IS-IS
Intermediate System to Intermediate System (IS-IS) is a link-state IGP that uses the Shortest Path First (SPF) algorithm to determine routes. Routing decisions are made using the link-state information. IS-IS evaluates topology changes and, if necessary, performs SPF recalculations.
Entities within IS-IS include networks, intermediate systems, and end systems. In IS-IS, a network is an Autonomous System (AS), or routing domain, with end systems and intermediate systems. A router is an intermediate system that sends, receives, and forwards Protocol Data Units (PDUs). End systems are network devices that send and receive PDUs.
End system and intermediate system protocols allow routers and nodes to identify each other. IS-IS sends out link-state updates periodically throughout the network, so each router can maintain current network topology information.
IS-IS supports large ASs by using a two-level hierarchy. A large AS can be administratively divided into smaller, more manageable areas. A system logically belongs to one area. Level 1 routing is performed within an area. Level 2 routing is performed between areas. You can configure routers as Level 1, Level 2, or both Level 1 and 2.
On SR Linux, you can configure a single named IS-IS instance per network instance. The following summarizes SR Linux support for IS-IS:
-
Level 1, Level 2, and Level 1/2 IS types
-
Configurable Network Entity Title (NET) per IS-IS instance
-
support for IPv4/v6 routing
-
ECMP with up to 64 next hops per destination
-
IS-IS export policies (redistribution of other types of routes into IS-IS)
-
authentication of LSP, CSNP, PSNP, and hello PDUs, using an authentication key or keychain specified as follows:
- per instance or per level for all PDU types
- per interface or per interface and level for Hello PDUs
-
authentication keychains with a single key per named keychain
-
Purge Originator ID TLV (RFC 6232)
-
options to ignore and suppress the attached bit
-
ability to set the overload bit immediately or after each subsequent restart of the IS-IS manager application and leave it on for a configurable duration each time
-
control over the link-state PDU (LSP) MTU size, with range from 490 bytes to 9490 bytes
-
configuration control over timers for LSP lifetime, LSP refresh interval, SPF calculation triggers, and LSP generation
-
hello padding (strict, loose, and adaptive modes)
-
graceful restart, only acting as a helper of the restarting router
-
Level 1 to Level 2 route summary
-
BFD for fast failure detection
-
configurable hello timer with multiple per interface and level
-
wide metrics (configurable per level)
-
configurable route preference for each route type, Level 1-internal, Level 1-external, Level 2-internal and Level 2-external
- detailed statistics for interfaces, adjacencies, and levels
The info detail command displays default values for an IS-IS instance on SR Linux as shown in the following example:
--{ * candidate shared default }--[ network-instance default protocols isis ]--
# info detail
instance i1 {
admin-state disable
level-capability L2
max-ecmp-paths 1
poi-tlv false
attached-bit {
ignore false
suppress false
}
overload {
advertise-interlevel false
advertise-external false
immediate {
set-bit false
max-metric false
}
on-boot {
set-bit false
max-metric false
}
}
timers {
lsp-lifetime 1200
lsp-refresh {
interval 600
half-lifetime true
}
spf {
initial-wait 1000
second-wait 1000
max-wait 10000
}
lsp-generation {
initial-wait 1000
second-wait 1000
max-wait 5000
}
}
transport {
lsp-mtu-size 1492
}
ipv4-unicast {
admin-state enable
}
ipv6-unicast {
admin-state enable
multi-topology false
}
graceful-restart {
helper-mode false
}
auto-cost {
}
authentication {
csnp-authentication false
psnp-authentication false
hello-authentication false
}
inter-level-propagation-policies {
level1-to-level2 {
}
}
}
Basic IS-IS configuration
To configure IS-IS, perform the following tasks:
Enable an IS-IS instance
If necessary, modify the level capability on the global IS-IS instance level
Define area addresses
Configure IS-IS interfaces
Enabling an IS-IS instance
SR Linux supports a single IS-IS instance within a network instance. The following example enables an IS-IS instance within the default network instance.
