Configure ISIS

This chapter describes the Cisco IOS XR commands to configure ISIS.

Prerequisites for Implementing IS-IS

You must be in a user group associated with a task group that includes the proper task IDs. The command reference guides include the task IDs required for each command. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Restrictions for Implementing IS-IS

When multiple instances of IS-IS are being run, an interface can be associated with only one instance (process). Instances may not share an interface.

Information About Implementing IS-IS

To implement IS-IS you need to understand the following concepts:

IS-IS Functional Overview

Small IS-IS networks are typically built as a single area that includes all routers in the network. As the network grows larger, it may be reorganized into a backbone area made up of the connected set of all Level 2 routers from all areas, which is in turn connected to local areas. Within a local area, routers know how to reach all system IDs. Between areas, routers know how to reach the backbone, and the backbone routers know how to reach other areas.

The IS-IS routing protocol supports the configuration of backbone Level 2 and Level 1 areas and the necessary support for moving routing information between the areas. Routers establish Level 1 adjacencies to perform routing within a local area (intra-area routing). Routers establish Level 2 adjacencies to perform routing between Level 1 areas (interarea routing).

Each IS-IS instance can support either a single Level 1 or Level 2 area, or one of each. By default, all IS-IS instances automatically support Level 1 and Level 2 routing. You can change the level of routing to be performed by a particular routing instance using the is-type command.

Restrictions

When multiple instances of IS-IS are being run, an interface can be associated with only one instance (process). Instances may not share an interface.

Key Features Supported in the IS-IS Implementation

The following list outlines key features supported in the implementation:

  • Multitopology

  • Nonstop forwarding (NSF), both Cisco proprietary and IETF

  • Three-way handshake

  • Mesh groups

  • Multiple IS-IS instances

  • Configuration of a broadcast medium connecting two networking devices as a point-to-point link

  • Fast-flooding with different threads handling flooding and shortest path first (SPF).

IS-IS Configuration Grouping

Cisco IOS XR groups all of the IS-IS configuration in router IS-IS configuration mode, including the portion of the interface configurations associated with IS-IS. To display the IS-IS configuration in its entirety, use the show running router isis command. The command output displays the running configuration for all configured IS-IS instances, including the interface assignments and interface attributes.

IS-IS Configuration Modes

The following sections show how to enter each of the configuration modes. From a mode, you can enter the ? command to display the commands available in that mode.

Router Configuration Mode

The following example shows how to enter router configuration mode:



  RP/0/RP0::hostname# configuration
  RP/0/RP0:hostname(config)# router isis isp
  RP/0/RP0:hostname(config-isis)# 
  

Router Address Family Configuration Mode

The following example shows how to enter router address family configuration mode:


  RP/0/(config)# router isis isp
  RP/0/(config-isis)# address-family ipv4 unicast
  RP/0/(config-isis-af)#
  

Interface Configuration Mode

The following example shows how to enter interface configuration mode:


  RP/0/(config)# router isis isp
  RP/0/(config-isis)# interface TenGigE0/6/0/2.10  
  RP/0/(config-isis-if)# 
  

Interface Address Family Configuration Mode

The following example shows how to enter interface address family configuration mode:


  RP/0/(config)# router isis isp
  RP/0/(config-isis)# interface TenGigE0/6/0/2.10
  RP/0/(config-isis-if)# address-family ipv4 unicast
  RP/0/(config-isis-if-af)#
  

IS-IS Interfaces

IS-IS interfaces can be configured as one of the following types:

  • Active—advertises connected prefixes and forms adjacencies. This is the default for interfaces.

  • Passive—advertises connected prefixes but does not form adjacencies. The passive command is used to configure interfaces as passive. Passive interfaces should be used sparingly for important prefixes such as loopback addresses that need to be injected into the IS-IS domain. If many connected prefixes need to be advertised then the redistribution of connected routes with the appropriate policy should be used instead.

  • Suppressed—does not advertise connected prefixes but forms adjacencies. The suppress command is used to configure interfaces as suppressed.

  • Shutdown—does not advertise connected prefixes and does not form adjacencies. The shutdown command is used to disable interfaces without removing the IS-IS configuration.

Limit LSP Flooding

Limiting link-state packets (LSP) may be desirable in certain “meshy” network topologies. An example of such a network might be a highly redundant one such as a fully meshed set of point-to-point links over a nonbroadcast multiaccess (NBMA) transport. In such networks, full LSP flooding can limit network scalability. One way to restrict the size of the flooding domain is to introduce hierarchy by using multiple Level 1 areas and a Level 2 area. However, two other techniques can be used instead of or with hierarchy: Block flooding on specific interfaces and configure mesh groups.

Both techniques operate by restricting the flooding of LSPs in some fashion. A direct consequence is that although scalability of the network is improved, the reliability of the network (in the face of failures) is reduced because a series of failures may prevent LSPs from being flooded throughout the network, even though links exist that would allow flooding if blocking or mesh groups had not restricted their use. In such a case, the link-state databases of different routers in the network may no longer be synchronized. Consequences such as persistent forwarding loops can ensue. For this reason, we recommend that blocking or mesh groups be used only if specifically required, and then only after careful network design.

Flood Blocking on Specific Interfaces

With this technique, certain interfaces are blocked from being used for flooding LSPs, but the remaining interfaces operate normally for flooding. This technique is simple to understand and configure, but may be more difficult to maintain and more error prone than mesh groups in the long run. The flooding topology that IS-IS uses is fine-tuned rather than restricted. Restricting the topology too much (blocking too many interfaces) makes the network unreliable in the face of failures. Restricting the topology too little (blocking too few interfaces) may fail to achieve the desired scalability.

To improve the robustness of the network in the event that all nonblocked interfaces drop, use the csnp-interval command in interface configuration mode to force periodic complete sequence number PDUs (CSNPs) packets to be used on blocked point-to-point links. The use of periodic CSNPs enables the network to become synchronized.

Mesh Group Configuration

Configuring mesh groups (a set of interfaces on a router) can help to limit flooding. All routers reachable over the interfaces in a particular mesh group are assumed to be densely connected with each router having at least one link to every other router. Many links can fail without isolating one or more routers from the network.

In normal flooding, a new LSP is received on an interface and is flooded out over all other interfaces on the router. With mesh groups, when a new LSP is received over an interface that is part of a mesh group, the new LSP is not flooded over the other interfaces that are part of that mesh group.

Maximum LSP Lifetime and Refresh Interval

By default, the router sends a periodic LSP refresh every 15 minutes. LSPs remain in a database for 20 minutes by default. If they are not refreshed by that time, they are deleted. You can change the LSP refresh interval or maximum LSP lifetime. The LSP interval should be less than the LSP lifetime or else LSPs time out before they are refreshed. In the absence of a configured refresh interval, the software adjusts the LSP refresh interval, if necessary, to prevent the LSPs from timing out.

IS-IS Authentication

Authentication is available to limit the establishment of adjacencies by using the hello-password command, and to limit the exchange of LSPs by using the lsp-password command.

IS-IS supports plain-text authentication, which does not provide security against unauthorized users. Plain-text authentication allows you to configure a password to prevent unauthorized networking devices from forming adjacencies with the router. The password is exchanged as plain text and is potentially visible to an agent able to view the IS-IS packets.

When an HMAC-MD5 password is configured, the password is never sent over the network and is instead used to calculate a cryptographic checksum to ensure the integrity of the exchanged data.

IS-IS stores a configured password using simple encryption. However, the plain-text form of the password is used in LSPs, sequence number protocols (SNPs), and hello packets, which would be visible to a process that can view IS-IS packets. The passwords can be entered in plain text (clear) or encrypted form.

To set the domain password, configure the lsp-password command for Level 2; to set the area password, configure the lsp-password command for Level 1.

The keychain feature allows IS-IS to reference configured keychains. IS-IS key chains enable hello and LSP keychain authentication. Keychains can be configured at the router level (in the case of the lsp-password command) and at the interface level (in the case of the hello-password command) within IS-IS. These commands reference the global keychain configuration and instruct the IS-IS protocol to obtain security parameters from the global set of configured keychains.

