10.1. Overview
Intermediate System to Intermediate System (IS-IS) is a link-state IGP that uses the Shortest Path First (SPF) algorithm to determine routes. Routing decisions are made using the link-state information. IS-IS evaluates topology changes and, if necessary, performs SPF recalculations.
Entities within IS-IS include networks, intermediate systems, and end systems. In IS-IS, a network is an Autonomous System (AS), or routing domain, with end systems and intermediate systems. A router is an intermediate system. End systems are network devices that send and receive protocol data units (PDUs). Intermediate systems send, receive, and forward PDUs.
End system and intermediate system protocols allow routers and nodes to identify each other. IS-IS sends out link-state updates periodically throughout the network, so each router can maintain current network topology information.
IS-IS supports large ASs by using a two-level hierarchy. A large AS can be administratively divided into smaller, more manageable areas. A system logically belongs to one area. Level 1 routing is performed within an area. Level 2 routing is performed between areas. Routers can be configured as Level 1, Level 2, or both Level 1/2.
On SR Linux, you can configure a single named IS-IS instance per network instance. The following summarizes SR Linux support for IS-IS:
Level 1, Level 2, and Level 1/2 IS types
Configurable network entity title (NET) per IS-IS instance.
Support for IPv4/v6 routing
ECMP with up to 128 next hops per destination
IS-IS export policies (redistribution of other types of routes into IS-IS)
Authentication of CSNP, PSNP, and IIH PDUs with authentication type and key, configurable per instance and per instance level. Authentication type and key for IIH PDUs also configurable per interface and level.
Support for authentication keychains
Purge Originator ID TLV (RFC 6232)
Options to ignore and suppress the attached bit
Ability to set the overload bit immediately or to set the bit after each subsequent restart of the IS-IS manager application and leave it on for a configurable duration each time
Control over the Link-state PDU (LSP) MTU size, with range from 490 bytes to 9490 bytes
Configuration control over timers related to LSP lifetime, LSP refresh interval, SPF calculation triggers, and LSP generation
Support for hello padding (strict, loose and adaptive modes)
Support for graceful restart, but only acting as a helper of the restarting router
Level 1 to Level 2 route summarization
BFD for fast failure detection
Configurable hello timer/multiple per interface and level
Support for wide metrics (configurable per level)
Configurable route preference for each route type: Level 1-internal, Level 1-external, Level 2-internal and Level 2-external.
Use of route policies to add/remove/replace one IS-IS route tag.
The info detail command displays default values for an IS-IS instance on SR Linux. For example:
--{ * candidate shared default }--[ network-instance default protocols isis ]--
# info detail
instance i1 {
admin-state disable
level-capability L2
max-ecmp-paths 1
poi-tlv false
attached-bit {
ignore false
suppress false
}
overload {
advertise-interlevel false
advertise-external false
immediate {
set-bit false
max-metric false
}
on-boot {
set-bit false
max-metric false
}
}
timers {
lsp-lifetime 1200
lsp-refresh {
interval 600
half-lifetime true
}
spf {
initial-wait 1000
second-wait 1000
max-wait 10000
}
lsp-generation {
initial-wait 1000
second-wait 1000
max-wait 5000
}
}
transport {
lsp-mtu-size 1492
}
ipv4-unicast {
admin-state enable
}
ipv6-unicast {
admin-state enable
multi-topology false
}
graceful-restart {
helper-mode false
}
auto-cost {
}
authentication {
csnp-authentication false
psnp-authentication false
hello-authentication false
}
inter-level-propagation-policies {
level1-to-level2 {
}
}
}
10.2. Basic IS-IS configuration
To configure IS-IS, perform the following tasks:
Enable an IS-IS instance
If necessary, modify the level capability on the global IS-IS instance level
Define area addresses
Configure IS-IS interfaces
10.2.1. Enabling an IS-IS instance
SR Linux supports a single IS-IS instance within a network instance. The following example enables an IS-IS instance within the default network instance.
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
}
}
10.2.2. Configuring the router level
When IS-IS is enabled, the default level-capability value is Level 1/2. This means that the router operates with both Level 1 and Level 2 routing capabilities. To change the default value in order for the router to operate as a Level 1 router or a Level 2 router, you must explicitly modify the level value.
The level-capability value can be configured on the global IS-IS instance level and also on the interface level. The level-capability value determines which level values can be assigned on the router level or on an interface-basis.
In order for the router to operate as a Level 1 only router or as a Level 2 only router, you must explicitly specify the level-number value.
Specify Level 1 to route only within an area
Specify Level 2 to route to destinations outside an area, toward other eligible Level 2 routers
Example:
The following example configures the level capability for an IS-IS instance to Level 2.
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
level-capability L2
}
}
10.2.3. Configuring the Network Entity Title
SR Linux supports a configurable network entity title (NET) per IS-IS instance. The NET is 8-20 octets long and consists of 3 parts: the area address (1-13 octets), the system ID (6 octets), and the n-selector (1 octet, must be 00)
The area address portion of the NET defines the IS-IS area to which the router belongs. At least one area address should be configured on each router participating in IS-IS.The area address portion of the NET identifies a point of connection to the network, such as a router interface. The routers in an area manage routing tables about destinations within the area. The NET value is used to identify the IS-IS area to which the router belongs.The NET value is are divided into three parts. Only the Area ID portion is configurable.
1. Area ID — A variable length field between 1 and 13 bytes. This includes the Authority and Format Identifier (AFI) as the most significant byte and the area ID.
2. System ID — A 6-byte system identification. This value is not configurable. The system ID is derived from the system or router ID.3. Selector ID — A 1-byte selector identification that must contain zeros when configuring a NET. This value is not configurable. The selector ID is always 00.
