Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

user@host# show isis - J-Net Community

advertisement 
Advanced Juniper Networks Routing
Release 5.1, Revision 0
Module 4: Intermediate System
To Intermediate System (IS-IS)
Copyright © 2001, Juniper Networks, Inc.
Module Objectives
 Review the basic components and functionality
of the IS-IS Protocol
 Take a look at the IS-IS addressing schemes and the
different topology levels
 Discuss neighbor adjacency formations
 Configure IS-IS on a Juniper Networks router
Copyright © 2001, Juniper Networks, Inc.
IS-IS PDUs
 IS-IS exchanges protocol information using protocol
data units (PDUs)
–
–
–
IS-IS hello (IIH) PDUs
Link-state PDUs (LSPs)
Sequence Number Packets (SNP)

Complete sequence number PDUs (CSNPs)

Partial sequence number PDUs (PSNPs)
 IS-IS hello (IIH) PDUs
–
Broadcast to discover identity of neighboring IS-IS systems
– Determine whether neighbors are Level 1 or Level 2 intermediate
systems
 Link-state PDUs (LSPs)
–
–
Describes the state of adjacencies in neighboring IS-IS systems
Flooded periodically throughout an area
Copyright © 2001, Juniper Networks, Inc.
IS-IS PDU Format
 Describes the state of adjacencies in neighboring IS-IS
systems
 Flooded periodically throughout an area
 Contains multiple type, length, value (TLV) segments
Field length,
in bytes
1
1
1
1
1
Protocol
identifier
1
Header
length
Version
ID
length
PDU
type
Version
2
2
8
4
2
1
PDU
length
Remaining
lifetime
LSP ID
Sequence
Checksum P, ATT, & IS
number
Type Bits
Copyright © 2001, Juniper Networks, Inc.
1
1
Reserved
Maximum
area
address
Variable
TLVs
IS-IS PDU Notes
 PDU type field denotes a L1 or L2 PDU
– Level 1 PDU = 18
– Level 2 PDU = 20
 ATT bit is set if IS is connected to another area
 OL bit is set is the link-state database is overloaded
 IS Type bits determine a L1 or L2 router
– Level 1 router = 1
– Level 2 router = 3
 TLVs populate the LSDB
– Level 1 PDU = 1, 2, 10, 22, 128, 129, 132, 134, 135, 137, 222,
229, 232, 235, 236
– Level 2 PDU = 1, 2, 10, 22, 128, 129, 130, 132, 134, 135, 137,
222, 229, 232, 235, 236
Copyright © 2001, Juniper Networks, Inc.
PDU TLVs
 TLVs are added to LSPs as needed
– TLV 1 = Area Address
– TLV 2 = IS reachability
– TLV 10 = Authentication
– TLV 22 = Extended IS reachability
– TLV 128 = IP internal reachability
– TLV 129 = Protocols supported
– TLV 130 = IP external reachability
– TLV 132 = IP interface address
– TLV 134 = TE IP router ID
– TLV 135 = Extended IP reachability
– TLV 137 = Dynamic hostname resolution
 Multiple topologies (routing instances) are supported
– TLVs 222, 229, and 235
 IPv6 is supported via TLVs 232 and 236
Copyright © 2001, Juniper Networks, Inc.
Level 2 PDU Headers
user@host> show isis database extensive
Tokyo.00-00
Sequence: 0x6, Checksum: 0xcf2c, Lifetime: 1190 secs
Header: LSP id: Tokyo.00-00, Length: 218 bytes
Allocated length: 218 bytes, Router ID: 192.168.24.1
Remaining lifetime: 1190 secs, Level: 2,Interface: 4
Estimated free bytes: 0, Actual free bytes: 0
Aging timer expires in: 1190 secs
Protocols: IP
Packet: LSP id: Tokyo.00-00, Length: 218 bytes, Lifetime : 1198 secs
Checksum: 0xcf2c, Sequence: 0x6, Attributes: 0x3 <L1 L2>
NLPID: 0x83, Fixed length: 27 bytes, Version: 1, Sysid length: 0 bytes
Packet type: 20, Packet version: 1, Max area: 0
Copyright © 2001, Juniper Networks, Inc.
