Foundation Topics


Introduction to Integrated IS-IS

IS-IS is an Interior Gateway Protocol (IGP) developed in the 1980s by Digital Equipment and submitted to the International Organization for Standardizaton (ISO) as the routing protocol for Open System Interconnection (OSI). The creation of IS-IS was an attempt to produce a standard protocol suite that could allow internetworks to scale.

The development of IS-IS was motivated by the need for the following:

  • A nonproprietary protocol

  • A large addressing scheme

  • A hierarchical addressing scheme

  • A protocol that was efficient, allowing for fast, accurate convergence and low network overhead

The United States mandated that every system operated by the government had to be capable of running the OSI architecture (as an initiative called the Government Open Systems Interconnections Profile [GOSIP]). By forcing every government system to understand OSI, officials hoped that the protocols would become the practical standard and the academic solution to diverse proprietary implementations for computer networking. In the end, however, the initiative failed. The Internet, built on TCP/IP, prevailed as the practical alternative to an international standard. However, IS-IS has always been used, although not as extensively as first hoped. Large Internet service providers (ISPs) have been using IS-IS since its inception in the 1980s, and recently IS-IS has begun to emerge in other markets. This new interest is for a variety of reasons, including the fact that IS-IS is a standard that provides protocol independence, it has the capability to scale, and it has the capacity to define type of service (ToS) routing, though currently this is not a supported feature in the Cisco IOS. ToS routing allows traffic engineering, which requires very complex routing decisions to be programmed into the protocol. Therefore, as of late, IS-IS has been taken from the shelf, dusted off, and put into use.

IS-IS Terminology

The terminology used by IS-IS might appear cumbersome and unfriendly. Although the jargon might be unfamiliar, most of the concepts are no different from other routing protocols. Table 10-2 explains briefly some of the commonly used IS-IS terms.

Table 10-2. IS-IS Terms




Local routing information that shows the reachability of a directly connected ES or IS. A separate adjacency is created for each neighbor on a circuit, and for each level of routing (that is, Level 1 and Level 2) on a broadcast circuit.

Administrative Domain

A group of routers that share the same routing protocol within one organization.


A subdomain within an Administrative Domain. Routers in an area maintain detailed routing information about the area's internal composition. The routers also maintain routing information that allows them to reach other areas. The area address is contained in the NET and NSAP address.


The local routing information for a single subnet point of attachment (SNPA).

Code/Length/Value (CLV)

These are the variable-length fields in a PDU. The Code field specifies the information in the Content field as a number. The Length field states the size of the Value field. The Value field contains the information itself.

Complete sequence number packet (CSNP)

CSNPs describe every link in the link-state database. CSNPs are sent on point-to-point links when the link comes up to synchronize the link-state databases. The designated router (DR), or designated intermediate system (DIS), on a multicast network sends out CSNPs every 10 seconds.

Connectionless Network Protocol (CLNP)

This is the ISO protocol used to carry data and error indications at the network layer. CLNP is similar to IP and has no facilities to detect errors in data transmission. It relies on the transport layer to provide guaranteed data delivery.

Connectionless Network Service (CLNS)

CLNS uses a datagram transfer service and does not require a circuit to be established before data is transmitted.

Whereas CLNP defines the actual protocol, CLNS describes a service provided up to the transport layer. Being a connectionless service, CLNP provides a "best effort" delivery of data; therefore, there is no guarantee that data will not be lost, corrupted, misordered, or duplicated . If you require guaranteed delivery, the transport layer or application layer needs to provide the service that will correct the problems when they arise.

Designated intermediate system (DIS)

The router (IS) on a LAN that is designated to perform additional duties . In particular, the DIS generates link-state PDUs on behalf of the LAN by treating the LAN as a pseudonode.

Dual IS-IS

IS-IS that supports both OSI and IP routing information. Areas within the autonomous system can run either OSI or IP or both. However, the configuration chosen must be consistent within the entire area.

End system (ES)

The end node or host, which has limited routing capabilities. The ES has the OSI or IP Layer 3 protocol running and can receive and send data.

End System-to-Intermediate System (ES-IS)

The protocol by which the OSI ES and the IS communicate to dynamically learn Layer 2 adjacencies.


Hello packets are used to discover and maintain adjacencies.

Host address

This is a subset of the NET address, which includes both the domain, area, and system ID.

Integrated IS-IS

Another term for Dual IS-IS. Indicates IS-IS can be used to support routing for two Layer 3 protocols (IP and CLNP) in the same network simultaneously .

Intermediate system (IS)

A router. The IS is a device capable of directing traffic to remote destinations.

Intermediate System-to-Intermediate System (IS-IS)

The OSI routing protocol that learns the location of the networks within the autonomous system so that data can be forwarded to the remote hosts .

IS-IS domain

A group of routers running the IS-IS protocols for exchanging routing information.

Level 1 (L1)

These routers are internal to the area, which means that they receive routing information for their area only and have no knowledge of the other areas' networks. To reach other areas, Level 1 routers maintain a default route to the nearest Level 2 router.

Level 1-2 (L1-2)

A router that connects areas. This router connects a Level 1 area to the Level 2 backbone. It will have a Level 1 routing table to route to ES and IS in its own area by system ID. It will maintain a Level 2 prefix table to route to other areas.

