Thursday, 4 December 2014

IS-IS Routing Protocol - Part 1

IS-IS is a link-state routing protocol. IS-IS does not run over any network layer protocol; instead, it encapsulates its messages directly into data-link frames. Adjacency and addressing information in IS-IS messages is encoded as Type-Length-Value (TLV) records, thereby providing excellent flexibility and extendability.

OSI Network Layer and Addressing 


The term  End System (ES) is used for a host, and the term  Intermediate System (IS) is used for a router. An end-to-end communication between two End Systems(hosts) in a Domain (autonomous system) involves zero or more Intermediate Systems (routers) interconnected by Circuits(interfaces).

Two basic services: connection-less-mode and connection-mode network layer communication. The connectionless mode of operation is identical to the way that IP operates, as a pure datagram service without any prior session establishments. In OSI networks, the Layer 3 network protocol that provides a connectionless communication between ES entities is called ConnectionLess-mode Network Protocol(CLNP). The CLNP protocol is to OSI networks what IPv4/IPv6  are to TCP/IP networks. The set of services provided by CLNP is called ConnectionLess Network Services, or simply CLNS. For connection-oriented mode in OSI networks, an adaptation of the X.25 protocol is used. There is no analogous connection-oriented network layer protocol in TCP/IP networks.

The addressing used in OSI networks, both in connectionless and connection-oriented mode, is called NSAP addressing , with the acronym standing for Network Service Access Point representing an address of a particular network service on a particular network node in the network.

NSAP addressing bears many differences to addressing in TCP/IP networks. An NSAP address is assigned to the  entire network node , not to its individual interfaces. A single node requires only one NSAP address in a common setup, regardless of how many network interfaces it uses. As a result, NSAP addressing does not have the notion of per-interface subnets similar to IP subnets.


An NSAP address consists of two parts: The Initial Domain Part(IDP) and the Domain Specific Part(DSP). The internal format and length of these two parts are variable to a large extent and depend on the actual application in which the NSAP addressing is used.  The IDP itself consists of two fields: the Authority and Format Identifier (AFI) and the Initial Domain Identifier (IDI). The AFI value  indicates the format of the remaining address fields.The IDI field has a variable length depending on the address format indicated by AFI and might even be omitted. Together, the AFI and IDI indicate the routing domain (the autonomous system) in which the node is located.  

The DSP consists of a variable-length High-Order Domain Specific Part (HO-DSP) that identifies the part (or an  area) of the domain in which the node is located. The System ID is the unique identifier of the node itself. SEL field, also called an NSAP  Selector or NSEL, is a 1-octet-long field that identifies the particular service in or above the network layer on the destination node that should process the datagram. A rough analogy in the IP world would be the particular protocol above IP, or the transport port. 

In typical IS-IS deployments, the addressing uses the AFI of 49 in which the length and meaning of the HO-DSP field are entirely up to the administrator. If the value of the SEL octet is 0, no particular service is being addressed, and the entire NSAP address simply identifies the destination node itself without referring to any particular service on that node. An NSAP address in which  the SEL octet is set to 0 is called a Network Entity Title (NET), and this is the address that is configured on the node. Configuration of NETs will be a mandatory part of IS-IS configuration. To summarize, NSAP addresses can be thought to contain, in a single instance, information about the destination’s autonomous system, area, unique identifier, and even the requested upper-layer service. 

The written format of NSAP addresses uses hexadecimal digits separated into groups of one or more octets by a dot. 
For example, in 49.0001.1234.5678.3333.00, the AFI is 49, signifying a local address; the 0001 is the area number; the 1234.5678.3333 is the System ID of the node; and the trailing 00 is the SEL value, making this NSAP address also a NET. An NSAP address is often easier to read from right to left. In the NSAP address
49.0001.1234.5678.3333.00, the rightmost octet is the SEL value(00), the following six octets are the System ID (1234.5678.3333), followed by other HO-DSP octets(0001), IDI(not present in this NSAP) and ending with the leftmost octet, the AFI(49).  

As there is no concept of a subnet, routing between the two networks is accomplished by each IS assembling a list of all attached ES nodes and advertising it to its neighbors.  

Individual interfaces are not assigned their own addresses at the network layer. However, their Layer 2 addresses are used in the same way as TCP/IP networks use them. In OSI networks, a Layer 2 address of an interface is called a Sub Network Point of Attachment(SNPA). For purposes of distinguishing between interfaces of the same node, an IS enumerates its interfaces by a locally significant 1-octet number called the Local Circuit ID, which increments by 1 with every interface added to the IS-IS instance beginning with 0 on Cisco routers.   

Levels of Routing in OSI Networks 

Four levels of routing
  -Level 0 routing:  Routing between two ES nodes on the same link, or between an ES node and its nearest IS   
  -Level 1 routing:  Routing between ES nodes in a single area of a domain   
  -Level 2 routing:  Routing between ES nodes in different areas of a domain   
  -Level 3 routing:  Routing between ES nodes in different domains    
Level 0 routing is concerned with the way that an ES (end node) discovers its nearest IS(gateway), and conversely, how an IS knows which ES nodes are connected to it. This is accomplished by both ES and IS sending a periodic Hello message advertising their existence. Hellos sent by ES nodes are called ES Hello(ESH), while Hellos sent by IS nodes are called IS Hello(ISH). Level 0 routing is also referred to as ES-IS routing.