IS-IS is able to use the keychain to implement hitless key rollover for authentication. Key rollover specification is time based, and in the event of clock skew between the peers, the rollover process is impacted. The configurable tolerance specification allows for the accept window to be extended (before and after) by that margin. This accept window facilitates a hitless key rollover for applications (for example, routing and management protocols). 

Nonstop Forwarding

On software, NSF minimizes the amount of time a network is unavailable to its users following a route processor (RP) failover. The main objective of NSF is to continue forwarding IP packets and perform a graceful restart following an RP failover.

When a router restarts, all routing peers of that device usually detect that the device went down and then came back up. This transition results in what is called a routing flap, which could spread across multiple routing domains. Routing flaps caused by routing restarts create routing instabilities, which are detrimental to the overall network performance. NSF helps to suppress routing flaps in NSF-aware devices, thus reducing network instability.

NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following an RP failover. When the NSF feature is configured, peer networking devices do not experience routing flaps. Data traffic is forwarded through intelligent line cards while the standby RP assumes control from the failed active RP during a failover. The ability of line cards to remain up through a failover and to be kept current with the Forwarding Information Base (FIB) on the active RP is key to NSF operation.

When the Cisco IOS XR router running IS-IS routing performs an RP failover, the router must perform two tasks to resynchronize its link-state database with its IS-IS neighbors. First, it must relearn the available IS-IS neighbors on the network without causing a reset of the neighbor relationship. Second, it must reacquire the contents of the link-state database for the network.

The IS-IS NSF feature offers two options when configuring NSF:

  • IETF NSF

  • Cisco NSF

If neighbor routers on a network segment are NSF aware, meaning that neighbor routers are running a software version that supports the IETF Internet draft for router restartability, they assist an IETF NSF router that is restarting. With IETF NSF, neighbor routers provide adjacency and link-state information to help rebuild the routing information following a failover.

Cisco NSF checkpoints (stores persistently) all the state necessary to recover from a restart without requiring any special cooperation from neighboring routers. The state is recovered from the neighboring routers, but only using the standard features of the IS-IS routing protocol. This capability makes Cisco NSF suitable for use in networks in which other routers have not used the IETF standard implementation of NSF.


Note


If you configure IETF NSF on the Cisco IOS XR router and a neighbor router does not support IETF NSF, the affected adjacencies flap, but nonstop forwarding is maintained to all neighbors that do support IETF NSF. A restart reverts to a cold start if no neighbors support IETF NSF.


Multi-Instance IS-IS

You can configure up to eight IS-IS instances. MPLS can run on multiple IS-IS processes as long as the processes run on different sets of interfaces. Each interface may be associated with only a single IS-IS instance. Cisco IOS XR software prevents the double-booking of an interface by two instances at configuration time—two instances of MPLS configuration causes an error.

Because the Routing Information Base (RIB) treats each of the IS-IS instances as equal routing clients, you must be careful when redistributing routes between IS-IS instances. The RIB does not know to prefer Level 1 routes over Level 2 routes. For this reason, if you are running Level 1 and Level 2 instances, you must enforce the preference by configuring different administrative distances for the two instances.

Multiprotocol Label Switching Traffic Engineering

The MPLS TE feature enables an MPLS backbone to replicate and expand the traffic engineering capabilities of Layer 2 ATM and Frame Relay networks. MPLS is an integration of Layer 2 and Layer 3 technologies.

For IS-IS, MPLS TE automatically establishes and maintains MPLS TE label-switched paths across the backbone by using Resource Reservation Protocol (RSVP). The route that a label-switched path uses is determined by the label-switched paths resource requirements and network resources, such as bandwidth. Available resources are flooded by using special IS-IS TLV extensions in the IS-IS. The label-switched paths are explicit routes and are referred to as traffic engineering (TE) tunnels.

Overload Bit on Router

The overload bit is a special bit of state information that is included in an LSP of the router. If the bit is set on the router, it notifies routers in the area that the router is not available for transit traffic. This capability is useful in four situations:

  1. During a serious but nonfatal error, such as limited memory.

  2. During the startup and restart of the process. The overload bit can be set until the routing protocol has converged. However, it is not employed during a normal NSF restart or failover because doing so causes a routing flap.

  3. During a trial deployment of a new router. The overload bit can be set until deployment is verified, then cleared.

  4. During the shutdown of a router. The overload bit can be set to remove the router from the topology before the router is removed from service.

Overload Bit Configuration During Multitopology Operation

Because the overload bit applies to forwarding for a single topology, it may be configured and cleared independently for IPv4 during multitopology operation. For this reason, the overload is set from the router address family configuration mode. If the IPv4 overload bit is set, all routers in the area do not use the router for IPv4 transit traffic.

IS-IS Overload Bit Avoidance

The IS-IS overload bit avoidance feature allows network administrators to prevent label switched paths (LSPs) from being disabled when a router in that path has its Intermediate System-to-Intermediate System (IS-IS) overload bit set.

When the IS-IS overload bit avoidance feature is activated, all nodes with the overload bit set, including head nodes, mid nodes, and tail nodes, are ignored, which means that they are still available for use with label switched paths (LSPs).


Note


The IS-IS overload bit avoidance feature does not change the default behavior on nodes that have their overload bit set if those nodes are not included in the path calculation (PCALC).


The IS-IS overload bit avoidance feature is activated using the following command:

mpls traffic-eng path-selection ignore overload

The IS-IS overload bit avoidance feature is deactivated using the no form of this command:

no mpls traffic-eng path-selection ignore overload

When the IS-IS overload bit avoidance feature is deactivated, nodes with the overload bit set cannot be used as nodes of last resort.

Default Routes

You can force a default route into an IS-IS routing domain. Whenever you specifically configure redistribution of routes into an IS-IS routing domain, the software does not, by default, redistribute the default route into the IS-IS routing domain. The default-information originate command generates a default route into IS-IS, which can be controlled by a route policy. You can use the route policy to identify the level into which the default route is to be announced, and you can specify other filtering options configurable under a route policy. You can use a route policy to conditionally advertise the default route, depending on the existence of another route in the routing table of the router.

Attached Bit on an IS-IS Instance

The attached bit is set in a router that is configured with the is-type command and level-1-2 keyword. The attached bit indicates that the router is connected to other areas (typically through the backbone). This functionality means that the router can be used by Level 1 routers in the area as the default route to the backbone. The attached bit is usually set automatically as the router discovers other areas while computing its Level 2 SPF route. The bit is automatically cleared when the router becomes detached from the backbone.


Note


If the connectivity for the Level 2 instance is lost, the attached bit in the Level 1 instance LSP would continue sending traffic to the Level 2 instance and cause the traffic to be dropped.


To simulate this behavior when using multiple processes to represent the level-1-2 keyword functionality, you would manually configure the attached bit on the Level 1 process.

IS-IS Support for Route Tags

The IS-IS Support for route tags feature provides the capability to associate and advertise a tag with an IS-IS route prefix. Additionally, the feature allows you to prioritize the order of installation of route prefixes in the RIB based on a tag of a route. Route tags may also be used in route policy to match route prefixes (for example, to select certain route prefixes for redistribution).

MPLS TE Forwarding Adjacency

MPLS TE forwarding adjacency allows a network administrator to handle a traffic engineering, label switch path (LSP) tunnel as a link in an Interior Gateway Protocol (IGP) network, based on the Shortest Path First (SPF) algorithm. A forwarding adjacency can be created between routers in the same IS-IS level. The routers can be located multiple hops from each other. As a result, a TE tunnel is advertised as a link in an IGP network, with the cost of the link associated with it. Routers outside of the TE domain see the TE tunnel and use it to compute the shortest path for routing traffic throughout the network.

MPLS TE forwarding adjacency is considered in IS-IS SPF only if a two-way connectivity check is achieved. This is possible if the forwarding adjacency is bidirectional or the head end and tail end routers of the MPLS TE tunnel are adjacent.

The MPLS TE forwarding adjacency feature is supported by IS-IS. For details on configuring MPLS TE forwarding adjacency, see the MPLS Configuration Guide.

