ISIS Advanced Routing Workshop Af NOG 2008 ISIS

  • Slides: 42
Download presentation
ISIS Advanced Routing Workshop Af. NOG 2008

ISIS Advanced Routing Workshop Af. NOG 2008

IS-IS Standards History p ISO 10589 specifies OSI IS-IS routing protocol for CLNS traffic

IS-IS Standards History p ISO 10589 specifies OSI IS-IS routing protocol for CLNS traffic n n p RFC 1195 added IP support n n p Tag/Length/Value (TLV) options to enhance the protocol A Link State protocol with a 2 level hierarchical architecture. I/IS-IS runs on top of the Data Link Layer Requires CLNP to be configured Internet Draft defines how to add IPv 6 address family support to IS-IS www. ietf. org/internet-drafts/draft-ietf-isis-ipv 6 -07. txt p Internet Draft introduces Multi-Topology concept for IS-IS www. ietf. org/internet-drafts/draft-ietf-isis-wg-multi-topology 12. txt

ISIS Levels p ISIS has a 2 layer hierarchy n n p Level-2 (the

ISIS Levels p ISIS has a 2 layer hierarchy n n p Level-2 (the backbone) Level-1 (the areas) A router can be n n n Level-1 (L 1) router Level-2 (L 2) router Level-1 -2 (L 1 L 2) router

ISIS Levels p Level-1 router n n p Level-2 router n n p Has

ISIS Levels p Level-1 router n n p Level-2 router n n p Has neighbours only on the same area Has a level-1 LSDB with all routing information for the area May have neighbours in the same or other areas Has a Level-2 LSDB with all routing information about inter-area Level-1 -2 router n n May have neighbours on any area. Has two separate LSDBs: level-1 LSDB & level-2 LSDB

Backbone & Areas ISIS does not have a backbone area as such (like OSPF)

Backbone & Areas ISIS does not have a backbone area as such (like OSPF) p Instead the backbone is the contiguous collection of Level-2 capable routers p ISIS area borders are on links, not routers p Each router is identified with Network Entity Title (NET) p n NET is an NSAP where the n-selector is 0

L 1, L 2, and L 1 L 2 Routers Area-3 L 1 -only

L 1, L 2, and L 1 L 2 Routers Area-3 L 1 -only L 1 L 2 Area-2 L 1 L 2 L 2 -only L 1 L 2 L 1 -only Area-4 L 1 L 2 Area-1 L 1 -only L 1 L 2 L 1 -only

NSAP and Addressing p NSAP: Network Service Access Point n n p Total length

NSAP and Addressing p NSAP: Network Service Access Point n n p Total length between 8 and 20 bytes Area Address: variable length field (up to 13 bytes) System ID: defines an ES or IS in an area. NSEL: N-selector. identifies a network service user (transport entity or the IS network entity itself) NET: the address of the network entity itself

An Addressing Example Area 3 49. 0 f 01. 0002. 4444. 00 49. 0

An Addressing Example Area 3 49. 0 f 01. 0002. 4444. 00 49. 0 f 01. 0003. 6666. 00 Area 2 49. 0 f 01. 0002. 3333. 00 49. 0 f 01. 0004. 7777. 00 Area 4 49. 0 f 01. 0001. 2222. 00 49. 0 f 01. 0004. 8888. 00 Area 1 49. 0 f 01. 0001. 1111. 00

Addressing Common Practices p ISPs typically choose NSAP addresses thus: n n p First

Addressing Common Practices p ISPs typically choose NSAP addresses thus: n n p First 8 bits – pick a number Next 16 bits – area Next 48 bits – router loopback address Final 8 bits – zero Example: n n NSAP: 49. 0001. 1921. 6800. 1001. 00 Router: 192. 168. 1. 1 (loopback) in Area 1

Adjacencies p Hello PDU IIHs are exchanged between routers to form adjacencies ISIS adjacency