Level 2 (L2)

These routers are connected only to the backbone and provide transit traffic between areas.


A physical connection to a neighbor. This link is then transmitted to all the other routers in the area via the LSP.

Link-state packet (LSP)

A packet that describes a router's links. There are separate LSPs for Level 1 and Level 2 updates.


A router on the same link with which an adjacency is formed and routing information is then exchanged.

Network entity title (NET)

Part of the OSI address. The NET describes both the area and system ID of a system in the IS-IS network but excludes the NSEL, which defines the NSAP address of the system.

Network protocol data unit (NPDU)

See protocol data unit (PDU).

Network selector (NSEL)

Sometimes referred to as the SEL field. This field describes the service at the network layer by which the packet is to be sent. NSEL is similar to the Protocol field in IP.

Network service access point (NSAP)

Describes a service at the network layer to which the packet is to be directed. The NSAP is the NET address with the SEL field set to a value other than 0x00.

Overload (OL) bit

The OL is set on an LSP if the router cannot store the entire link-state database. When other routers receive LSPs with this bit set, they will not send the router any transit traffic for fear that its routing table is incomplete. If the router is making decisions using incomplete data, its decisions may result in suboptimal paths or even routing loops . Traffic destined for the router can still be sent to the directly connected interfaces of a router transmitting the OL bit in its LSPs.

Partial sequence number packet (PSNP)

PSNPs are sent on point-to-point links to acknowledge explicitly each LSP the router receives. A router on a broadcast subnetwork sends a PSNP requesting the LSPs it needs to synchronize its link-state database.

Protocol data unit (PDU)

A unit of data passed from one layer of the OSI model to the same level of the OSI model on another node. Each layer prefixes the PDU to indicate the sending OSI layer so that the network layer sends NPDUs and the data-link layer sends DLPDUs.


The LAN identifier for a broadcast subnetwork. The pseudonode makes the broadcast medium appear as a virtual router and the routers appear as connected interfaces. The routers maintain adjacencies to the pseudonode, which are managed by the DIS, instead of to all other routers on the medium (thus reducing memory, CPU, and bandwidth resources).

Routeing Domain

Routeing Domain is the same as the Administrative Domain. It defines the boundaries of a network of interconnected routers operated and managed by the same administrative group.

The spelling of Routeing Domain is not a typographic error but the British spelling adopted by the ISO committee.

Sequence number PDU (SNP)

SNPs are used to acknowledge the receipt of LSPs and to synchronize link-state databases.


The data-link layer.

Subnetwork dependent layer

Interfaces with the data-link layer and hides the different kinds of data-link layers from the network layer. This sublayer transmits and receives PDUs from the subnetwork, translates DLPDUs into NPDUs, and hands them to the appropriate OSI process. The subnetwork dependent layer is also responsible for creating and maintaining adjacencies through the exchange of IS-IS Hello PDUs.

Subnetwork independent layer

Interfaces with the transport layer and provides it with network services. It describes how CLNS creates and maintains knowledge of the network by exchanging and processing routing information so that data can be transmitted efficiently to remote destination hosts and handed to the transport layer.

Subnetwork point of attachment (SNPA)

The data-link layer offers two services: the physical connection to the medium and the services offered to the physical layer and network layer. The SNPA refers to these services. The SNPA address is the physical address (for example, the MAC address on a LAN).

Type/Length/Value (TLV)

TLV is the same as a CLV, but some literature refers to the variable-length fields as TLV in accordance with the IP terminology.

OSPF and IS-IS Compared

Integrated IS-IS and OSPF share a common heritage. The following sections compare the similarities and differences between the two routing protocols.

Similarities Between Integrated IS-IS and OSPF

They are both link-state protocols and are based on the Dijkstra algorithm of Shortest Path First (SPF). In addition, they both have a two-level hierarchy. OSPF tends to be deployed mostly as an enterprise solution, whereas Integrated IS-IS is used for IP routing in some ISP networks.

Table 10-3 outlines other similarities between Integrated IS-IS and OSPF.

Table 10-3. Integrated IS-IS and OSPF Similarities and Terminology Comparison

IS - IS Terminology

OSPF Terminology


Stub area

Area ID

Area ID

Backbone area

Backbone area

DIS (designated intermediate system)

Designated router



ES (end system)


ES-IS (the address resolution feature of ES-IS)

ARP (Address Resolution Protocol)

IS (intermediate system)


ISO Routing Domain

Autonomous system

Level 1

Internal nonbackbone stub area

Level 1-2

Area border router (ABR)

Level 2

Backbone router

LSP (link-state packet)

LSA (link-state advertisement)

CSNP and PSNP (complete and partial sequence number PDUs)

Link-state acknowledgement packet

PDU (protocol data unit)


NET (network entity title)

IP destination address (subnet and host), used in a similar way to router ID

NSAP (network service access point)