MPLS TE Interarea Tunnels

MPLS TE interarea tunnels allow you to establish MPLS TE tunnels that span multiple IGP areas (Open Shorted Path First [OSPF]) and levels (IS-IS), removing the restriction that required that both the tunnel headend and tailend routers be in the same area. The IGP can be either IS-IS or OSPF. See the Configuring MPLS Traffic Engineering for IS-IS for information on configuring MPLS TE for IS-IS.

For details on configuring MPLS TE interarea tunnels, see the MPLS Configuration Guide.

Unequal Cost Multipath Load-balancing for IS-IS

The unequal cost multipath (UCMP) load-balancing adds the capability with intermediate system-to-intermediate system (IS-IS) to load-balance traffic proportionally across multiple paths, with different cost.

Generally, higher bandwidth links have lower IGP metrics configured, so that they form the shortest IGP paths. With the UCMP load-balancing enabled, IGP can use even lower bandwidth links or higher cost links for traffic, and can install these paths to the forwarding information base (FIB). IS-IS IGP still installs multiple paths to the same destination in FIB, but each path will have a 'load metric/weight' associated with it. FIB uses this load metric/weight to decide the amount of traffic that needs to be sent on a higher bandwidth path and the amount of traffic that needs to be sent on a lower bandwidth path.

The UCMP computation is provided under IS-IS per address family, enabling UCMP computation for a particular address family. The UCMP configuration is also provided with a prefix-list option, which would limit the UCMP computation only for the prefixes present in the prefix-list. If prefix-list option is not provided, UCMP computation is done for the reachable prefixes in IS-IS. The number of UCMP nexthops to be considered and installed is controlled using the variance configuration. Variance value identifies the range for the UCMP path metric to be considered for installation into routing information base (RIB) and is defined in terms of a percentage of the primary path metric. Total number of paths, including ECMP and UCMP paths together is limited by the max-path configuration or by the max-path capability of the platform.

Enabling the UCMP configuration indicates that IS-IS should perform UCMP computation for the all the reachable ISIS prefixes or all the prefixes in the prefix-list, if the prefix-list option is used. The UCMP computation happens only after the primary SPF and route calculation is completed. There would be a delay of ISIS_UCMP_INITIAL_DELAY (default delay is 100 ms) milliseconds from the time route calculation is completed and UCMP computation is started. UCMP computation will be done before fast re-route computation. Fast re-route backup paths will be calculated for both the primary equal cost multipath ( ECMP) paths and the UCMP paths. Use the ucmp delay-interval command to configure the delay between primary SPF completion and start of UCMP computation.

UCMP ratio can be adjusted by any of the following ways:
  • By using the bandwidth command in interface configuration mode .

  • By adjusting ISIS metric on the links.

There is an option to exclude an interface from being used for UCMP computation. If it is desired that a particular interface should not be considered as a UCMP nexthop, for any prefix, then use the ucmp exclude interface command to configure the interface to be excluded from UCMP computation.

Enabling IS-IS and Configuring Level 1 or Level 2 Routing

This task explains how to enable IS-IS and configure the routing level for an area.


Note


Configuring the routing level in Step 4 is optional, but is highly recommended to establish the proper level of adjacencies.


Before you begin

Although you can configure IS-IS before you configure an IP address, no IS-IS routing occurs until at least one IP address is configured.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • By default, all IS-IS instances are automatically Level 1 and Level 2. You can change the level of routing to be performed by a particular routing instance by using the is-type router configuration command.

Step 3

net network-entity-title

Example:


RP/0/(config-isis)# net 47.0004.004d.0001.0001.0c11.1110.00

Configures network entity titles (NETs) for the routing instance.

  • Specify a NET for each routing instance if you are configuring multi-instance IS-IS.

  • This example configures a router with area ID 47.0004.004d.0001 and system ID 0001.0c11.1110.00.

  • To specify more than one area address, specify additional NETs. Although the area address portion of the NET differs, the systemID portion of the NET must match exactly for all of the configured items.

Step 4

is-type { level-1 | level-1-2 | level-2-only }

Example:


RP/0/(config-isis)# is-type level-2-only

(Optional) Configures the system type (area or backbone router).

  • By default, every IS-IS instance acts as a level-1-2 router.

  • The level-1 keyword configures the software to perform Level 1 (intra-area) routing only. Only Level 1 adjacencies are established. The software learns about destinations inside its area only. Any packets containing destinations outside the area are sent to the nearest level-1-2 router in the area.

  • The level-2-only keyword configures the software to perform Level 2 (backbone) routing only, and the router establishes only Level 2 adjacencies, either with other Level 2-only routers or with level-1-2 routers.

  • The level-1-2 keyword configures the software to perform both Level 1 and Level 2 routing. Both Level 1 and Level 2 adjacencies are established. The router acts as a border router between the Level 2 backbone and its Level 1 area.

Step 5

commit

Step 6

show isis [ instance instance-id ] protocol

Example:


RP/0/# show isis protocol

(Optional) Displays summary information about the IS-IS instance.


Configuring Single Topology for IS-IS

After an IS-IS instance is enabled, it must be configured to compute routes for a specific network topology.

This task explains how to configure the operation of the IS-IS protocol on an interface for an IPv4 topology.

Before you begin


Note


To enable the router to run in single-topology mode, configure each of the IS-IS interfaces with all of the address families enabled and “single-topology” in the address-family unicast in the IS-IS router stanza. You can use the IPv4 address family, but your configuration must represent the set of all active address families on the router.

Two exceptions to these instructions exist:

  1. If the address-family stanza in the IS-IS process contains the adjacency-check disable command, then an interface is not required to have the address family enabled.

  2. The single-topology command is not valid in the ipv4 address-family submode.

The default metric style for single topology is narrow metrics. However, you can use either wide metrics or narrow metrics. How to configure them depends on how single topology is configured.


Procedure


Step 1

configure

Step 2

interface type interface-path-id

Example:


RP/0/(config)# interface TenGigE 0/1/0/3 

Enters interface configuration mode.

Step 3

Do one of the following:

  • ipv4 address address mask

Example:


RP/0/(config-if)# ipv4 address 10.0.1.3 255.255.255.0
or

Defines the IPv4 address for the interface. An IP address is required on all interfaces in an area enabled for IS-IS if any one interface is configured for IS-IS routing.

  • The link-local address can be used only to communicate with nodes on the same link.

Step 4

exit

Example:


RP/0/(config-if)# exit

Exits interface configuration mode, and returns the router to XR config mode.

Step 5

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • By default, all IS-IS instances are Level 1 and Level 2. You can change the level of routing to be performed by a particular routing instance by using the is-type command.

Step 6

net network-entity-title

Example:


RP/0/(config-isis)# net 47.0004.004d.0001.0001.0c11.1110.00

Configures NETs for the routing instance.

  • Specify a NET for each routing instance if you are configuring multi-instance IS-IS. You can specify a name for a NET and for an address.

  • This example configures a router with area ID 47.0004.004d.0001 and system ID 0001.0c11.1110.00.

  • To specify more than one area address, specify additional NETs. Although the area address portion of the NET differs, the system ID portion of the NET must match exactly for all of the configured items.

Step 7

single-topology

Example:


RP/0/(config-isis-af)# single-topology

Step 8

exit

Example:


RP/0/(config-isis-af)# exit

Exits router address family configuration mode, and returns the router to router configuration mode.

Step 9

interface type interface-path-id

Example:


RP/0/(config-isis)# interface TenGigE 0/1/0/3 

Enters interface configuration mode.

Step 10

circuit-type { level-1 | level-1-2 | level-2-only }

Example:


RP/0/(config-isis-if)# circuit-type level-1-2

(Optional) Configures the type of adjacency.

  • The default circuit type is the configured system type (configured through the is-type command).

  • Typically, the circuit type must be configured when the router is configured as only level-1-2 and you want to constrain an interface to form only level-1 or level-2-only adjacencies.