Adjacencies p Hello PDU IIHs are exchanged between routers to form adjacencies ISIS adjacency through IIH p Area addresses are exchanged in IIH PDUs

Link State PDU (LSP) Each router creates an LSP and flood it to neighbours

Link State PDU (LSP) Each router creates an LSP and flood it to neighbours p A level-1 router will create level-1 LSP(s) p A level-2 router will create level-2 LSP(s) p A level-1 -2 router will create p n n level-1 LSP(s) and level-2 LSP(s)

LSP Header p LSPs have n n Fixed header TLV coded contents p The

LSP Header p LSPs have n n Fixed header TLV coded contents p The LSP header contains n n n n LSP-id Sequence number Remaining Lifetime Checksum Type of LSP (level-1, level-2) Attached bit Overload bit

LSP Contents p The LSP contents are coded as TLV (Type, Length, Value) n

LSP Contents p The LSP contents are coded as TLV (Type, Length, Value) n n n Area addresses IS neighbors Authentication Info

LSDB content Each router maintains a separate LSDB for level-1 and level-2 LSPs p

LSDB content Each router maintains a separate LSDB for level-1 and level-2 LSPs p LSP headers and contents p SRM bits: set per interface when router has to flood this LSP p SSN bits: set per interface when router has to send a PSNP for this LSP p

Flooding of LSPs New LSPs are flooded to all neighbors p It is necessary

Flooding of LSPs New LSPs are flooded to all neighbors p It is necessary that all routers get all LSPs p Each LSP has a sequence number p 2 kinds of flooding p n n Flooding on a p 2 p link Flooding on LAN

Flooding on a p 2 p link Once the adjacency is established both routers

Flooding on a p 2 p link Once the adjacency is established both routers send CSNP packet p Missing LSPs are sent by both routers if not present in the received CSNP p Missing LSPs may be requested through PSNP p

Flooding on a LAN p p There’s a Designated Router (DIS) DIS election is

Flooding on a LAN p p There’s a Designated Router (DIS) DIS election is based on priority n p p Tie break is by the highest MAC address DIS has two tasks n n p Best practice is to select two routers and give them higher priority – then in case of failure one provides deterministic backup to the other Conducting the flooding over the LAN Creating and updating a special LSP describing the LAN topology (Pseudonode LSP) Pseudonode represents LAN (created by the DIS)

Flooding on a LAN DIS conducts the flooding over the LAN p DIS multicasts

Flooding on a LAN DIS conducts the flooding over the LAN p DIS multicasts CSNP every 10 seconds p All routers in the LAN check the CSNP against their own LSDB (and may ask specific re-transmissions with PSNPs) p

Complete Sequence Number PDU Describes all LSPs in your LSDB (in range) p If

Complete Sequence Number PDU Describes all LSPs in your LSDB (in range) p If LSDB is large, multiple CSNPs are sent p Used at 2 occasions p n n Periodic multicast by DIS (every 10 seconds) to synchronise LSDB over LAN subnets On p 2 p links when link comes up

Partial Sequence Number PDUs PSNPs Exchanged on p 2 p links (ACKs) p Two

Partial Sequence Number PDUs PSNPs Exchanged on p 2 p links (ACKs) p Two functions p n n p Acknowledge receipt of an LSP Request transmission of latest LSP PSNPs describe LSPs by its header n n LSP identifier Sequence number Remaining lifetime LSP checksum

Configuration Area-1 Area-2 Rtr-A p Rtr-B Area-3 Rtr-C L 1, L 2, L 1

Configuration Area-1 Area-2 Rtr-A p Rtr-B Area-3 Rtr-C L 1, L 2, L 1 -L 2 n n By default cisco routers will be L 1 L 2 routers Routers can be manually configured to behave as p p n Level-1 only, Level-2 only, Level-1 -2 This is what most ISPs do Configuration can be done per interface or at the router level

