Aut inveniam viam aut faciam

IS-IS Notes


– Link state routing protocol

-> 0xFEFE

-> 0x0800

– Connectionless Network Protocol (CLNP)

– Like an IP protocol suite in OSI model

-> Router

-> Intermediate System (IS)

-> End host

-> End System (ES)

-> OSI protocol

-> Directly works over layer 2

-> Integrated IS-IS can have payload of IPv4 or IPv6


IS-IS uses the following parameters

– IS-IS Hello (IIH)

– Link State Packet (LSP)

-> Database IS-IS

– Complete Sequence Number PDU (CSNP)

-> A list of database entries

– Partial Sequence Number PDU (PSNP)

-> A request to send LSPs




Neighbor Formation

– IIH must match the following

-> Authentication

-> IS type

-> MTU

-> Priority

-> system-id / area-id


Link can be point-to-point or multi-access

– Network types

-> Point-to-point

-> Broadcast

-> DIS is elected (Designated Intermediate System)

-> Highest priority selected

-> Highest Subnet Point of Attachment (SNPA)

-> MAC address (ethernet)

-> Frame-relay DLCI

-> Highest system-id

-> DIS election is pre-emptive


SNAP Address

– Subnetwork Access Point

– 20 butes represented in HEX

-> Bytes 1 – 13

-> area-id

-> Bytes 14 – 20

-> Network Selector Field

-> Always equal to “00”

A SNAP address with a NSEL part 0 Network Entity Title (NET) address

-> Must be an even number of bytes


IS-IS Area and Backbone Network

– Level-1

-> Router configuration mode

-> Similar to a NSSA

– Level-2

-> Interface configuration mode

-> Similar to Area 0 routers

– Level-1-2

– The level decides which updates can be received

– Two routers can be in different areas and still form neighbors

-> This means IS-IS areas are per router, as opposed to OSPF which is area per-link






All routers and links, by default, are Level-1-2

– Within an area, L-1-2 neighbors can be formed

– Between areas, only L-2 neighbors can be formed

– A consecutive set of Level-2 adjacencies is called a backbone, which may include several routers

-> The Level-2 adjacencies cannot be discontiguous

– The Level-1-2 router on the edge will send all Level-1 LSP with attached it set towards Level-1 routers


IS-IS Data Flow Procedures

– Receive operation

-> Updates are received as LSP

– Update operation

-> Updates are sent as LSP

– Decision operation

-> SPF algorithm finding the best routes

– Forward operation

-> Create CEF table entries with the best routes


IS-IS Metric

– Metric is cost

– Cost is constant 10 everywhere

-> No calculation

– By default, “narrow metric” is used

-> 6 bit

-> 1 – 63

– Can be changed to “wide metric”

-> 2^24

– “Wide metric” is needed for MPLS TE


IS-IS Topology

– Single topology

-> IPv4 and IPv6 address-families share the same path calculation

-> IPv4 and IPv6 has to be enabled on all interfaces configured for IS-IS

-> The interfaces doesn’t necessarily need both IPv4 and / or IPv6 addresses configured

– Multi topology

-> IPv4 and IPv6 address-families calculate best paths independently

-> IPv4 and IPv6 configuration independent

-> Interfaces configured for IS-IS can have IPv4 enabled, IPv6 enabled, or both

– For IOS routers, the default configuration is single topology

– For XR routers, the default configuration is multi topology




Configuring IS-IS

IOS Router

(config)# router isis [<name>}

-> default name is NULL

 net 49.001.0000.0000.1111.00

int lo0

 ip routing isis

 ipv6 routing isis

int fa0/0

 ip routing isis

 ipv6 routing isis


XR Router

(config)# router isis <name>

 net 49.0001.0000.0000.1111.00

-> area: area 49.0001

-> system:  .0000.0000.1111

-> NSEL:  .00


 int lo0

  address-family ipv4 unicast

  address-family ipv6 unicast

 int g0/0/0/0

  address-family ipv4 unicast

  address-family ipv6 unicast


show clns neighbor

show isis neighbor

-> “L1 L2 neighbors”