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
}
}
Configuring the router level
When IS-IS is enabled, the default level-capability value is Level 1/2. This means that the router operates with both Level 1 and Level 2 routing capabilities. To change the default value in order for the router to operate as a Level 1 router or a Level 2 router, you must explicitly modify the level value.
The level-capability value can be configured on the global IS-IS instance level and also on the interface level. The level-capability value determines which level values can be assigned on the router level or on an interface-basis.
In order for the router to operate as a Level 1 only router or as a Level 2 only router, you must explicitly specify the level-number value.
-
Specify Level 1 to route only within an area
-
Specify Level 2 to route to destinations outside an area, toward other eligible Level 2 routers
The following example configures the level capability for an IS-IS instance to Level 2.
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
level-capability L2
}
}
Configuring the Network Entity Title
SR Linux supports a configurable network entity title (NET) per IS-IS instance. The NET is 8-20 octets long and consists of 3 parts: the area address (1-13 octets), the system ID (6 octets), and the n-selector (1 octet, must be 00)
The area address portion of the NET defines the IS-IS area to which the router belongs. At least one area address should be configured on each router participating in IS-IS.
The area address portion of the NET identifies a point of connection to the network, such as a router interface. The routers in an area manage routing tables about destinations within the area. The NET value is used to identify the IS-IS area to which the router belongs.
The NET value is divided into three parts. Only the Area ID portion is configurable.
1. Area ID — A variable length field between 1 and 13 bytes. This includes the Authority and Format Identifier (AFI) as the most significant byte and the area ID.
2. System ID — A 6-byte system identifier. This value is not configurable. The system ID is derived from the system or router ID.
3. Selector ID — A 1-byte selector identifier that must contain zeros when configuring a NET. This value is not configurable. The selector ID is always 00.
The following example configures a NET for an IS-IS instance:
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
net 49.0001.1921.6800.1002.00
}
}
}
Configuring global parameters
Commands and parameters configured on the global IS-IS instance level are inherited by the interface levels. Parameters specified in the interface and interface-level configurations take precedence over global configurations.
The following example shows the command usage to configure global-level IS-IS. The LSP PDU authentication setting references a keychain defined at the system level (see Protocol authentication).
--{ * candidate shared default }--[ network-instance default protocols ]--
# info isis
isis {
instance i1 {
level-capability L2
overload {
on-boot {
timeout 90
}
}
authentication {
lsp-authentication {
generate true
check-received strict
keychain isisglobal
}
}
}
}
Configuring interface parameters
There are no interfaces associated with IS-IS by default. An interface belongs to all areas configured on a router. Interfaces cannot belong to separate areas. There are no default interfaces applied to the router IS-IS instance. You must configure at least one IS-IS interface in order for IS-IS to work.
You can configure both the Level 1 parameters and the Level 2 parameters on an interface. The level-capability value determines which level values are used.
The following example configures interface parameters for an IS-IS instance:
--{ * candidate shared default }--[ network-instance default protocols isis ]--
# info instance i1
instance i1 {
interface ethernet-1/2.1 {
