ISIS and OSPF A Comparative Anatomy Dave Katz
- Slides: 48
IS-IS and OSPF A Comparative Anatomy Dave Katz, Juniper Networks
Overview u Protocol History u Nuts and Bolts u Scalability Issues u Pragmatic Considerations u Conclusions June 12, 2000
Protocol History June 12, 2000
Protocol History u (Disclaimer--biased, foggy memory) u 1987 v IS-IS (from DEC) selected by ANSI as OSI intradomain protocol (CLNP only) u 1988 v NSFnet deployed, IGP based on early IS-IS draft v OSPF work begins, loosely based on IS-IS mechanisms (LS protocols are hard!) v IP extensions to IS-IS defined June 12, 2000
Protocol History u 1989 v OSPF v. 1 RFC published v Proteon ships OSPF v IS-IS becomes ISO proposed standard v Public bickering ensues--OSPF and IS-IS are blessed as equals by IETF, with OSPF somewhat more equal v Private cooperation improves both protocols u 1990 v Dual-mode June 12, 2000 IS-IS RFC published
Protocol History u 1991 v OSPF v. 2 RFC published v Cisco ships OSPF v Cisco ships OSI-only IS-IS u 1992 v Cisco ships dual IS-IS (part of DEC Brouter) v Lots of OSPF deployed, but very little IS-IS u 1993 v Novell June 12, 2000 publishes NLSP (IPX IS-IS knockoff)
Protocol History u 1994 v Cisco ships NLSP (rewriting IS-IS as side effect) v Large ISPs need an IGP; IS-IS is recommended due to recent rewrite and OSPF field experience (and to lesser extent, NSF CLNP mandate) u 1995 v ISPs begin deployment of IS-IS, Cisco implementation firms up, protocol starts to become popular in niche June 12, 2000
Protocol History u 1996 -1998 v IS-IS niche popularity continues to grow (some ISPs switch to it from OSPF) v IS-IS becomes barrier to entry for router vendors targeting large ISPs v Juniper and other vendors ship IS-IS capable routers u 1999 -2000 v Extensions continue for both protocols (e. g, Traffic Engineering) June 12, 2000
Nuts and Bolts June 12, 2000
Nuts and Bolts u 10, 000 foot view v Protocols are recognizably similar in function and mechanism (unsurprising, given common heritage) v Link state algorithms (network map is distributed, each router calculates routes independently based on the map) v Two level hierarchies v Designated Router on LANs v Widely deployed (for some value of “wide”) v Multiple interoperable implementations June 12, 2000
Nuts and Bolts u 10, 000 v OSPF foot view is for the most part more “optimized” (and therefore significantly more complex) v IS-IS was not designed from the start as an IP routing protocol (and is therefore a bit clunky in places) June 12, 2000
Nuts and Bolts u Encapsulation v OSPF runs on top of IP u. Traditional IP routing protocol approach u. Allows virtual links (if you like them) u. Relies on IP fragmentation for large LSAs u. Subject to spoofing and Do. S attacks (use of authentication is strongly advised) u. Allows use of ATM VCmux encapsulation (so TCP acks fit in one ATM cell) June 12, 2000
Nuts and Bolts u Encapsulation v IS-IS runs directly over L 2 (next to IP) u. Sort of makes sense, architecturally u. Partition repair requires tunneling (rarely implemented) u. More difficult to spoof or attack u. More difficult to implement in some environments u. Requires ATM SNAP encapsulation, forcing two-cell TCP acks (but Henk Smit’s NLPID hack fixes this) June 12, 2000
Nuts and Bolts u Media v Both support protocols support LANs and point-to-point links in similar ways v IS-IS has no direct NBMA support--expects O/S to present NBMA network as either pseudo-LAN (bad idea) or set of point-to-point links v OSPF NBMA mode is configuration-heavy and risky (all routers must be able to reach DR; bad news if VC fails) v OSPF P 2 MP models NBMA as point-topoint links (if O/S won’t help) June 12, 2000
Nuts and Bolts u Packet v OSPF Encoding is “efficiently” encoded u. Positional fields u. Holy 32 -bit alignment provides tidy packet pictures, but not much else u. Only LSAs are extensible (not Hellos, etc. ) u. Unrecognized LSA types not flooded (though opaque LSAs can suffice, if implemented universally, and IS-IS-like encoding can provide good granularity) June 12, 2000