IOS (Level type, interface)

int e0/0

 isis circuit-type level-1


XR (Level type, interface)

router isis ABC

 int g0/0/0/0

  circuit-type level-1


IOS (Level type, entire router)

router isis

 is-type level-1


XR (Level type, entire router)

router isis ABC

is-type level-1


IOS (Timers)

int e0/0

 isis hello-interval <sec>

 isis hello-multiplier <count>


XR (Timers)

router isis ABC

 int g0/0/0/0

  hello-interval <sec>

  hello-multiplier <count>



int e0/0

 isis priority <value>

     -> 0 – 127

     -> 64 is default

 isis metric <value> [ level-1 | level-2 ]

 isis password <password>

 isis network { point-to-point | broadcast }


Route Leaking

– Routes can be leaked from Level-1 to Level-2

– and visa versa


On IOS Level-1-2 Router

router isis

 redistribute isis ip level-2 into level-1 { distribute-list <name> | route-map <name> }

access-list <number> permit | deny <protocol> <source> <wildcard> <destination> <wildcard>

-> network leaked – <source> <wildcard>

-> subnet mask to match – <destination> <wildcard>


Scenario -> Leak the loopback of R3 to R1

R2(config)# access-list 100 permit ip

ip prefix-list ABC permit

route-map LEAK

 match ip add prefix-list ABC



(config)# router-policy POLICY1

 if destination in (


  end if

router isis ABC

 address-family ipv4

 propagate level-2 into level-1 route-policy POLICY1



(config)# mpls ip

 mpls label protocol ldp

 ip cef

 int fa0/0

  mpls ip



(config)# mpls ldp

 int fa0/0

 int s0/0



sh run mpls ldp


Potential Problems


Mismatched Level 1 and Level 2 interfaces

Misconfigured NSAPs (NET)

Duplicate system IDs

Mismatched MTUs

Mismatched IP addresses and subnets

Mismatched topologies (single vs. multi)

Mismatched metrics (narrow vs. wide)

– Log Messages:

– TLV contents different, code 128

-> TLV 128 – IP Internal Reachability (narrow)

– TLV code mismatch

– TLV contents different, code 135

-> TLV 135 – Extended IP Reachability (wide)


Verification (IOS): 


sh clns nei

sh clns is-nei

sh clns int

sh isis nei

sh isis spf-log

sh isis database

sh isis database detail

-> Use to determine whether single topology or multitopolgy is configured

sh isis ip topology

sh isis ipv6 topology

sh clns

sh clns protocol

-> Shows the metric types that are generated and accepted

sh ip protocols

sh ipv6 protocols

sh isis topology

sh clns nei detail

sh clns int <int>

sh ip route isis

sh ipv6 route isis


debug isis adj-packets

debug isis update-packets

debug spf-events


Verification (XR):


sh isis

-> Shows the metric types that are generated and accepted

sh isis nei

sh isis int bri

sh isis spf-log

sh isis database

sh isis database detail

-> Use to determine whether single topology or multitopology is configured

-> Multitopology entries:

Metric: 10         MT (IPv6 Unicast) IPv6 2002:9:9::1/128

Metric: 10         MT (IPv6 Unicast) IPv6 2002:9:9:11::/64

Metric: 10         MT (IPv6 Unicast) IPv6 2002:9:9:18::/64

-> Singe topology entries:

Metric: 10         IPv6 2002:9:9::1/128

Metric: 10         IPv6 2002:9:9:11::/64

Metric: 10         IPv6 2002:9:9:18::/64


sh isis ipv4 topology

sh isis ipv6 topology

sh protocols

sh protocols ipv6

sh route isis

sh route ipv6 isis


Comments are closed.

This entry was posted on Saturday, January 3rd, 2015 at 9:01 am and is filed under CCIE. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.