circuit-type point-to-point
ipv4-unicast {
admin-state enable
}
level 1 {
authentication {
hello-authentication {
generate true
check-received strict
keychain Hello
}
}
}
}
level 1 {
}
}
Displaying IS-IS information
Use the commands shown in this section to display the following information for an IS-IS instance running in a specified network instance:
-
interface information
-
adjacency information
-
IS-IS link state database information
IS-IS summary information
To display summary information for an IS-IS instance:
# show network-instance green_default protocols isis summary
-----------------------------------------------------------------------------------------------
Network instance "green_default", isis instance "default" is enable and up
Level Capability : L1L2
Export policy : None
-----------------------------------------------------------------------------------------------
System-id : 0050.0500.5005
NET : [ 49.0001.0050.0500.5005.00 ]
Area-id : [ 49.0001 ]
-----------------------------------------------------------------------------------------------
IPv4 routing is enable
IPv6 routing is enable using None
Max ECMP path : 1
----------------------------------------------------------------------------------------------
Ldp Synchronization is Disabled
----------------------------------------------------------------------------------------------
Overload
Current Status : not in overload
----------------------------------------------------------------------------------------------
Metric
Reference bandwidth: NA
L1 metric style: wide
L2 metric style: wide
----------------------------------------------------------------------------------------------
Graceful Restart
Helper Mode : disabled
Current Status : not helping any neighbors
-----------------------------------------------------------------------------------------------
Timers
LSP Lifetime : 1200
LSP Refresh : 600
SPF initial wait : 1000
SPF second wait : 1000
SPF max wait : 10000
LSP generation initial wait : 10
LSP generation second wait : 1000
LSP generation max wait : 5000
-----------------------------------------------------------------------------------------------
Route Preference
L1 internal : 15
L1 external : 160
L2 internal : 18
L2 external : 165
-----------------------------------------------------------------------------------------------
L1->L2 Summary Addresses Not configured
-----------------------------------------------------------------------------------------------
Instance Statistics
SPF run : 29
Last SPF : 2022-03-23T16:16:16.200Z
Partial SPF run : 16
Last Partial SPF : 2022-03-23T16:16:17.200Z
-----------------------------------------------------------------------------------------------
PDU Statistics
----------------------------------------------------------------------------------------------
| pdu-name | received | processed | dropped | sent |
+==========+==================+==================+==================+==================+
| LSP | 460 | 457 | 3 | 528 |
| IIH | 308 | 281 | 27 | 497 |
| CSNP | 52 | 51 | 1 | 116 |
| PSNP | 30 | 30 | 0 | 3 |
-----------------------------------------------------------------------------------------------IS-IS interface information
To display interface information for an IS-IS instance:
# show network-instance green_default protocols isis interface
-----------------------------------------------------------------------------------------------
Network Instance : green_default
Instance : default
-----------------------------------------------------------------------------------------------
| Interface Name | Oper State | Level | Circuit id | Circuit type | Ipv4 Metric L1/L2 | Ipv6 Metric L1/L2
===============================================================================================
| ethernet-1/1.1 | up | L1L2 | 2 | point-to-point | 10/10 | 10/10
| ethernet-1/2.1 | up | L1L2 | 2 | broadcast | 10/10 | 10/10
