it sends packet to one the IS on its directly attached network

Note:

- Routers uses IS-IS Hellos (IIHs) for establishing and maintaining adjacencies between ISs (Routers)

- IP systems do not use ES-IS

OSI Routing Levels

Level 0 Routing:

- ES to IS, within the same domain

- ES discover the nearest IS by listening to ISH packets

- when ES needs to send packets to another ES, it sends the packet to the IS on an attached network

Level 1 Routing:

- IS to IS within the same domain

Level 2 Routing

- IS to IS between different area within the same domain

- Also called interarea routing

- if a destination is in another area, the L1 IS sends the packet to the nearest L1-L2 IS, then forwards to L2 IS until reaches a L1-L2 or Level2 IS in the destination area

Level 3 Routing

- routing between separate domain

- comparable to BGP

- passes traffic to different AS

- not specified on Cisco routers but being accomplished through IDRP (Interdomain Routing Protocol)

Comparing IS-IS to OSPF

Similarities:

- both open standard link-state protocols

- both support VLSM

- similar mechanisms, LSAs, aging timers, LSDB synchronization to maintain LSDB

- uses SPF algorithm, similar update, decision and flooding process

- converge quickly after network changes

Differences

OSPF

Integrated ISIS

Area border inside routers

Area border on links

Each link in only one area

Each router in only one area

More complex to extend backbone

Simple extension of backbone

Many small LSAs sent

Fewer LSPs sent

Runs on top of IP

Runs on top of Data Link Layer

Requires IP address

Requires IP and CLNS addresses

Default metric is scaled on interface bandwidth

Default metric is always 10 for all interfaces

Not easy to extend

Easy to support new protocols with new TLS tuples

Equipment personnel and information more available

Not as available

II. IS-IS Routing Operations

- unlike IP addresses, CLNS addresses apply to entire nodes and not to interface

- requires CLNS addresses, are used by routers care called NSAP (Network Service Access Points)

- one part of NSAP is the NSAP selector (NSEL) byte

- when NSAP selector is 0, then the NSAP is called NET (Network Entity Title)

NSAP Address

- OSI network layer addressing is implemented with NSAP address

- An NSAP address identifies a system in the OSI network, an address represents an entire node, not an interface

- NSAP address are maximum of 20 bytes

- Higher-order bits identify the interarea structure

- Lower-order bits identify the systems within area

- ISIS Link-State Packets (LSPs) use NSAP addresses to identify the router and build the topology table

- NSAP address is equivalent to the combination of the IP address and upper-layer protocol in an IP header


Three Fields of NSAP Address (Cisco)

  1. Area Address
  2. System ID
  3. NSEL

IDP (Initial Domain Part)

- (AFI) Authority and Format Identifier and ( IDI) Initial Domain Identifier

- correspond to major network

AFI(Authority and Format Identifier) Value

- specifies the format of the address and the authority that is assigned

39 – ISO Data Country Code (DCC\

45 – E.164

47 – ISO 6523 International Code Designator (ICD)

49 – Private Locally Administered

IDI (Initial Domain Identifier)

- corresponds to subdomain under AFI, example: 47.0005 assigned to US govt., 47.0006 assigned to US DoD

DSP Domain Specific Part

- contributes to routing within an IS-IS routing domain

- comprises of HO-DSP (High-Order DSP), the system ID and the NSEL

- HO-DSP subdivides the domain into areas, equal to subnet in IP

- System ID identifies an individual OSI device

- NSEL identifies a process on the device and corresponds to a port or socket in IP, not used in routing decision

Typical NSAP Address Strucure

Example: HEX

49.1234.AA15.B322.1B41.00

49.1234 – area ID with the AFI of 49 means private

AA15.B322.1B41 – system ID, MAC address

00 – NSEL, zero means router

Rules for IS-IS as IGP:

1. Area address must be at least 1 Byte, separated into 2 parts

1st. the AFI set to 49 (private)