Step 11

address-family ipv4 ]

Example:


RP/0/(config-isis-if)# address-family ipv4 unicast

Specifies the IPv4 address family, and enters interface address family configuration mode.

  • This example specifies the unicast IPv4 address family on the interface.

Step 12

commit

Step 13

show isis [ instance instance-id ] interface [ type interface-path-id ] [ detail ] [ level { 1 | 2 }]

Example:


RP/0/# show isis interface TenGigE 0/1/0/1 

(Optional) Displays information about the IS-IS interface.

Step 14

show isis [ instance instance-id ] topology [ systemid system-id ] [ level { 1 | 2 }] [ summary ]

Example:


RP/0/# show isis topology 

(Optional) Displays a list of connected routers in all areas.


Configuring Multitopology Routing

This set of procedures configures multitopology routing, which is used by PIM for reverse-path forwarding (RPF) path selection.

Restrictions for Configuring Multitopology Routing

  • Only the default VRF is currently supported in a multitopology solution.

  • Only intermediate system-intermediate system (IS-IS) routing protocols are currently supported.

  • Topology selection is restricted solely to (S, G) route sources for both SM and SSM. Static and IS-IS are the only interior gateway protocols (IGPs) that support multitopology deployment.

    For non-(S, G) route sources like a rendezvous point or bootstrap router (BSR), or when a route policy is not configured, the current policy default remains in effect. In other words, a unicast-default table is selected for all sources, based on OSFP/IS-IS/Multiprotocol Border Gateway Protocol (MBGP) configuration.

Information About Multitopology Routing

Configuring multitopology networks requires the following tasks:

Configuring a Global Topology and Associating It with an Interface

Follow these steps to enable a global topology in the default VRF and to enable its use with a specific interface.

Procedure

Step 1

configure

Step 2

address-family { ipv4 } topo-name

Example:

RP/0/(config)# address-family ipv4 topology green

Configures a topology in the default VRF table that will be associated with a an interface.

Step 3

maximum prefix limit

Example:

RP/0/(config-af)# maximum prefix 100

(Optional) Limits the number of prefixes allowed in a topology routing table. Range is 32 to 2000000.

Step 4

interface type interface-path-id

Example:

RP/0/(config-af)# interface TenGigE 0/3/0/0

Specifies the interface to be associated with the previously specified VRF table that will add the connected and local routes to the appropriate routing table.

Step 5

address-family { ipv4 } topo-name

Example:

RP/0/(config-if)# address-family ipv4 unicast topology green

Enables the topology for the interface specified in Configuring a Global Topology and Associating It with an Interface, adding the connected and local routes to the appropriate routing table.

Step 6

Repeat Step 4 and Step 5 until you have specified all the interface instances you want to associate with your topologies.

Example:

RP/0/(config-if-af)# interface TenGigE 0/3/2/0
RP/0/router(config-if)# address-family ipv4 unicast topology purple
RP/0/(config-if-af)#

Step 7

commit


Enabling an IS-IS Topology

To enable a topology in IS-IS, you must associate an IS-IS topology ID with the named topology. IS-IS uses the topology ID to differentiate topologies in the domain.


Note


This command must be configured prior to other topology commands.


Procedure

Step 1

configure

Step 2

router isis instance-id

Example:

RP/0/(config)# router isis purple

Enters IS-IS configuration submode.

Step 3

address-family { ipv4 } topo-name

Example:

RP/0/(config-isis)# address-family ipv4 topology green

Associates an IS-IS topology ID with the named topology.

Step 4

topology-id toplogy-id

Example:
RP/0/(config-isis-af)# topology-id 122 

Step 5

commit


Placing an Interface in a Topology in IS-IS

To associate an interface with a topology in IS-IS, follow these steps.

Procedure

Step 1

configure

Step 2

router isis instance-id

Example:

RP/0/(config)# router isis purple

Enters IS-IS configuration submode.

Step 3

net network-entity-title

Example:

RP/0/(config-isis)# net netname

Creates a network entity title for the configured isis interface.

Step 4

interface type interface-path-id

Example:

RP/0/(config-isis)# interface TenGigE 0/3/0/0

Enters isis interface configuration submode and creates an interface instance.

Step 5

address-family { ipv4 topo-name

Example:

RP/0/(config-isis-if)# address-family ipv4 topology green
  • Enters isis address-family interface configuration submode.

  • Places the interface instance into a topology.

Step 6

Repeat Placing an Interface in a Topology in IS-IS and Placing an Interface in a Topology in IS-IS until you have specified all the interface instances and associated topologies you want to configure in your network.

Step 7

commit


Configuring a Routing Policy

Procedure

Step 1

configure

Step 2

route-policy policy-name

Example:

RP/0/(config)# route-policy mt1
RP/0/(config-rpl)# if destination in 225.0.0.1, 225.0.0.11 then
RP/0/(config-rpl-if)# if source in (10.10.10.10) then
RP/0/(config-rpl-if-2)# set rpf-topology ipv4 topology greentable
RP/0/(config-rpl-if-2)# else
RP/0/(config-rpl-if-else-2)# set rpf-topology ipv4 topology bluetable
RP/0/(config-rpl-if-else-2)# endif
RP/0/(config-rpl-if)# endif
  

Defines a routing policy and enters routing policy configuration submode.

Step 3

end-policy

Example:

RP/0/(config-rpl)# end-policy
RP/0/(config)#
  

Signifies the end of route policy definition and exits routing policy configuration submode.

Step 4

commit


Configuring Multitopology for IS-IS

Multitopology is configured in the same way as the single topology. However, the single - topology command is omitted, invoking the default multitopology behavior. This task is optional.

Controlling LSP Flooding for IS-IS

Flooding of LSPs can limit network scalability. You can control LSP flooding by tuning your LSP database parameters on the router globally or on the interface. This task is optional.

Many of the commands to control LSP flooding contain an option to specify the level to which they apply. Without the option, the command applies to both levels. If an option is configured for one level, the other level continues to use the default value. To configure options for both levels, use the command twice. For example:


  RP/0/(config-isis)# lsp-refresh-interval 1200 level 2
  RP/0/(config-isis)# lsp-refresh-interval 1100 level 1
  
         

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type router configuration command.

Step 3

lsp-refresh-interval seconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis)# lsp-refresh-interval 10800

(Optional) Sets the time between regeneration of LSPs that contain different sequence numbers

  • The refresh interval should always be set lower than the max-lsp-lifetime command.

Step 4

lsp-check-interval seconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis)# lsp-check-interval 240

(Optional) Configures the time between periodic checks of the entire database to validate the checksums of the LSPs in the database.

  • This operation is costly in terms of CPU and so should be configured to occur infrequently.

Step 5

lsp-gen-interval { [ initial-wait initial | secondary-wait secondary | maximum-wait maximum ] ... } [ level { 1 | 2 }]

Example:


RP/0/(config-isis)# lsp-gen-interval maximum-wait 15 initial-wait 5

(Optional) Reduces the rate of LSP generation during periods of instability in the network. Helps reduce the CPU load on the router and number of LSP transmissions to its IS-IS neighbors.

  • During prolonged periods of network instability, repeated recalculation of LSPs can cause an increased CPU load on the local router. Further, the flooding of these recalculated LSPs to the other Intermediate Systems in the network causes increased traffic and can result in other routers having to spend more time running route calculations.

Step 6

max-lsp-lifetime seconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis)# max-lsp-lifetime 11000

(Optional) Sets the initial lifetime given to an LSP originated by the router.

  • This is the amount of time that the LSP persists in the database of a neighbor unless the LSP is regenerated or refreshed.

Step 7

ignore-lsp-errors disable

Example:


RP/0/(config-isis)# ignore-lsp-errors disable

(Optional) Sets the router to purge LSPs received with checksum errors.

Step 8

interface type interface-path-id

Example:


RP/0/(config-isis)# interface TenGigE 0/1/0/3 

Enters interface configuration mode.

Step 9

lsp-interval milliseconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)# lsp-interval 100

(Optional) Configures the amount of time between each LSP sent on an interface.

