Integrated IS-IS English Ver
Integrated IS-IS English Ver
Integrated IS-IS English Ver
Routing Protocols
Basic Theory and Practice
ii
Table Of Contents
Introduction to IS-IS________________________________________________________________________1
IS-IS Metrics______________________________________________________________________________13
IS-IS Border_______________________________________________________________________________17
IS-IS Lab_________________________________________________________________________________18
This material is taken from the advanced IP routing course presented by Mr. M Aditya Hananto in the
Indonetworkers Community forum. This note contains material about the Basic Theory of Border
Integrated IS-IS routing protocol along with a simple lab
Page 1
IS-IS Introduction
The most popular IGP used by service providers besides OSPF is IS-IS. Service providers offer
several services to customers including internet access, metro-e, VPN and so on.
SP acts as a transit or connector between customers and the internet. In order for this service
provider to function, of course there must be routing in the internal backbone, there must be
routing on how the leftmost router can be reached by the rightmost router. So before connecting to
the outside world (with customers and the internet), of course the service provider must be
reachable from end to end. so that it can be reachable we need to use routing, of course the use of
routing here does not use static routing, because if you have a very large network, hundreds or
thousands of networks, of course it is very vulnerable to errors, not to mention everything is
completely manual, the errors are typos for example , then if you want to change route, you have to
do it manually and so on. Therefore we use dynamic routing protocol. Routing protocols
themselves include interior gateway protocols and exterior gateway protocols. What is the
difference between interior and exterior protocol gateways? The interior gateway protocol is a
routing protocol used within one IS, while the exterior gateway protocol is an inter IS. IS itself is an
autonomous system, which is a collection of networks managed by one party (the party here, for
example, is a service provider or it could also be an enterprise). As has been said before, the IGP
commonly used by service providers is OSPF and IS-IS, both of which are link state routing
protocols.
Page 2
Different from distance vector, the link state routing protocol knows topological conditions, similar
to when we look at a map on Google Maps, whereas distance vector only knows direction and
distance, like when we see a road sign. For example, if you turn left towards Bandung for 150
kilometers, then we only know that the direction is left to Bandung for 150 kilometers, but we don't
know what we will encounter along the 150 km, which is different from if we look at Google maps
from our current point to Bandung. Those 150km will go anywhere. That is the analogous difference
between link state and distance vector, the link state routing protocol can know the topology thanks
to link state advertisement (LSA). in OSPF, the link state advertisement contains long-term updates,
each router provides information on what network it has, who its neighbors are, all of this is
contained in the link state advertisement, from there it will be processed so that we can know the
topology of the network. Likewise, IS-IS is also a link state routing protocol, so the link state routing
protocol uses the DJikstra algorithm or the shortest path first (SPF) algorithm. Even though there are
differences between IS-IS and OSPF, if we already understand OSPF, understanding IS-IS is not too
difficult because there are many of the same concepts. The first is that both are link state routing
protocols, then in OSPF there is a hierarchy of areas, there is area 0 as the backbone, and other
areas that are connected to the backbone. OSPF can perform routing within the internal area itself
and routing between areas, in IS-IS it is also the same, there is routing within the internal area itself
and routing between areas. Then another similarity is that OSPF and IS-IS have a link state
database, in this LSDB contains all updates received from other routers, so that our router can
know detailed information from each existing router. So we haven't chosen yet which is the best
path, which is the smallest metric, basically all the information is entered first into the link state
data base, then besides the link state data base there is also an ajsensi data base or also known as
a neighbor table, who are my neighbors, if it's in OSPF so that you can get to know neighbors using
the hello package, well in IS-IS there is also a hello package too, then in OSPF there is Update, in
Page 3
OSPF the package will be similar to the IS-IS package, so overall OSPF is very similar to IS-IS only
different people who make it and different initial purposes. So let's focus on the similarities first, so
both are link states, using the DJikstra or SPF algorithm, then there is the area concept (routing can
be in the same area or can be routed to another area), then for the table there is a database link
state or so-called also table topology, there is also an adjacency database, there is a neighbor table
and then there is also a forwarding database, this forwarding database contains the best paths,
which are the best paths to the destination based on the metrics. OK, so these are the similarities
between OSPF and IS-IS, so now we will focus on IS-IS. So IS itself is an abbreviation for
intermediate system or in general language is router. intermediate system = router, so IS-IS is IS to
IS protocol, simply the protocol between IS routers. The opposite of an intermediate system is an
end system or ES, so end systems such as PCs, laptops, servers are called end systems, whereas
the router itself is an intermediate system or IS. Initially IS-IS was intended for the CLNS protocol
which is ISO's protocol. CLNS or connectionless network service is not IP, so it has nothing to do
with IP. A router that uses IS-IS must use this CLNS protocol. Initially IS-IS could not send and
receive updates regarding IP, this protocol was pure IS, originally the ISO or CLNS protocol,
because IP was developing rapidly, even now we see that almost all devices use IP to connect to
the network, so dual IS was developed -IS which will support IP version 4, IP version 6 and the
native protocol, which is CLNS. So the protocol we use now is dual IS-IS or also called integrated IS-
IS (essentially IS-IS which supports the IP protocol). Even though dual IS-IS supports IP protocol,
CLNS must still be activated.