IP destination address + IP protocol number

Routing technology = link state

  • Classless routing protocol

  • Address summarization between areas

  • Uses a link-state database

  • Acknowledges LSPs

  • Shortest path is computed using Dijkstra's SPF algorithm

  • Hellos create and maintain adjacencies

  • Hellos and holdtime may be configured

Routing technology = link state

  • Classless routing protocol

  • Address summarization between areas

  • Uses a link-state database

  • Acknowledges LSAs

  • Shortest path is computed using Dijkstra's SPF algorithm

  • Hellos create and maintain adjacencies

  • Hellos and holdtime can be configured

Subnet = data link

Subnet = IP network

SNPA (subnetwork point of attachment)

Layer 2 address; for example, the MAC address (Media Access Control) or DLCI (data-link connection identifier) in Frame Relay

System ID

Address of the host within the network, sometimes used as the router ID determining priorities

Virtual link (defined but not supported)

Virtual link

Differences Between OSPF and Integrated IS-IS

Although OSPF and Integrated IS-IS share the same common goals and use the same link-state technology to achieve those goals, the methods they use differ slightly. For example, the protocols differ in how the area address is assigned. In IS-IS, the area and host address are assigned to the entire router, whereas in OSPF, the address is assigned at the interface level. An IS-IS router is therefore in one area, while in OSPF, a router can inhabit many areas, though there is an option for multiarea IS-IS that is used primarily during area migrations and transition.

This means that all Level 1 routers have to be within the same area, with a Level 1-2 router connecting them to another area. However, the Level 1-2 router needs to be in the same area as the Level 1 router with which it communicates. The Level 1-2 router can see the rest of the autonomous system and offers itself as the default route to the Level 1 area. This is similar to the OSPF stub areas. The Level 2 router sends Level 2 updates in the other area, or prefix routes, just like the ABR in OSPF.

The role of the DR is subtly different. The DIS in IS-IS exists for both Level 1 and Level 2 on multiaccess media, but there is no backup designated router (BDR). Also, in OSPF the DR is elected for life; in IS-IS, however, if another router comes on line with a higher priority, the existing DIS is deposed. Fewer adjacencies are formed in OSPF because the routers form adjacencies only with the DR and the BDR. In IS-IS, every router makes an adjacency with every other router on the medium. However, IS-IS LSPs are sent out only by the DIS on behalf of the pseudonode.

A major difference is the encapsulation of the two protocols. IS-IS has protocol independence because it runs directly on top of the data-link layer. Fragmentation is the responsibility of the IS-IS process, and this allows for a streamlined protocol. More importantly, fragmentation makes evolution of the protocol as needed very simple, because it is not dependent and therefore is not limited by any third protocol. OSPF is encapsulated into IP and is limited by the capabilities of that protocol.

The way that the LSPs are handled is also slightly different and influence, to an extent, the design of a network running either protocol. Unrecognized LSPs are ignored and flooded in IS-IS, for example; OSPF ignores and drops unrecognized LSAs.

Table 10-4 lists the key differences.

Table 10-4. Integrated IS-IS and OSPF Technical Differences


Integrated IS-IS



Boundaries defined on the link.

A router (IS) can be in one area, though there is an option for multiarea IS-IS that is used primarily during area migrations and transition

Area boundaries are defined on the router.

Interfaces can be in different areas.

A router might be in many areas.

The Integrated IS-IS Level 1 area is similar to an OSPF stub area.

Designated router (DR)

If a new IS becomes active higher priority, it becomes the new DIS, which results in a flood of LSPs. If the priority of the new router is the same and the MAC address is higher, it takes over the DIS functions. Adjacencies are created with all ISs on the broadcast media.

Each IS sends a multicast LSP to all ISs on the media. The LSP is unacknowledged .

A same or higher priority does not dislodge the existing DR.

Adjacencies on broadcast media are formed with the DR and BDR only.

All LSAs are acknowledged .


Integrated IS-IS runs on top of the data-link layer (Layer 2).

Integrated IS-IS is a network layer protocol with its own Layer 3 packet.

Fragmentation is the responsibility of Integrated IS-IS.

OSPF is an IP application.

Has an OSPF header and travels inside an IP packet.

Fragmentation is the responsibility of IP.

LAN flooding

All ISs maintain adjacencies with all other ISs on a broadcast network.

DIS sends CSNP to all ISs.

Periodic CSNPs ensure the databases are synchronized.

Multicast updates and Hellos sent to DRs.

Unicast acknowledgment sent from the DRs.


Two types of LSP.

LSPs are CLV encoded.

Unrecognized LSPs are ignored and flooded.

LSPs are always flooded across all media by the originating IS.

Seven types of LSA.

Unrecognized LSAs are not flooded.

Many small LSAs for summary and external updates.

LSA updates generated by each router.

ISO Addressing for Integrated IS-IS

Because IS-IS is the product of a committee, it has the feel of an academic solution that is intended to resolve every eventuality. Its addressing scheme thinks not just locally, but globally. The large address space is one characteristic that is responsible for IS-IS's new popularity.

When Integrated IS-IS is routing IP traffic, the routing information is carried in the IS-IS updates; therefore, the participating routers need an ISO address. The ISO address comes in two forms: the NSAP and the NET address (depending on the type of device being addressed). The addressing scheme of IS-IS is long and complex, but clear rules define the address space, allowing the IS-IS protocol to find the routers to forward the data traffic to the end destination.

