Introduction to IS-IS

IS-IS was developed by the International Organization for Standardization (ISO) as part of their Open Systems Interconnection (OSI) model as a dynamic routing protocol for ISO CLNP. IS-IS was adapted to carry IP prefixes in addition to CLNP known as Integrated or Dual IS-IS.

ISO terminology

  • Router = Intermediate System (IS)
  • Host = End system

In the OSI context, an intermediate system refers to a router, as opposed to an end system (ES), which refers to a node. ES-IS protocols allow routers and nodes to identify each other; IS-IS performs the same service between nodes for routing purposes.

IS-IS

  • Interior Gateway Protocol (IGP)
  • link-state routing protocol
  • supports variable-length subnet mask addressing (VLSM)
  • supports classless Inter-Domain Routing (CIDR)
  • multi-path
  • forms neighbor adjacencies
  • has areas
  • exchanges link-state packets
  • builds a link-state database
  • runs the Dijkstra SPF algorithm to find the best path
  • runs directly on the data link layer (Layer 2)
  • doesn’t use IP addresses

 

ISO Address

An IS/router is identified by a NET or network entity titles. NETs can be 8 to 20 bytes long, but are generally 10 bytes long and are written as shown in this example: 49.0001.1921.6800.1002.00 NET consists of three parts:

  • Area address: This field is 1 to 13 byte in length.

The first byte is the address family identifier (AFI) of the authority, which is equivalent to the IP address space that is assigned to an autonomous system. The AFI value 49 is what IS-IS uses for private addressing, which is the equivalent of RFC 1918 address space for IP protocols. The rest of the area ID represent the IS-IS area number.

  • System ID: This field is 6 byte long and identifies the node (that is, the router) on the network.

The system ID is equivalent to the host or address portion on an IP address. When the IS/router operates at Level 1, the system ID must be unique among all the Level-1 routers in the same area. When the IS/router operates at Level 2, the system ID must be unique among all routers in the domain.

Although you can choose any value for the system identifier, a commonly used method is to use binary-coded decimal (BCD) which involves taking the router’s IP address (the address you assigned to the lo0 loopback interface), filling in all leading zeros, and then repositioning the decimal points to form three two-byte numbers.

  • NET selector: The final two bytes are the NET selector (NSEL). For IS-IS, they must always be 00, to indicate “this system.”

 

IS-IS hierarchies

IS-IS provides support for hierarchical routing, which enables you to partition large routing domains into smaller areas. IS-IS uses a two-level hierarchy, dividing the domain into multiple areas and a backbone connecting all the areas.

In IS-IS the entire router sits in an area, not just one of its interfaces like with OSPF. There is no backbone area, the backbone is formed by a contiguous collection of Level-2 capable routers.

 

Level 1 IS/router

  • intra-area router
  • only knows what the local area looks like
  • only learns prefixes from its own area
  • creates a level 1 link-state database and SPF tree for the area
  • needs to reach to a closest Level 2 router to reach something outside of its area

 

Level 2 IS/router

  • backbone router
  • knows all intra-area and inter-area routes
  • routes between areas and toward other domains
  • creates a level 2 link-state database and SPF tree for the backbone

 

Level 1-2 IS/router

  • performs both level 1 and level 2 roles
  • creates a separate level 1 and 2 link-state database and two SPF trees, one for each database
  • kind of similar to ASR router in OSPF

 

IS-IS Packets

  • IS-IS Hello (IIH) PDU
    • broadcast
    • establishes adjacencies with other routers
    • includes:
      • system ID of the sender
      • assigned area address(es)
      • identity of neighbors on that circuit/link that are known to the sending IS/router
    • have 3 different formats:
      • point-to-point IIH
      • level 1 broadcast links IIH
      • level 2 broadcast links IIH

 

  • Link-state PDU (LSP)
    • advertises neighbors and the destination that are directly connected to the IS/router
    • an LSP is uniquely identified by:
      • system ID of the generating IS/router
      • pseudo-node ID, 0 except when the LSP is a pseudo-node LSP on multi-access circuits/links
      • LSP number (0 to 255)
      • 32-bit sequence number, incremented when a new version of an LSP is generated.
    • level 1 LSPs generated by level 1 ISs/routers, flooded periodically throughout the area
    • level 2 LSPs generated by level 2 ISs/routers, flooded periodically throughout the Level 2 subdomain

 

  • Complete Sequence Number PDUs (CSNP)
    • multicast
    • sent periodically on all links to keeps the LSP database synchronized between neighbor ISs/routers
    • contains a summary list of all LSPs in the LSP database. (LSP identifier, lifetime, sequence number, checksum)
    • routers compare the LSPs in the received CSNP with local LSP database, if they detect a missing LSP, the router requests the specific LSP details using a partial sequence number PDU (PSNP)
    • also sent to acknowledge LSPs on multi-access circuits/links by designated (DIS) router
    • also sent when an adjacency is formed with another router
    • two types: level 1 and level 2

 

  • Partial Sequence Number PDUs (PSNPs)
    • multicast
    • sent to request a missing LSP from the neighbor router
    • also sent to explicitly acknowledge the receipt of a LSP on a point-to-point circuit/link
    • two types: level 1 and level 2

 

IS-IS circuit/link types

  • point-to-point circuits/links

exactly two ISs/router on the circuit/links

  • multi-access circuits/links

multiple ISs/routers operating on the circuit/link

 

Designated router (DIS)

IS-IS defines a pseudo-node to represent the multi-access circuit/link. All ISs/routers that operate on a multi-access circuit/link at a given level elect one of the ISs/routers to act as the Designated Intermediate System (DIS) on that circuit/link.

The DIS is responsible for issuing pseudo-node LSPs. The pseudo-node LSPs include neighbor advertisements for all of the ISs/routers that operate on that circuit/link.

All ISs/routes that operate on the circuit (including the DIS) provide a neighbor advertisement to the pseudo-node in their non-pseudo-node LSPs and do not advertise any of their neighbors on the multi-access circuit/link.

The DIS is also responsible for sending periodic CSNPs on the circuit.

DIS election is based on configurable priority. The higher the priority, the more likely the router is to be elected as the DIS. If two routers have the same priority, the router with the highest MAC address is elected as the DIS.

Best practice is to select two routers and give them higher priority – then in case of failure one provides deterministic backup to the other.

 

IS-IS adjacency

Routers form neighbor adjacencies with routers that use the same level. Level 1 routers form adjacencies with neighboring level 1 routers that share the same area address, Level 2 routers form adjacencies with neighboring level 2 routers.

Level 1-2 routers will establish two neighbor adjacencies:

  • Level 1 neighbor adjacency with the level 1 routers in the same area.
  • Level 2 neighbor adjacency with the level 2 routers in the same/other areas.

All level 1 routers in an area will have an identical level 1 LSP database (LSPDB) and will therefore have an identical network connectivity map for the area.

All level 2 routers will have an identical level 2 LSP database (LSPDB) and will therefore have an identical connectivity map for the level 2 subdomain.

 

References:

IS-IS Network Protocol Basics

https://networklessons.com/cisco/ccie-routing-switching-written/introduction-to-is-is

https://www.juniper.net/documentation/en_US/junos/topics/concept/is-is-routing-overview.html

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.