Skip to main content

ISIS Database Reading

 

ISIS is simple to operate normally while everything is working, most common deployments are flat network based on L2, however when there is a problem and we need to start troubleshooting then people start to get lost.

So I would like to provide some tools on how to read ISIS database.

 

  • notice to the “*” sign, that mean LSP was generated on the router you did the show command, you can see that host name from the show command match also host name on the LSPID,
  • LSPID identified by hostname.xx-yy,  xx is normally 00 unless that LSP is pseudo node LSP generated by DIS , yy is representing the number of fragments for that LSP 00 – FF (max 255 fragments, plenty), most cases all the important information will be in 00 unless there are many fragments.
  • LSP Holdtime is the amount of time an LSP will stay in database without any refresh.
  • ATT/P/OL - 0/0/0, ATT bit or attached bit is used on L1/L2 connected to L1 node, if set to 1 L1 node will generate default route to the best L1/L2 node (best metric)
  • ATT/P/OL - 0/0/0, OL bit or overload bit, in the past it was used when router was over loaded to set all links on the router as unusable, preventing others from transiting, that node, today it is used mostly to wait for bgp convergence.

 

P_london_someisp.net#show isis database 
IS-IS Level-2 Link State Database:
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
P_london_somei.00-00* 0x00000005   0x65C5        1177              0/0/0
P_dublin_somei.00-00  0x00000004   0x8346        1176              0/0/0
P_cyprus_somei.00-00  0x00000005   0x5634        1183              0/0/0
P_LA_someisp.n.00-00  0x00000005   0xDE33        1175              0/0/0
PE_newyork_som.00-00  0x00000003   0x2EF0        1179              0/0/0
PE_telaviv_som.00-00  0x00000004   0x2877        1181              0/0/0
PE_Jerusalem_s.00-00  0x00000002   0x2994        1172              0/0/0
PE_Jerusalem_s.02-00  0x00000001   0x2ED2        1171              0/0/0

From the database each router build a topology using SPF (dijkstra algorithm), if I would like to understand how to get from one router to another I can look into the ISIS database detail and understand that:

For the example, I would like to see only with the database, how to get from my self
to PE_telaviv without looking into the topology or routing table (just for fun): 
Notice that according to my LSP I can see the neighbors I am connected to, and the net address
for each link along with metric.
P_london_someisp.net#$atabase  level-2 det P_london_someisp.net.00-00   
IS-IS Level-2 LSP P_london_somei.00-00
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
P_london_somei.00-00* 0x00000006   0x63C6        409               0/0/0
  Area Address: 49.0001
  NLPID:        0xCC 
  Hostname: P_london_someisp.net
  IP Address:   1.1.1.1
  Metric: 10         IS-Extended P_dublin_somei.00
  Metric: 10         IS-Extended P_cyprus_somei.00
  Metric: 10         IS-Extended P_LA_someisp.n.00
  Metric: 10         IS-Extended PE_newyork_som.00
  Metric: 10         IP 1.1.1.1/32
  Metric: 10         IP 10.100.1.4/30
  Metric: 10         IP 10.100.1.16/30
  Metric: 10         IP 10.100.1.20/30
  Metric: 10         IP 10.100.1.24/30
P_london_someisp.net#

 

 

now if I take the first neighbor from my LSP P_dublin and look into his LSP:
notice that one of his neighbors is PE_telaviv.
So 10 to reach dublin + 10 to reach telaviv = 20 total cost from london to telaviv 
I have taken the next neighbor cyprus and it looks like we have also 20 metric path using 
cyprus, so we will have load sharing between them.
notice that P_LA and PE_newyork does not have direct link to PE_telaviv, that mean we do not
need to explorer more in that direction as any route using them will have higher cost.

 

 

