IS-IS An introduction to IGP routing protocols Hagai Kahana

Compass-EOS Confidential

Interior Gateway Protocol (IGP) – intended to use within an AS Compass-EOS Confidential AS 11 AS 22 AS 33 iBGP eBGP AS 11

IGP routing protocols Distance-vector routing protocol RIP - Routing Information protocol – used for small networks EIGRP- Enhanced Interior Gateway Routing Protocol – Cisco proprietary routing protocol – used for medium size networks Link-state routing protocol OSPF - Open Shortest Path First – Design for IPv4 networks, a similar to IS-IS and more common in enterprise networks IS-IS Compass-EOS Confidential

IS-IS introduction Was first published as ISO in 1987 IETF republished the protocol in RFC 1142 for the Internet community and extended for IP routing as RFC 1195 in 1990 Runs natively on Layer 2 of the OSI model (Ethernet/PPP) Compass-EOS Confidential

Link-state protocol – High-level description Neighbor discovery – How two link state router discover each other and agree to exchange routing information Compass-EOS Confidential

Link-state protocol – High-level description Flooding – How routing information is forward reliably to all routers in a network Compass-EOS Confidential

Link-state protocol – High-level description Link state database – How routing information is stored, synchronized and kept up to date Compass-EOS Confidential

Link-state protocol – High-level description SPF (short path first) calculation – How we use the information to calculate the routes Compass-EOS Confidential

IS-IS introduction Neighbor discovery. Flooding. Link state database Synchronization. SPF (short path first) calculation. Compass-EOS Confidential

IS-IS Addressing System ID – Unique identifier, can be set by using the IP loopback address Area ID Compass-EOS Confidential

TLV Type-Length-Value Why length if we have type? Flexibility Max of 256 bytes Contains sub-TLV Major advantage over OSPF Compass-EOS Confidential TYPE LENGTH VALUE. Length in Octets 1 Length of value

TLV TLV 10 – authentication TLV Added to each PDU transmitted Packet discarded when not matched Key - password for the PDU type Text - IS-IS PDU to be authenticated Compass-EOS Confidential Type (10 ) Length (Variable) Authentication type Authentication value Authentication type code Value Reserved0 Clear text password1 HNAC-MD5 Authentication 54 Private authentication255

IS-IS Common Header DefinitionValues network layer identifier assigned to IS-IS (ISO 9577) 0x83 Length of the packet header fields in octets Variable Version 0x1 Indicates length of the source ID (SysID) field 0x0 -> 6 byte IS-IS packet type (3 bits reserved) Hello, LSP or SNP Version 0x1 Reserved 0 Number of area addresses permitted for this intermediate system’s area 0x0 = max 3 areas Compass-EOS Confidential Packet Data … ISIS Protocol Discriminator Length Indicator Version ID Extension ID Length PDU Type Version Reserved Maximum Area Addresses

Neighbor discovery

Once you enable IS-IS on an interface, the routing protocol will automatically find out if there are IS-IS router at the other end. If one found a verification of version and two way interaction on the link is been done – called handshaking. Handshaking is done with hello message called IIH (Intermediate System to Intermediate System Hello) message. All messages sent to 2 multicast MAC addresses 0180:c200:0014 and 0180:c200:0015 on Broadcast media no unicast messages. IIH message

Neighbor discovery -cont Two types of connection broadcast LAN and P2P. Different IIH for each connection type P2P IIH are for both levels (bandwidth consideration) ISIS Protocol Discriminator Length Indicator Version ID Extension ID Length PDU Type Version Reserved Maximum Area Addresses TLV Fields ValueName 15 / 16IIH LAN 17IIH P2P

Handshaking – 3 ways Router 1 sends router 2 IIH. Router 2 Gets IIH from 1 and immediately send an IIH back which says “I have seen 1”. Route 1 receive IIH from route 2, set Adj as up and immediately send an IIH back which says “I have seen 2”. Router 2 receive second IIH from 1 and set Adj to up Compass-EOS Confidential IIH Router 1 TLV s IIH Router 1 “I see Router 2” + TLVs IIH Router 2 “I see Router 1” + TLVs Adjacency UP Router 2 Router 1

IIH – LAN Level 1 and Level 2 FieldDefinition Circuit type Level 1, Level 1-2, or Level 2 only (6 bit reserved) Source ID System ID of the router that generated packet Holding time Maximum interval between two consecutive hello packets before the router is considered no longer available PDU length Length of the entire PDU, including header Priority designates the DIS (Level 1 or Level 2) on the LAN LAN ID SysID of the DIS plus an octet-long unique ID for this router assigned by the DIS. TLV fieldsType 1 - Area Addresses Type 6 - IS Neighbors Type 8 - Padding Type 10 - Authentication Type Compass-EOS Confidential ISIS Protocol Discriminator Length Indicator Version ID Extension ID Length PDU Type Version Reserved Maximum Area Addresses TLV Fields Reserved circuit type Source IS Holding time PDU Length R Priority DIS TLV