The IS-IS address is a variable-length address from 8 to 20 octets in length, much larger than the 4 octets in the TCP/IP address. ISO 10589 defines three parts to the addressArea, ID, and SELas shown in Figure 10-1.

Figure 10-1. The Three Sections of an ISO Address


IS-IS addressing can become complicated because these three fields are subdivided to allow greater granularity in routing. If you are confused , however, just remember that it all condenses to the three elements of the address, which perform the following functions:

  • Area The Area field is used to route between areas using Level 2 routing.

  • ID The ID field is used to route to a host or router within the area using Level 1 routing.

  • SEL The SEL field is used to route to an entity within the host or ES.

Although the three parts to the address describe how to get to the area, how to find the host, and how to find the application within the host, finding the destination host uses only the first two parts; the last part of the address is used after the end host has received the packet. Therefore, Integrated IS-IS has two levels of hierarchy: basically, how to get to the area and then to the host.

The first part of the address, routing to the area, might require many decisions to be made. These decisions might involve determining the country and then the organization and many suborganizations. So although the address has only two levels of hierarchy, several levels of hierarchy can be hidden within the first part of the address, which states how to get to the autonomous system and forms the external portion of the area.

Figure 10-2 shows the division between external and internal routingthe Initial Domain Part (IDP) and the Domain Specific Part (DSP)and how this division is broken down to reveal greater granularity for routing. In the figure, the three original elements have been placed underneath as reference.

Figure 10-2. An ISO Address


The following list explains the parts of an ISO address and their relationship:

  • IDP External routing. The IDP is used to route to the domain, or autonomous system. The IDP is given by the ISO and identifies the organization responsible for assigning the format for the rest of the address by defining the DSP structure. The IDP comprises the following two parts:

    - Authority and format identifier (AFI) AFI is the first octet of the address. It is defined as one octet. It states the authority in charge of issuing addresses and the format of the rest of the address, within the constraints of IDI and DSP, to describe Area, ID, and SEL.

    - Initial domain identifier (IDI) IDI is a suborganization to the AFI; as an analogy, the U.S. government is the AFI, and the General Services Agency (GSA) is the IDI, otherwise known as GOSIP.

  • DSP DSP is used to route within the autonomous system. The authority specified by the IDP may further subdivide the DSP and may assign subauthorities responsible for parts of the DSP. The DSP can be broken down into the following fields:

    - High Order DSP High Order DSP is typically the area within the autonomous system.

    - System ID System ID can have a value between one to eight octets. It must have the same length throughout all systems in the autonomous system. Cisco uses six octets, which is a common solution because it allows the use of the MAC address to autoconfigure the system.

    - NSEL NSEL is one byte and identifies the particular service at the network layer to which to hand the packet.

The fact that the address can take so many forms can cause confusion; remember, however, that there are only two layers of hierarchy. By providing such flexibility in the address space, the ISO has ensured a decentralized address allocation and management, in addition to the ability to scale the network.

As with TCP/IP, the addressing scheme within an autonomous system can be the result of the creative genius of the network administrator or can be obtained from the AFI, an authorized ISO body such as ANSI or GOSIP.

The next sections discuss ISO addresses for Integrated IS-IS, including examples of NETs and NSAP, in addition to the rules for IS-IS addressing.


NETs and NSAPs are ISO addresses. The differences between the NET and NSAP addresses are subtle. The NET address is the address of the host, where the value in the NSEL field is set to 0x00. Therefore, there is no upper-layer protocol identified within the host. With no application identified within the end host, the packet can be routed to the destination, but it cannot be handed off to a process after it has been delivered. However, routers do not have upper-layer protocols to identify because they are transitory ISs. Therefore, the NSAP of the router is referred to as a NET because the NSEL field is set to 00.

The NSAP is the full ISO address. It not only defines the area and destination host within the area, but also specifies where to send the incoming packet after it has reached the host. The NSEL field at the end of the ISO address specifies the upper-layer protocol and is similar to the Protocol field of the IP header.

Rules of ISO Addressing

The following list indicates a few rules that clarify ISO addressing:

  • The ISO address is assigned to the system, not to the interface.

  • Typically, the router has one NET address. The limit of three NETs is in a conventional IS-IS implementation; the limit is three NETs per area in a multiarea Integrated IS-IS implementation. Multiple addresses are used during transitions.

  • If multiple NETs are configured on the same router, they must all have the same system ID.

  • The area address must be the same for all routers in the same area.

  • All Level 2 routers must have a system ID that is unique for the entire domain.

  • All Level 1 routers must have a system ID that is unique for the entire area.

  • The system ID must be the same length for all ISs and ESs within a routing domain.

Example of a NET Address

The following are examples of NET addresses. The first two addresses are used for routing within the autonomous system and, therefore, the IDI portion of the address has not been defined.

  • A simple OSI NET address, using the host MAC address as the system ID:


    To the Domain

    Within the Domain



    HO- DSP

    System ID








    System ID


  • A simple OSI NET address, using the host's loopback IP address of as the system ID:


    To the Domain

    Within the Domain



    HO- DSP

    System ID








    System ID


  • A GOSIP version 2 address, showing the external routing information:

    47. 0005.80ff.f800.0000. 0001.0000.0c00.1234.00

To the Domain

Within the Domain




System ID








System ID


Integrated IS-IS Hierarchical Structure

As the addressing structure shows, there are potentially many levels of hierarchy within the addressing scheme, even though the protocol has only two layers of hierarchy. To accommodate the two levels of hierarchy, two types of router are defined: a Level 1 router that deals with the first level of routing, finding the end destination within the area, and a Level 2 router that finds the area within which the end destination resides. Both of these routers are combined in the Level 1-2 router, which runs both the Level 1 and the Level 2 processes and could be viewed as a third type of router.