Nuts and Bolts u Packet v IS-IS Encoding is mostly Type-Length-Value encoded u. No particular alignment u. Extensible from the start (unknown types ignored but still flooded) u. All packet types are extensible u. Nested TLVs provide structure for more granular extension (though base spec does not use them; OSPF is starting to do so) June 12, 2000
Nuts and Bolts u Area Architecture v Both protocols support two-level hierarchy of areas (to reduce SPF graph complexity, and potentially to allow route aggregation) v OSPF area boundaries fall within a router u. Interfaces bound to areas u. Router may be in many areas u. Router must calculate SPF per area June 12, 2000
Nuts and Bolts u Area Architecture v IS-IS area boundaries fall on links u. Router is in only one area, plus perhaps the L 2 backbone (area) u. Biased toward large areas, area migration u. Requires router per area (unless multiple virtual routers are implemented) u. Historically proven somewhat difficult for users to grasp u. Little or no multilevel deployment (large flat areas work so far) June 12, 2000
Nuts and Bolts u Database v OSPF Granularity database node is an LSAdvertisement u. LSAs are mostly numerous and small (one external per LSA, one summary per LSA) u. Network and Router LSAs can become large u. LSAs grouped into LSUpdates during flooding u. LSUpdates are built individually at each hop u. Small changes can yield small packets (but Router, Network LSAs can be large) June 12, 2000
Nuts and Bolts u Database v IS-IS Granularity database node is an LSPacket u. LSPs are clumps of topology information organized by the originating router u. Always flooded intact, unchanged across all flooding hops (so LSP MTU is an architectural constant--it must fit across all links) u. Small topology changes always yield entire LSPs (though packet size turns out to be much less of an issue than packet count) u. Implementations can attempt clever packing June 12, 2000
Nuts and Bolts u Neighbor v Both Establishment protocols use periodic multicast Hello packets, “I heard you” mechanism to establish 2 -way communication v Both protocols have settable hello/holding timers to allow tradeoff between stability, overhead, and responsiveness v OSPF requires hello and holding timers to match on all routers on the same subnet (side effect of DR election algorithm) making it difficult to change timers without disruption June 12, 2000
Nuts and Bolts u Neighbor v IS-IS Establishment requires padding of Hello packets to full MTU size under some conditions (to detect media with MTUs smaller than 1497 bytes)-this is effectively useless and causes needless support calls (deprecated in practice) v OSPF requires routers to have matching MTUs in order to become adjacent (or LSA flooding may fail, since LSUpdates are built at each hop and may be MTU-sized) June 12, 2000
Nuts and Bolts u Neighbor v The Adjacency Establishment goal--synchronize databases v The method--tell your neighbor everything you’ve got v You (or your neighbor) will figure out what you’re missing and make sure that you get it v Each protocol’s approach is driven by database granularity June 12, 2000
Nuts and Bolts u Neighbor v OSPF Adjacency Establishment uses complex, multistate process to synchronize databases between neighbors u. Intended to minimize transient routing problems by ensuring that a newborn router has nearly complete routing information before it begins carrying traffic u. Accounts for a significant portion of OSPF’s implementation complexity u. Partially a side effect of granular database (requires many DBD packets) June 12, 2000
Nuts and Bolts u Neighbor v IS-IS Adjacency Establishment essentially uses its regular flooding techniques to synchronize neighbors (that’s what flooding naturally does) u. Coarse database granularity makes this easy (just a few CSNPs) u. Transient routing issues can be reduced (albeit nondeterministically) by judicious use of the “overload” bit (one of a number of opportunistic hacks) June 12, 2000