IIH – IS-IS Hello Packet Hello Interval – time between each IIH packets Hold-time - maximum time lapse allowed between receipts of two consecutive hello packets received If hold-time expire an adjacency is declared “dead” Can be modified on the fly (unlike OSPF) Compass-EOS Confidential

IIH – IS-IS Hello Packet IIH sent in these cases: Expiration of the hello interval Any change in network conditions Election to or resignation from LAN DIS position Compass-EOS Confidential Hello Packet 30sec hold time Hello Packet 40sec hold time

Flooding

LSP Link State Protocol data unit Link-state routing distribute their topological view beyond their immediate neighbor (unlike vector distance). A single router create a LSP (Link state PDU -> Link State Protocol Data Unit) that contain the reachability and immediate connected neighbored (imagine it as a single part of a puzzle). Compass-EOS Confidential

LSP Link State Protocol data unit When a router receive updated LSP from all the routers in the network it has a complete map view of the puzzle and can accurately compute paths in the network. The process of sending and updating topology information is called flooding. The LSP is stored in LSP Data base, a different DB exist for each level LSP contain other information such as IP reachability, check sum and even the routers name Compass-EOS Confidential

LSP Revision control Compass-EOS Confidential Sequence number – version of the LSP. Every new LSP generated the router increase the sequence number by one. The Sequence number is stored in a 32-bit identifier. If a new LSP is sent every 5 second we have 681 years till the end of the address space Which LSP is the most recent one?

LSP Revision contol IMI#show isis database Area ipi: IS-IS Level-2 Link State Database: LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL * 0x F 0x24D /0/0 Compass-EOS Confidential LSP Lifetime default is 20 minutes (a 16 bit field) Periodic Refreshes LSP-ID – a unique identifier of the router consist of the System ID, pseudo- node ID and fragment ID (8B total) Sequence number – version of the LSP. Checksum – check if info corrupt on the way

LSP Link State Protocol data unit LSPs are acknowledged by the receiving router A router must not originate more than one LSP every 5 seconds Intradomain Routing Proto Descriminator Lenth Indicator Version/Protocol ID Extension ID Length PDU TypeRRR Version Reserved Maximum Area Addresses PDU Length Remaining Lifetime LSP ID Sequence Number Checksum LSPDBOLIS TypePATT TLVFIELDS

LSP Link State Protocol data unit Purge LSP - negative LSP update DIS election Expiration of LSP Duplicate System IDs Compass-EOS Confidential

Link state database Synchronization.

Pseudo-nodes and Designated Routers A LAN Topology is equivalent to full mash P2P connection. Effect of an additional router attached to the LAN Compass-EOS Confidential

Pseudo-nodes and Designated Routers Pseudo-node (PSN) is a virtual node, whose role is played by an elected DIS for the LAN. Compass-EOS Confidential LSP LSP LSP LSP LSP LSP Nbr Nbr Nbr Nbr Nbr Nbr Nbr Nbr LSP Nbr

Pseudo-nodes and Designated Routers DIS election is preemptive, based on interface priority with the highest SNPA (MAC address) breaking ties Separate DISs are elected for Level 1 and 2 routing DIS transmits IIH three times faster other routers, for quick detection of failure and immediate replacement. Compass-EOS Confidential

Synchronizing Databases in LANs DIS sends periodically a directory of its link- state database Compass-EOS Confidential CSNP Router XXXX Life time 1678 Seq 0x05 Checksum 0xABCD Router …. …. Router 2 Router 1 PSNP Router XXXX Life time 0 Seq 0x00 Checksum 0xABCD LSP Router XXXX Life time 1678 Seq 0x05 Checksum 0xABCD

SPF (short path first) calculation.

SPF There are three type of SPF calulation Full SPF – Find the shortest path tree on the topology – also called first pass. Partial SPF – Extract prefix and metric information from link state database – also called second pass. Incremental SPF – optimization on the full SPF calculation Compass-EOS Confidential

SPF – Hold down A trigger for SPF calculate does not invoke the calculation immediately. A change in the network invoke several LSP flooding. An SPF cause a burst of CPU usage without hold down the router will choke under the SPF calculation stress. Compass-EOS Confidential

Thank you Compass-EOS Confidential