Step 10

csnp-interval seconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)# csnp-interval 30 level 1

(Optional) Configures the interval at which periodic CSNP packets are sent on broadcast interfaces.

  • Sending more frequent CSNPs means that adjacent routers must work harder to receive them.

  • Sending less frequent CSNP means that differences in the adjacent routers may persist longer.

Step 11

retransmit-interval seconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)# retransmit-interval 60

(Optional) Configures the amount of time that the sending router waits for an acknowledgment before it considers that the LSP was not received and subsequently resends.


RP/0/(config-isis-if)# retransmit-interval 60

Step 12

retransmit-throttle-interval milliseconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)# retransmit-throttle-interval 1000

(Optional) Configures the amount of time between retransmissions on each LSP on a point-to-point interface.

  • This time is usually greater than or equal to the lsp-interval command time because the reason for lost LSPs may be that a neighboring router is busy. A longer interval gives the neighbor more time to receive transmissions.

Step 13

mesh-group { number | blocked }

Example:


RP/0/(config-isis-if)# mesh-group blocked

(Optional) Optimizes LSP flooding in NBMA networks with highly meshed, point-to-point topologies.

  • This command is appropriate only for an NBMA network with highly meshed, point-to-point topologies.

Step 14

commit

Step 15

show isis interface [ type interface-path-id | level { 1 | 2 }] [ brief ]

Example:


RP/0/# show isis interface TenGigE 0/1/0/1 brief

(Optional) Displays information about the IS-IS interface.

Step 16

show isis [ instance instance-id ] database [ level { 1 | 2 }] [ detail | summary | verbose ] [ * | lsp-id ]

Example:


RP/0/# show isis database level 1

(Optional) Displays the IS-IS LSP database.

Step 17

show isis [ instance instance-id ] lsp-log [ level { 1 | 2 }]

Example:


RP/0/# show isis lsp-log

(Optional) Displays LSP log information.

Step 18

show isis database-log [ level { 1 | 2 }]

Example:


RP/0/# show isis database-log level 1

(Optional) Display IS-IS database log information.


Configuring Nonstop Forwarding for IS-IS

This task explains how to configure your router with NSF that allows to resynchronize the IS-IS link-state database with its IS-IS neighbors after a process restart. The process restart could be due to an:

  • RP failover (for a warm restart)

  • Simple process restart (due to an IS-IS reload or other administrative request to restart the process)

  • IS-IS software upgrade

In all cases, NSF mitigates link flaps and loss of user sessions. This task is optional.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type router configuration command.

Step 3

nsf { cisco | ietf }

Example:


RP/0/(config-isis)# nsf ietf

Enables NSF on the next restart.

  • Enter the cisco keyword to run IS-IS in heterogeneous networks that might not have adjacent NSF-aware networking devices.

  • Enter the ietf keyword to enable IS-IS in homogeneous networks where all adjacent networking devices support IETF draft-based restartability.

Step 4

nsf interface-expires number

Example:


RP/0/(config-isis)# nsf interface-expires 1

Configures the number of resends of an acknowledged NSF-restart acknowledgment.

  • If the resend limit is reached during the NSF restart, the restart falls back to a cold restart.

Step 5

nsf interface-timer seconds

Example:


RP/0/(config-isis) nsf interface-timer 15

Configures the number of seconds to wait for each restart acknowledgment.

Step 6

nsf lifetime seconds

Example:


RP/0/(config-isis)# nsf lifetime 20

Configures the maximum route lifetime following an NSF restart.

  • This command should be configured to the length of time required to perform a full NSF restart because it is the amount of time that the Routing Information Base (RIB) retains the routes during the restart.

  • Setting this value too high results in stale routes.

  • Setting this value too low could result in routes purged too soon.

Step 7

commit

Step 8

show running-config [ command ]

Example:


RP/0/# show running-config router isis isp

(Optional) Displays the entire contents of the currently running configuration file or a subset of that file.

  • Verify that “nsf” appears in the IS-IS configuration of the NSF-aware device.

  • This example shows the contents of the configuration file for the “isp” instance only.


Configuring Authentication for IS-IS

This task explains how to configure authentication for IS-IS. This task is optional.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type command.

Step 3

lsp-password { hmac-md5 | text } { clear | encrypted } password [ level { 1 | 2 }] [ send-only ] [ snp send-only ]

Example:


RP/0/(config-isis)# lsp-password hmac-md5 clear password1 level 1

Configures the LSP authentication password.

  • The hmac-md5 keyword specifies that the password is used in HMAC-MD5 authentication.

  • The text keyword specifies that the password uses cleartext password authentication.

  • The clear keyword specifies that the password is unencrypted when entered.

  • The encrypted keyword specifies that the password is encrypted using a two-way algorithm when entered.

  • The level 1 keyword sets a password for authentication in the area (in Level 1 LSPs and Level SNPs).

  • The level 2 keywords set a password for authentication in the backbone (the Level 2 area).

  • The send-only keyword adds authentication to LSP and sequence number protocol data units (SNPs) when they are sent. It does not authenticate received LSPs or SNPs.

  • The snp send-only keyword adds authentication to SNPs when they are sent. It does not authenticate received SNPs.

Note

 

To disable SNP password checking, the snp send-only keywords must be specified in the lsp-password command.

Step 4

interface type interface-path-id

Example:


RP/0/(config-isis)# interface TenGigE0/6/0/2.10 

Enters interface configuration mode.

Step 5

hello-password { hmac-md5 | text } { clear | encrypted } password [ level { 1 | 2 }] [ send-only ]

Example:


RP/0/(config-isis-if)#hello-password text clear mypassword

Configures the authentication password for an IS-IS interface.

Step 6

commit


Configuring Keychains for IS-IS

This task explains how to configure keychains for IS-IS. This task is optional.

Keychains can be configured at the router level ( lsp-password command) and at the interface level ( hello-password command) within IS-IS. These commands reference the global keychain configuration and instruct the IS-IS protocol to obtain security parameters from the global set of configured keychains. The router-level configuration (lsp-password command) sets the keychain to be used for all IS-IS LSPs generated by this router, as well as for all Sequence Number Protocol Data Units (SN PDUs). The keychain used for HELLO PDUs is set at the interface level, and may be set differently for each interface configured for IS-IS.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type command.

Step 3

l sp-password keychain keychain-name [ level { 1 | 2 }] [ send-only ] [ snp send-only ]

Example:


RP/0/(config-isis)# lsp-password keychain isis_a level 1

Configures the keychain.

Step 4

interface type interface-path-id

Example:


RP/0/(config-isis)# interface TenGigE0/6/0/2.10 

Enters interface configuration mode.

Step 5

h ello-password keychain keychain-name [ level { 1 | 2 }] [ send-only ]

Example:


RP/0/(config-isis-if)#hello-password keychain isis_b

Configures the authentication password for an IS-IS interface.

Step 6

commit


Configuring MPLS Traffic Engineering for IS-IS

This task explains how to configure IS-IS for MPLS TE. This task is optional.

Before you begin

Your network must support the MPLS software feature before you enable MPLS TE for IS-IS on your router.


Note


You must enter the commands in the following task list on every IS-IS router in the traffic-engineered portion of your network.



Note


MPLS traffic engineering currently does not support routing and signaling of LSPs over unnumbered IP links. Therefore, do not configure the feature over those links.


Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type router configuration command.

Step 3

address-family { ipv4 } [ unicast ]

Example:


RP/0/(config-isis)#address-family ipv4 unicast 

Specifies the IPv4 address family, and enters router address family configuration mode.

Step 4

mpls traffic-eng level { 1 | 2 }

Example:


RP/0/(config-isis-af)# mpls traffic-eng level 1 

Configures a router running IS-IS to flood MPLS TE link information into the indicated IS-IS level.

Step 5

mpls traffic-eng router-id { ip-address | interface-name interface-instance }

Example:


RP/0/(config-isis-af)# mpls traffic-eng router-id loopback0

Specifies that the MPLS TE router identifier for the node is the given IP address or an IP address associated with the given interface.