| ethernet-1/3.1 | up | L1L2 | 3 | broadcast | 10/10 | 10/10
| ethernet-1/16. | up | L1L2 | 4 | broadcast | 10/10 | 10/10
| 1 | | | | | |
| lo0.1 | up | L1L2 | 5 | broadcast | 0/0 | 0/0
-----------------------------------------------------------------------------------------------IS-IS interface detail information
To display detail information for a specific IS-IS interface:
# show network-instance green_default protocols isis interface ethernet-1/1.1 detail
----------------------------------------------------------------------------------------
Network Instance : green_default
Instance : default
----------------------------------------------------------------------------------------
Interface-Name : ethernet-1/1.1
Status : IS-IS is admin enabled, oper up
Circuit : id 1 is broadcast and not passive
Hello Authentication Generate : True
Hello Authentication Check Received : Strict
Hello Padding : disable
Csnp Interval : 10
Lsp Pacing : 100
Ldp Sync State : disabled
Ldp Sync Duration : 3274
---------------------------------------------------------------------------------------
Level : 1
Status : enabled
Adjacencies : 1
Hello Authentication Generate : True
Hello Authentication Check Received : Strict
Priority : 64
Hello Interval : 9
Hello Multiplier : 3
Ipv4 Metric : 10
Ipv6 Metric : 10
----------------------------------------------------------------------------------------
Level : 2
Status : enabled
Adjacencies : 1
Hello Authentication Generate : True
Hello Authentication Check Received : Strict
Priority : 64
Hello Interval : 9
Hello Multiplier : 3
Ipv4 Metric : 10
Ipv6 Metric : 10
----------------------------------------------------------------------------------------IS-IS adjacency information
To display IS-IS adjacency information:
# show network-instance default protocols isis adjacency
--------------------------------------------------------------------------------------
Network-instance : default
IS-IS instance : global
--------------------------------------------------------------------------------------
System-Id Adj-Level Interface IPv4-Address State Uptime Rem-Hold
<hostname1> L1 ethernet-1/1.0 10.0.0.1 Up 0d 00:46:43 19s
<hostname1> L2 ethernet-1/1.0 10.0.0.1 Up 0d 00:46:43 19s
--------------------------------------------------------------------------------------
Adjacencies: 2
--------------------------------------------------------------------------------------IS-IS link state database information
To display information for the IS-IS link state database:
# show network-instance green_default protocols isis database
--------------------------------------------------------------------------------------
Network-instance : green_default
IS-IS instance : default
--------------------------------------------------------------------------------------
| Level Number | Lsp Id | Sequence | Checksum | Lifetime | Attributes |
+==============+======================+==========+==========+==========+============+
| 1 | 0010.0100.1001.00-00 | 0x33 | 0x1672 | 1167 | L1 L2 |
| 1 | 0020.0200.2002.00-00 | 0x35 | 0xd562 | 1014 | L1 L2 |
| 1 | 0030.0300.3003.00-00 | 0x38 | 0xf447 | 640 | L1 L2 |
| 1 | 0030.0300.3003.01-00 | 0x2f | 0x4db6 | 1005 | L1 L2 |
| 1 | 0030.0300.3003.02-00 | 0x2e | 0xd355 | 709 | L1 L2 |
| 1 | 0040.0400.4004.00-00 | 0x39 | 0x6f2a | 638 | L1 L2 |
| 1 | 0040.0400.4004.01-00 | 0x2f | 0xf0ef | 822 | L1 L2 |
| 1 | 0040.0400.4004.02-00 | 0x2f | 0xa5f8 | 999 | L1 L2 |
| 1 | 0050.0500.5005.00-00 | 0x38 | 0xfbbb | 905 | L1 L2 |
| 1 | 0050.0500.5005.01-00 | 0x31 | 0x3937 | 745 | L1 L2 |
| 1 | 0050.0500.5005.02-00 | 0x2f | 0xd19 | 657 | L1 L2 |
| 1 | 0060.0600.6006.00-00 | 0x37 | 0xf287 | 967 | L1 L2 |
| 1 | 0060.0600.6006.01-00 | 0x2f | 0xadfb | 753 | L1 L2 |
| 1 | 0060.0600.6006.02-00 | 0x2f | 0x5f95 | 819 | L1 L2 |
| 1 | 0070.0700.7007.00-00 | 0x33 | 0x48dd | 1058 | L1 L2 |
| 1 | 0070.0700.7007.01-00 | 0x2f | 0xadb2 | 1164 | L1 L2 |