Configuration for A&B L 1 L 2 routers Rtr-C Rtr-B Area 49. 0001 Area

Configuration for A&B L 1 L 2 routers Rtr-C Rtr-B Area 49. 0001 Area 49. 0002 Router-B Interface Loopback 0 ip address 192. 168. 1. 1 255 ! Interface Pos 2/0/0 ip address 192. 168. 222. 1 255. 0 ip router isis circuit-type level-2 ! Fast. Ethernet 4/0/0 ip address 192. 168. 120. 10 255. 0 ip router isis circuit-type level-1 ! router isis passive-interface Loopback 0 net 49. 0001. 1921. 6800. 1001. 00 Rtr-A Rtr-D L 1 routers Router-A Interface Loopback 0 ip address 192. 168. 1. 5 255 ! interface Fast. Ethernet 0/0 ip address 192. 168. 120. 5 255. 0 ip router isis ! router isis is-type level-1 passive-interface Loopback 0 net 49. 0001. 1921. 6800. 1005. 00

Configuration for C&D L 1 L 2 routers Rtr-C Rtr-B Area 49. 0001 Area

Configuration for C&D L 1 L 2 routers Rtr-C Rtr-B Area 49. 0001 Area 49. 0002 Router-C Interface Loopback 0 ip address 192. 168. 2. 2 255 ! Interface Pos 1/0/0 ip address 192. 168. 222. 2 255. 0 ip router isis circuit-type level-2 ! interface Fddi 3/0 ip address 192. 168. 111. 2 255. 0 ip router isis circuit-type level-1 ! router isis passive-interface Loopback 0 net 49. 0002. 1921. 6800. 2002. 00 Rtr-A Rtr-D L 1 routers Router-D Interface Loopback 0 ip address 192. 168. 2. 4 255 ! interface Fddi 6/0 ip address 192. 168. 111. 4 255. 0 ip router isis ! router isis is-type level-1 passive-interface Loopback 0 net 49. 0002. 1921. 6800. 2004. 00

Adding interfaces to ISIS p To activate ISIS on an interface: n n n

Adding interfaces to ISIS p To activate ISIS on an interface: n n n p To disable ISIS on an interface: n n p interface HSSI 4/0 ip route isis isp-bb isis circuit-type level-2 router isis isp-bb passive-interface Gigabit. Ethernet 0/0 Disables CLNS on that interface Puts the interface subnet address into the LSDB No ISIS configuration on an interface n No CLNS run on interface, no interface subnet in the LSDB

Adding interfaces to ISIS p Scaling ISIS: passive-interface default n n n n n

Adding interfaces to ISIS p Scaling ISIS: passive-interface default n n n n n Disables ISIS processing on all interfaces apart from those marked as no-passive Places all IP addresses of all connected interfaces into ISIS Must be at least one non-passive interface: router isis isp-bb passive-interface default no passive-interface Gigabit. Ethernet 0/0 ip router isis isp-bb isis metric 1 level-2

Status Commands in ISIS p Show clns n Shows the global CLNS status as

Status Commands in ISIS p Show clns n Shows the global CLNS status as seen on the router, e. g. Rtr-B>show clns Global CLNS Information: 2 Interfaces Enabled for CLNS NET: 49. 0001. 1921. 6800. 1001. 00 Configuration Timer: 60, Default Holding Timer: 300, Packet Lifetime 64 ERPDU's requested on locally generated packets Intermediate system operation enabled (forwarding allowed) IS-IS level-1 -2 Router: Routing for Area: 49. 0001

Status Commands in ISIS p Show clns neighbors n Shows the neighbour adjacencies as

Status Commands in ISIS p Show clns neighbors n Shows the neighbour adjacencies as seen by the router: Rtr-B> show clns neighbors System Id SNPA Interface State Holdtime Type Protocol 1921. 6800. 2002 *PPP* PO 2/0/0 Up 29 L 2 IS-IS 1921. 6800. 1005 00 e 0. 1492. 2 c 00 Fa 4/0/0 Up 9 L 1 IS-IS n More recent IOSes replace system ID with router hostname – ease of troubleshooting

