The Intermediate System-to-Intermediate System ( IS-IS) protocol is an IGP that routes packets within a single autonomous system (AS), or domain. IS-IS is based on the DECNET Phase V network technology, which was developed at Digital Equipment Corporation (DEC) in the 1980s and was initially standardized by ANSI as the International Organization for Standardization (ISO) intradomain protocol in ISO/IEC 10589. The first version of IS-IS was designed to work on the OSI Connectionless Network Protocol (CNLP). RFC 1195, published in 1990, added extensions to support IP routes.
As an IGP, IS-IS works within a routing domain, which usually corresponds to an administrative boundary, and focuses on determining the most efficient routes to destinations within a domain. This is in contrast with EGPs, whose primary focus is on policy rather than on the most efficient routing. An IS-IS routing domain consists of end systems, which send and receive packets, and intermediate systems (the ISO term for a router), which receive and forward packets.
IS-IS is a link-state protocol and uses link-state protocol data units (link-state PDUs, or LSPs) to describe the network topology. Each IS-IS router generates LSPs that describe the topology, along with IP routes, checksums, and other information, and floods the LSPs throughout the domain. Each router ends up with a link-state database that describes the same network topology. Once the router has the complete network topology, it runs the Dijkstra shortest-path first (SPF) calculation to determine the shortest path to each destination in the network. The calculation results in destination/next-hop pairs that are placed in the IS-IS routing database. Each router performs the SPF calculation independently, and each IS-IS router has an identical database as a result.
Unlike other IP routing protocols, IS-IS runs directly on the data link layer (Layer 2 of the OSI model) and does not need addresses on each interface, just on the router itself. This makes IS-IS configuration simpler.
Because IS-IS was developed as part of the OSI network protocols, not as part of TCP/IP, it uses a different network-addressing scheme. Instead of the IP 32-bit addresses, IS-IS addresses, called network entity titles (NETs), are generally 10 bytes long (they can be from 8 to 20 bytes long) and are written as shown in the following example:
49.0001.1921.6801.9001.00
The first three bytes of the address (here, 49.0001) form the area identifier, or area ID. The area ID can be up to 13 bytes long. The first byte of the area ID is the address family identifier ( AFI) of the authority, which is the space assigned to a particular enterprise (equivalent to an IP address space that is assigned to an enterprise). The value of 49 is the well-known AFI used for private addressing, which is the equivalent of RFC 1918 addressing for IP protocols. The last two bytes in the area ID identify an IS-IS area within the AS, here 0001, or area 1.
The next six bytes (here, 1921.6801.9001) are the system identifier, which identifies each node (router) on the network. Although IS-IS supports a variable-length system field, in practice this field is always six bytes. The method of allocating system identifiers is up to the network designer. One of the simpler methods, and the one used in this chapter, is binary-coded decimal ( BCD), which takes the router's IP address (the lo0 address), fills in all the leading zeros, and repositions the decimal points to form three two-byte numbers. Here, the router's lo0 address is 192.168.19.1. Adding the leading zeros gives 192.168.019.001, and rearranging the decimal points gives 1921.6801.9001. A second common method is to use the router's media access control (MAC) address, regrouping the six-byte address into three groups. For a router with a MAC address of 00:05:85:c2:2e:d0, the system identifier would be 0005.85c2.2ed0. To see the router's MAC address, use the show chassis mac-address command.)
The final two bytes of the NET are the NET selector (NSEL) and, for IS-IS, they must always be zero to indicate "this system."
IS-IS divides each AS into one or more smaller segments called areas. Each area is a set of networks and hosts that are administratively grouped together. Routers within an area run the link-state algorithm in parallel and store the results in their link-state databases. They share this information with each other by exchanging LSPs and thus have identical link-state databases. They can also inject a summary of that area's routes into other areas.
Routers within an IS-IS area are divided into two types. Level 1 systems route within an area, and Level 2 systems route between areas and toward other ASs. When a Level 1 router needs to route a packet to a destination outside its area, it sends the packet toward a Level 2 system. Systems that run both Level 1 and Level 2 are similar to OSPF area border routers (ABRs). One difference between IS-IS and OSPF is that an IS-IS router resides completely within an area, and the area borders are on the links; while with OSPF, the ABR is a router that connects to all the areas on its boundary. This means that the IS-IS Level 2 systems have to maintain only two link-state databases, one for the Level 1 area and the second for the Level 2 area, as compared to the OSPF ABR, which maintains a link-state database for each connected area.
On broadcast, multiaccess networks, IS-IS elects a designated intermediate system (DIS), also referred to as a designated router (DR), which advertises links to all routers in the level. IS-IS elects a separate DIS for Level 1 and Level 2 areas (although they could be on the same router). DIS election is based on priority, which is a number between 0 and 127, with the router with the highest value becoming the DIS. IS-IS does not have a backup designated router.
For more background information about IS-IS, see The Complete IS-IS Routing Protocol (Springer) and OSPF and IS-IS: A Comparative Anatomy (http://www.nanog.org/mtg-0006/katz.html).
Router Configuration and File Management
Basic Router Security and Access Control
IPSec
SNMP
Logging
NTP
Router Interfaces
IP Routing
Routing Policy and Firewall Filters
RIP
IS-IS
OSPF
BGP
MPLS
VPNs
IP Multicast