| 1 | 0070.0700.7007.02-00 | 0x2e | 0xdf8e | 852 | L1 L2 |
| 2 | 0010.0100.1001.00-00 | 0x3e | 0xb92f | 1150 | L1 L2 |
| 2 | 0010.0100.1001.00-01 | 0x3c | 0x1875 | 818 | L1 L2 |
| 2 | 0020.0200.2002.00-00 | 0x41 | 0x540f | 1177 | L1 L2 |
| 2 | 0020.0200.2002.00-01 | 0x3f | 0x2db9 | 699 | L1 L2 |
| 2 | 0030.0300.3003.00-00 | 0x3c | 0x302f | 1058 | L1 L2 |
| 2 | 0030.0300.3003.00-01 | 0x3f | 0x5150 | 668 | L1 L2 |
| 2 | 0030.0300.3003.01-00 | 0x30 | 0xb518 | 915 | L1 L2 |
| 2 | 0030.0300.3003.02-00 | 0x2f | 0xe113 | 1035 | L1 L2 |
| 2 | 0040.0400.4004.00-00 | 0x3e | 0xa17b | 657 | L1 L2 |
| 2 | 0040.0400.4004.00-01 | 0x3e | 0x260b | 1018 | L1 L2 |
| 2 | 0040.0400.4004.01-00 | 0x30 | 0x1511 | 1066 | L1 L2 |
| 2 | 0040.0400.4004.02-00 | 0x2f | 0x27a7 | 1035 | L1 L2 |
| 2 | 0050.0500.5005.00-00 | 0x41 | 0x59d6 | 608 | L1 L2 |
| 2 | 0050.0500.5005.00-01 | 0x44 | 0xf165 | 1110 | L1 L2 |
| 2 | 0050.0500.5005.01-00 | 0x33 | 0x7709 | 584 | L1 L2 |
| 2 | 0050.0500.5005.02-00 | 0x31 | 0xa74 | 657 | L1 L2 |
| 2 | 0060.0600.6006.00-00 | 0x3d | 0xd5ed | 903 | L1 L2 |
| 2 | 0060.0600.6006.00-01 | 0x44 | 0xdc97 | 666 | L1 L2 |
| 2 | 0060.0600.6006.01-00 | 0x30 | 0x9024 | 1145 | L1 L2 |
| 2 | 0060.0600.6006.02-00 | 0x30 | 0xbc66 | 1020 | L1 L2 |
| 2 | 0070.0700.7007.00-00 | 0x3a | 0x81fd | 862 | L1 L2 |
| 2 | 0070.0700.7007.00-01 | 0x3e | 0xf82a | 765 | L1 L2 |
| 2 | 0070.0700.7007.01-00 | 0x30 | 0xbad5 | 658 | L1 L2 |
| 2 | 0070.0700.7007.02-00 | 0x2f | 0x1ecb | 675 | L1 L2 |
+--------------+----------------------+----------+----------+----------+------------+
LSP Count: 41
-------------------------------------------------------------------------------------# show network-instance green_default protocols isis database 1
--------------------------------------------------------------------------------------
Network-instance : green_default
IS-IS instance : default
--------------------------------------------------------------------------------------
| Level Number | Lsp Id | Sequence | Checksum | Lifetime | Attributes |
+==============+======================+==========+==========+==========+============+
| 1 | 0010.0100.1001.00-00 | 0x33 | 0x1672 | 1048 | L1 L2 |
| 1 | 0020.0200.2002.00-00 | 0x35 | 0xd562 | 894 | L1 L2 |
| 1 | 0030.0300.3003.00-00 | 0x39 | 0x7762 | 1179 | L1 L2 |
| 1 | 0030.0300.3003.01-00 | 0x2f | 0x4db6 | 886 | L1 L2 |
| 1 | 0030.0300.3003.02-00 | 0x2f | 0x4ace | 1188 | L1 L2 |
| 1 | 0040.0400.4004.00-00 | 0x3a | 0xcd9f | 1135 | L1 L2 |
| 1 | 0040.0400.4004.01-00 | 0x2f | 0xf0ef | 703 | L1 L2 |
| 1 | 0040.0400.4004.02-00 | 0x2f | 0xa5f8 | 879 | L1 L2 |
| 1 | 0050.0500.5005.00-00 | 0x38 | 0xfbbb | 785 | L1 L2 |
| 1 | 0050.0500.5005.01-00 | 0x31 | 0x3937 | 625 | L1 L2 |
| 1 | 0050.0500.5005.02-00 | 0x30 | 0xb86e | 1148 | L1 L2 |
| 1 | 0060.0600.6006.00-00 | 0x37 | 0xf287 | 847 | L1 L2 |
| 1 | 0060.0600.6006.01-00 | 0x2f | 0xadfb | 633 | L1 L2 |
| 1 | 0060.0600.6006.02-00 | 0x2f | 0x5f95 | 700 | L1 L2 |
| 1 | 0070.0700.7007.00-00 | 0x33 | 0x48dd | 938 | L1 L2 |
| 1 | 0070.0700.7007.01-00 | 0x2f | 0xadb2 | 1044 | L1 L2 |
| 1 | 0070.0700.7007.02-00 | 0x2e | 0xdf8e | 733 | L1 L2 |
+--------------+----------------------+----------+----------+----------+------------+
LSP Count: 17
--------------------------------------------------------------------------------------Clearing IS-IS information
To clear information for an IS-IS instance, use the tools commands below:
To clear statistics for an IS-IS instance running in a specified network instance:
# tools network-instance default protocols isis instance i1 statistics clearTo clear link state database information for a level:
# tools network-instance default protocols isis instance i1 link-state-database clearTo clear IS-IS adjacency information for an interface:
# tools network-instance default protocols isis instance i1 interface ethernet-1/1.1 adjacencies clear