Nuts and Bolts u Designated v Both Routers and Adjacency protocols elect a designated router on multiaccess networks to remove O(N^2) link problem (by creating a pseudonode) and to reduce flooding traffic (DR ensures flooding reliability) v OSPF elects both a DR and a Backup DR, each of which becomes adjacent with all other routers u. BDR takes over if DR fails u. DRship is sticky, not deterministic u. Complex algorithm June 12, 2000
Nuts and Bolts u Designated v In Routers and Adjacency IS-IS all routers are adjacent (but adjacency is far less stateful) u. If DR dies, new DR must be elected, with short connectivity loss (synchronization is fast) u. DRship is deterministic (highest priority, highest MAC address always wins) u. DRship can be made sticky by cool NLSP priority hack (DR increases its DR priority) June 12, 2000
Nuts and Bolts u LAN Flooding v OSPF uses multicast send, unicast ack from DR u. Reduces flood traffic by 50% (uninteresting) u. Requires per-neighbor state (for retransmissions) u. Interesting (but complex) acknowledgement suppression u. Flood traffic grows as O(N) June 12, 2000
Nuts and Bolts u LAN Flooding v IS-IS uses multicast LSP from all routers, CSNP from DR u. Periodic CSNPs ensure databases are synced (tractable because of coarse database granularity) u. Flood traffic constant regardless of number of neighbors on LAN v But big LANs are uninteresting June 12, 2000
Nuts and Bolts u Routes v IS-IS and Metrics base spec used 6 -bit metrics on links u. Allowed an uninteresting SPF optimization (CPUs are fast these days) u. Proved difficult to assign meaningful metrics in large networks u. Wide metric extension addresses this v Dual IS-IS spec advertises only default into L 1 areas u. Interarea traffic routed suboptimally u. Route leaking extension addresses this June 12, 2000
Nuts and Bolts u Authentication v Both and Security support cryptographic authentication v OSPF really needs this (packet bombs) v Successful IGP attacks will be catastrophic (or worse, subtle) v Use packet filtering, particularly with OSPF June 12, 2000
Nuts and Bolts u MPLS Traffic Engineering extensions v Protocols carry around TE link information (available bandwidth, link color, etc. ) on behalf of MPLS but don’t use the data themselves v TE functionality is identical for the two protocols (by design) v TE functions are IGP-independent, so mechanisms ought to be identical June 12, 2000
Scalability Issues June 12, 2000
Scalability Issues u Database v OSPF Size topologies limited by Network and Router LSA size (max 64 KB) to O(5000) links u. External and Interarea routes are essentially unbounded v IS-IS topologies limited by LSP count (256 fragments * 1470 bytes) for all route types u. Various hacks (fake pseudonodes, etc. ) could make this bigger v Ultimately a non-issue for even slightly sane topologies June 12, 2000
Scalability Issues u Database v Both Churn protocols have time-limited database entries and therefore require refreshing v IS-IS lifetime field is 16 bits, giving 18. 7 -hour lifetimes (with refresh times close to this) v OSPF age (counts up) has an architectural lifetime limit of 1 hour (80, 000 LSAs yield a refresh every 23 milliseconds) v “Do-not-age” LSAs are not backward compatible v Don’t inject zillions of routes into your IGP June 12, 2000
Scalability Issues u Flooding load--the only serious issue v Full-mesh topologies are worst-case for both v N^2 copies of each update (each of which is O(N) in size) v Link failure: O(N^3) information v Router failure: O(N^4) information v IS-IS “mesh group” hack provides backwardcompatible way of pruning flooding topology v OSPF has no solution without protocol change June 12, 2000
Pragmatic Considerations June 12, 2000
Pragmatic Considerations u OSPF guide v If spec is an excellent implementation followed to the letter, a working, if naïve, implementation will likely result v Spec is complex but has almost no “why” information, so other (potentially more scalable) implementation approaches are at the implementor’s own risk v Barrier to entry in high-end router market (you need to know the protocol intuitively) June 12, 2000
