Skip to main content

ISIS - Intermediate System to Intermediate System Intro

 

There is much information about ISIS history and present state, when I want to study something new I am looking for the small bullets that make subject easier to understand, once I got the basics I am taking each point and digging into it, here I would like to give the key elements for understanding ISIS and I would have to say  from the start that every point can be elaborated into at least an article if not a book (exaggerating) by itself:

  • ISIS link state protocol (most important key to start with and easiest to remember)
  • ISO protocol working based on CLNP (Connection Less Network Protocol)
  • Support IP Routing
  • Router (Node or IS) Addressing use 8 – 20 byte hex format address ( AREA + SYS-ID + NSEL )
  • ISIS have 2 hierarchy called Level 1 and Level 2
  • IS can be either Level 1 or Level 2 or Level 1 + 2
  • Level 1 may only have neighbor relations within the same area and only with L1 or L1 + L2 IS
  • Level 2 may establish neighbors relation with other areas, Level 2 also refer to as backbone (some time compared to OSPF area 0)
  • In case level-1-2 is used and the neighbor IS is also level-1-2 and both systems are in the same area, the IS will form 2 neighbors 1 for Level 1 and another for Level 2.
  • DIS – Designated IS very similar to DR function in OSPF to reduce the size of the database and allowing efficient scalability, one exist in every broadcast domain and level
  • DIS is preemptive eligible meaning that is a IS will come up with stronger parameters it will take the DIS role
  • Only 2 types of interfaces, broadcast and point to point
  • Authentication can be done separately on Hello messages or link state updates
  • Support extensions using different TLV’s (Type length value) like Graceful restart, TE…

 

image

What you see from below is that R3 is the the DIS, according to the pseudonode see at the bottom of the output generated by the DIS LSP with metric 0 to each of the routers on the LAN.

 

R1#show isis database detail
IS-IS Level-1 Link State Database:
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
R1.00-00            * 0x00000006   0x1919        1114              0/0/0
  Area Address: 49.0001
  NLPID:        0xCC
  Hostname: R1
  IP Address:   10.123.0.1
  Metric: 10         IP 10.123.0.0 255.255.255.0
  Metric: 10         IS R3.01
R2.00-00              0x00000004   0x0CBF        1165              0/0/0
  Area Address: 49.0001
  NLPID:        0xCC
  Hostname: R2
  IP Address:   10.123.0.2
  Metric: 10         IP 10.123.0.0 255.255.255.0
  Metric: 10         IS R3.01
R3.00-00              0x00000004   0xFA68        960               0/0/0
  Area Address: 49.0001
  NLPID:        0xCC
  Hostname: R3
  IP Address:   10.123.0.3
  Metric: 10         IP 10.123.0.0 255.255.255.0
  Metric: 10         IS R3.01
R3.01-00              0x00000004   0x3195        1101              0/0/0
  Metric: 0          IS R3.00
  Metric: 0          IS R1.00
  Metric: 0          IS R2.00
IS-IS Level-2 Link State Database:
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
R1.00-00            * 0x00000007   0x0E23        1004              0/0/0
  Area Address: 49.0001
  NLPID:        0xCC
  Hostname: R1
  IP Address:   10.123.0.1
  Metric: 10         IS R3.01
  Metric: 10         IP 10.123.0.0 255.255.255.0
R2.00-00              0x00000003   0x05C7        354               0/0/0
  Area Address: 49.0001
  NLPID:        0xCC
  Hostname: R2
  IP Address:   10.123.0.2
  Metric: 10         IS R3.01
  Metric: 10         IP 10.123.0.0 255.255.255.0
R3.00-00              0x00000004   0xF171        1120              0/0/0
  Area Address: 49.0001
  NLPID:        0xCC
  Hostname: R3
  IP Address:   10.123.0.3
  Metric: 10         IS R3.01
  Metric: 10         IP 10.123.0.0 255.255.255.0
R3.01-00              0x00000004   0xE26C        1180              0/0/0
  Metric: 0          IS R3.00
  Metric: 0          IS R1.00
  Metric: 0          IS R2.00
R1#

 

2 comments

Popular posts from this blog

Step By Step MPLS – Basic MPLS Setup

Initial configuration , very basic with no MPLS, connectivity only to directly connected interfaces.R1R2R3R4!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.31.1 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.42.2 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.31.3 255.255.255.0
duplex auto
speed auto
  no clns route-cache
!
interface Serial1/0
ip address 10.0.43.3 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.42.4 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 10.0.43.4 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
adding to the following configuration MPLS labels we will start wi…

What is about to change in CISSP from Apr 2018

Change have arrived and like with other professional certification there is almost a standard time before certification gets its update, with most anywhere it is between 3 - 4 years, CISSP is no different and since last update was on 2015 the change is arriving here as well.

For the people that wish to see the official existing and new outline

I have decided to write this post as the new out line is more of a list of Domain and Sections within the domain without hint or indication to what was modified actually and I could not find anyone else that done that comparison, I had to take the task and do the comparison, please be advised that I have done it for my own "pleasure" so apologies if I missed something :-)
Lets start with the obvious change:
CISSP - Before Apr 2018CISSP - from Apr 20181. Security and Risk Management16%15%2. Asset Security10%10%3. Security Engineering12%13%4. Communications and Network Security12%14%5. Identity and Access Management13%13%6. …

VRF Maximum Routes

Maximum routes under customer vrf, if the service provider had unlimited resources he would not have needed that!
however normally resources are limited and expensive, and Service provider would like to make money from his available resources. maximum routes configured under VRF provide a mean of controlling PE local resource and abuse avoidance from the CE side.I have vrf called DC_EXTRANET, you can see that I have 16 routes, I have configured 10 maximum routes under that vrf however I did not want to be aggressive so I have set the warning only option. See that immediately I get a notice that I have more routes then the maximum, however no action is taken other then alerting and sending a syslog. ! PE_ashdod_otherisp.n(config-vrf)# maximum routes 10 warning-only % The current number of routes in the routing table is equal to, or exceeds the configured warning limit PE_ashdod_otherisp.n(config-vrf)# *Nov 26 20:39:41.175: %IPRT-3-ROUTELIMITWARNING: IP routing table limit warning - DC_…