Configuring Integrated IS-IS

13 Mar

This chapter covers the following topics, which you need to understand to pass the CCNP/CCDP/CCIP BSCI exam:
■ Basic configuration of Integrated IS-IS
■ Optional Integrated IS-IS commands
■ Verifying the Integrated IS-IS operation
■ Troubleshooting the Integrated IS-IS operation

Configuring Integrated IS-IS

As in all configurations, the essential commands give a basic configuration, and the more advanced commands either tune the system for efficiency or provide additional configurations for different situations. There is the cake, and then there is the icing. The first section of this chapter deals with the required commands. The next section covers the optional commands. You then learn how to confirm the configuration and how to troubleshoot that configuration to maintain the smooth operation of the network.

The topics in this chapter detail the steps to configuring the IS-IS protocol for integrated routing on a Cisco network. This chapter assumes knowledge of routing protocols—in particular, linkstate routing protocols—and the terminology, concepts, and operation of IS-IS.

“Do I Know This Already?” Quiz
The purpose of the “Do I Know This Already?” quiz is to help you to decide what parts of this chapter to use. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.

The 12-question quiz, derived from the major sections in the “Foundation Topics” portion of the chapter, helps you to determine how to spend your limited study time.

Table 12-1 outlines the major topics discussed in this chapter and the “Do I Know This
Already?” quiz questions that correspond to those topics.

Table 12-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping

Basic Configuration of Integrated IS-IS

NOTE The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark this question wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.

1. Which of the following is the correct command to start the Integrated IS-IS routing process?
a. ip router isis
b. router isis
c. routing ip isis
d. router clns

2. Where is the Integrated IS-IS routing process started?
a. At the executive level
b. At the interface level
c. At both the executive and interface levels
d. Underneath the IP routing process

3. What is the purpose of the net command?
a. To define the summarized address range on the router interface
b. To define the area into which the interface is to be placed
c. To define the IS-IS address on the interface
d. To define the CLNS address for the router

4. Where is the routing level changed from the default of Level 1-2?
a. At the executive level
b. At the interface level
c. Underneath the routing process or at the interface level
d. Underneath the IP routing process

5. Which of the following are valid commands for changing the routing level?
a. isis level-2
b. isis circuit-type level-1
c. isis router level-1
d. ip router level 1

6. Which of the following commands summarizes the subnets 140.100.104.0 to 140.100.111.0 at the area boundary?
a. summary-address 140.100.104.0 255.255.248.0.
b. summary-address 140.100.104.0 0.0.7.255.
c. ip isis summary address 140.100.104.0/21.
d. None of the above; summarization is supported only in OSPF and EIGRP.

7. Which of the following are displayed in the command show clns neighbor ?
a. The contents of the neighbor table
b. The routing level as defined at the interface level
c. The System ID of the transmitting neighbor
d. All of the above

8. Which of the following are displayed in the command show clns interface ?
a. The number of LSPs received on the interface
b. The parity check on the received hellos
c. The metric of the outgoing interface
d. The round trip delay

9. Which of the following are displayed in the command show isis database ?
a. The root of the SPF tree
b. The LSPs in the local database
c. Whether an LSP has been fragmented
d. The sequence number of the LSPs

10. Which of the following commands shows whether the ATT bit has been set?
a. show isis hello packets
b. show isis database
c. debug isis interface
d. debug clns interface

11. Which of the following are displayed in the command debug isis update-packets ?
a. Hellos
b. LSPs
c. CSNPs
d. PSNPs

12. Which of the following are displayed in the command debug isis adjacency-packets ?
a. The population of the PATH database
b. The LSPs
c. Changes in the state of the adjacencies
d. Hello packets

The answers to this quiz are found in Appendix A, “Answers to Chapter ‘Do I Know This Already?’ Quizzes and Q&A Sections.” The suggested choices for your next step are as follows:

■ 6 or less overall score —Read the entire chapter. This includes the “Foundation Topics” and “Foundation Summary” sections, the “Q&A” section, and the “Scenarios” at the end of the chapter.
■ 7–9 overall score —Begin with the “Foundation Summary” section, and then go to the “Q&A” section and the “Scenarios” at the end of the chapter. If you have trouble with these exercises, read the appropriate sections in “Foundation Topics.”

■ 10 or more overall score —If you want more review on these topics, skip to the “Foundation Summary” section, and then go to the “Q&A” section and the “Scenarios” at the end of the chapter. Otherwise, move to the next chapter.