2nd. Area Identifies I, the octets of the area address after the AFI

2. System Id requires 6-byte , compliant with Govt. OSI Profile GOSIP version 2.0

3. NSEL always set to 0 for a router, 1 byte

Note:

- NSAP is called the NET when it has a NSEL of 0, router use NET to identify themselves in the ISIS PDUs

49.0001.0000.0c12.3456.00

AFI of 49

Area ID of 0001

Systemd ID of 0000.0c12.3456, the MAC address of a LAN interface

NSEL of 00

Note:

- the area address is also referred to as the prefix

- some documents uses the terms area ID and area address as synonyms

Area Address

- area address uniquely identifies the routing area and is associated with routing process

- system id identifies each node and used only in Level 1 routing and must be unique w/in an area

- all routers within the area must use the same area address

- an ES may be adjacent to a router only if they share a common area address

- area address is used in Level 2 routing

- ES recognize only IS and other ES on the same subnetworks that share the same area address

NET Address

- includes NSEL field(process of port number)

- NET is called when NSEL field of 0

- NET address refers to the device itself (equivalent to Layer3 OSI), used in routers to identify themselves in the LSP and to form the basis of routing calculations (SPF)

SNPA, Circuit and Link

- SNPA (Subnetwork Point of Attachment) is the point subnetwork services, equivalent of the Layer 2 address

- SNPA is assigned using the MAC address, virtual circuit ID from X.25 or ATM, DLCI form FR, HDLC

- Circuit is the ISIS termo for an interface, circuit ID distinguished a particular interface

- Link is the path between two neighbor IS

Intra-Area and InterArea Addressing and Routing

- area address is used to route between areas, system ID is no considered

- system Id is used to route within area, area address is not considered

How to Forward packet

1. IS checks a packet destination

- different area, routed based on the area addres

- same area, routed based on system id

2. If you are a L1 router

- interarea packet sent closest to L1/L2 router

- intra-area packet are routed based on L1 database

3. IF you are a L1/L2 router

- inter-area packets are routed based on L2 database

- intra-area packets are routerd based on L1 database

Route Leaking

- helps reduce suboptimal routing by allowing Level 2 information to be leaked into Level 1

- use up/down bit in TLV (Type,Length,Value) field

if set to 0 the route originated w/in that Level 1 area

if set to 1 the route is redistributed into the area from Level 2

ISIS PDUs

PDU (OSI) ----- Packet (TCPIP )

OSI PDU

- Network PDU = datagram, packet

- Data-Link PDU = frame

4 Types of PDUs

- ISIS PDU are encapsulated directly into a data-link fram anre no CLNP or IP Header on a PDU

  1. Hello (ESH,ISH,IIH)

- used to maintain and establish adjacencies

- ESH is ES to IS

- ISH is IS to ES

- IIH is IS to IS, between IS sent every 10 secs

  1. LSP (Link-State Packet)

- used to distribute link-state information

  1. PSNP (Partial Sequence Number PDU)

- used to acknowledge and request missing pieces of link-state information

- sent evry 3 secs

  1. CSNP (Complete Sequence Number PDU)

- used to describe/distribute the complete list of LSPs in the LSDB of a router, summary of LSDB

- periodically sent every 10 secs (broadcast) and only once for point-to-point

LSP

- router LSPs contain an LSP header and TLV fields

LSP Header – PDU type, length, LSP ID, LSP sequence number to identify duplicate, remaining lifetime of LSP

- area sequenced to avoid duplication of LSPs, begin at 1

- assist with synchronization,

- sequenced numbers are increased to indicate the newest LSP

- remaining lifetime is used for removal of outdated and invalid LSP from the topology table, known as count to zero operation, 1200 seconds is the default start value

TLV Fields – IS neighbor, ES neighbors, authentication info, attached IP subnet

- TLV examples. Area address type code is 1, IS neighbor type code is 2

Implementing ISIS on NBMA Networks

- ISIS supports Broadcast for LAN and multiple WAN links

- Point-to-Point for all other media

- Has no concept of NMBA networks, it is recommended to use p2p over NBMA networks such as ATM,FR or X.25