Status Commands in ISIS p Show clns interface n Shows the CLNS status on

Status Commands in ISIS p Show clns interface n Shows the CLNS status on a router interface: Rtr-B> show clns interface POS 2/0/0 is up, line protocol is up Checksums enabled, MTU 4470, Encapsulation PPP ERPDUs enabled, min. interval 10 msec. RDPDUs enabled, min. interval 100 msec. , Addr Mask enabled Congestion Experienced bit set at 4 packets DEC compatibility mode OFF for this interface Next ESH/ISH in 47 seconds Routing Protocol: IS-IS Circuit Type: level-1 -2 Interface number 0 x 0, local circuit ID 0 x 100 Level-1 Metric: 10, Priority: 64, Circuit ID: 1921. 6800. 2002. 00 Number of active level-1 adjacencies: 0 Level-2 Metric: 10, Priority: 64, Circuit ID: 1921. 6800. 1001. 00 Number of active level-2 adjacencies: 1 Next IS-IS Hello in 2 seconds

Status Commands in ISIS p Show CLNS protocol n Displays the status of the

Status Commands in ISIS p Show CLNS protocol n Displays the status of the CLNS protocol on the router: Rtr-B> show clns protocol IS-IS Router: <Null Tag> System Id: 1921. 6800. 1001. 00 IS-Type: level-1 -2 Manual area address(es): 49. 0001 Routing for area address(es): 49. 0001 Interfaces supported by IS-IS: Fast. Ethernet 4/0/0 - IP POS 2/0/0 - IP Redistributing: static Distance: 110

Other status commands p “show clns traffic” n p Shows CLNS traffic statistics and

Other status commands p “show clns traffic” n p Shows CLNS traffic statistics and activity for the network “show isis database” n n Shows the ISIS link state database i. e. the “routing table”

Network Design Issues p p As in all IP network designs, the key issue

Network Design Issues p p As in all IP network designs, the key issue is the addressing lay-out ISIS supports a large number of routers in a single area When using areas, use summary-addresses >400 routers in the backbone is quite doable

Network Design Issues p Possible link cost n n n p Summary address cost

Network Design Issues p Possible link cost n n n p Summary address cost n n p Equal to the best more specific cost Plus cost to reach neighbor of best specific Backbone has to be contiguous n p Default on all interface is 10 (Compare with OSPF which set cost according to link bandwidth) Manually configured according to routing strategy Ensure continuity by redundancy Area partitioning n Design so that backbone can NOT be partitioned

Scaling Issues p Areas vs. single area n Use areas where sub-optimal routing is

Scaling Issues p Areas vs. single area n Use areas where sub-optimal routing is not an issue p areas with one single exit point p n n n Start with L 2 -only everywhere is a good choice Future implementation of level-1 areas will be easier Backbone continuity is ensured from start

ISIS for IPv 6

ISIS for IPv 6

IS-IS for IPv 6 p p 2 Tag/Length/Values added to introduce IPv 6 routing

IS-IS for IPv 6 p p 2 Tag/Length/Values added to introduce IPv 6 routing IPv 6 Reachability TLV (0 x. EC) n n p IPv 6 Interface Address TLV (0 x. E 8) n n p External bit Equivalent to IP Internal/External Reachability TLV’s For Hello PDUs, must contain the Link-Local address For LSP, must only contain the non-Link Local address IPv 6 NLPID (0 x 8 E) is advertised by IPv 6 enabled routers