Foundation Topics
Basic Configuration of Integrated IS-IS

The preparation for configuring any routing protocol requires a thorough understanding of the network topology and a coherent addressing scheme. When you have these, the basic configuration of Integrated IS-IS is as follows:

Step 1 Enable the routing process Integrated IS-IS with the router isis command.
Step 2 Configure the Network Entity Title (NET) address, thus assigning the area with the net network-address router subcommand.
Step 3 Enable Integrated IS-IS for IP on the relevant interfaces with the ip router isis interface subcommand.

Figure 12-1 illustrates a simple network to support the working configuration example. The figure shows the topology of the network and the addressing scheme that was used.
Figure 12-1 Basic Integrated IS-IS Configuration

Basic Integrated IS-IS Configuration

Example 12-1 shows the basic configuration required to run Integrated IS-IS. The relevant commands are highlighted for easy identification, and a brief explanation of the code is inserted after an exclamation mark to make the code easier to read. Note that the router process is started and the NET address is defined immediately beneath this router process. This is done because the IS-IS address is assigned to the router and, as such, is a part of the routing process. IS-IS is started on the interface after the IS-IS router process is defined with a NET address.

Example 12-1 Basic Integrated IS-IS Configuration

Working Example for Router A

Remember that by default, Cisco routers are configured as Level 1-2 routers to avoid suboptimal routing. Also, the clns routing command, which turns on the routing process for the OSI protocol stack and allows it to route OSI traffic across the router, is not required for IP-only IS-IS. In some versions of the Cisco IOS software, clns routing is written into the configuration file automatically by Cisco, when the routing process for IS-IS is configured.

Optional Integrated IS-IS Commands
Though the commands in this section are considered optional, they might or might not be optional in your network. For instance, if you are running Frame Relay, you must carefully consider and implement a configuration of Integrated IS-IS over the nonbroadcast multiaccess (NBMA) cloud. One of many considerations is how to separate the network into areas and which routers are to take which level of responsibility.

Changing the Router from Level 1-2
The reason you change the routing level in Integrated IS-IS is to overcome the problem of Integrated IS-IS consuming resources on both the routers and the media. Using the topology in Figure 12-2, it is possible to configure Routers D, E, and F as Level 1 routers because they are internal to their areas. The following syntax shows the command structure:

Router(config)#iipp rroouutteerr iissiiss
Router(config-router)#isis circuit–type level 1

Figure 12-2 Changing the Level of Routing Both for the Entire Router and at the Interface Level

Changing the Level of Routing

It is also possible to change the level of routing to Level 1 at the interface level by issuing the isis circuit-type level-1 command under the interface. In Figure 12-2, this is done on the Routers A, B, and C. The Ethernet interface pointing to the stub Routers D, E, and F is configured to be running Level 1 routing, whereas the serial interface runs only Level 2 routing.

Level 1-2 routers send LSPs with an attached (ATT) bit in their Level 1 LSPs, indicating that they are attached to another area. This creates a default route in the Level 1 router pointing to the nearest Level 2 router. This allows the nearest Level 2 router to be the transit router for all data destined for another area.

As illustrated in Figure 12-2, Example 12-2 shows Router A configured as Level 1 on the Ethernet interface pointing to Router D. The other interfaces are configured as Level 2 only. The relevant commands are highlighted for easy identification.

Example 12-2 Changing Router A Routing Level on an Interface Basis

Working Example for Router A

Example 12-3 shows the configuration command to change the level of routing on Router D to be Level 1. Note that this command appears under the router isis command, changing the behavior of the entire process, rather than just the interface level. The relevant commands are highlighted for easy identification.

Example 12-3 Changing the Level of Routing for the Entire Router

Working Example for Router

Configuring Summarization
Configuring summarization is straightforward. The complexity is in the addressing scheme design. There are three rules to remember about summarizing IP routes for Integrated IS-IS:

■ Routes cannot be summarized within an area; that is, the protocol does not allow intra-area summarization.
■ Internal routes can be summarized between areas, from a Level 1 to a Level 2 router. Thus, summarization is configured on a Level 1-2 router, which turns the routes from Level 1 routes into Level 2 routes.

■ If summarization is used, all the Level 1-2 routers in the area need to be summarizing routes out of the area in the same manner. If one router is advertising the routes that are more specific (unsummarized), all the traffic will be sent to this router in accordance to the longest-match rule. This will result in suboptimal routing and might overwhelm the receiving router.