The Level 1 Router

The Level 1 router locates the destination host within the area and, as such, is known as the intra-area router. It is similar to a stub router in OSPF. Like a stub router in OSPF, its knowledge of the network is limited to the area, using a default route to the nearest Level 2 router as the means of routing traffic external to the area.

Every Level 1 router has a link-state database containing all the routing information for the area. The nature of the link-state protocol means that each database is identical. Because the database is limited to routes within the area, there is a requirement that neighbors must be in the same area so that the routers can communicate.

The Level 2 Router

To route traffic between areas, a Level 2 router is needed. Routing between areas is referred to as interarea routing . This router is similar to a backbone internal router in OSPF, and as in OSPF, the backbone must be contiguous. Level 2 routers communicate via Hellos that are understood only by other Level 2 routers. To fracture the area means the loss of routing information. As in Level 1 routing, the link-state database is identical on all Level 2 routers, although the database contains prefixes of addresses in other areas as opposed to internal area addresses.

The Level 1-2 Router

The router that has everything is, of course, the Level 1-2 router. This is both an intra-area and interarea router. Its characteristics are similar to those of an ABR in OSPF. This router might have neighbors in different areas because it sends both Level 1 and Level 2 Hellos and can thus communicate with everyone. It holds both a Level 1 database for the Level 1 area to which it is connected and a Level 2 database with all the information for interarea routing.

The Level 1-2 configuration is convenient because the router informs Level 1 routers that it is a Level 2 router and can forward traffic to other areas. It can also inform other Level 2 routers of the areas to which it is connected. Although convenient , it consumes more resources on the router in terms of memory and CPU and uses more bandwidth in maintaining the link-state databases. This configuration is the default configuration on Cisco routers.

Basic Principles of Area Routing

Having reviewed the complexities of ISO addressing and the corresponding hierarchical nature of Integrated IS-IS routing, you now need to pull it all together. This section explains the basics of Integrated IS-IS routing. The following list shows what happens when a router receives a packet to forward and how decisions are made in area routing, based on the ISO destination address of the incoming packet:

  1. When a router receives traffic to route to a remote destination, it performs the customary routing table lookup.

  2. The router strips off the system ID and the SEL to reveal the Area portion of the address. If the Area address is the same as that of the router, it routes the packet toward the host system ID using the Level 1 database.

  3. If the Area is different, the router does one of the following:

    (a) Sends the packets to the nearest Level 2 router (if the router is a Level 1 router).

    (b) Looks up the route in the forwarding database to find a match, if the router is a Level 2 router.

    (c) Resolves the address to the longest match, ensuring the greatest level of accuracy. Summarization, as described in Chapter 2, "IP Addressing," is used by Integrated IS-IS, and therefore prefix routing can reduce the routing tables and speed up the forwarding process.

Areas in Integrated IS-IS are defined on the link, meaning that the entire router is in the area, requiring the router to define the area and not the interface like in OSPF. Figure 10-3 shows how backbone routers are used to connect different areas.

Figure 10-3. Areas and Backbone Routers


For the Level 2 routing updates to be exchanged, all the routers capable of sending Level 2 updates must be contiguous; Figure 10-4 shows this.

Figure 10-4. A Contiguous IS-IS Backbone


Because Level 1 routers communicate only with other Level 1 routers and, likewise, Level 2 routers communicate only between themselves , it can get confusing. Figure 10-5 shows the logical communications or adjacencies set up between the routers shown in Figure 10-4. In Figure 10-5, the area 0001 becomes the backbone area, connecting another area (area 0100). It also shows the communication among L1, L1-2, and L2 routers.

Figure 10-5. Level 1 and Level 2 Adjacencies for the Topology in Figure 10-4


Integrated IS-IS Networks and Interfaces

Routers sharing a common data-link layer become Integrated IS-IS neighbors if the Hello packets that they exchange meet the criteria for forming an adjacency. Although the process of finding a neighbor differs slightly depending on the media, the information sent in the Hellos is essentially the same. Each Hello states the originator of the Hello and the capabilities of its interface. If the Hellos are exchanged and the criteria are met, an adjacency is formed and the Integrated IS-IS neighbors exchange routing information in the form of LSPs. In this way, every router gathers the connected networks of every router to create identical detailed topology maps of the network.

For an adjacency to be formed and maintained , both interfaces must agree on the following:

  • The maximum packet size (MTU) that can be transmitted by the interface must be the same.

  • Each router needs to be configured as the same level of routingthat is, either Level 1 or Level 2so that they can decode the Hellos sent by the other router.

  • If the routers are both Level 1, they must be in the same area.