Level 1 routing is concerned with intra-area routing, that is, routing between ES nodes that are members of the same area. IS nodes in an area will have a detailed and complete visibility of the entire area’s topology. On Level 1, IS nodes collect lists of all ES nodes directly attached to them, and advertise these lists to each other to learn the placement of all ES nodes. Level 2 routing is concerned with inter-area routing within the same domain, that is, routing between ES nodes that reside in different areas of the same domain. On Level 2, IS nodes exchange area prefixes to learn how to reach particular areas. Hence, Level 1 routing can be described as routing by System ID, while Level 2 routing can be described as routing by area prefix. Level 2 routing constitutes the backbone of a domain, providing communication between individual areas of the domain. Level 3 routing is concerned with interdomain routing. In a TCP/IP world, this is a fairly direct analogy of inter-autonomous system routing provided by BGP.

IS-IS Metrics, Levels, and Adjacencies  


IS-IS metrics are assigned to individual interfaces (links). Four types of metrics:   
  -Default: Required to be supported by all IS-IS implementations; usually relates to the bandwidth of the link(higher value represents a slower link)   
  -Delay: Relates to the transit delay on the link   
  -Expense: Relates to the monetary cost of carrying data through the link   
  -Error: Relates to the residual bit error rate of the link    
Most IS-IS implementations today support only the default metric. Cisco IS-IS implementation assigns all interfaces the default metric of 10, regardless of their bandwidth. 
The original IS-IS specification and RFC 1195 define any single interface (link) and attached network metric to be 6 bits wide, resulting in the range of 1–63, and the complete path metric as 10 bits wide in the range of 1–1023. Today’s requirements, however, call for a much wider range of metrics. Wide metrics  were introduced, allowing for a 24-bit width for the interface metric and a 32-bit width for the entire path metric. It is ecommended to use wide metrics whenever available and supported; however, all routers in an area must use the same type of metrics.

IS-IS routers operate on each routing level independently. For each routing level, be it Level 1 or Level 2, an IS-IS router establishes separate adjacencies with its neighbors running on the same level, and maintains a separate link-state database. Two neighboring routers configured for both Level  1 and Level 2 routing will create two independent adjacencies, one for each level.


For each enabled level, a router originates and floods a Link State PDU(LSP). An LSP is similar to an OSPF Link State Update packet with one or more Link State Advertisements. IS-IS routers use Level 1 and Level 2 LSPs to describe their adjacencies on that particular level. Contents of a Level 1 link-state database are exchanged only over Level 1 adjacencies, and Level 2 link-state database contents are exchanged over Level 2 adjacencies only. 

IS-IS Packet Types  


Four types - Hello packet, Link State PDU, Complete Sequence Numbers PDU, Partial Sequence Numbers PDU.

Hello packets, also denoted as IIH (IS-IS Hello), are used to perform the usual task of detecting neighboring routers (and also their loss), verifying bidirectional visibility, establishing and maintaining adjacencies, and electing a Designated IS(DIS—similar to a Designated Router in OSPF). 10 seconds by default. The Hold time is 3 times hello time(30 sec by default). As opposed to OSPF, timers do not need to match on neighboring routers. On a DIS, the individual timers are  always  one-third of the configured timers (with default settings)—a DIS sends Hellos every 10/3=3.333 seconds, and the Hold interval is 30/3=10 seconds. This is done to detect a DIS or its outage more readily. There are three types of Hello: Level 1 Hello, Level 2 Hello (both used on broadcast networks), and L1L2 Hello (used on point-to-point interfaces).

Link State PDUs  

A Link State Protocol Data Unit (LSP) is used to advertise the routing information. An LSP is vaguely similar to an OSPF Link State Update packet containing one or more Link State Advertisements. There are, however, notable differences between OSPF LSU/LSA and IS-IS LSP. In OSPF, the smallest standalone element of the link-state database is an LSA (note that LSA is not a packet itself). In IS-IS, the smallest standalone element of the link-state database is an entire LSP. There are no different types of LSPs to describe different network objects; instead, these are described by distinct Type-Length-Value(TLV) records inside an LSP’s variably sized payload.
Similar to OSPF LSAs that are uniquely identified by their type and Link-State ID, IS-IS LSPs are also uniquely identified by a number that consists of three parts:  
  -System ID  of the router that originated this LSP (6 octets; taken from the router’s NET address)   
  -Pseudonode ID  that differentiates between the LSP describing the router itself and the LSPs for multiaccess networks in which the router is a Designated IS (1 octet) 
  -LSP Number  denoting the fragment number of this LSP (1 octet). The LSP Number is also called simply the Fragment Number or Fragment for short.  
We will denote this triplet of System ID + Pseudonode ID + LSP Number as LSPID. For LSPs that describe routers themselves, the Pseudonode ID is always set to 0. Separate LSPs are originated for Level 1 and for Level 2, depending on what levels the router operates at. To distinguish between various versions of the same LSP, each LSP has a sequence number—a 32-bit unsigned integer starting at 0x00000001 and ending at 0xFFFFFFFF. Each modification to an LSP is accompanied by incrementing its sequence number.

