Configuring IS-IS

Problem

You want to configure IS-IS on a JUNOS router.

Solution

There are three steps to setting up IS-IS. First, define the interfaces on which IS-IS will run and the levels to which the interfaces will be attached:

	[edit protocols isis]
	aviva@RouterG# set interface fe-0/0/1
	aviva@RouterG# set interface fe-1/0/0 level 2 disable
	aviva@RouterG# set interface 
lo0.0

Second, enable the ISO protocol family on the interfaces:

	[edit interfaces]
	aviva@RouterG# set fe-0/0/1 unit 0 family iso
	aviva@RouterG# set fe-1/0/0 unit 0 family iso

Finally, configure a NET on the lo0 interface:

	[edit interfaces]
	aviva@RouterG# set lo0 unit 0 family iso address 49.0020.1921.6801.9001.00

 

Discussion

The basic setup to get IS-IS up and running on your router is straightforward. Enable the protocol on all router interfaces that will participate in the IS-IS domain and specify the level at which they should run. This recipe configures the IS-IS on the router topology shown in Figure 11-1. Here, because interface fe-0/0/1 is a border node between areas 20 and 30, you need to specify only the interface name because, by default, all IS-IS interfaces are both Level 1 and Level 2 interfaces.

The other interface, fe-1/0/0, is only in area 20, so it is a Level 1 router. For this interface, you disable Level 2 operation.

Figure 11-1. IS-IS network topology with one area

In addition to the network interfaces, you should also run IS-IS on the lo0.0 interface because this is the most straightforward way to ensure that your loopback address (or addresses) is advertised into IS-IS. IS-IS automatically treats the loopback interface as passive, which means that the interface advertises its direct addresses but does not form adjacencies. (In older versions of JUNOS software, you had to include the passive statement on the loopback interface to have the interface be passive, but this has changed in newer versions.) However, to have other interfaces be passive, you must configure them explicitly by including the passive statement; for example:

	[edit protocols isis]
	aviva@RouterG# set interface fe-1/0/1.0 level 2 passive

In the interfaces portion of the configuration, configure the interfaces that will be running IS-IS, here fe-0/0/1 and fe-1/0/0, so that they recognize and accept ISO packets. Do this by including family iso in the logical interface. Interfaces can have multiple address families on them, as you can see for fe-0/0/1:

	aviva@RouterG> show configuration interfaces fe-0/0/1
	unit 0 {
	 family inet {
	 address 10.0.1.2/24;
	 }
	 family iso;
	}

Also, you must set a NET for the router. Technically, you can set this address on any interface but, in practice, you set it on the router's loopback interface, lo0. This address is stable, and, as long as the router is up, this interface is accessible. If you assign the NET on a network interface and that interface goes down, IS-IS will stop functioning on the router. You can assign multiple NETs to the lo0 interface, which might be useful when migrating two previously independent IS-IS domains into a single domain.

After this simple configuration, the IS-IS protocol takes over. You do not have to configure neighbors. IS-IS automatically discovers them and establishes adjacencies with its neighbors by first sending IS-IS Hello ( IIH) packets to ensure that the two ends of the link can communicate.

To check that IS-IS is running on the router interfaces, use the show isis interface command:

	aviva@RouterG> show isis interface
	IS-IS interface database:
	Interface L CirID Level 1 DR Level 2 DR L1/L2 Metric
	fe-0/0/1.0 3 0x2 RouterG.02 RouterG.02 10/10
	fe-1/0/0.0 1 0x3 RouterG.03 Disabled 10/10
	lo0.0 0 0x1 Passive Passive 0/0