  • Level 1 routers form adjacencies with each other, and Level 2 routers form adjacencies with other Level 2 routers. For a Level 1 router to communicate with a Level 2 router, one of the routers needs to configured as a Level 1-2 router. Therefore, to connect to another area at least one of the routers must be configured as a Level 1-2, allowing the Level 2 router to receive the packets destined for another area from the Level 1 router.

  • The system ID must be unique to each router.

  • If authentication is configured, it must be configured identically on both routers.

The Hello timers (including the holddown timer) must match; otherwise, it could result in a flapping link and endless SPF calculations.

Integrated IS-IS defines two network typesbroadcast subnetworks and point-to-point networkscompared with the five types used in OSPF. A broadcast network, as in OSPF, is a multiaccess data link that supports broadcasts and multicasts. The point-to-point links are deemed to be nonbroadcast and can be permanent virtual circuits (PVCs) or dynamically set up switched virtual circuits (SVCs).

The following sections describe adjacencies on point-to-point links, broadcast links, and nonbroadcast multiaccess (NBMA) links.

Establishing Adjacencies on a Point-to-Point Link

A point-to-point link connects two routers. After a Hello packet has been received, each side declares the other side reachable . The routers are neighbors. At this point, each side sends a CSNP. The CSNP is a list of all the links held in the link-state database, which triggers a synchronization of the link-state database on each machine.

Periodic Hellos maintain the adjacency. If a router does not hear a Hello within the Hello holdtime, the router is declared dead and the database is purged of any entries associated with the router. Cisco sets the default Hello multiplier to three. The holdtime is defined as the Hello time multiplied by the Hello multiplier , making the holdtimer expire every 30 seconds.

Establishing Adjacencies on a Broadcast Link

On broadcast links, all the routers running Integrated IS-IS receive packets sent by one routerthe DISto control the amount of traffic that needs to be generated to maintain the adjacencies and, thus, the databases. The DIS has the responsibility of flooding the LSPs to all connected systems running Integrated IS-IS. More accurately, the DIS floods the LSPs for the pseudonode.

The pseudonode represents the LAN, with each router simulating an interface on the imaginary router. This imaginary router is called the pseudonode. As if it were a real router, the pseudonode floods a new pseudonode LSP when there is a change in the status of its connections (for example, when a new neighbor comes online).

The adjacencies with the other routers are maintained by the DIS, which sends out Hellos every 3.3 seconds, three times the speed of other routers. This is to ensure the integrity of the adjacencies by identifying a problem very quickly. If there is a problem with the DIS, or a router with a higher priority appears, it is quickly identified and a new router is elected in the place of the old DIS, which is forced into retirement. The election is based on priority and stated on the interface in the event that all the interfaces are set at the default of 64. Then the highest numeric SNPA (data-link address) determines the DIS.

Establishing Adjacencies on an NBMA Link

The creation and maintenance of adjacencies on both point-to-point and multiaccess links is straightforward. It becomes more complicated when the format of the technology cloud allows either link technology to be used.

An NBMA link is neither a broadcast medium nor a point-to-point link; it is a bit of both. Frame Relay, ATM, and X.25 are examples of NBMA. Using PVCs, NBMAs provide multiple connections, which could be viewed as a LAN. The confusion occurs when Integrated IS-IS sees the link is multiaccess. Having no knowledge of multiaccess WAN clouds, Integrated IS-IS believes that the medium is some form of LAN and therefore has broadcast capabilities. However, the medium is a WAN, not a LAN, and although the LAN can be simulated, the WAN cloud has no inherent broadcast capabilities.

To avoid complications and possible errors, Cisco recommends that the links be configured as a series of point-to-point links. Figure 10-6 shows a comparison of the broadcast and point-to-point topologies supported by IS-IS.

Figure 10-6. Network Topologies Supported by IS-IS


Network Layer Protocols Used in Integrated IS-IS

The PDU is created by the network layer and encapsulated directly into the data-link frame. All the Integrated IS-IS packets share the same eight-octet header. After the fixed header, there are a number of optional variable-length fields that contain specific routing- related information. These variable-length fields are called TLV or CLV.

The fields found in the fixed header of every IS-IS PDU are each one octet in length. Table 10-5 explains the fixed header.

Table 10-5. The Fixed Header Common to All IS-IS PDUs


Length of Field in Octets


Intradomain Routing Protocol


All Integrated IS-IS PDUs have a value of 0x83. This identifies the packet.

Length Indication


States the length of the fixed header.

Version/Protocol ID


Set to 1.

ID Length


The size of the system ID in the NSAP. This can be an integer between 1 and 8. The Cisco default setting is 6, which is represented by 0, to show that the default has not been changed.

Reserved/Packet Type


The first 3 bits are reserved, set to 0, and ignored. The Packet Type indicates whether this is a Hello, LSP, or SNP.



Set to 1.



Set to 0 and ignored.

Maximum Area Addresses


States the number of area addresses permitted for this area. Multiple area addresses are configured during transitions. Cisco set the maximum address size to 3, which is represented by 0.

After this common header are the PDU-specific fields and the variable-length fields, creating the different packet types seen in Integrated IS-IS. The PDU-specific fields are discussed in the sections of this chapter relevant to the different packet types: Hellos, LSPs, and SNPs. The variable-length fields are discussed in the section on TLVs.