- In broadcast mode, you must use enable CLNS mapping and include broadcast keyword

Implementing ISIS in Broadcast Networks

- used for LAN and multipoint WAN interface

- DIS (Designated IS) creates psuedonode and represents LAN

- DIS is electected based on 1. only routers with adjacencies, 2. highest interface priority, 3. highes SNPA (MAC) break ties, there is no backup DIS

Note:

- interface have a default Level and Level 2 priority of 64, you can configure from 0 to 127 using the < isis priority (number value) [level-1 level-2] > command

LSP and IIH Levels

- two levels nature of ISIS requires separate types of LSP

- DIS representative of LAN

- LSPs are sent as unicast on p2p

- LSPS are sent multicast on broadcast networks

- LAN uses separate Level 1 and Level 2 IIHs, sent as multicast

- P2p uses a common IIH format, sent as unicast

Comparing Broadcast and Point-to-point Topologies

LSDB Synchronization

- single procedure for flooding, aging and updating LSP

- Level 1 LSPs are flooded within an area

- Level 2 LSPs are flooded throughout the Level2 backbone

- Large PDUs are divided into fragments that are independently flooded

- Each PDU is assigned an LSP fragment number, starting at 0 and incrementing by 1

- Separate LSDBs are maintained for Level 1 and Level 2 LSPs

- An LSP is typically flooded to all adjacent neighbors except the neighbor from which it was received

- LSP are identified by the system ID of the originator and an LSP fragment number starting at 0

- If an LSP exceeds the max transmission unit MTU, it is fragmented into several LSPs numbered 1,2,3 and so on

- ISIS maintains the Level1 and Level2 in separate LSDBs

- When an IS receives an LSP, it examines the checksum and discards any invalid LSPs

- If the LSP is invalid and newer than what is currently in the LSDB, it is retained, ack, and given lifetime 1200 secs

- The age is decremented every second until it reaches 0, at which point the LSP is considered to have expired

- When the LSP has expired, it is kept for an additional 60 secs before it is flooded as an expired LSP

Sequence Number PDUs

SNP packets are used to acknowledge the receipt of LSPs and ensure synchronization and reliability

- separate CSNPs and PSNPs are used for Level1 and Level2 adjacencies

Two Types of SNP

1.PSNP are used for acknowledgement of LSP on p2p links and to request missing pieces of LSDB(subset only)

2.CSNP periodically multicast every 10 secs. by DIS on LAN to ensure LSDB accuracy and on p2p link when the link comes up

Neighbors and Adjacencies

- discover neighbors and from adjacencies by exchanging ISIS hello PDU

- transmitted every 10 secs , command <isis hello-interval>

- hello identify itself and describe the parameters of the interface

- neighbors can advertise different hello intervals

L1/L2 Adjacencies

- ISIS forms separate adjacencies for L1 and L2

- L1-only routers form L1 adjacency with L1 and L1/L2

- L2-only routers from L2 adjacency with L2 and L1/L2

- L1/L2 can form both L1 adj and L2 adj

- L1-only and L2-only router will not form adjacency

- Cisco routers default is L1/L2

Rules for Adjacency

  1. L1 to L1 adjacency – area id must match
  2. L2 to L2 adjacency – even area id is different
  3. L1-only forms L1 adj with L1/L2 only if area id match
  4. L2-only forms L2 adj with L1/L2 even area id is different
  5. L1/L2 form both L1 and L2 adj if their area id is match
  6. L1/L2 form only L2 adj if their area id don’t match

Configuring Basic Integrated ISIS

- NET address identifies a device, an IS or ES and not an interface

- The OSI hello PDUs are sued to form the neighbor relationship between routers and SPF rely on configured NET address to identify the routers

