Официален блог на WebEKM EKM очаквайте сайта онлайн скоро.
Download Free Templates http://bigtheme.net/ free full Wordpress, Joomla, Mgento - premium themes.
ISIS – routing protocol not only for service providers.
Explanation and basic configuration with route leaking
ISIS is considered as a protocol only for service providers. Unfairly. Very well scalable, working with different kind of information thanks to TLV is worth to learn even if you are not going to implement its as an underlay routing protocol in MPLS environment.
Integrated IS-IS routing protocol uses SPF algorithm alike OSPF, but unlike OSPF may carry any information. Instead of using IP addresses uses NSAP (OSI address) and this way forming neighberhood at layer 2. We also have areas, LSDB (link state databases L1 and L2), “hello” packets and election of Designated router (DIS). If both protocol are so much similar what differs IS-IS from OSPF?
At the beginning some theory :
Dictionary
IS – intermediate system (the router)
ES– end system (host, node, user device)
TLV – The field that enables carrying any content. Type-Length-Value. Type- what is inside, Lenght- the portion of data, Value- the content. TLV field makes IS-IS extendable. Thanks to TLV IS-IS may carry any kind of information.
NSAP – Network Service Access Point (aka OSI address). NSAP address is assigned
per router (only ONE!) not per interface. So there is only one address that makes a router unique.
We have Areas alike in OSPF but routers are only in one Area, there are no routers like ABRs in OSPF. We know “backbone” Area 0 from OSPF, in ISIS we also have “backbone” that consists of a bunch of L2 routers, but what makes ISIS better scalable, “backbone” may be splitted. We may have more than one “Backbone” and their may be connected via L1/L2 routers that are placed in different areas. In OSPF as we know each area has to be directly connected to Area 0, unless we use infamous “virtual links”.
In OSPF we have many LSAs packets in ISIS we have only one LSP (Link State PDU)
There are 2 routing levels:
L1 Router – keeps information about all routes within one area only! These routers are internal. L1 routers try to find the closest L1/L2 router in their own Area as the exit
L1/L2 Router – acts alike ABR and keps information from the other areas and its own area. L1 routers send packets outside the area through L1/L2 routers
L2 only Router – router dedicated for summary, keeps only summary routes from 2 or more IS-IS areas. L2 router acts as real backbone, Area 0 in OSPF
There are also 2 routing databases: L1 and L2
In IS-IS there is no Cost based on bandwidth alike in OSPF but default each link cost is 10 regardless the bandwidth is. So it is up to admin setting up what links are more important over the other. The metric for the link is a value betwen 0-63. There are only 2 types of network “Point to point” and “Broadcast” that is default, routers elect DIS (Designated Intermediate System) similar to DR OSPF.
Understanding NSAP address
NSAP address consists of 3 parts:
Area address.System ID.NSAP selector
an example:
49.1234.aa12.ef56.7763.00
49.1234 – area address. 49 at the beginning represents the private address space in OSI (may be the value from 0 to 99.1234 represents the actual area number.
aa12.ef56.7763 – system ID (may be MAC address of the router)
00 – NSAP selector
Cisco rules:
NSAP address can be up to 20 bytes
Last 2 digits of an address is always 00 (representing an IS- router)
System ID is always a fixed 6 bytes in length
IS-IS routing
Depends on the type of the router we have: L1 routing that relies on system ID and L2 routing that relies on Area ID
Let’s break ISIS routing down on the real example.
router isis
next under “router isis” according to the area :
net 49.0001.1111.1111.1111.00
where 0001 is an area, 1111.1111.1111 is an router number
next according to the type of router L1 or L1/L2
is-type level-1
and on each interaface we run “ip router isis” command
so configuration on R1 looks in this way:
router isis
net 49.0001.1111.1111.1111.00
is-type level-1
interface lo0
ip routr isis
interface fa0/0
ip router isis
interface fa1/0
ip router isis
and so on…
on R4 for example:
router isis
net 49.0002.1111.1111.1111.00
is-type level-1-2
interface lo0
ip routr isis
interface fa0/0
ip router isis
interface fa1/0
ip router isis
and so on…
Now let’s check what we got in the routing table of R6:
As we see there is no direct route to prefix 1.1.1.1/32 and this OK, this prefix has been exchanged between R2 and R4 on L2 database level so there is no possibilty to find this prefix in L1 router. Instead of 1.1.1.1/32 prefix we have only “default route” leads to R8 (R6 router tries to find the shortest way to get outside if have to send the packet outisde its own area).
Let’s run traceroute to 1.1.1.1 from R6
As you noticed the route to 1.1.1.1 via R8 has 5 hops if we could use R4 as a default gateway then we would have only 4 hops (I know there are no “hops” in ISIS this is nor RIP, but since all links are equal 10, I didn’t change theirs cost, so we may count “hops”), unfortunatelly R6 sees only internal routers and calculate in this way. Thanks to this we have not desirable sub-optimal routing. Is there anything what we can do about it? Sure, we may use “route leaking” (what is actually redistribution). We may do that in 2 ways as usuall with Route-maps or distribute list. I will do that with distribute list, in this case only for prefix 1.1.1.1/32 but of course we may use “any” to let leak all routes from L2 database on R4 to L1.
access-list 100 permit ip host 1.1.1.1 any
router isis
redistribute isis ip level-2 into level-1 distribute-list 100
Let’s check now the routing table of R6 and how traceroute works.
First of all we still have default route that points out R8 as the shortest way, but now we also got direct entry in the routing table for prefix 1.1.1.1/32. Because we have 2 ways to R4 router we even got ECMP, well known from OSPF. At the end we may traceroute to the 1.1.1.1, now we have 4 hops.
ISIS Verification
Flat design
Single area only with L1 or L2 mode only. Cisco recommends L2 routers (2 databases), because is easier to expand. When we start with Area with L2 routers, then it will be the backbone (alike Area 0 in OSPF)
Hierarchical design
For large network very well scalable, has three thierarchy:
Routers L1 represent Access layer
Routers L1/L2 represent Distribution layer
Routers L2 represent Core layer
Summarization is supported: L1 to L2 database and External (other routing
protocol) to L1 or L2