There are three Integrated IS-IS packets, as the following list describes:

  • Hello These packets create and maintain neighbor relationships and adjacencies. There are three types of Integrated IS-IS Hello packet. The type of packet is defined in the fixed header under the Type field and allows the packet to be handed off to the appropriate process. The different types are as follows :

    - LAN Level 1 Generated by Level 1 and Level 1-2 routers

    - LAN Level 2 Generated by Level 2 and Level 1-2 routers

    - Point-to-point Generated by Level 1, Level 2, and Level 1-2 routers

  • LSP LSPs hold information on the neighbors connected to the router. There are two types of LSP, as follows:

    - Level 1 Generated by Level 1 and Level 1-2 routers

    - Level 2 Generated by Level 2 and Level 1-2 routers

  • Sequence number packet (SNP) SNPs describe the LSPs in the transmitting router's link-state database. The information is condensed and is never flooded but only sent between neighbors. SNPs ensure link-state databases synchronization by:

    - Distributing groups of LSPs on a LAN without explicit individual acknowledgements

    - Acknowledging individual LSPs

    - Requesting LSPs at startup

    There are two types of SNP for each level of routing, as follows:

    - Complete SNP (CSNP) Includes every LSP in the database:

    - Level 1

    Level 2

    - Partial SNP (PSNP) Includes a subset of LSPs, used to request individual LSPs and to acknowledge receipt of these LSPs:

    - Level 1

    Level 2

The following sections describe Hello packets, LSPs, and SNPs in more detail.

The Format of the Hello Packet

There are three different Hellos, as follows:

  • Point-to-point Hello

  • LAN Level 1 Hello

  • LAN Level 2 Hello

Because the point-to-point and broadcast media work differently, the adjacencies are formed in a different manner. There need to be separate Hellos for the point-to-point networks and the broadcast networks. A point-to-point network has only one other router with which to communicate and, therefore, after the level of routing has been established, the appropriate updates can be sent. However, a broadcast network is a multiaccess network and can have a mixture of both Level 1 and Level 2 routers. For this reason, the broadcast or LAN network has two Hello formats, the Level 1 format and the Level 2 format. The Hellos for the broadcast media are referred to as LAN Hellos.

Point-to-point Hello packets are used over point-to-point links. Table 10-6 shows the point-to-point Hello.

Table 10-6. The Point-to-Point Hello


Length of Field in Octets


Fixed Integrated IS-IS header


Common to all Integrated IS-IS PDUs

Circuit Type


States whether the transmitting router is Level 1, Level 2, or, if both hellos are received, Level 1-2

Source ID

ID length

The system ID from the NSAP of the transmitting router

Holding Time


How long the neighbors must wait for a Hello before they can declare the transmitting router to be dead

Packet Length


The length of the Hello packet in octets

Local Circuit ID


Identifier for the transmitting interface, which is unique to the transmitting router

LAN Hello packets are used over broadcast links. The PDU is the same for all router types, although the values within the fields differ.

Table 10-7 shows the LAN Hello.

Table 10-7. LAN Hello Packet Format


Length of Field in Octets


Fixed Integrated IS-IS header


Common to all Integrated IS-IS PDUs.

Circuit Type


States whether the transmitting router is a Level 1, Level 2, or, if both Hellos are received, Level 1-2.

Source ID

ID length

The system ID from the NSAP of the transmitting router.

Holding Time


How long the neighbors must wait for a Hello before they can declare the transmitting router to be dead.

Packet Length


The length of the Hello packet in octets.



Used in the election of the DIS (highest priority wins).


ID length + 1

The DIS uses its system ID plus an additional octet to name the LAN. The extra octet is used to identify the LAN from other LAN connections on the DIS.

The Format of the LSP

The LSP from a Level 1 router is flooded to all routers in the area. The LSP contains a list of all the adjacencies.

Likewise, a Level 2 router floods the LSP to every other Level 2 router in the domain. However, this LSP contains the list of adjacencies to other Level 2 routers and the areas that the transmitting router can reach. The TLVs hold the Level 1 and Level 2 information, allowing the LSP format to be the same for both Level 1 and Level 2 routers.

Table 10-8 shows the format of the LSP.

Table 10-8. LSP Packet Format


Length of Field in Octets


Fixed Integrated IS-IS header


Common to all Integrated IS-IS PDUs

Packet Length


The length of the entire LSP

Remaining Lifetime


How long in seconds before the LSP is purged from the database


ID length + 2

A three-part ID:

  • 6 octets for the transmitting system ID or pseudonode ID of the transmitting DIS

  • 1 octet = zero for router

    1 octet = nonzero for pseudonode

  • 1 octet = fragment bit, if the LSP information is too great to be contained in one PDU

Sequence Number


Used to determine the latest LSP version



The checksum on the contents of the LSP




IS Type


Together the Partition (P) bit, Attached (ATT) bit, Overload (OL) bit, and IS Type take up 1 octet.

P The Partition bit is used by Level 2 routers to identify whether automatic partition repair is supported. Cisco does not support this feature and the value is always 0.

ATT The Attached bit is used in Level 1 LSPs generated by Level 1-2 routers. It shows Level 1 routers a potential exit from the area. Level 1 routers use this bit to determine the closest Level 2 router.