Example:
The following example configures a NET for an IS-IS instance:
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
net 49.0001.1921.6800.1002.00
}
}
}
10.2.4. Configuring global parameters
Commands and parameters configured on the global IS-IS instance level are inherited by the interface levels. Parameters specified in the interface and interface-level configurations take precedence over global configurations.
Example:
The following example shows the command usage to configure global-level IS-IS.
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
level-capability L2
overload {
on-boot {
timeout 90
}
}
authentication {
auth-type password
auth-key test
}
}
}
10.2.5. Configuring interface parameters
There are no interfaces associated with IS-IS by default. An interface belongs to all areas configured on a router. Interfaces cannot belong to separate areas. There are no default interfaces applied to the router IS-IS instance. You must configure at least one IS-IS interface in order for IS-IS to work.
You can configure both the Level 1 parameters and the Level 2 parameters on an interface. The level-capability value determines which level values are used.
Example:
The following example configures parameters for an IS-IS interface parameters
--{ * candidate shared default }--[ network-instance default protocols isis ]--
# info instance i1
instance i1 {
interface ethernet-1/2.1 {
circuit-type point-to-point
ipv4-unicast {
admin-state enable
}
level 1 {
authentication {
hello-authentication true
}
}
}
level 1 {
}
}
10.3. Displaying IS-IS information
Use the following show commands to display the following information for an IS-IS instance running in a specified network instance.
Interface information
Adjacency information
IS-IS link state database information
Examples:
To display summary information for an IS-IS instance:
# show network-instance default protocols isis interface
--------------------------------------------------------------------------------------------------
Network-instance : default
IS-IS instance : global
--------------------------------------------------------------------------------------------------
Interface Oper-State Level Circuit-Id Circuit-Type L1/L2 Metric
lo0.0 up L2 1 p2p -/0
ethernet-1/1.0 up L1L2 2 p2p 10/100
--------------------------------------------------------------------------------------------------
Interfaces: 2
--------------------------------------------------------------------------------------------------
To display details for each interface:
# show network-instance default protocols isis interface detail
--------------------------------------------------------------------------------------------------
Network-instance : default
IS-IS instance : global
--------------------------------------------------------------------------------------------------
Interface: lo0.0
Status : IS-IS is admin enabled, oper up
Circuit id/type : id 1, passive
Hello auth : disabled
Hello padding : disabled
CSNP interval : n/a
LSP pacing : n/a
------------------------------------------------------------------------------------------------
Level 1 is disabled
------------------------------------------------------------------------------------------------
Level 2 is enabled
Adjacencies : 0
Designated IS : n/a
Hello auth : disabled
DIS priority : 64
Hello interval : 9
Hello multiplier : 3
Metric : 0
IPv6-unicast metric : 0
------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------
Interface: ethernet-1/1.0
Status : IS-IS is admin enabled, oper up
Circuit id/type : id 2, point-to-point
Hello auth : enabled using keychain "test"
Hello padding : strict
CSNP interval : 10 seconds
LSP pacing : 100 ms
------------------------------------------------------------------------------------------------
Level 1 is enabled
Adjacencies : 1
Designated IS : n/a
Hello auth : enabled using keychain "test"
DIS priority : 64
Hello interval : 9
Hello multiplier : 3
Metric : 10
IPv6-unicast metric : 0
------------------------------------------------------------------------------------------------
Level 2 is enabled
Adjacencies : 1
Designated IS : n/a
Hello auth : enabled using keychain "test"
DIS priority : 64
Hello interval : 9
Hello multiplier : 3
Metric : 100
IPv6-unicast metric : 0
------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------
Interfaces: 2
--------------------------------------------------------------------------------------------------
To display IS-IS adjacency information:
# show network-instance default protocols isis adjacency
--------------------------------------------------------------------------------------------------
Network-instance : default
IS-IS instance : global
--------------------------------------------------------------------------------------------------
System-Id Adj-Level Interface IPv4-Address State Uptime Rem-Hold
<hostname1> L1 ethernet-1/1.0 10.0.0.1 Up 0d 00:46:43 19s
<hostname1> L2 ethernet-1/1.0 10.0.0.1 Up 0d 00:46:43 19s
--------------------------------------------------------------------------------------------------
Adjacencies: 2
--------------------------------------------------------------------------------------------------
To display information from the IS-IS link state database:
# show network-instance default protocols isis database
--------------------------------------------------------------------------------------------------
Network-instance : default
IS-IS instance : global
--------------------------------------------------------------------------------------------------
IS-IS level 1 link state database
LSP count: 3
--------------------------------------------------------------------------------------------------
LSP ID Sequence Checksum Lifetime Attributes
R1.00-00 0x12 0x58b6 708 L1 L2 ATT OL
R2.00-00 0x140x39a6 834 L1 L2
R2.03-00 0x10 0xdee2 915 L1 L2
--------------------------------------------------------------------------------------------------
IS-IS level 2 link state database
LSP count: 3
--------------------------------------------------------------------------------------------------
LSP ID Sequence Checksum Lifetime Attributes
R1.00-00 0x49 0x8850 810 L1 L2 OL
R2.00-00 0x490x9d04 906 L1 L2
R2.03-00 0x10 0xdbba 937 L1 L2
--------------------------------------------------------------------------------------------------
10.4. Clearing IS-IS information
To clear information for an IS-IS instance, use the tools commands below:
To clear statistics for an IS-IS instance running in a specified network instance:
# tools network-instance default protocols isis instance i1 statistics clear
To clear link state database information for a level:
# tools network-instance default protocols isis instance i1 lsdb l2 clear
To clear IS-IS adjacency information for an interface:
# tools network-instance default protocols isis instance i1 interface ethernet 1/2
adjacencies clear