If we have a router, for example, it has an IP on its interface, but we want to run IS-IS as a routing
protocol, then the ISO protocol must also be activated on this router, so there will be an ISO
address or CLNS address and then there will also be an IP address. OK, so the history of IS-IS is not
for IP routing but for CLNS routing.
Page 4
The concept of router type in IS-IS is simpler than OSPF. In IS-IS there are only three types of routers
1. L1 IS, L1 IS can only route within the intra area. L1 IS only knows the local conditions of its area
and only accepts prefixes from its own area. L1 IS forms a level 1 LSDB and SPF tree for its own
area.
2. L2 IS, is a router that can route to inter areas or even to other IS. L2 IS is the backbone area,
which knows all intra-area and inter-area paths. This L2 IS forms level 2 LSDB and SPF Tree for the
Backbone.
3. L1/L2 IS, this type acts as L1 IS and L2 IS. L1 L2 IS forms each level 1 LSDB and SPF Tree and level
2 LSDB and SPF Tree separately. Let's see what the areas in IS-IS are like, unlike OSPF which
requires all areas to be connected to area 0 or backbone area, in IS-IS the backbone doesn't have to
be a single area, it's fine like this
For example, if I have multiple areas like this, then I will use these 4 areas as the backbone. So this
is the difference, in OSPF, which is called the backbone, it has to be one area (area 0) but in IS-IS,
which is called the backbone, it can be split into several areas, it doesn't have to be one area, if you
want to make it into one area, you can also do it like OSPF, but This IS-IS design is more flexible, it
doesn't require us to make the backbone only one area, if you want to make the backbone into
multiple areas, please do so. If in IS-IS the name of the backbone area is contiguous L2 IS, as long
as level 2 IS is not interrupted, that is the backbone in IS-IS. Even though the L2 IS is in different
Page 5
So what is called a backbone area is a group of L2 IS that are continuously connected without being
interrupted, it doesn't have to be one area, for example like this, areas 49.0001, 49.0005, and
49.0006.
2. L2 IS routers can be neighbors in the same area or in different areas. To connect 2 areas, it is
necessary to use the L2 IS type.
So this L1 IS router is similar to an internal router (IR) in OSPF. Internal OSPF routers are routers that
have OSPF neighbors in the same area. Likewise, L1 IS can only be neighbors with L1 IS in the same
area, if it is in a different area, it cannot.
Page 6
For example, there is an L1 IS that sends hello to an L1 IS router in another area, even though both
routers receive hello from each other, the two routers cannot be neighbors because the L1 IS can
only be neighbors with an L1 IS in the same area, but between L2 IS in a different area it could be a
neighbor.
if L1 and L2 are of different types they cannot be neighbors, then L1 cannot go to another area
because L2 is a backbone or a gateway to go to another area, then between L1 and L2 we can
Page 7
49.0001 consists of 6 hexa or the same as 3 Bytes or 24 bits. This is what is widely
implemented, so the area is 49 followed by 4 hexa numbers, for example 49.0001, 49.002 and
Page 8
49.0005, the area numbers don't have to be in order. now the question is whether the area in front
of it should be 49? The answer is that it doesn't have to be 49, it's just that 4 9 is a CLNS address, 49
indicates a private address, so just like an IP address, there is also a private address. If you want to
use the public area format, you have to register first before you can use 49, but if it's private then we
use 49.
IS-IS packets.