Overload bit (OL) If the generating router has run out of memory for the link-state database, this bit is set to 1. Other routers treat this router as a host, forwarding packets destined to networks directly connected to routers setting the OL bit. If the router has run out of memory for the link-state database, the database may be incomplete and unreliable as a forwarding router.

IS Type is used to indicate whether the router is a Level 1 or Level 2 router.

The Format of the SNP

As with the LSP, the SNP format is the same for both Level 1 and Level 2 routers. The CSNP has two additional fields to the PSNP. The extra fields define the address range, which states all the LSPs that are included in the CSNP. This is to ensure that if the database is so large that several PDUs need to be sent, the information can be reassembled at the receiving router.

Table 10-9 shows the format of the SNP.

Table 10-9. SNP Packet Format


Length of Field in Octets


Fixed Integrated IS-IS header


Common to all Integrated IS-IS PDUs

Packet Length


The length of the entire LSP

Source ID

ID length + 1

The system ID from the NSAP of the transmitting router

Start LSP ID

ID length + 2

Refer to the definition of LSP ID in Table 10-8


ID length + 2

Refer to the definition of LSP ID in Table 10-8


TLVs, sometimes called CLVs, are one of the main strengths of Integrated IS-IS. TLVs provide flexibility and extend the functionality of the protocol. The TLV fields are variable in length and are appended to the various packet formats. This means that the protocol can adapt to the changing needs and advances in technology by defining a new TLV.

The structure of the TLV is as follows:

  • Type or Code State the Type of field. This code identifies the TLV and all the characteristics that pertain to it. (For example, TLV 128 defines the capability to carry IP routes in IS-IS packets.) In essence the TLV 128 is Integrated IS-IS.

  • Length The length of the following field. This is important because the next field can be any length. By identifying the length of the field, error detection is possible.

  • Value The information, whether it is IP routes, IS-IS neighbors, or authentication.

One of the most radical TLVs was the introduction of TLV 128, as defined in RFC 1195 in 1992. This extended Integrated IS-IS to support IS-IS and IP routing. In the future, it is expected that a TLV will be created to support IPv6.

To read the definition of these TLVs and, in particular, the various codes, you must read the standards. ISO/IEC 10589 defines the TLV codes 1 to 10; RFC 1195 defines the TLV codes 128 to 133.

It is important to note which TLVs are supported by your equipment because this determines the design and configuration of the network. The receiving router ignores TLVs that are not supported.

Table 10-10 describes the main TLVs, states the document that defines them, and names the PDUs to which they are appended.

Table 10-10. TLVs Implemented by Cisco



Source Document

Used by PDU



Area Addresses

ISO 10589

Hello and LSP Levels 1 and 2

The area addresses configured on the router. Cisco supports a maximum of three area addresses.


IS Neighbors

ISO 10589

LSP Level 1 and 2

Lists the neighbors of the transmitting router. The neighbor ID is the system ID plus an extra octet. If the neighbor is a pseudonode, the last octet has a positive value. If the neighbor is a router, the last octet has a value of 0x00. Of the many options within this TLV, the default metric is the only one supported and contains a value between 0 and 63.


ES Neighbors

ISO 10589

LSP Level 1

Similar to IS neighbors, assumes the same cost to many ES neighbors as connected via broadcast media. ES neighbors with different costs appear as separate entries.


Prefix Neighbors

ISO 10589

LSP Level 2

The same as an ES neighbor but stating an address prefix or domain and area rather than an ES.


IS Neighbors

ISO 10589


Lists all the system IDs of the routers from which a valid Hello has been received. Level 1 routers list Level 1 neighbors; Level 2 routers list Level 2 neighbors.



ISO 10589


Used to pad a Hello PDU so that it can be a minimum length. The padding is ignored. Cisco uses all 0s to pad packets.


LSP Entries

ISO 10589


The state of an LSP is given via the Remaining Lifetime, LSP ID, Sequence Number, and Checksum. This identifies each LSP and ensures no duplication or corruption.



ISO 10589

Hello, LSP Level 1 and 2, and SNP

The first octet states the type of authentication used. Of the 255 possible values, only one type of authenticationclear textis defined in ISO 10589. An interface can be configured with a transmit password. If the receiving interface does not receive the expected password, the Hello is rejected.


IP Internal Reachability Information

RFC 1195

LSP Level 1 and 2

Lists all IP addresses that the transmitting router knows about from interfaces within the area.


Protocols Supported

RFC 1195


States the protocols the transmitting router supports (whether CLNS only, IP only, or both CLNS and IP).


Inter-Domain Routing Protocol Information

RFC 1195

LSP Level 2

Allows information from external routing protocols to be carried in Level 2 LSPs. Similar to route tags in RIPv2, EIGRP, and OSPF.


IP Interface Address

RFC 1195

Hello and LSP Level 1 and 2

The IP address or addresses of the transmitting interface.

CCNP BSCI Exam Certification Guide
CCNP BSCI Exam Certification Guide (CCNP Self-Study, 642-801) (3rd Edition)
ISBN: 1587200856
EAN: 2147483647
Year: 2002
Pages: 194
Authors: Clare Gough © 2008-2017.
If you may any questions please contact us: