This chapter covers the following topics, which you need to understand to pass the CCNP/CCDP/CCIP BSCI exam:
■ Basic conﬁguration of Integrated IS-IS
■ Optional Integrated IS-IS commands
■ Verifying the Integrated IS-IS operation
■ Troubleshooting the Integrated IS-IS operation
Configuring Integrated IS-IS
As in all conﬁgurations, the essential commands give a basic conﬁguration, and the more advanced commands either tune the system for efﬁciency or provide additional conﬁgurations for different situations. There is the cake, and then there is the icing. The ﬁrst section of this chapter deals with the required commands. The next section covers the optional commands. You then learn how to conﬁrm the conﬁguration and how to troubleshoot that conﬁguration to maintain the smooth operation of the network.
The topics in this chapter detail the steps to conﬁguring the IS-IS protocol for integrated routing on a Cisco network. This chapter assumes knowledge of routing protocols—in particular, linkstate routing protocols—and the terminology, concepts, and operation of IS-IS.
“Do I Know This Already?” Quiz
The purpose of the “Do I Know This Already?” quiz is to help you to decide what parts of this chapter to use. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.
The 12-question quiz, derived from the major sections in the “Foundation Topics” portion of the chapter, helps you to determine how to spend your limited study time.
Table 12-1 outlines the major topics discussed in this chapter and the “Do I Know This
Already?” quiz questions that correspond to those topics.
Table 12-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping
NOTE The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark this question wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.
1. Which of the following is the correct command to start the Integrated IS-IS routing process?
a. ip router isis
b. router isis
c. routing ip isis
d. router clns
2. Where is the Integrated IS-IS routing process started?
a. At the executive level
b. At the interface level
c. At both the executive and interface levels
d. Underneath the IP routing process
3. What is the purpose of the net command?
a. To deﬁne the summarized address range on the router interface
b. To deﬁne the area into which the interface is to be placed
c. To deﬁne the IS-IS address on the interface
d. To deﬁne the CLNS address for the router
4. Where is the routing level changed from the default of Level 1-2?
a. At the executive level
b. At the interface level
c. Underneath the routing process or at the interface level
d. Underneath the IP routing process
5. Which of the following are valid commands for changing the routing level?
a. isis level-2
b. isis circuit-type level-1
c. isis router level-1
d. ip router level 1
6. Which of the following commands summarizes the subnets 220.127.116.11 to 18.104.22.168 at the area boundary?
a. summary-address 22.214.171.124 255.255.248.0.
b. summary-address 126.96.36.199 0.0.7.255.
c. ip isis summary address 188.8.131.52/21.
d. None of the above; summarization is supported only in OSPF and EIGRP.
7. Which of the following are displayed in the command show clns neighbor ?
a. The contents of the neighbor table
b. The routing level as deﬁned at the interface level
c. The System ID of the transmitting neighbor
d. All of the above
8. Which of the following are displayed in the command show clns interface ?
a. The number of LSPs received on the interface
b. The parity check on the received hellos
c. The metric of the outgoing interface
d. The round trip delay
9. Which of the following are displayed in the command show isis database ?
a. The root of the SPF tree
b. The LSPs in the local database
c. Whether an LSP has been fragmented
d. The sequence number of the LSPs
10. Which of the following commands shows whether the ATT bit has been set?
a. show isis hello packets
b. show isis database
c. debug isis interface
d. debug clns interface
11. Which of the following are displayed in the command debug isis update-packets ?
12. Which of the following are displayed in the command debug isis adjacency-packets ?
a. The population of the PATH database
b. The LSPs
c. Changes in the state of the adjacencies
d. Hello packets
The answers to this quiz are found in Appendix A, “Answers to Chapter ‘Do I Know This Already?’ Quizzes and Q&A Sections.” The suggested choices for your next step are as follows:
■ 6 or less overall score —Read the entire chapter. This includes the “Foundation Topics” and “Foundation Summary” sections, the “Q&A” section, and the “Scenarios” at the end of the chapter.
■ 7–9 overall score —Begin with the “Foundation Summary” section, and then go to the “Q&A” section and the “Scenarios” at the end of the chapter. If you have trouble with these exercises, read the appropriate sections in “Foundation Topics.”
■ 10 or more overall score —If you want more review on these topics, skip to the “Foundation Summary” section, and then go to the “Q&A” section and the “Scenarios” at the end of the chapter. Otherwise, move to the next chapter.