1. 1. IS to IS Hello (IIH). There are two types of IS to IS hello, there is L1 IIH and there is L2 IIH.
for example we have a router here L1 IS, then what it sends is L1 hello. if the one next to it is L2 IS
then the next one will send L2 hello, then it won't be a neighbor, because the hello is of a different
type, one is L1 hello and the other is L2 hello. then here there is L1 IS, well because these are both
L1 hello, you can be a neighbor, but there is another condition, which is that you have to be in the
same area. If it's in the same area and both are L1, then they can become neighbors.
then we can set the L1/L2 router to the top using L2 IIH (L2 hello) but to the left using L1 hello,
because L1/L2 is a router that supports both, it can be L1 or L2. This is the default Cisco router
when we activate IS-IS, the default is L1/L2 IS.
Page 9
LSP is a link state packet or link state PDU (protocol data unit). In this LSP there is a TLV (type,
length, value). LSP itself has the same function as link state advertisement or link state update in
OSPF. So every router must generate an update called LSP. This LSP contains, among other things,
what networks are attached to the router and who the connected neighbors are. In an update there
is information called TLV (type length value).
With this TV, IS-IS becomes more flexible, for example, one day there is a new protocol, IP version 7
or IP version 8 or another protocol that IS-IS wants to route, then just add a new type of TV to IS-IS,
What does it contain, how many bits long, is it different from OSPF? When OSPF was created, for
example OSPF version two, when it was designed it was for IP version 4, so if you want IP version 4
routing, use OSPF version two, well one day there will be IP version 6 OSPF version Those two don't
support IP version 6 so they need to be modified, OSPF version three came out, OSPF version three
is what is used to support IP version 6 routing. But if IS-IS doesn't need to use a new version release
like that, because the advantages of IS-IS are have a tv, so just add a new type, what value, how
many bits long, that's it, the protocol still doesn't change. That is the advantage of IS-IS. Besides
that, the link state packet is also simple, not as complicated as OSPF. If you study OSPF, there are
LSA link types starting from LSA type 1 router LSA type 2 network LSA, type 3 summary LSA and so
on up to type 4 type 5 type 7. For IS-IS LSP, just LSP, link state packet or link state PDU is no longer
as complicated as OSPF, so it could be said that IS-IS is simpler than OSPF.
CSNP is the complete sequence number of the PDU, which contains a description or summary of
the PDU link state. In OSPF there is something similar to this called database description (DBD).
Page 10
for example
This is an R1 router, it has LSPs R1, R2 and R3. When he gives information to another router, for
example router 4, R1 doesn't immediately give the details, similar to OSPF, what is only given is the
description, okay I have LSP R1, R2, R3, what the details are not given, so In the film, it's similar to a
trailer, only the snippets, more details later. Likewise, in the books there is a synopsis, just a short
story, the details have not been given, just like DBD in OSPF or CSNP in IS-IS, the function is like
that, giving a description of whatever LSA or Update I already know.
4. PSNP
PSNP stands for Partial Sequence Number PDU. This PSNP function is similar to the link state
request (LSR) in OSPF, so its function is a missing LSP request. for example like this
R1 sends CSNP, then the content is a description of LSP R1, LSP R2, LSP R3, then R4 wants to know
what the contents of LSP R3 are that he doesn't know yet, then R4 can send PSNP. The first function
Page 11
is to request details of a particular LSP, in OSPF this is called link state request (LSR), in IS-IS the
name is PSNP. Another function of PSNP is acknowledgment.
When R4 receives R5's LSP, R4 will send an acknowledgment that sounds like "okay, thank you, I
have received router 5's LSP".
1. 1. When a router is activated by IS-IS, the way it works is similar to OSPF, the two routers will
exchange hello (IS to IS hello).
2. 2. When you have exchanged hello, this hello information will be entered into the adjacency
database, in R2 it will record my neighbor R1, and in R2 it will record that I have a neighbor
R1.
Page 12
3. 3. Then the two routers exchange Complete Sequence Number PDU (CSNP), so it tells me if
I have any LSP, for example router R1 it gives a description of LSP R1, R3, and R4.
4. 4. After both routers receive each other's CSNP, the router can request PSNP. I want to know
the contents of LSP R1 and R3 only, or all LSPs from the description list contained in CSNP.
For example, R2 requests LSP from R1, R3 and R4 to R1.
5. 5. R1 will later provide LSP R1, R3 and R4 according to R2's request.
6. 6. After R2 receives the LSP from R1, R2 will send PSNP which functions as an
acknowledgment.
7. When we receive an LSP from a neighboring router, we enter all the information from the
LSP into the link state database. Then the link state database is processed into an SPF Tree
1. Point to Point,
If point to point is as the name suggests, only two, there is no DR-BDR selection for point-to-point
type networks in either IS-IS or OSPF.