Level 2 PDU TLVs
user@host> show isis database extensive
TLVs:
Area address: 49.4949 (3)
TLV 1
Speaks: IP
TLV 129
Speaks: IPv6
IP router id: 192.168.24.1
TLV 134
IP address: 192.168.24.1
Hostname: Tokyo
TLV 137
IS neighbor: HongKong.00, Internal, Metric: default 10
IS neighbor: London.00, Internal, Metric: default 10
TLV 2
IS neighbor: HongKong.00, Metric: default 10
IP address: 10.222.28.2
Neighbor's IP address: 10.222.28.1
TLV 132
IS neighbor: London.00, Metric: default 10
IP address: 10.222.4.1
Neighbor's IP address: 10.222.4.2
IP prefix: 10.222.4.0/24, Internal, Metric: default 10
IP prefix: 10.222.28.0/24, Internal, Metric: default 10
IP prefix: 192.168.24.1/32, Internal, Metric: default 0
TLV 128
IP prefix: 10.222.4.0/24 metric 10 up
IP prefix: 10.222.28.0/24 metric 10 up
IP prefix: 192.168.24.1/32 metric 0 up
IP external prefix: 192.168.25.0/24, Internal, Metric: default 20
IP prefix: 192.168.25.0/24 metric 20 up
No queued transmissions
Copyright © 2001, Juniper Networks, Inc.
TLV 130
Sample IS-IS Database
user@host> show isis database
IS-IS level 1 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
HongKong.00-00
0x8
0xcc42
957 L1 L2 Attached
SanJose.00-00
0x9
0xbdfa
1055 L1
Montreal.00-00
0x7
0x54d2
500 L1
Montreal.02-00
0x4
0xdddb
677 L1
4 LSPs
IS-IS level 2 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
HongKong.00-00
0x6
0xa5a1
1102 L1 L2
Tokyo.00-00
0x9
0xc92f
909 L1 L2
London.00-00
0x6
0xd7d2
1109 L1 L2
3 LSPs
Copyright © 2001, Juniper Networks, Inc.
LSP Flooding Scopes
External
Routes
L1L2
L1L2
L1L2
L1L2
L1L2
L1L2
Area 49.1111
L2 PDU
Area 49.1111
L2 PDU
Area 49.1111
L2 PDU
Area 49.2222
L2 PDU
Area 49.2222
L2 PDU
Area 49.2222
L2 PDU
Area 49.3333
L2 PDU
Area 49.3333
L2 PDU
Area 49.3333
L2 PDU
Area 49.1111
L1 PDU
Area 49.2222
L1 PDU
Area 49.3333
L1 PDU
Area 49.1111
L1L2
Area 49.2222
Copyright © 2001, Juniper Networks, Inc.
L1L2
Area 49.3333
IS-IS Cost
 Cost of an interface indicates the overhead required to
send packets out a particular interface
 Default IS-IS cost for all links is 10
 Cost can be set on a per interface basis
– Each level on an interface can also have a different cost
[edit protocols]
user@host# show
isis {
interface so-0/0/0.0 {
level 2 metric 10;
level 1 metric 20;
}
interface ge-0/1/0.0 {
level 2 metric 5;
}
}
Copyright © 2001, Juniper Networks, Inc.
Reference Bandwidth
 The interface cost can be changed to use the formula
reference-bandwidth/bandwidth
– Automatically alters the cost of interfaces
– Allows for a consistent change across all interfaces
 Use the reference-bandwidth command within
[edit protocols isis]
[edit protocols isis]
user@host# set reference-bandwidth 1g
[edit protocols isis]
user@host# show
isis {
reference-bandwidth 1g;
interface so-0/0/0.0;
interface ge-0/1/0.0;
}
Copyright © 2001, Juniper Networks, Inc.
IS-IS Wide Metrics
 The maximum metric supported on an individual
interface is 63
 All values advertised in an LSP that have a higher
value are interpreted as a metric of 63
 The use of wide metrics allows for a maximum value of
16,777,215
– Configured for an entire level
[edit protocols isis]
user@host# set level 2 wide-metrics-only
[edit protocols isis]
user@host# show
isis {
level 2 {
wide-metrics-only;
}
interface so-0/0/0.0;
interface ge-0/1/0.0;
}
Copyright © 2001, Juniper Networks, Inc.
Effects of Altering Metrics
 Metric values are advertised via the TLV values within
a LSP and populate link-state database
 As each router runs SPF algorithm, each LSP is
examined individually for cost of outgoing interface
– That cost is used in the final metric calculation
 Routers can disagree about the cost on a network link
– HongKong sees a cost of 45 to reach Amsterdam
– Amsterdam sees a cost of 60 to reach HongKong
5
HongKong
15
10
SanJose
20
Montreal
Copyright © 2001, Juniper Networks, Inc.
25
30
Amsterdam
IS-IS Authentication
 Authentication can occur within multiple places
– Link-state PDUs and sequence number packets within:
 The entire domain
 A single IS-IS level 1 area
 A single IS-IS level 2 area
– IS-IS Hello packets:
 On a specific interface
 Three authentication types are supported
– None (default)
– Simple
– MD5
 MD5 includes an encrypted checksum with all packets
– Provides better security than type simple
Copyright © 2001, Juniper Networks, Inc.