Step 6

metric-style wide [ level { 1 | 2 }]

Example:


RP/0/(config-isis-af)# metric-style wide level 1

Configures a router to generate and accept only wide link metrics in the Level 1 area.

Step 7

commit

Step 8

show isis [ instance instance-id ] mpls traffic-eng tunnel

Example:


RP/0/# show isis instance isp mpls traffic-eng tunnel 

(Optional) Displays MPLS TE tunnel information.

Step 9

show isis [ instance instance-id ] mpls traffic-eng adjacency-log

Example:


RP/0/# show isis instance isp mpls traffic-eng adjacency-log 

(Optional) Displays a log of MPLS TE IS-IS adjacency changes.

Step 10

show isis [ instance instance-id ] mpls traffic-eng advertisements

Example:


RP/0/# show isis instance isp mpls traffic-eng advertisements 

(Optional) Displays the latest flooded record from MPLS TE.


Tuning Adjacencies for IS-IS

This task explains how to enable logging of adjacency state changes, alter the timers for IS-IS adjacency packets, and display various aspects of adjacency state. Tuning your IS-IS adjacencies increases network stability when links are congested. This task is optional.

For point-to-point links, IS-IS sends only a single hello for Level 1 and Level 2, which means that the level modifiers are meaningless on point-to-point links. To modify hello parameters for a point-to-point interface, omit the specification of the level options.

The options configurable in the interface submode apply only to that interface. By default, the values are applied to both Level 1 and Level 2.

The hello-password command can be used to prevent adjacency formation with unauthorized or undesired routers. This ability is particularly useful on a LAN, where connections to routers with which you have no desire to establish adjacencies are commonly found.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type command.

Step 3

log adjacency changes

Example:


RP/0/(config-isis)# log adjacency changes

Generates a log message when an IS-IS adjacency changes state (up or down).

Step 4

interface type interface-path-id

Example:


RP/0/(config-isis)# interface TenGigE 0/1/0/3 

Enters interface configuration mode.

Step 5

hello-padding { disable | sometimes } [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)# hello-padding sometimes

Configures padding on IS-IS hello PDUs for an IS-IS interface on the router.

  • Hello padding applies to only this interface and not to all interfaces.

Step 6

hello-interval seconds [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)#hello-interval 6

Specifies the length of time between hello packets that the software sends.

Step 7

hello-multiplier multiplier [ level { 1 | 2 }]

Example:


RP/0/(config-isis-if)# hello-multiplier 10

Specifies the number of IS-IS hello packets a neighbor must miss before the router should declare the adjacency as down.

  • A higher value increases the networks tolerance for dropped packets, but also may increase the amount of time required to detect the failure of an adjacent router.

  • Conversely, not detecting the failure of an adjacent router can result in greater packet loss.

Step 8

h ello-password { hmac-md5 | text } { clear | encrypted } password [ level { 1 | 2 }] [ send-only ]

Example:


RP/0/(config-isis-if)# hello-password text clear mypassword

Specifies that this system include authentication in the hello packets and requires successful authentication of the hello packet from the neighbor to establish an adjacency.

Step 9

commit

Step 10

show isis [ instance instance-id ] adjacency t ype interface- path-id ] [ detail ] [ systemid system-id ]

Example:


RP/0/# show isis instance isp adjacency

(Optional) Displays IS-IS adjacencies.

Step 11

show isis adjacency-log

Example:


RP/0/# show isis adjacency-log

(Optional) Displays a log of the most recent adjacency state transitions.

Step 12

show isis [ instance instance-id ] interface [ type interface-path-id ] [ brief | detail ] [ level { 1 | 2 }]

Example:


RP/0/# show isis interface TenGigE0/6/0/2.10 brief

(Optional) Displays information about the IS-IS interface.

Step 13

show isis [ instance instance-id ] neighbors [ interface-type interface-instance ] [ summary ] [ detail ] [ systemid system-id ]

Example:


RP/0/# show isis neighbors summary

(Optional) Displays information about IS-IS neighbors.


Setting SPF Interval for a Single-Topology IPv4 Configuration

This task explains how to make adjustments to the SPF calculation to tune router performance. This task is optional.

Because the SPF calculation computes routes for a particular topology, the tuning attributes are located in the router address family configuration submode. SPF calculation computes routes for Level 1 and Level 2 separately.

To tune the SPF calculation parameters for single-topology mode, configure the address-family ipv4 unicast command.

The incremental SPF algorithm can be enabled separately. When enabled, the incremental shortest path first (ISPF) is not employed immediately. Instead, the full SPF algorithm is used to “seed” the state information required for the ISPF to run. The startup delay prevents the ISPF from running for a specified interval after an IS-IS restart (to permit the database to stabilize). After the startup delay elapses, the ISPF is principally responsible for performing all of the SPF calculations. The reseed interval enables a periodic running of the full SPF to ensure that the iSFP state remains synchronized.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode.

  • You can change the level of routing to be performed by a particular routing instance by using the is-type router configuration command.

Step 3

address-family { ipv4 } [ unicast ]

Example:


RP/0/(config-isis)#address-family ipv4 unicast 

Specifies the IPv4 address family, and enters router address family configuration mode.

Step 4

spf-interval {[ initial-wait initial | secondary-wait secondary | maximum-wait maximum ] ...} [ level { 1 | 2 }]

Example:


RP/0/(config-isis-af)# spf-interval initial-wait 10 maximum-wait 30

(Optional) Controls the minimum time between successive SPF calculations.

  • This value imposes a delay in the SPF computation after an event trigger and enforces a minimum elapsed time between SPF runs.

  • If this value is configured too low, the router can lose too many CPU resources when the network is unstable.

  • Configuring the value too high delays changes in the network topology that result in lost packets.

  • The SPF interval does not apply to the running of the ISPF because that algorithm runs immediately on receiving a changed LSP.

Step 5

ispf [ level { 1 | 2 }]

Example:


RP/0/(config-isis-af)# ispf

(Optional) Configures incremental IS-IS ISPF to calculate network topology.

Step 6

commit

Step 7

show isis [ instance instance-id ] [[ ipv4 | afi-all ] [ unicast | safi-all ]] spf-log [ level { 1 | 2 }] [ ispf | fspf | prc | nhc ] [ detail | verbose ] [ last number | first number ]

Example:


RP/0/# show isis instance 1 spf-log ipv4

(Optional) Displays how often and why the router has run a full SPF calculation.


Customizing Routes for IS-IS

This task explains how to perform route functions that include injecting default routes into your IS-IS routing domain and redistributing routes learned in another IS-IS instance. This task is optional.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing process, and places the router in router configuration mode.

  • By default, all IS-IS instances are automatically Level 1 and Level 2. You can change the level of routing to be performed by a particular routing instance by using the is-type command.

Step 3

set-overload-bit [ on-startup { delay | wait-for-bgp }] [ level { 1 | 2 }]

Example:


RP/0/(config-isis)# set-overload-bit

(Optional) Sets the overload bit.

Note

 

The configured overload bit behavior does not apply to NSF restarts because the NSF restart does not set the overload bit during restart.

Step 4

address-family { ipv4 } [ unicast ]

Example:


RP/0/(config-isis)# address-family ipv4 unicast 

Specifies the IPv4 address family, and enters router address family configuration mode.

Step 5

default-information originate [ route-policy route-policy-name ]

Example:


RP/0/(config-isis-af)# default-information originate

(Optional) Injects a default IPv4 route into an IS-IS routing domain.

  • The route-policy keyword and route-policy-name argument specify the conditions under which the IPv4 default route is advertised.

  • If the route-policy keyword is omitted, then the IPv4 default route is unconditionally advertised at Level 2.

Step 6

redistribute isis instance [ level-1 | level-2 | level-1-2 ] [ metric metric ] [ metric-type { internal | external }] [ policy policy-name ]

Example:


RP/0/(config-isis-af)# redistribute isis 2 level-1

(Optional) Redistributes routes from one IS-IS instance into another instance.

  • In this example, an IS-IS instance redistributes Level 1 routes from another IS-IS instance.