To configure summarization, enter the summary-address command followed by the summary address and mask under the router process. Figure 12-3 shows the topology used to support the working example shown in Example 12-4.

In Figure 12-3, the IP routes from Router B are summarized into areas 0001 and 0003. Router B is capable of summarizing routes because the router is both a Level 1 and a Level 2 router, straddling more than one area and forming the connectivity between the areas. This functionality is similar to an ABR in OSPF. Example 12-4 shows Router B summarizing routes 140.100.104.0 through 140.100.107.0 with a mask summarized from /24 to /22. The relevant command is highlighted for easy identification.

Figure 12-3 Summarizing IP Addresses Between IS-IS Areas

IP Addresses Between IS-IS Areas

Example 12-4 Summarization of IP Routes from Router B

Working Example for Router

Configuring NBMA
IS-IS acknowledges only two types of network topologies: broadcast and point-to-point. If the network link is not a serial line connecting to a single router (a point-to-point network), IS-IS automatically defines the link to be broadcast. Because NBMA is neither a point-to-point nor a broadcast medium, the configuration for IS-IS over NBMA deserves a moment’s consideration.

For multiaccess WAN interfaces (such as ATM, Frame Relay, and X.25), it is highly recommended that you configure the NBMA cloud as multiple point-to-point subinterfaces. This is a simpler design that makes routing much more robust, particularly if one or more permanent virtual circuits (PVCs) in the NBMA cloud fail.

An example of an NBMA technology is Frame Relay. It is a WAN technology that is widely used and has evolved beyond the point-to-point capabilities. When configured in a full mesh, the cloud is multiaccess, although each circuit is discrete and therefore not a true broadcast medium.

The Broadcast Configuration over NBMA
If the NBMA cloud is fully meshed, the IS-IS broadcast option is the configuration to choose. As far as IS-IS is concerned, the NBMA cloud is a broadcast medium, such as Ethernet, and so a DIS router is elected. Decisions about manually determining which router is elected should be made in reference to the topology of the network, data flow, and router capacity.

Remember that hello and routing updates are used differently than the point-to-point configuration. Therefore, you need to ensure that all the interfaces connecting into the cloud are configured in the same way; otherwise, the hellos will be rejected and no adjacency will be formed.

The configuration for IS-IS over the fully meshed Frame Relay cloud is illustrated in Figure 12-4. In Figure 12-4, the Frame Relay cloud has three fully meshed routers, which can operate as a LAN as far as IS-IS PDUs are concerned.

Figure 12-4 NBMA Frame Relay Cloud Running Broadcast Integrated IS-IS

Broadcast Integrated IS-IS

Example 12-5 shows a working example of the configuration. In the example, the frame-relay map ip command maps the IP destination address to the outgoing data-link connection identifier (DLCI) and defines the interface as a broadcast interface. Integrated IS-IS uses the links as if they were truly a broadcast link and elects a DIS.

The frame-relay map clns command maps to the CLNS process on the destination router. Without the this command, no routes appear in the IP routing table because IS-IS does not receive IS-IS frames to populate the IP routing table. Remember that these are IP routes carried in the IS-IS routing protocol. IS-IS information does not travel in IP or CLNS packets. IS-IS is encapsulated at the network layer in a frame that is similar to CLNS and those frames must be carried over Frame Relay to build the routing table.

Example 12-5 NBMA Frame Relay Cloud Running Broadcast Integrated IS-IS

Running Broadcast Integrated

The alternative solution to a broadcast configuration is to define subinterfaces and to configure each subinterface as point-to-point.

The Point-to-Point Configuration over NBMA
The point-to-point configuration over NBMA requires an IP subnet per link. This is the configuration suggested by Cisco for a hub and spoke topology.

The configuration is simpler, because the link is point-to-point and there is no need to configure
frame-relay map commands. The point-to-point link is just a pipe that goes to one destination, and map commands imply a choice of destination.

As shown in the configuration in Example 12-6, it is only necessary to create subinterfaces, configure those interfaces as point-to-point, start Frame Relay, and define the DLCIs. Do not forget that in addition to configuring Frame Relay, you must start the IS-IS process for each interface.

Figure 12-5 supports the working example for this configuration. It shows the DLCI addresses and the IP addresses for the point-to-point links in addition to the ISO addresses for Routers A, B, and C.

Figure 12-5 NBMA Frame Relay Cloud Running Point-to-Point Integrated IS-IS
Point-to-Point Integrated IS-IS

Example 12-6 shows the configuration for Router A to run Integrated IS-IS across the Frame Relay cloud as if it were a series of point-to-point networks.