IOS IS-IS dual IP configuration LAN 1: 2001: db 8: 1: : /64 Router

IOS IS-IS dual IP configuration LAN 1: 2001: db 8: 1: : /64 Router 1# interface ethernet-1 ip address 10. 1. 1. 1 255. 0 ipv 6 address 2001: db 8: 1: : 1/64 ip router isis ipv 6 router isis Ethernet-1 Router 1 Ethernet-2 LAN 2: 2001: db 8: 2: : /64 Dual IPv 4/IPv 6 configuration. Redistributing both IPv 6 static routes and IPv 4 static routes. interface ethernet-2 ip address 10. 2. 1. 1 255. 0 ipv 6 address 2001: db 8: 2: : 1/64 ip router isis ipv 6 router isis address-family ipv 6 redistribute static exit-address-family net 42. 0001. 0000. 072 c. 00 redistribute static

IOS Configuration for IS-IS for IPv 6 on IPv 6 Tunnels over IPv 4

IOS Configuration for IS-IS for IPv 6 on IPv 6 Tunnels over IPv 4 On Router 1: interface Tunnel 0 no ip address ipv 6 address 2001: db 8: 1: : 1/64 ipv 6 address FE 80: : 10: 7 BC 2: ACC 9: 10 link-local ipv 6 router isis tunnel source 10. 42. 1. 1 tunnel destination 10. 42. 2. 1 ! router isis net 42. 0001. 0000. 0001. 00 On Router 2: IPv 6 Network IPv 6 Tunnel IPv 4 Backbone IPv 6 Network interface Tunnel 0 no ip address ipv 6 address 2001: db 8: 1: : 2/64 ipv 6 address FE 80: : 10: 7 BC 2: B 280: 11 link-local ipv 6 router isis tunnel source 10. 42. 2. 1 tunnel destination 10. 42. 1. 1 ! router isis net 42. 0001. 0000. 0002. 00 IPv 6 Tunnel IPv 6 Network IS-IS for IPv 6 on an IPv 6 Tunnel requires GRE Tunnel; it can’t work with IPv 6 configured tunnel as IS-IS runs directly over the data link layer

Multi-Topology IS-IS extensions p IS-IS for IPv 6 assumes that the IPv 6 topology

Multi-Topology IS-IS extensions p IS-IS for IPv 6 assumes that the IPv 6 topology is the same as the IPv 4 topology n n p Single SPF running, multiple address families Some networks may be like this, but many others are not Multi-Topology IS-IS solves this problem n n n New TLV attributes introduced New Multi-Topology ID #2 for IPv 6 Routing Topology Two topologies now maintained: p p ISO/IPv 4 Routing Topology (MT ID #0) IPv 6 Routing Topology (MT ID #2)

Multi-Topology IS-IS extensions p New TLVs attributes for Multi-Topology extensions: n n Multi-topology TLV:

Multi-Topology IS-IS extensions p New TLVs attributes for Multi-Topology extensions: n n Multi-topology TLV: contains one or more multi-topology ID in which the router participates MT Intermediate Systems TLV: this TLV appears as many times as the number of topologies a node supports Multi-Topology Reachable IPv 4 Prefixes TLV: this TLV appears as many times as the number of IPv 4 announced by an IS for a given MT ID Multi-Topology Reachable IPv 6 Prefixes TLV: this TLV appears as many times as the number of IPv 6 announced by an IS for a given MT ID

Multi-Topology ISIS configuration example (IOS) Area B LAN 1: 2001: db 8: 1: :

Multi-Topology ISIS configuration example (IOS) Area B LAN 1: 2001: db 8: 1: : 1/64 Ethernet 1 Router 1 Ethernet 2 LAN 2: 2001: db 8: 2: : 1/64 p p The optional keyword transition may be used for transitioning existing IS-IS IPv 6 single SPF mode to MT IS-IS Wide metric is mandated for Multi. Topology to work Router 1# interface Ethernet 1 ip address 10. 1. 1. 1 255. 0 ipv 6 address 2001: db 8: 1: : 1/64 ip router isis ipv 6 metric 20 interface Ethernet 2 ip address 10. 2. 1. 1 255. 0 ipv 6 address 2001: db 8: 2: : 1/64 ip router isis ipv 6 metric 20 router isis net 42. 0001. 0000. 072 c. 00 metric-style wide ! address-family ipv 6 multi-topology exit-address-family

ISP common practices p NSAP address construction n p L 2 n p L

ISP common practices p NSAP address construction n p L 2 n p L 1 -L 2 and L 1 used later for scaling Wide metrics n p Area and loopback address Narrow metrics are too limiting Deploying IPv 6 in addition to IPv 4 n Multi-topology is recommended – gives increased flexibility should there be future differences in topology

Summary p You have learned about: n n n ISIS for IPv 4 L

Summary p You have learned about: n n n ISIS for IPv 4 L 1, L 2 and L 1 L 2 routers ISIS areas ISIS configuration and status commands ISIS extensions for IPv 6 ISP common practices

ISIS WHAT IS ISIS ISIS IS A PRODUCTISIS WHAT IS ISIS ISIS IS A PRODUCT
ISIS Wat is ISIS Isis is een terroristenISIS Wat is ISIS Isis is een terroristen
The ISIS Protocol Introducing ISIS and Integrated ISISThe ISIS Protocol Introducing ISIS and Integrated ISIS
ISIS What is ISIS ISIS is a terroristISIS What is ISIS ISIS is a terrorist
IP ROUTING 1 STATIC ROUTING DEFAULT ROUTING RoutingIP ROUTING 1 STATIC ROUTING DEFAULT ROUTING Routing
Routing Routing Basics Distance Vector Routing LinkState RoutingRouting Routing Basics Distance Vector Routing LinkState Routing
Metoda Routing NextHop Routing NextHop Routing Tabel routingMetoda Routing NextHop Routing NextHop Routing Tabel routing
ISIS Scalable Infrastructure Workshop Af NOG 2010 WhyISIS Scalable Infrastructure Workshop Af NOG 2010 Why
Introduction to ISIS SIE Workshop Af NOG 2012Introduction to ISIS SIE Workshop Af NOG 2012
Introduction to ISIS Af NOG 2011 SIE WorkshopIntroduction to ISIS Af NOG 2011 SIE Workshop
Introduction to ISIS SIE Workshop Af NOG 2013Introduction to ISIS SIE Workshop Af NOG 2013
Introduction to ISIS SIE Workshop Af NOG 2013Introduction to ISIS SIE Workshop Af NOG 2013
Introduction to ISIS Af NOG 2011 SIE WorkshopIntroduction to ISIS Af NOG 2011 SIE Workshop
Static Routing Exercise Scalable Infrastructure Workshop Af NOGStatic Routing Exercise Scalable Infrastructure Workshop Af NOG
Static Routing Exercise Scalable Infrastructure Workshop Af NOGStatic Routing Exercise Scalable Infrastructure Workshop Af NOG
Comparing ISIS and OSPF Af NOG 2011 AREComparing ISIS and OSPF Af NOG 2011 ARE
Comparing ISIS and OSPF Af NOG 2013 1Comparing ISIS and OSPF Af NOG 2013 1
Comparing ISIS and OSPF Af NOG 2011 AREComparing ISIS and OSPF Af NOG 2011 ARE
Comparing ISIS and OSPF SIF Af NOG 2014Comparing ISIS and OSPF SIF Af NOG 2014
Introduction to ISIS SIF Af NOG 2014 LastIntroduction to ISIS SIF Af NOG 2014 Last
Comparing ISIS and OSPF Af NOG 2011 AREComparing ISIS and OSPF Af NOG 2011 ARE
Channel Routing Continuity equation Hydrologic Routing Hydraulic RoutingChannel Routing Continuity equation Hydrologic Routing Hydraulic Routing
ROUTING Apa itu routing Jenisjenis routing dilihat dariROUTING Apa itu routing Jenisjenis routing dilihat dari
Chapter 11 Routing Objectives Routing Basics Why RoutingChapter 11 Routing Objectives Routing Basics Why Routing