Step 7

Do the following:

  • summary-prefix address / prefix-length [ level { 1 | 2 }]

Example:


RP/0/(config-isis-af)# summary-prefix 10.1.0.0/16 level 1

or


RP/0/(config-isis-af)# summary-prefix 3003:xxxx::/24 level 1

(Optional) Allows a Level 1-2 router to summarize Level 1 IPv4 prefixe at Level 2, instead of advertising the Level 1 prefixes directly when the router advertises the summary.

  • This example specifies an IPv4 address and mask.

Step 8

maximum-paths route-number

Example:


RP/0/(config-isis-af)# maximum-paths 16

(Optional) Configures the maximum number of parallel paths allowed in a routing table.

Step 9

distance weight [ address / prefix-length [ route-list-name ]]

Example:


RP/0/(config-isis-af)# distance 90

(Optional) Defines the administrative distance assigned to routes discovered by the IS-IS protocol.

  • A different administrative distance may be applied for IPv4.

Step 10

set-attached-bit

Example:


RP/0/(config-isis-af)# set-attached-bit

(Optional) Configures an IS-IS instance with an attached bit in the Level 1 LSP.

Step 11

commit


Tagging IS-IS Interface Routes

This optional task describes how to associate a tag with a connected route of an IS-IS interface.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing process, and places the router in router configuration mode. In this example, the IS-IS instance is called isp.

Step 3

address-family { ipv4 } [ unicast ]

Example:


RP/0/(config-isis)# address-family ipv4 unicast 

Specifies the IPv4 address family, and enters router address family configuration mode.

Step 4

metric-style wide [ transition ] [ level { 1 | 2 }]

Example:


RP/0/(config-isis-af)# metric-style wide level 1

Configures a router to generate and accept only wide link metrics in the Level 1 area.

Step 5

exit

Example:


RP/0/(config-isis-af)# exit

Exits router address family configuration mode, and returns the router to router configuration mode.

Step 6

interface type number

Example:


RP/0/(config-isis)# interface TenGigE0/6/0/2.10 

Enters interface configuration mode.

Step 7

address-family { ipv4 } [ unicast ]

Example:


RP/0/(config-isis-if)# address-family ipv4 unicast 

Specifies the IPv4 address family, and enters address family configuration mode.

Step 8

tag tag

Example:


RP/0/(config-isis-if-af)# tag 3 

Sets the value of the tag to associate with the advertised connected route.

Step 9

commit

Step 10

show isis [ ipv4 | afi-all ] [ unicast | safi-all ] route [ detail ]

Example:


RP/0/(config-isis-if-af)# show isis ipv4 route detail

Displays tag information. Verify that all tags are present in the RIB.


Setting the Priority for Adding Prefixes to the RIB

This optional task describes how to set the priority (order) for which specified prefixes are added to the RIB. The prefixes can be chosen using an access list (ACL), prefix list, or by matching a tag value.

Procedure


Step 1

configure

Step 2

router isis instance-id

Example:


RP/0/(config)# router isis isp

Enables IS-IS routing for the specified routing process, and places the router in router configuration mode. In this example, the IS-IS instance is called isp.

Step 3

address-family { ipv4 } [ unicast ]

Example:


RP/0/(config-isis)# address-family ipv4 unicast 

Specifies the IPv4 address family, and enters router address family configuration mode.

Step 4

metric-style wide [ transition ] [ level { 1 | 2 }]

Example:


RP/0/(config-isis-af)# metric-style wide level 1

Configures a router to generate and accept only wide-link metrics in the Level 1 area.

Step 5

spf prefix-priority [ level { 1 | 2 }] { critical | high | medium } { access-list-name | tag tag }

Example:


RP/0/(config-isis-af)# spf prefix-priority high tag 3

Installs all routes tagged with the value 3 first.

Step 6

commit


Configuration Examples for Implementing IS-IS

This section provides the following configuration examples:

Redistributing IS-IS Routes Between Multiple Instances: Example

The following example shows usage of the set- attached-bit and redistribute commands. Two instances, instance “1” restricted to Level 1 and instance “2” restricted to Level 2, are configured.

The Level 1 instance is propagating routes to the Level 2 instance using redistribution. Note that the administrative distance is explicitly configured higher on the Level 2 instance to ensure that Level 1 routes are preferred.

Attached bit is being set for the Level 1 instance since it is redistributing routes into the Level 2 instance. Therefore, instance “1” is a suitable candidate to get from the area to the backbone.


  router isis 1
    is-type level-2-only
   net 49.0001.0001.0001.0001.00
   address-family ipv4 unicast
    distance 116
    redistribute isis 2 level 2
  !
  interface TenGigE 0/3/0/0
   address-family ipv4 unicast
  !
  !
  router isis 2
   is-type level-1
   net 49.0002.0001.0001.0002.00
   address-family ipv4 unicast
    set
-attached
  !
  interface TenGigE 0/1/0/0
   address-family ipv4 unicast
  

Configuring IS-IS Overload Bit Avoidance: Example

The following example shows how to activate IS-IS overload bit avoidance:


  RP/0/# config
  RP/0/(config)# mpls traffic-eng path-selection ignore overload

The following example shows how to deactivate IS-IS overload bit avoidance:


  RP/0/# config
  RP/0/(config)# no mpls traffic-eng path-selection ignore overload

Tagging Routes: Example

The following example shows how to tag routes.


  route-policy isis-tag-55
  end-policy
  !
  route-policy isis-tag-555
    if destination in (5.5.5.0/24 eq 24) then
      set tag 555
      pass
    else
      drop
    endif
  end-policy
  !
  router static
   address-family ipv4 unicast
    0.0.0.0/0 2.6.0.1
    5.5.5.0/24 Null0
   !
  !
  router isis uut
   net 00.0000.0000.12a5.00
   address-family ipv4 unicast
    metric-style wide
    redistribute static level-1 route-policy isis-tag-555
    spf prefix-priority critical tag 13
    spf prefix-priority high tag 444
    spf prefix-priority medium tag 777
  
  

Configuring IS-IS Overload Bit Avoidance: Example

The following example shows how to activate IS-IS overload bit avoidance:


  RP/0/# config
  RP/0/(config)# mpls traffic-eng path-selection ignore overload

The following example shows how to deactivate IS-IS overload bit avoidance:


  RP/0/# config
  RP/0/(config)# no mpls traffic-eng path-selection ignore overload

Example: Configuring IS-IS To Handle Router Overload

This section describes an example for configuring IS-IS to handle overloading of routers, without setting the overload bit.

When a router is configured with the IS-IS overload bit, it participates in the routing process when the overload bit is set, but does not forward traffic (except for traffic to directly connected interfaces). To configure the overload behavior for IS-IS, without setting the overload bit, configure the max-link-metric statement. By configuring this statement, the router participates in the routing process and is used as a transit node of last resort.

Figure 1.

Before you begin

Ensure that you are familiar with configuring router interfaces for a given topology.

Procedure


Step 1

Configure Routers A, B, and C as shown in the topology.

Use the following IP Addresses:

  • Router A Loopback0: 1.1.1.1/32 and 1::1/128

  • Router A -> Router B: 11.11.11.2/24 and 11:11:11::2/64

  • Router B Loopback0: 2.2.2.2/32 and 2::2/128

  • Router B -> Router A: 11.11.11.1/24 and 11:11:11::1/64

  • Router B-> Router C: 13.13.13.1/24 and 13:13:13::1/64

  • Router C Loopback0: 3.3.3.3/32 and 3::3/128

  • Router C-> Router B: 13.13.13.2/24 and 13:13:13::2/64

Step 2

Configure IS-IS and the corresponding net addresses on Routers A, B and C.