P_london_someisp.net#$atabase  level-2 det P_dublin_someisp.net.00-00
IS-IS Level-2 LSP P_dublin_somei.00-00
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
P_dublin_somei.00-00  0x00000006   0x7F48        1077              0/0/0
  Area Address: 49.0001
  NLPID:        0xCC 
  Hostname: P_dublin_someisp.net
  IP Address:   2.2.2.2
  Metric: 10         IS-Extended P_london_somei.00
  Metric: 10         IS-Extended P_cyprus_somei.00
  Metric: 10         IS-Extended P_LA_someisp.n.00
  Metric: 10         IS-Extended PE_telaviv_som.00
  Metric: 10         IP 2.2.2.2/32
  Metric: 10         IP 10.100.1.0/30
  Metric: 10         IP 10.100.1.12/30
  Metric: 10         IP 10.100.1.16/30
  Metric: 10         IP 10.100.1.36/30
P_london_someisp.net#$atabase  level-2 det P_cyprus_someisp.net.00-00
IS-IS Level-2 LSP P_cyprus_somei.00-00
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
P_cyprus_somei.00-00  0x00000007   0x5236        854               0/0/0
  Area Address: 49.0001
  NLPID:        0xCC 
  Hostname: P_cyprus_someisp.net
  IP Address:   3.3.3.3
  Metric: 10         IS-Extended P_london_somei.00
  Metric: 10         IS-Extended P_dublin_somei.00
  Metric: 10         IS-Extended P_LA_someisp.n.00
  Metric: 10         IS-Extended PE_telaviv_som.00
  Metric: 10         IS-Extended PE_Jerusalem_s.02
  Metric: 10         IP 3.3.3.3/32
  Metric: 10         IP 10.100.1.0/30
  Metric: 10         IP 10.100.1.4/30
  Metric: 10         IP 10.100.1.8/30
  Metric: 10         IP 10.100.1.32/30
  Metric: 10         IP 20.0.0.0/24
P_london_someisp.net#$atabase  level-2 det P_LA_someisp.net.00-00    
IS-IS Level-2 LSP P_LA_someisp.n.00-00
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
P_LA_someisp.n.00-00  0x00000007   0xDA35        690               0/0/0
  Area Address: 49.0001
  NLPID:        0xCC 
  Hostname: P_LA_someisp.net
  IP Address:   4.4.4.4
  Metric: 10         IS-Extended P_london_somei.00
  Metric: 10         IS-Extended P_dublin_somei.00
  Metric: 10         IS-Extended P_cyprus_somei.00
  Metric: 10         IS-Extended PE_newyork_som.00
  Metric: 10         IP 4.4.4.4/32
  Metric: 10         IP 10.100.1.8/30
  Metric: 10         IP 10.100.1.12/30
  Metric: 10         IP 10.100.1.20/30
  Metric: 10         IP 10.100.1.28/30
P_london_someisp.net#show isis database  level-2 det PE_newyork_someisp.net.00$
IS-IS Level-2 LSP PE_newyork_som.00-00
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
PE_newyork_som.00-00  0x00000005   0x2AF2        499               0/0/0
  Area Address: 49.0001
  NLPID:        0xCC 
  Hostname: PE_newyork_someisp.net
  IP Address:   5.5.5.5
  Metric: 10         IS P_london_somei.00
  Metric: 10         IS P_LA_someisp.n.00
  Metric: 10         IS-Extended P_london_somei.00
  Metric: 10         IS-Extended P_LA_someisp.n.00
  Metric: 10         IP 5.5.5.5/32
  Metric: 10         IP 10.100.1.24/30
  Metric: 10         IP 10.100.1.28/30
  Metric: 10         IP 5.5.5.5 255.255.255.255
  Metric: 10         IP 10.100.1.24 255.255.255.252
  Metric: 10         IP 10.100.1.28 255.255.255.252

 

 

To see the topology now and see if we are on the right track, notice that we are correct 20 metric
one with dublin and the other trough cyprus with 20 metric doing load sharing.

 

 

P_london_someisp.net#show isis topology 
IS-IS paths to level-2 routers
System Id            Metric     Next-Hop             Interface   SNPA
P_london_someisp.net --
P_dublin_someisp.net 10         P_dublin_someisp.net Se1/2       *HDLC*         
P_cyprus_someisp.net 10         P_cyprus_someisp.net Se1/1       *HDLC*         
P_LA_someisp.net     10         P_LA_someisp.net     Se1/0       *HDLC*         
PE_newyork_someisp.ne10         PE_newyork_someisp.neMu1         *PPP*          
PE_telaviv_someisp.ne20         P_dublin_someisp.net Se1/2       *HDLC*         
                                P_cyprus_someisp.net Se1/1       *HDLC*         
PE_Jerusalem_someisp.20         P_cyprus_someisp.net Se1/1       *HDLC*         
Post a Comment

Popular posts from this blog

Step By Step MPLS – Basic MPLS Setup

Initial configuration , very basic with no MPLS, connectivity only to directly connected interfaces.R1R2R3R4!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.31.1 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.42.2 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.31.3 255.255.255.0
duplex auto
speed auto
  no clns route-cache
!
interface Serial1/0
ip address 10.0.43.3 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.42.4 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 10.0.43.4 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
adding to the following configuration MPLS labels we will start wi…

What is about to change in CISSP from Apr 2018

Change have arrived and like with other professional certification there is almost a standard time before certification gets its update, with most anywhere it is between 3 - 4 years, CISSP is no different and since last update was on 2015 the change is arriving here as well.

For the people that wish to see the official existing and new outline

I have decided to write this post as the new out line is more of a list of Domain and Sections within the domain without hint or indication to what was modified actually and I could not find anyone else that done that comparison, I had to take the task and do the comparison, please be advised that I have done it for my own "pleasure" so apologies if I missed something :-)
Lets start with the obvious change:
CISSP - Before Apr 2018CISSP - from Apr 20181. Security and Risk Management16%15%2. Asset Security10%10%3. Security Engineering12%13%4. Communications and Network Security12%14%5. Identity and Access Management13%13%6. …

VRF Maximum Routes

Maximum routes under customer vrf, if the service provider had unlimited resources he would not have needed that!
however normally resources are limited and expensive, and Service provider would like to make money from his available resources. maximum routes configured under VRF provide a mean of controlling PE local resource and abuse avoidance from the CE side.I have vrf called DC_EXTRANET, you can see that I have 16 routes, I have configured 10 maximum routes under that vrf however I did not want to be aggressive so I have set the warning only option. See that immediately I get a notice that I have more routes then the maximum, however no action is taken other then alerting and sending a syslog. ! PE_ashdod_otherisp.n(config-vrf)# maximum routes 10 warning-only % The current number of routes in the routing table is equal to, or exceeds the configured warning limit PE_ashdod_otherisp.n(config-vrf)# *Nov 26 20:39:41.175: %IPRT-3-ROUTELIMITWARNING: IP routing table limit warning - DC_…