Basic Configuration of Integrated IS-IS
The preparation for conﬁguring any routing protocol requires a thorough understanding of the network topology and a coherent addressing scheme. When you have these, the basic conﬁguration of Integrated IS-IS is as follows:
Step 1 Enable the routing process Integrated IS-IS with the router isis command.
Step 2 Conﬁgure the Network Entity Title (NET) address, thus assigning the area with the net network-address router subcommand.
Step 3 Enable Integrated IS-IS for IP on the relevant interfaces with the ip router isis interface subcommand.
Figure 12-1 illustrates a simple network to support the working conﬁguration example. The ﬁgure shows the topology of the network and the addressing scheme that was used.
Figure 12-1 Basic Integrated IS-IS Configuration
Example 12-1 shows the basic conﬁguration required to run Integrated IS-IS. The relevant commands are highlighted for easy identiﬁcation, and a brief explanation of the code is inserted after an exclamation mark to make the code easier to read. Note that the router process is started and the NET address is deﬁned immediately beneath this router process. This is done because the IS-IS address is assigned to the router and, as such, is a part of the routing process. IS-IS is started on the interface after the IS-IS router process is deﬁned with a NET address.
Example 12-1 Basic Integrated IS-IS Configuration
Remember that by default, Cisco routers are conﬁgured as Level 1-2 routers to avoid suboptimal routing. Also, the clns routing command, which turns on the routing process for the OSI protocol stack and allows it to route OSI trafﬁc across the router, is not required for IP-only IS-IS. In some versions of the Cisco IOS software, clns routing is written into the conﬁguration ﬁle automatically by Cisco, when the routing process for IS-IS is conﬁgured.
Optional Integrated IS-IS Commands
Though the commands in this section are considered optional, they might or might not be optional in your network. For instance, if you are running Frame Relay, you must carefully consider and implement a conﬁguration of Integrated IS-IS over the nonbroadcast multiaccess (NBMA) cloud. One of many considerations is how to separate the network into areas and which routers are to take which level of responsibility.
Changing the Router from Level 1-2
The reason you change the routing level in Integrated IS-IS is to overcome the problem of Integrated IS-IS consuming resources on both the routers and the media. Using the topology in Figure 12-2, it is possible to conﬁgure Routers D, E, and F as Level 1 routers because they are internal to their areas. The following syntax shows the command structure:
Router(config)#iipp rroouutteerr iissiiss
Router(config-router)#isis circuit–type level 1
Figure 12-2 Changing the Level of Routing Both for the Entire Router and at the Interface Level
It is also possible to change the level of routing to Level 1 at the interface level by issuing the isis circuit-type level-1 command under the interface. In Figure 12-2, this is done on the Routers A, B, and C. The Ethernet interface pointing to the stub Routers D, E, and F is conﬁgured to be running Level 1 routing, whereas the serial interface runs only Level 2 routing.
Level 1-2 routers send LSPs with an attached (ATT) bit in their Level 1 LSPs, indicating that they are attached to another area. This creates a default route in the Level 1 router pointing to the nearest Level 2 router. This allows the nearest Level 2 router to be the transit router for all data destined for another area.
As illustrated in Figure 12-2, Example 12-2 shows Router A conﬁgured as Level 1 on the Ethernet interface pointing to Router D. The other interfaces are conﬁgured as Level 2 only. The relevant commands are highlighted for easy identiﬁcation.
Example 12-2 Changing Router A Routing Level on an Interface Basis
Example 12-3 shows the conﬁguration command to change the level of routing on Router D to be Level 1. Note that this command appears under the router isis command, changing the behavior of the entire process, rather than just the interface level. The relevant commands are highlighted for easy identiﬁcation.
Example 12-3 Changing the Level of Routing for the Entire Router
Conﬁguring summarization is straightforward. The complexity is in the addressing scheme design. There are three rules to remember about summarizing IP routes for Integrated IS-IS:
■ Routes cannot be summarized within an area; that is, the protocol does not allow intra-area summarization.
■ Internal routes can be summarized between areas, from a Level 1 to a Level 2 router. Thus, summarization is conﬁgured on a Level 1-2 router, which turns the routes from Level 1 routes into Level 2 routes.
■ If summarization is used, all the Level 1-2 routers in the area need to be summarizing routes out of the area in the same manner. If one router is advertising the routes that are more speciﬁc (unsummarized), all the trafﬁc will be sent to this router in accordance to the longest-match rule. This will result in suboptimal routing and might overwhelm the receiving router.