Example:

!Router A
RP/0/RP0::RouterA(config)# router isis ring
RP/0/RP0::RouterA(config-isis)# net 00.0000.0000.0001.00
RP/0/RP0:RouterA(config-isis)# address-family ipv4 unicast
RP/0/RP0:RouterA(config-isis)# metric-style wide
RP/0/RP0:RouterA(config-isis-af)# exit 

!Router B
RP/0/RP0:RouterB(config)# router isis ring
RP/0/RP0:RouterB(config-isis)# net 00.0000.0000.0002.00
RP/0/RP0:RouterB(config-isis)# address-family ipv4 unicast
RP/0/RP0:RouterB(config-isis-af)# exit

!Router C
RP/0/RP0:RouterC(config)# router isis ring
RP/0/RP0:RouterC(config-isis)# net 00.0000.0000.0003.00
RP/0/RP0:RouterC(config-isis)# address-family ipv4 unicast
RP/0/RP0:RouterA(config-isis)# metric-style wide
RP/0/RP0:RouterC(config-isis-af)# exit

Step 3

Configure IPv4 address families on the loopback interfaces of Routers A, B, and C.

Example:

RP/0/RP0:Router(config-isis)# interface loopback0
RP/0/RP0:Router(config-isis-if)# address-family ipv4 unicast
RP/0/RP0:Router(config-isis-if-af)# exit          
RP/0/RP0:Router(config-isis-if)# exit
RP/0/RP0:Router(config-isis)#

Step 4

Configure the link metrics on the router interfaces.

Example:

! Configuration for Router A Interface TenGigE 0/0/0/0 with Router B is shown here. Similarly, configure other router interfaces.
RP/0/RP0:RouterA(config-isis)# interface TenGigE 0/0/0/0
RP/0/RP0:RouterA(config-isis-if)# address-family ipv4 unicast
RP/0/RP0:RouterA(config-isis-if-af)# metric 10
RP/0/RP0:RouterA(config-isis-if-af)# exit
RP/0/RP0:RouterA(config-isis-if)# exit
RP/0/RP0:RouterA(config-isis)#

Step 5

Confirm your configuration by viewing the route prefixes on Routers A, B, and C.

Example:


! The outputs for Router A are shown here. Similarly, view the outputs for Routers B and C.
RP/0/RP0:RouterA# show route
Tue Oct 13 13:55:18.342 PST

Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
       U - per-user static route, o - ODR, L - local, G  - DAGR, l - LISP
       A - access/subscriber, a - Application route
       M - mobile route, (!) - FRR Backup path

Gateway of last resort is not set

L    1.1.1.1/32 is directly connected, 00:03:40, Loopback0
i L1 2.2.2.2/32 [115/20] via 11.11.11.2, 00:01:27, TenGigE0/0/0/0
i L1 3.3.3.3/32 [115/30] via 11.11.11.2, 00:01:27, TenGigE0/0/0/0
C    11.11.11.0/24 is directly connected, 00:03:39, TenGigE0/0/0/0
L    11.11.11.1/32 is directly connected, 00:03:39, TenGigE0/0/0/0
i L1 13.13.13.0/24 [115/20] via 11.11.11.2, 00:01:27, TenGigE0/0/0/0
i L1 15.15.15.0/24 [115/30] via 11.11.11.2, 00:01:27, TenGigE0/0/0/0




Step 6

Confirm the link metrics on Router B, prior to configuring the max-link-metric statement.

Example:

RP/0/RP0:RouterB# show isis database
Tue Oct 13 13:56:44.077 PST

No IS-IS RING levels found
IS-IS ring (Level-1) Link State Database
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime  ATT/P/OL
RouterB.00-00           * 0x00000005   0x160d        1026            0/0/0
  Area Address: 00
  NLPID:        0xcc
  NLPID:        0x8e
  MT:           Standard (IPv4 Unicast)
  Hostname:     RouterB
  IP Address:   2.2.2.2
  
  
  Metric: 10         IS RouterB.01
  Metric: 10         IS RouterA.00
  Metric: 10         IP 2.2.2.2/32
  Metric: 10         IP 11.11.11.0/24
  Metric: 10         IP 13.13.13.0/24
  Metric: 10         MT (IPv4 Unicast) IS-Extended RouterB.01
  Metric: 10         MT (IPv4 Unicast) IS-Extended RouterA.00
  Metric: 10         MT (IPv4 Unicast) IPv4 2::2/128
  Metric: 10         MT (IPv4 Unicast) IPv4 11:11:11::/64
  Metric: 10         MT (IPv4 Unicast) IPv4 13:13:13::/64
RouterB.01-00             0x00000001   0xc8df        913             0/0/0
  Metric: 0          IS RouterB.00
  Metric: 0          IS RouterC.00
  Metric: 0          IS-Extended RouterB.00
  Metric: 0          IS-Extended RouterC.00

 Total Level-1 LSP count: 2     Local Level-1 LSP count: 1
The output verifies that IS-IS protocol is operational and the displayed link metrics (Metric: 10) are as configured.

Step 7

Configure the max-link-metric statement on Router B.

Example:

RP/0/RP0:RouterB(config)# router isis ring
RP/0/RP0:RouterB(config-isis)# max-link-metric 
RP/0/RP0:RouterB(config-isis)# exit
RP/0/RP0:RouterB(config)# 

Step 8

Commit your configuration.

Example:

RP/0/RP0:RouterB(config)# commit

Step 9

Confirm the change in link metrics on Router B.

Example:


RP/0/RP0:RouterB# show isis database 
Tue Oct 13 13:58:36.790 PST

No IS-IS RING levels found
IS-IS ring (Level-1) Link State Database
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime  ATT/P/OL
RouterB.00-00           * 0x00000006   0x0847        1171            0/0/0
  Area Address: 00
  NLPID:        0xcc
  NLPID:        0x8e
  MT:           Standard (IPv4 Unicast)
  MT:           IPv4 Unicast                                     0/0/0
  Hostname:     RouterB
  IP Address:   2.2.2.2
  IPv4 Address: 2::2
  Metric: 63         IS RouterB.01
  Metric: 63         IS RouterA.00
  Metric: 63         IP 2.2.2.2/32
  Metric: 63         IP 11.11.11.0/24
  Metric: 63         IP 13.13.13.0/24 
  Metric: 16777214   MT (IPv4 Unicast) IS-Extended RouterB.01
  Metric: 16777214   MT (IPv4 Unicast) IS-Extended RouterA.00
  Metric: 16777214   MT (IPv4 Unicast) IPv4 2::2/128
  Metric: 16777214   MT (IPv4 Unicast) IPv4 11:11:11::/64
  Metric: 16777214   MT (IPv4 Unicast) IPv4 13:13:13::/64
RouterB.01-00             0x00000001   0xc8df        800             0/0/0
  Metric: 0          IS RouterB.00
  Metric: 0          IS RouterC.00
  Metric: 0          IS-Extended RouterB.00
  Metric: 0          IS-Extended RouterC.00

 Total Level-1 LSP count: 2     Local Level-1 LSP count: 1
The output verifies that maximum link metrics (63 for IPv4 has been allocated for the designated links.

Step 10

(Optional) Verify the change in route prefixes on Routers A and C.

Example:

! The outputs for Router A are shown here. Similarly, view the outputs on Router C.
RP/0/RP0:RouterA# show route
Tue Oct 13 13:58:59.289 PST

Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
       U - per-user static route, o - ODR, L - local, G  - DAGR, l - LISP
       A - access/subscriber, a - Application route
       M - mobile route, (!) - FRR Backup path

Gateway of last resort is not set

L    1.1.1.1/32 is directly connected, 00:07:21, Loopback0
i L1 2.2.2.2/32 [115/73] via 11.11.11.2, 00:00:50, TenGigE0/0/0/0
i L1 3.3.3.3/32 [115/83] via 11.11.11.2, 00:00:50, TenGigE0/0/0/0
C    11.11.11.0/24 is directly connected, 00:07:20, TenGigE0/0/0/0
L    11.11.11.1/32 is directly connected, 00:07:20, TenGigE0/0/0/0
i L1 13.13.13.0/24 [115/73] via 11.11.11.2, 00:00:50, TenGigE0/0/0/0
i L1 15.15.15.0/24 [115/83] via 11.11.11.2, 00:00:50, TenGigE0/0/0/0


The output verifies the impact of maximum metric configuration in the routing table: [115/73] and [115/83]

IS-IS has been successfully configured to handle router overload without setting the overload bit.