This output shows the two Fast Ethernet interfaces we configured for IS-IS, as well as the lo0 interface. The second column, L, shows that fe-0/0/1 is a Level 1Level 2 interface (represented by the number 3) and fe-1/0/0 is a Level 1 interface. The loopback address is also listed because a NET is configured on it but it does not participate in any IS-IS level (shown as 0 in the L column). The two DR columns show the name of the router that has been elected as the DIS for that level. Interface fe-1/0/0 has no Level 2 DR (Disabled) because it is a Level 1 interface. You may wonder how IS-IS discovers the name of the neighbor because it is not an IP routing protocol and hence doesn't support DNS. The answer is that the JUNOS software supports dynamic mapping of ISO system identifiers to the hostname. If you have configured a router name with the set system host-name command, this name, and not the router's NET, is displayed in all IS-IS output. The JUNOS implementation of IS-IS includes the hostname in the LSP, using the dynamic hostname TLV, type 137, to cache the symbolic name of the router.

In the DR columns for the lo0.0 interface, the interface is shown as Passive, which is the default when you configure IS-IS on the loopback interface.

The last column shows the link's Layer 1 and Layer 2 metrics, which are 10 by default.

You can see a brief summary of the adjacencies the router has established with the show isis adjacencies command:

	aviva@RouterG> show isis adjacency
	Interface System L State Hold (secs) SNPA
	fe-0/0/1.0 RouterH 2 Up 21 0:5:85:c1:d1:d1
	fe-1/0/0.0 RouterA 1 Up 6 0:5:85:ca:ca:70

The output shows the two interfaces we configured. The interface fe-0/0/1 participates in a Level 2 area, connecting to RouterH, and interface fe-1/0/0 connects to RouterA. Notice that the lo0 interface is not listed because it doesn't form any adjacencies. The State column shows that both adjacencies are operational (Up). The Hold column shows the amount of time remaining before the router closes the adjacency. By default, IS-IS sends Hello packets, which act as adjacency keepalives, every three seconds for DIS routers and every nine seconds for Level 1 routers. Non-DIS routers send Hello packets less frequently in case IS-IS needs to re-elect a DIS. While a DIS is being elected, there is likely to be traffic loss. Having a longer hello timer interval on the non-DIS systems remedies this problem. The default hold time is three times the hello interval, or 9 seconds, and 27 seconds for DIS and Level 1 routers, respectively. The SNPA column shows the subnetwork point of attachment, which is the MAC address of the next hop.

The detail version of this command gives a bit more insight into the adjacencies:

	aviva@RouterG> show isis adjacency detail
	RouterH
	 Interface: fe-0/0/1.0, Level: 2, State: Up, Expires in 21 secs
	 Priority: 64, Up/Down transitions: 1, Last transition: 17:16:43 ago
	 Circuit type: 3, Speaks: IP, IPv6, CLNS, MAC address: 0:5:85:c1:d1:d1
	 Topologies: Unicast
	 Restart capable: Yes
	 LAN id: RouterG.02, IP addresses: 10.0.1.1
	RouterA
	 Interface: fe-1/0/0.0, Level: 1, State: Up, Expires in 7 secs
	 Priority: 64, Up/Down transitions: 1, Last transition: 16:57:54 ago
	 Circuit type: 1, Speaks: IP, IPv6, MAC address: 0:5:85:ca:ca:70
	 Topologies: Unicast
	 Restart capable: Yes
	 LAN id: RouterA.02, IP addresses: 10.0.16.1

The output shows the other two IS-IS routers. RouterG reaches RouterH over interface fe-0/0/1, and it connects to RouterA over interface fe-1/0/0. The State field shows that the adjacencies are operational (Up), and the Expires field shows the amount of time remaining before the router closes the adjacency. The second line shows the router's DR priority, how many times the adjacency has gone down and come back up, and when the last up-down transition occurred. The third line shows the Circuit type, which is the IS-IS level. A value of 3 indicates the router is a Level 1Level 2 router, a value of 2 is a Level 2only router, and a value of 1 is a Level 1only router. The Speaks field shows the protocols that the router is running, and the MAC address field shows the subnetwork point of attachment, which is the MAC address of the next hop. The last line shows the IS-IS identifier of the router on the LAN and the router's IP address.