Each LSP has a Remaining Lifetime value associated with it. When originated, the Remaining Lifetime is set to 1200 seconds (20 minutes), and is decreased. IS-IS routers refresh their self-originated LSPs every 15 minutes. If the LSP’s Remaining Lifetime decreases to 0, the router will delete the LSP’s body from the link-state database, keep only its header, and advertise the empty LSP with the Remaining Lifetime set to 0. Flooding an empty LSP with the Remaining Lifetime set to 0 is called an  LSP purge . The expired LSP can be purged from the link-state database after an additional time called ZeroAgeLifetime set to 60 seconds. This is done to ensure that the LSP’s header is retained until the purged LSP has been safely propagated to all neighbors. 

Because IS-IS messages are encapsulated directly into Layer 2 frames whose maximum payload size—the Maximum Transmission Unit (MTU)—is limited, IS-IS must implement its own fragmentation functions for LSPs whose size exceeds the MTU. Each LSP consists of a fixed-size header and a variable-size body that contains one or more TLV records that carry the actual addressing and topological information. If putting all TLV records into a single LSP would cause it to exceed the MTU, the router will simply create multiple LSPs.  These LSPs are identified with the same System and Pseudonode ID, and with an increasing LSP Number as the fragment number, starting from 0. An important fact is that this fragmentation is performed only by the router that originates the LSP. After the LSP is flooded, it must not be modified by any other router, and also not be defragmented and/or refragmented. A consequence of this rule is that across the entire flooding scope of the LSP (an area for a Level 1 LSP, or all Level 2 routers and their interconnections for a Level 2 LSP), the MTU on interfaces must be identical. If this requirement cannot be met, IS-IS routers must be manually configured to keep each LSP not bigger than the smallest MTU.  

The show isis hostname on R1 displays the numerical System ID and the related hostname of the router with that ID. The show isis database shows the contents of the link-state database. 

In IS-IS, a router on a particular routing level generates only a single (although possibly fragmented) LSP containing all relevant information related to that router in one place:  
  -Adjacencies to neighboring routers or networks (similar to type 1 LSAs)   
  -Intra-area and inter-area prefixes(similar to prefix information collected from type 1, 2, and 3 LSAs)   
  -External prefixes(similar to type 5/7 LSAs)    

Type 2 LSA in OSPF carries two vital pieces of information: the address and netmask of a multiaccess network (address information) and a list of connected routers to this network(topological information). In IS-IS, the address information about all networks, both point-to-point and multiaccess, is contained in the LSP of each router connected to that network. The topological information about the network itself and the list of connected routers are contained in a so-called Pseudonode LSP generated by the DIS on the multiaccess network. 

An LSP has a unique identifier as a whole, and can only be flooded, requested, acknowledged, refreshed, aged, and flushed as a whole. Therefore, with any topological or addressing change, affected routers regenerate their entire LSPs and flood them. each IS-IS router originates only a single LSP (plus Pseudonode  LSPs if it is a DIS), and has therefore only a single or a few self-originated LSPs to age and refresh. 

Another difference between LSUs/LSAs and LSPs concerns their internal format with particular regard to extensibility. IS-IS encodes all topological and addressing information in Type-Length-Value records. While slightly less efficient in terms of memory and processing, this approach allows extensibility from day zero: A router will process those TLV  records it recognizes and ignore the records it does not support.

Note: LSP packets are used to carry topological and addressing information in IS-IS. An LSP describes its originator, its adjacencies to neighboring network objects, and related addressing. Each LSP is uniquely identified by the SystemID.PseudonodeID-LSPNumber. Each LSP has a sequence number, starting at 0x00000001 and ending at 0xFFFFFFFF. The lifespan of an LSP is limited by its Remaining Lifetime timer set to 1200 seconds and decreasing. After this timer expires, a router is required to wait at least another ZeroAgeLifetime (60 seconds) before flushing the LSP. LSPs are refreshed by default every 900 seconds. Separate LSPs are originated for Level 1 and Level 2.


Complete and Partial Sequence Numbers PDUs 

Complete Sequence Numbers PDU (CSNP) and Partial Sequence Numbers PDU(PSNP) packets are used to synchronize link-state databases. CSNP packets are very similar in their function to OSPF Database Description Packets. The purpose of CSNP packets is to advertise a complete list of LSPs in the sender’s link-state database. Receivers of CSNP packets can compare their link-state database contents to the list of LSPs in the CSNP and perform appropriate action. Note that CSNPs list only LSPIDs, but they do not contain LSP bodies.

On point-to-point links, CSNP packets are exchanged usually only during initial adjacency buildup; on broadcast networks, CSNP packets are originated periodically by the DIS. PSNP packets are functionally similar to OSPF Link State Request and Link State Acknowledgment packets. Using PSNP, a router can either request a particular LSP or acknowledge its arrival. A single PSNP can request or acknowledge multiple LSPs.


No comments:

Post a Comment