To conﬁgure summarization, enter the summary-address command followed by the summary address and mask under the router process. Figure 12-3 shows the topology used to support the working example shown in Example 12-4.
In Figure 12-3, the IP routes from Router B are summarized into areas 0001 and 0003. Router B is capable of summarizing routes because the router is both a Level 1 and a Level 2 router, straddling more than one area and forming the connectivity between the areas. This functionality is similar to an ABR in OSPF. Example 12-4 shows Router B summarizing routes 184.108.40.206 through 220.127.116.11 with a mask summarized from /24 to /22. The relevant command is highlighted for easy identiﬁcation.
Figure 12-3 Summarizing IP Addresses Between IS-IS Areas
Example 12-4 Summarization of IP Routes from Router B
IS-IS acknowledges only two types of network topologies: broadcast and point-to-point. If the network link is not a serial line connecting to a single router (a point-to-point network), IS-IS automatically deﬁnes the link to be broadcast. Because NBMA is neither a point-to-point nor a broadcast medium, the conﬁguration for IS-IS over NBMA deserves a moment’s consideration.
For multiaccess WAN interfaces (such as ATM, Frame Relay, and X.25), it is highly recommended that you conﬁgure the NBMA cloud as multiple point-to-point subinterfaces. This is a simpler design that makes routing much more robust, particularly if one or more permanent virtual circuits (PVCs) in the NBMA cloud fail.
An example of an NBMA technology is Frame Relay. It is a WAN technology that is widely used and has evolved beyond the point-to-point capabilities. When conﬁgured in a full mesh, the cloud is multiaccess, although each circuit is discrete and therefore not a true broadcast medium.
The Broadcast Configuration over NBMA
If the NBMA cloud is fully meshed, the IS-IS broadcast option is the conﬁguration to choose. As far as IS-IS is concerned, the NBMA cloud is a broadcast medium, such as Ethernet, and so a DIS router is elected. Decisions about manually determining which router is elected should be made in reference to the topology of the network, data ﬂow, and router capacity.
Remember that hello and routing updates are used differently than the point-to-point conﬁguration. Therefore, you need to ensure that all the interfaces connecting into the cloud are conﬁgured in the same way; otherwise, the hellos will be rejected and no adjacency will be formed.
The conﬁguration for IS-IS over the fully meshed Frame Relay cloud is illustrated in Figure 12-4. In Figure 12-4, the Frame Relay cloud has three fully meshed routers, which can operate as a LAN as far as IS-IS PDUs are concerned.
Figure 12-4 NBMA Frame Relay Cloud Running Broadcast Integrated IS-IS
Example 12-5 shows a working example of the conﬁguration. In the example, the frame-relay map ip command maps the IP destination address to the outgoing data-link connection identiﬁer (DLCI) and deﬁnes the interface as a broadcast interface. Integrated IS-IS uses the links as if they were truly a broadcast link and elects a DIS.
The frame-relay map clns command maps to the CLNS process on the destination router. Without the this command, no routes appear in the IP routing table because IS-IS does not receive IS-IS frames to populate the IP routing table. Remember that these are IP routes carried in the IS-IS routing protocol. IS-IS information does not travel in IP or CLNS packets. IS-IS is encapsulated at the network layer in a frame that is similar to CLNS and those frames must be carried over Frame Relay to build the routing table.
Example 12-5 NBMA Frame Relay Cloud Running Broadcast Integrated IS-IS
The alternative solution to a broadcast conﬁguration is to deﬁne subinterfaces and to conﬁgure each subinterface as point-to-point.
The Point-to-Point Configuration over NBMA
The point-to-point conﬁguration over NBMA requires an IP subnet per link. This is the conﬁguration suggested by Cisco for a hub and spoke topology.
The conﬁguration is simpler, because the link is point-to-point and there is no need to conﬁgure
frame-relay map commands. The point-to-point link is just a pipe that goes to one destination, and map commands imply a choice of destination.
As shown in the conﬁguration in Example 12-6, it is only necessary to create subinterfaces, conﬁgure those interfaces as point-to-point, start Frame Relay, and deﬁne the DLCIs. Do not forget that in addition to conﬁguring Frame Relay, you must start the IS-IS process for each interface.
Figure 12-5 supports the working example for this conﬁguration. It shows the DLCI addresses and the IP addresses for the point-to-point links in addition to the ISO addresses for Routers A, B, and C.
Example 12-6 shows the conﬁguration for Router A to run Integrated IS-IS across the Frame Relay cloud as if it were a series of point-to-point networks.
Example 12-6 NBMA Frame Relay Cloud Running Point-to-Point Integrated IS-IS
Verifying the Integrated IS-IS Operation
The ability to monitor the network enables you to optimize the network and detect problems early. Useful commands to verify the operation of Integrated IS-IS include the following show commands:
■ show clns neighbor
■ show clns interface
■ show isis database
■ show isis database detail
The following sections explain each of these show commands in more detail. The commands explained in this section correspond to the topology illustrated in Figure 12-6 and the conﬁguration shown in Example 12-7 for Router A.
Figure 12-6 The Network Topology for the show Commands
The show clns neighbors Command
The show clns neighbors command has some of the contents of the neighbor table and the state of the link. Note that the subnetwork point of attachment (SNPA) is the MAC address of the interface. The type of routing that is used is Level 1-2.
The EXEC command has the following syntax:
show clns area-tag neighbors [ type number] [area] [detail]
Table 12-2 explains the syntax of this command.
Table 12-2 Explanation of the show clns neighbors Command
Example 12-8 shows output for the show clns neighbors command.
Example 12-8 Output for the show clns neighbors Command
The output of the show clns neighbors command shows that Router A has three neighbors. The system ID shows that the serial subinterface S0.1 has heard an LSP from 0000.0000.000C S0.1, which has the data-link DLCI Frame Relay address of 629. The protocol is IS-IS, and it is running Level 2 routing. The link is up and has 23 seconds before another Hello needs to be received. Because the Hello timer is set by default to send Hellos every 10 seconds, it should receive another Hello in 7 seconds, which will reset the holdtime. The Ethernet segment is running Level 1 routing and has a MAC address for the SNPA address.
The show clns neighbors command is good for quickly checking connectivity. This output shows all the neighbors—complete with the DLCI addresses and OSI system IDs—indicating that Frame Relay is correctly conﬁgured and working, as is IS-IS.
Adding the parameter detail to the show clns neighbors command gives information about each neighbor and the connection to that neighbor. Example 12-9 shows output for the show clns neighbors detail command. Here the area address for the neighbor, the IP address of the transmitting interface, and the length of time that the interface has been up are shown. This command gives information that enables you to verify the addressing scheme of the network.
Example 12-9 Output for the show clns neighbors detail Command
The show clns interface Command
The misconﬁguration of the interface for Integrated IS-IS results in the inability to create adjacencies. Typically, the error is a simple mismatch of parameters, which can be seen by using the show clns interface command.
The neighbor database tells you of one neighbor, and the interface indicates one adjacency. Because this is a LAN interface, it is possible to identify the DIS. The circuit ID shows the pseudonode ID, which has a value greater than 0×00 in the octet after the system ID. Note that a DIS is elected for both Level 1 and Level 2 routing. Because no priority has been manually conﬁgured, the tiebreaker used to elect the DIS is the highest SNPA on the segment. In this case, the SNPA is the MAC address. Note that the default metric is 10 and the priority is 64.
The EXEC command has the following syntax:
Router#show clns interface [ type number]
In this example, Frame Relay is conﬁgured with point-to-point links. Because there is only one other router on this link, there is no need for a DIS to be elected. Therefore, the circuit ID shows the system ID of a router, rather than a pseudonode. Remember, the octet following the system ID indicates whether this ID is a pseudonode representing the multiaccess link. If the ID is that of a pseudonode, the system ID is that of the DIS, with the next octet showing a nonzero value such as 0×01.
This makes more sense when you look at the Ethernet interface. The Ethernet 0 interface has the Level 1 circuit ID as A.01. This indicates that the DIS for Level 1 is Router A. The octet following the circuit ID of 01 has a nonzero value, indicating the ID of a pseudonode.
Because this is a Level 1-2 router, there is also a circuit ID for the Level 2 adjacency. This is relevant only on the Ethernet interface because it is the only multiaccess link. Note that the value for the Level 2 DIS is that of Router A. Router D has been conﬁgured as a Level 1 router and, as such, cannot communicate Level 2 updates.
Example 12-10 shows output for the show clns interface command.
Example 12-10 Output for the show clns interface Command
414 Chapter 12: Configuring Integrated IS-IS
Table 12-4 explains the meaning of the ﬁelds in the output screen.
Table 12-4 Explanation of the show clns interface Command Output