Authentication Configuration
 More specific level authentication references take
precedence over global settings
 Comments are made with the annotate command
[edit protocols isis]
user@host# show
/* This is for the entire IS-IS Domain */
authentication-key "$9$bssYomPQ69pkq39puhc8X7V2a"; # SECRET-DATA
authentication-type md5;
level 2 {
/* This is for the entire IS-IS Level */
authentication-key "$9$dXVYoDjqQ39gomTz6CAvW8X-ViHmFnCDi1h"; # SECRET-DATA
authentication-type simple;
}
interface so-0/0/0.0 {
/* This is for all hellp packets on this interface */
hello-authentication-key "$9$1sEEclws4JUH-db2oGq.Ctp01h7NbgaU"; # SECRET-DATA
hello-authentication-type md5;
}
Copyright © 2001, Juniper Networks, Inc.
Authentication Issues
 Hello authentication only secures IS-IS Hello packets
– Determines whether an adjacency forms between 2 routers
 Global or level authentication secures:
– LSP packets
– CSNP packets
– PSP packets
– IS-IS Hello packets
 Authentication for LSPs allows other routers to read
the TLV values and use that information in the SPF
calculation
 The authentication check can be disabled with the noauthentication-check command
– Useful for migration purposes
Copyright © 2001, Juniper Networks, Inc.
Mesh Groups
 IS-IS LSPs are flooded to all neighbors by default
 Certain physical topologies make this unnecessary
– Amsterdam will receive 3 copies of the same LSP
 Once configured, the group members will not re-flood
LSPs within the group
SanJose
Amsterdam
HongKong
Montreal
Copyright © 2001, Juniper Networks, Inc.
Mesh Group Configuration
 Each interface is configured with a group number
– 32-bit numbers can be different on separate interfaces
 To prevent an interface from flooding any LSPs, the
keyword blocked can be used
[edit protocols]
user@host# show
isis {
interface so-0/0/0.0 {
mesh-group 2;
}
interface ge-0/1/0.0 {
mesh-group 1;
}
interface at-0/2/0.100 {
mesh-group blocked;
}
}
Copyright © 2001, Juniper Networks, Inc.
Overload Bit
 Used to advertise information to neighbors, but not be
used for transit traffic
– Other routers ignore the LSP during SPF calculation
 Can be set permanently or with a timeout value
– Timer is between 60 and 1800 seconds
– Timer only runs after RPD starts
[edit protocols]
user@host# show
isis {
overload;
interface so-0/0/0.0;
interface ge-0/1/0.0;
}
user@host> show isis database
IS-IS level 2 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
Router-1.00-00
0x36f
0x8cf7
1007 L1 L2
host.00-00
0x37f
0x4c3a
1067 L1 L2 Overload
Copyright © 2001, Juniper Networks, Inc.
CSNP Interval
 CSNP packets are sent on a LAN interface every 10
seconds if you are the DIS
 Can be altered on a per interface basis
– Value can be between 1 and 65,535 seconds
[edit]
user@host# run show isis interface detail
IS-IS interface database:
ge-0/2/0.0
Index: 3, State: 0x6, Circuit id: 0x2, Circuit type: 2
LSP interval: 100 ms, CSNP interval: 10 s
Level Adjacencies Priority Metric Hello (s) Hold (s) Designated Router
2
1
64
10
3
9 SanJose.02 (us)
[edit]
user@host# set protocols isis interface ge-0/2/0 csnp-interval 40
[edit]
user@host# run show isis interface detail
IS-IS interface database:
ge-0/2/0.0
Index: 3, State: 0x6, Circuit id: 0x2, Circuit type: 2
LSP interval: 100 ms, CSNP interval: 40 s
Level Adjacencies Priority Metric Hello (s) Hold (s) Designated Router
2
1
64
10
3
9 SanJose.02 (us)
Copyright © 2001, Juniper Networks, Inc.
IS-IS Configuration
 Configured at the [edit protocols] hierarchy level
 List each interface separately
– Loopback 0 must be explicitly configured
protocols {
isis {
interface <interface-name>;
interface <interface-name>;
interface <interface-name>;
}
}
Copyright © 2001, Juniper Networks, Inc.
Review Questions
Copyright © 2001, Juniper Networks, Inc.
Related documents
IS-IS Multi-Area Networks - J-Net Community
IS-IS Multi-Area Networks - J-Net Community
A3 Template
A3 Template
Juniper Networks Corporate PowerPoint Template
Juniper Networks Corporate PowerPoint Template
The Five-Slide Pitch Deck
The Five-Slide Pitch Deck
Chemquest 1 - Wayne County Public Schools
Chemquest 1 - Wayne County Public Schools
ISIS vs OSPF - Workshops
ISIS vs OSPF - Workshops
Slides
Slides
Technology alliance partner
Technology alliance partner
Download
advertisement