Example 12-6 NBMA Frame Relay Cloud Running Point-to-Point Integrated IS-IS

Working Example for Router

Verifying the Integrated IS-IS Operation
The ability to monitor the network enables you to optimize the network and detect problems early. Useful commands to verify the operation of Integrated IS-IS include the following show commands:
■ show clns neighbor
■ show clns interface
■ show isis database
■ show isis database detail

The following sections explain each of these show commands in more detail. The commands explained in this section correspond to the topology illustrated in Figure 12-6 and the configuration shown in Example 12-7 for Router A.

Figure 12-6 The Network Topology for the show Commands

Configuration for Router

Router A in Figure

The show clns neighbors Command
The show clns neighbors command has some of the contents of the neighbor table and the state of the link. Note that the subnetwork point of attachment (SNPA) is the MAC address of the interface. The type of routing that is used is Level 1-2.

The EXEC command has the following syntax:
show clns area-tag neighbors [ type number] [area] [detail]
Table 12-2 explains the syntax of this command.
Table 12-2 Explanation of the show clns neighbors Command

Example 12-8 shows output for the show clns neighbors command.
Example 12-8 Output for the show clns neighbors Command

The output of the show clns neighbors command shows that Router A has three neighbors. The system ID shows that the serial subinterface S0.1 has heard an LSP from 0000.0000.000C S0.1, which has the data-link DLCI Frame Relay address of 629. The protocol is IS-IS, and it is running Level 2 routing. The link is up and has 23 seconds before another Hello needs to be received. Because the Hello timer is set by default to send Hellos every 10 seconds, it should receive another Hello in 7 seconds, which will reset the holdtime. The Ethernet segment is running Level 1 routing and has a MAC address for the SNPA address.

The show clns neighbors command is good for quickly checking connectivity. This output shows all the neighbors—complete with the DLCI addresses and OSI system IDs—indicating that Frame Relay is correctly configured and working, as is IS-IS.

Adding the parameter detail to the show clns neighbors command gives information about each neighbor and the connection to that neighbor. Example 12-9 shows output for the show clns neighbors detail command. Here the area address for the neighbor, the IP address of the transmitting interface, and the length of time that the interface has been up are shown. This command gives information that enables you to verify the addressing scheme of the network.

Example 12-9 Output for the show clns neighbors detail Command

The show clns interface Command
The misconfiguration of the interface for Integrated IS-IS results in the inability to create adjacencies. Typically, the error is a simple mismatch of parameters, which can be seen by using the show clns interface command.

The neighbor database tells you of one neighbor, and the interface indicates one adjacency. Because this is a LAN interface, it is possible to identify the DIS. The circuit ID shows the pseudonode ID, which has a value greater than 0×00 in the octet after the system ID. Note that a DIS is elected for both Level 1 and Level 2 routing. Because no priority has been manually configured, the tiebreaker used to elect the DIS is the highest SNPA on the segment. In this case, the SNPA is the MAC address. Note that the default metric is 10 and the priority is 64.

The EXEC command has the following syntax:
Router#show clns interface [ type number]

In this example, Frame Relay is configured with point-to-point links. Because there is only one other router on this link, there is no need for a DIS to be elected. Therefore, the circuit ID shows the system ID of a router, rather than a pseudonode. Remember, the octet following the system ID indicates whether this ID is a pseudonode representing the multiaccess link. If the ID is that of a pseudonode, the system ID is that of the DIS, with the next octet showing a nonzero value such as 0×01.

This makes more sense when you look at the Ethernet interface. The Ethernet 0 interface has the Level 1 circuit ID as A.01. This indicates that the DIS for Level 1 is Router A. The octet following the circuit ID of 01 has a nonzero value, indicating the ID of a pseudonode.

Because this is a Level 1-2 router, there is also a circuit ID for the Level 2 adjacency. This is relevant only on the Ethernet interface because it is the only multiaccess link. Note that the value for the Level 2 DIS is that of Router A. Router D has been configured as a Level 1 router and, as such, cannot communicate Level 2 updates.

Example 12-10 shows output for the show clns interface command.
Example 12-10 Output for the show clns interface Command


414 Chapter 12: Configuring Integrated IS-IS
Table 12-4 explains the meaning of the fields in the output screen.
Table 12-4 Explanation of the show clns interface Command Output

No comments yet

Leave a Reply

You must be logged in to post a comment.