The examples in this section configure an IS-IS connection between two routers. Basic ConfigurationIn this basic configuration, you set up an adjacency between two routers, set the metric for the link, and set up the IS to be a level 1 or level 2 system. You must configure the interface, here, so-1/0/0 , to be under family iso , and you must configure the ISO address on the loopback interface, lo0 . In the protocols configuration, you specify the protocols as isis and include the interfaces you want. Disable fxp0 so that no IS-IS packets are sent over it. Configure the level under the interface. An interface can belong to level 1 or level 2 or in both; here, the interface is in both levels. To configure the metric of the link, include the metric keyword, specifying the cost of using that link. interfaces { so-1/0/0 { unit 0 { family inet { address 10.10.10.5/30; } family iso; } } fxp0 { unit 0 { family inet { address 192.168.5.239/24; } } } lo0 { unit 0 { family inet { address 127.0.0.1/32; address 10.255.245.239/32; } family iso { address 47.0005.80ff.f800.0000.0108.0001.0102.5524.5239.00; } } } } protocols { isis { interface so-1/0/0.0 { level 1 metric 10; level 2 metric 20; } interface fxp0.0 { disable; } interface lo0.0; } } To check whether the adjacencies actually are formed , use the show isis adjacency CLI command. Export Static RoutesTo export some static routes, you configure a routing policy. First, include some static routes in the configuration by configuring the routing options with the static route, specifying the next hop to use: routing-options { static { /* corporate and alpha net */ route 172.16.0.0/12 { next-hop 192.168.5.254; retain; no-readvertise; } /* old lab nets */ route 192.168.0.0/18 { next-hop 192.168.5.254; retain; no-readvertise; } route 10.255.245.35/32 { discard; retain; } } router-id 10.255.245.236; autonomous-system 69; } Then configure a policy that accepts these static routes. Here, we have defined a policy named redist-static which accepts static routes by specifying the protocol to be static. We could in turn make the protocol to be EBGP or an IGP. policy-options { policy-statement redist-static { from protocol static; then accept; } } Finally, export these routes through IS-IS by including this policy in the IS-IS configuration. Here, we are exporting the policy redist-static under isis , which in turn means export all static routes that you learned into IS-IS. protocols { isis { export redist-static; interface so-0/2/3.0 { level 1 metric 10; level 2 metric 20; } interface fxp0.0 { disable; } interface lo0.0; } } Simple AuthenticationSimple authentication allows two ISs to perform system-level authentication using a nonencrypted alphanumeric password (key). To configure this, include the authentication-type statement, specifying the simple option. Then set the authentication key with the authentication-key statement. protocols { isis { export redist-static; authentication-key "QZiq36A01E9ABRSy8LDjH"; # SECRET-DATA authentication-type simple; # SECRET-DATA interface so-0/2/3.0 { level 1 metric 10; level 2 metric 20; } interface fxp0.0 { disable; } interface lo0.0; } } Interface-Level Hello AuthenticationInterface-level hello authentication verifies the hello messages exchanged across interfaces. You configure this by adding the hello-authentication-key statement to the IS-IS authentication configuration: protocols { isis { export redist-static; authentication-key "QZiq36A01E9ABRSy8LDjH"; # SECRET-DATA authentication-type simple; # SECRET-DATA interface so-0/2/3.0 { hello-authentication-key "$LdGNwgikPQ39mf39puhcs24"; # SECRET-DATA hello-authentication-type simple; # SECRET-DATA level 1 metric 10; level 2 metric 20; } interface fxp0.0 { disable; } interface lo0.0; } } Passive InterfacesA passive interface is one that cannot be used for sending and receiving IS-IS packets. Here, interface so-1/0/0 has been made passive. The show isis interface command shows this interface as passive. protocols { isis { export redist-static; authentication-key "$vGHL-bZUHm5zjHfQn60O7Nd"; # SECRET-DATA authentication-type simple; # SECRET-DATA no-authentication-check; interface so-1/0/0.0 { hello-authentication-key "protocols { isis { export redist-static; authentication-key "$9$vGHL-bZUHm5zjHfQn60O7Nd"; # SECRET-DATA authentication-type simple; # SECRET-DATA no-authentication-check; interface so-1/0/0.0 { hello-authentication-key "$9$0zzSISeNds4JDwYJDkqzFylK"; # SECRET-DATA hello-authentication-type simple; # SECRET-DATA level 1 { metric 10; hello-authentication-key "$9$4wZiq36CuBRVwoZjiPfREc"; # SECRET-DATA hello-authentication-type simple; # SECRET- DATA passive; } level 2 metric 8; } interface fxp0.0 { disable; } interface lo0.0; } }zzSISeNds4JDwYJDkqzFylK"; # SECRET-DATA hello-authentication-type simple; # SECRET-DATA level 1 { metric 10; hello-authentication-key "wZiq36CuBRVwoZjiPfREc"; # SECRET-DATA hello-authentication-type simple; # SECRET- DATA passive; } level 2 metric 8; } interface fxp0.0 { disable; } interface lo0.0; } } |