Pragmatic Considerations u IS-IS spec uses arcane ISOspeak and has very few implementation hints v Spec is inherently simple (once you get the lingo), with fewer implementation issues v Boilerplate at front and back of spec means that you can lose pages without affecting content v Barrier to entry in high-end router market (you need to know the protocol intuitively) June 12, 2000
Pragmatic Considerations u Extensibility v Despite anti-OSI FUD, IS-IS has proven much easier politically to extend (primarily due to small constituency and IETF disinterest) v Self-interest of router vendors and large ISPs brings extensions more quickly in IS-IS and promotes implementation stability, scalability, and interoperability June 12, 2000
Pragmatic Considerations u Extensibility v OSPF’s encoding scheme difficult to extend u. Difficult compatibility issues u. Explicitly and proudly optimized for IPv 4 u. IPv 6 requires a completely new protocol v IS-IS encoding inefficient and simple-minded u But proven to be easy to extend, at least in some ways u“IPv 6 -Ready” (also IPX-Ready…) June 12, 2000
Pragmatic Considerations u Optimality v OSPF was optimized for things that don’t matter any more (link bandwidth, CPU alignment) v IS-IS was optimized for things that don’t matter any more (large LANs, SPF cost) v Optimizations turn out to add complexity but not much value v A lot has changed in 10 years. . . June 12, 2000
Pragmatic Considerations u OSPF is much more widely understood v Broadly deployed in enterprise market v Many books of varying quality available v Preserves our investment in terminology u IS-IS is well understood within a niche v Broadly deployed within the large ISP market v Folks who build very large, very visible networks are comfortable with it June 12, 2000
Conclusions June 12, 2000
Conclusions u For all but extreme cases (large full-mesh networks), protocols are pretty much equivalent in scalability and functionality u Stability and scalability are largely artifacts of implementation, not protocol design u Familiarity and comfort in both engineering and operations is probably the biggest factor in choosing June 12, 2000
Conclusions u Does the world really need two protocols? v Nearly complete overlap in functionality means (ironically) that few people are motivated to switch v Entrenched constituencies (large ISPs; everyone else) ensure that installed bases will continue to exist v As long as there are two, people will never agree on only one v Not even the oft-predicted demise of IPv 4 will suffice June 12, 2000
Conclusions u Both protocols are over 10 years old, using graph theory that’s at least 40 years old u Both protocols are (even still) works in progress u Cherish Diversity (and job security) u They’re both good protocols u Use the one that makes the most sense to you June 12, 2000
http: //www. juniper. net
Ospf vs isis
Isis vs ospf
Uses and gratifications theory
Kato katz technique
Kato thick smear
Protocolo ospf ventajas y desventajas
Single area ospf
Ospf overview
Ospf 教學
Hello packet
Ospf attack
Multiarea ospf
Is-is vs ospf
Ospf introduction
Zone ospf
Ospf
Ospf algorithm dijkstra
What is a characteristic of a single-area ospf network?
Distance vector routing
Ospf neighbor state
Ospf opaque lsa
Ospf authentication types
Routing protocols rip ospf bgp
Ospf multiarea
Router convergence
Konfiguracja ospf
Ospf messages are encapsulated in
What is a characteristic of a single-area ospf network?
Rip ospf bgp
Rip ospf bgp
Bgp hold timer expired error
Ospf
Ospf finite state machine
Ospf
Protokollinhalt
Backboner
Router ospf process-id
Metrique ospf
Ospf multiarea
Ospf routing protocol
Ospf routing protocol
Rfc 2328
Tipos de paquetes ospf
Ospf down bit
Metrique ospf
Isis neutron and muon source
Isis and osiris
Boris katz mit
What is resting membrane potential