If the IS-IS adjacency doesn't come up, there are a few things to check when trouble-shooting. First, make sure the physical interface is operational. Here, the adjacency with RouterH is down:

	aviva@RouterG> show isis adjacency

	Interface System L State Hold (secs) SNPA
	fe-0/0/1.0 RouterH 2 Down 0 0:5:85:c1:d1:d1
	fe-1/0/0.0 RouterA 1 Up 8 0:5:85:ca:ca:70

RouterG's interface to RouterH is up:

	aviva@RouterG> show interfaces fe-0/0/1 terse
	Interface Admin Link Proto Local Remote
	fe-0/0/1 up up
	fe-0/0/1.0 up up inet 10.0.1.2/24
	 iso

but the interface on RouterH is not:

	aviva@RouterH> show interfaces fe-0/0/1 terse
	Interface Admin Link Proto Local Remote
	fe-0/0/1 down up
	fe-0/0/1.0 up down inet 10.0.1.1/24
	 iso

Checking the configuration, you see that the interface has been disabled:

	aviva@RouterH> show configuration interfaces fe-0/0/1
	disable;
	unit 0 {
	 family inet {
	 address 10.0.1.1/24;
	 }
	 family iso;
	}

Delete the disable statement to activate the interface.

Next, check that all interfaces in a Level 1 area are configured with the same area identifier. You can check this on the local router:

	aviva@RouterG> show interfaces terse lo0.0
	Interface Admin Link Proto Local Remote
	lo0.0 up up inet 192.168.19.1 --> 0/0
	 iso 49.0020.1921.6801.9001

Also check on the Level 1 neighbor:

	aviva@RouterA> show interfaces terse lo0.0
	Interface Admin Link Proto Local Remote
	lo0.0 up up inet 192.168.42.1 --> 0/0
	 iso 49.0020.1921.6804.2001

You see that both routers are in area 20.

You can also find the area identifier in the IS-IS TLV field in the database:

	aviva@RouterG> show isis database extensive level 1
	 
IS-IS level 1 link-state database:
	RouterG.00-00 Sequence: 0x63, Checksum: 0xfe33, Lifetime: 549 secs
	…
	
	 TLVs:
	 Area address: 49.0020 (3)
	…

Check the interface's MTU to make sure that it is at least 1,492 bytes:

	aviva@RouterG> show interfaces fe-0/0/1.0
	 Logical interface fe-0/0/1.0 (Index 64) (SNMP ifIndex 40)
	 Flags: SNMP-Traps Encapsulation: ENET2
	 Protocol inet, MTU: 1500
	 Flags: None
	 Addresses, Flags: Is-Preferred Is-Primary
	 Destination: 10.0.1/24, Local: 10.0.1.2, Broadcast: 10.0.1.255
	 Protocol iso, MTU: 1497
	 Flags: Is-Primary

Another common mistake that results in adjacency being down is that the IP addresses on either end of the connection are in different subnets and do not match. An example is having one router interface with an IP address of 192.168.0.1/24 connect to another router with an interface IP address of 192.168.1.2/24.

Finally, check that each interface includes an ISO family and that the lo0 interface has an NET address:

	aviva@RouterG> show interfaces terse
	Interface Admin Link Proto Local Remote
	…
	fe-0/0/1.0 up up inet 10.0.1.2/24
	 iso
	fe-1/0/0 up up
	fe-1/0/0.0 up up inet 10.0.16.2/24
	 iso
	…
	lo0.0 up up inet 192.168.19.1 --> 0/0
	 iso 49.0020.1921.6801.9001


Router Configuration and File Management

Basic Router Security and Access Control

IPSec

SNMP

Logging

NTP

Router Interfaces

IP Routing

Routing Policy and Firewall Filters

RIP

IS-IS

OSPF

BGP

MPLS

VPNs

IP Multicast



JUNOS Cookbook
Junos Cookbook (Cookbooks (OReilly))
ISBN: 0596100140
EAN: 2147483647
Year: 2007
Pages: 290
Authors: Aviva Garrett

Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net