2. Broadcast or LAN
Page 13
The broadcast type in IS-IS is similar to OSPF. For example, if we have 4 routers connected to each
other with an Ethernet switch, then these four routers will choose one Designated IS (DIS), in OSPF
we usually call it a Designated Router (DR). The difference is that in OSPF, DR has a DR backup, in
IS-IS there is no DIS backup, only DIS. What if the DIS is dead? If the DIS dies, a new DIS will be
selected, similar to OSPF. The sequence of the DIS selection process is as follows
1. Highest priority, first seen from the priority. If we determine which one is DIS or DR, we just need
to change the priority to the higher one.
2. Highest SNPA, then if for example the priority is the same, then what you see is the Sub Network
Point of Attachment (SNPA). This SNPA is a layer two address, depending on the protocol we use at
layer two, most of us use a Mac address, then the layer two address is the Mac address, but if for
example we use frame relay, then the layer two address is DLCI. So basically SNPA is taken from the
layer two address, then compared to whose Mac address is the highest, then it becomes DIS. The
function is the same as in OSPF, the DIS represents a certain internet segment, when the DIS sends
updates to the other router, DIS says I am the DIS for this segment, and tells what routers are
connected to that segment.
For example, if we have a router like this, this is one link or interface. The default value is 10. The
default value means there is no formula like in OSPF. In OSPF, there is a formula for reference
bandwidth divided by interface bandwidth. In IS-IS, there is no formula, basically one link. The
default is 10. If there are 3 links, just add them up, then the metric path is 10 +10+10=30 like that.
Well, the best practice is that we usually only activate wide metrics only, so that we can increase
the metric value of one link, for example to thousands, so if it's Narrow, don't let one link be
thousands, the path is a maximum of 1023, so if you use narrow metrics , if you want to manipulate
one link with a value of 2000, you can't, but if you use a wide metric, the metric value can be as big
as OSPF and EIGRP. So the greater the value, the more flexible we are in choosing it. If there are
many paths or lots of paths, we can change the metric value and the size of the metric depends on
using a narrow or wide metric style, if on wide the maximum is larger. So this is one of the
similarities between IS-IS and OSPF, the metric values are added up for each link, but the difference
is that in OSPF, each link has a cost (reference bandwidth/interface bandwidth), whereas in IS-IS
there is not. There is a formula like that, so for each link, no matter what the bandwidth, each link
has a cost value of 10.
IS-IS is an ISO protocol, and ISO has a Layer 3 protocol called connectionless network service
(CLNS). The name of the Layer 3 address is network service access point (NSAP). If we usually use
IP, the protocol is IP, the IP address is either IP version 4 or IP version 6. In CLNS the layer 3 address
is called NSAP network service access point. So NSAP is the technology inside CLNS for
addressing. What is the NSAP format looks like?
ID system: has a length of 12 hexadecimals, in one area, the router system ID must be unique, but if
in different areas, 2 routers are okay to have the same system ID. Usually this system ID makes us
easy to identify the routers, we can use two options, we can use the loopback IP address or the
Page 15
router's Mac address. The Mac address happens to be the same length as 12 hexa, so we can use
the Mac address or we can also use the loopback IP address. Or you can also just order them, for
example 01, next 02, 03, 04 and so on. So the system ID can also be a serial number with a length of
12 hexa, what is important in one area is that the system ID must be unique.
NSel: The function of this NSAP selector in an NSAP address is as a service marker. For example, if
we use the IP protocol, the service is indicated by a logical port number, for example http is the port
80 for Telnet, 23 for https 443 and so on, whereas for NSAP it uses NSel. We don't need to be
confused about how many NSELs we need to use here, because the address for the router or IS
only has one option, which is 00. Now this series of addresses is called Network Entity Title (NET).
NET is an NSAP address whose NSEL is equal to 0, aka the router address, remember that if the
NSEL is 00, it means this is a router or IS.
In the IP protocol, when we have a router with one loopback and three physical interfaces, what we
do is we give an IP address on the loopback, and on the physical interface, in total there are 4 IP
addresses. How about the ISO protocol? Does each interface have to be given a NET address? the
answer is no.
So the IP is still on each interface, yes, if we use IP, but there is only one NET address, one NET on
one router, instead of making many NET addresses on one router. No matter how many active ip
enabled interfaces on the router are, we just need only one NET address, this is much simpler than
IP, for IP the address is on each interface, but for NET the address is per router. Then from the NET
address we can also know the area of the router, because the area ID is in the NET address. 49.0001
is in area one, but in OSPF the area and IP address are not always the same, for example the IP is
10.1.1.1, the area is not necessarily in area 10 or area 1, because the IP address configuration and
area configuration in OSPF are separate, right? there is a connection, but if in IS-IS we create a NET
address, that address already has an area. So when we configure dual IS-IS or integrated IS-IS we
still have an IP address, this IP address remains on the loopback and physical interfaces and we
add one NET address. So the NET must be there, because IS-IS runs on CLNS, not runs on IP, IP is
just information that is carried in the IS-IS update.
Border in IS-IS.
Page 16
OK, next, if we look at the Area Border Router (ABR), for example, this ABR has two interfaces, area
0 and area 2.
The two interfaces on this router go to different areas, the right one goes to area 0, the left goes to
area 2. So the border or area divider is on the router.
Now let's see what IS-IS is like, if a router's IS-IS can only enter one area, unlike OSPF.
If in IS-IS a router only enters one area then it meets another router that enters another area. So the
boundary or boundary between areas is on the link, not on the router. So in IS-IS one router only
operates in one area but in OSPF ABR can be in two or more areas. example when OSPF routers
operate in three areas.
for example, there is another interface entering area 6. So this one OSPF router can enter three
areas, but in IS-IS one router is only really in one area, so if for example there are 3 IS-IS areas, then
Page 17
okay the next question is, can we apply prefix filter for IS-IS? If it is in the same area, both in OSPF
or IS-IS, the LSA will be sent as it is, so we cannot filter it. we can do filtering if only between two
dfferent areas.
The aim of this lab is how to make ip lo0 on PE1 and PE2 reachable to each other.
PE1
Page 18
PE2
Page 19
After all interfaces on the 3 routers are configured with IP addresses according to the topology,
make sure the point to point ping is successful
After the point to point connection is successful, then we configure the IS-IS router on each router
IS-IS configuration
Page 20
PE1
PE2
Page 21
Let's verify the IS-IS configuration, we start from PE1, we try to check the read IS-IS neighbors ,
show isis neighbors
PE1 has detected the P-router as its neighbor. Let's check at P, show isis neighbors
P has detected PE1 and PE2 as its neighbors. From here we can see that P is connected to PE1 via
circuit type L1, via interface g0/0 and connected to PE2 with circuit type L2 via interface g0/1.
In PE2 it has also detected P as its neighbor. To see neighbor status in more detail, we can use show
isis neighbors detail
Here the SNPA of the existing neighbor is shown. SNPA here is the mac-address of the P-router
interface connected to PE2. We can verify that this SNPA is the correct MAC address of interface P,
go to P-router, show int g0/1. This SNPA also functions for the DIS selection process.
Page 22
Then let's verify the database on the P router, show isis database
Here we can see, because this P-router is an L1/L2 IS, there will be 2 databases, L1 LSDB and L2
LSDB. Now let's check the IS-IS routing table on PE1, show ip route isis
From here we can see that the level 1 IS router only knows the network in that area and the default
route. PE1 doesn't know what networks exist in other areas, except in P where route leaking is
carried out, but the default type L1 IS is like a stub area in OSPF, where the internal router doesn't
get information about prefixes in other areas, it only gets the default route from P router. OK, so here
Page 23
we see that the metric to the default route is 10 (because there is only 1 link to the default route
gateway, which is P), then the metric to the loopback P is 20 (obtained from the PE1-P link = 10 and
P-loopback P = 10 ), so each link including loopback has a metric of 10.
OK, so if we look at PE1, we try to ping PE2 successfully. Let's try checking the routing table on PE2.
The routing table for PE2 is level 2 IS, so the routing table should be complete, show ip route isis
We can see here, the PE2 routing table is complete, it doesn't use the default route, PE2 knows
prefixes from other areas 172.16.1.0, 192.168.1.1 and 192.168.1.11. These are all prefixes from
other areas. We can know because there is a code next to the prefix i L2 , I means IS-IS and L2
means IS-IS level 2.
Let's try changing the interface metric value in PE2 towards P, which is int g0/1
Page 24
Here we try to increase the metric to 25. Then see the difference, show ip route isis
Here we can see the metric value towards 192.168.11 which was originally 20, now it is 45, because
initially from PE2 - P the metric value was 10, we have changed the interface metric in PE2 to 25, so
the total metric is (PE2-P) + ( P-PE1) + (PE1-Loopback PE1)= 25+10+10=45
To be Continue, InsyaAllah
THANK YOU