-

Building the OSI Forwarding Database

1. ISIS uses an OSI forwarding table (routing table) to select the best path to a destination

2. When the database are synchronized, routers use the LSDB to calculate the SPF tree to OSI destinations, the NETs

3. The total of the link metrics along each path determines the shortest path to any given destination

4. Level 1 and Level 2 routers have separate LSDBs and therefore may run the SPF algorithm twice

5. Routers insert the best paths in the CLSN routing table (OSI Forwarding database)

Building an IP Routing Table

1. Routers find the best way to reach each other based on the lowest cost (SPF algorithm)

2. L1 Router and L2 router performs completely separate route calculations

3. All the best paths are added to the routing table

4. A second algorithm is run (PRC) Partial Route Calculation for the ip routing table

5. Best path from the PRC algorithm end up in the IP Routing table

Integrated ISIS Configuration Steps

1. Define areas, prepare the addressing plan (NET) for routers and determine interface

CLNS addreess of a router is called the NET, consist of 3 main parts

    1. prefix – defines the area that the router is a part of
    2. system ID – which uniquely identifies each device
    3. NSAP selector NSEL which must be 0

2. Enable ISIS on the router
Router(config)# router isis [area-tag]

- this enables ISIS routing protocol

- area-tag – name for process

- when CLNS packets is also needed, CLSN routing is disabled by default clns routing command

3. Configure the NET

Router(config-router)#net

- configures an ISIS NET address for the routing process

- the NET is a combination of area number, system id and NSEL of 00 at the end

- the area number must be at least 1 byte in length and can be as long as 13 bytes

- system id has a fixed length of 6 bytes

4. Enable Integrated ISIS on the appropriate interfaces.

Router(config-if)#ip router isis [area-tag]

- includes an interface in an ISIS routing process

- use the clsn router issi [area-tag] command to enable ISIS routing process on an interface to support CLNS routing


Example:

1. Simple Integrated ISIS example

The configured router acts as an IP-only Level1-2 router. CLNS routing is not enabled. This configuration specifies only one ISIS process, thus the optional tag is not used. The net command configures the router to be in area 49.0001 and assigns a system id of 0000.0000.0002. ISIS has been enabled on FastEthernet 0/0 and Serial 0/0 interface. Because no level has been configured under the ISIS routing process, the router acts as a Level1-2 router by default.

interface FastEthernet0/0

ip address 10.1.1.2 255.255.255.0

ip router isis

!

interface Serial 0/0

ip address 10.2.2.2 255.255.255.0

ip router isis

!

router isis

net 49.0001.0000.0000.0002.00

Optimizing ISIS

Changing ISIS Router Level

Router(config-router)#is-type [level-1 | level1-2 | level 2-only]

Changing ISIS Interface Level

Router(config-if)#isis circuit-type [level-1 | level-1-2 | level-2-only]

Changing ISIS Metric

Router(config-if)#isis metric [level-1 | level-2]

-configures metric on interface, form 1 to 63, default is 10

Router(config-router)#metric [level-1 | level-2]

Example:


R3 – it is appropriate to change the IS type to Level 2 only since it only needs Level 2 routing

R1 – is internal router, does not connect to in any other area and appropriate to configure it to IS type Level 1

R2 – must do both Level 1 and Level 2 routing, left by default. It is appropriate to set the ISIS circuit type of Fa0/0 to Level 1 since there is no need to send Level 2 hellos to R1. Similarly to Serail 0/0/1 should be set to Level2 only

Remember that the metric for all interface is 10 regardless of the speed of the serial or FastEthernet.

Configuring Route Summarization in ISIS

Router(config-router)#summary-address

[level-1 | level-2 | level-1-2]

- creates summary, default is Level 2

Example:

Router3(config-router)# summary-address 10.3.2.0 255.255.254.0 level-1-2

- summarizes 10.3.20/23 into Level 1-2

Verifying ISIS Configuration

show ip protocols


Verifying CLNS Structures