SOURCECODEBD.NET

Live Experience

Juniper Configuring IS-IS
 
 
 
You want to configure IS-IS on a JUNOS router.
There are three steps to setting up IS-IS. First, define the interfaces on which IS-IS will run and the levels to which the interfaces will be attached.
 
[edit protocols isis]
source@RouterA# set interface ge-0/0/1
source@RouterA# set interface ge-1/0/0 level 2 disable
source@RouterA# set interface lo0.0
 
Second, enable the ISO protocol family on the interfaces:
 
[edit interfaces]
source@RouterA# set ge-0/0/1 unit 0 family iso
source@RouterA# set ge-1/0/0 unit 0 family iso
 
Finally, configure a NET on the lo0 interface:
 
[edit interfaces]
source@RouterA# set lo0 unit 0 family iso address 49.0020.1921.6801.9001.00
 
The basic setup to get IS-IS up and running on your router is straightforward. Enable the protocol on all router interfaces that will participate in the IS-IS domain and specify the level at which they should run. This recipe configures the IS-IS on the router topology shown in Figure 11-1. Here, because interface ge-0/0/1 is a border node between areas 20 and 30, you need to specify only the interface name because, by default, all IS-IS interfaces are both Level 1 and Level 2 interfaces.
 
The other interface, ge-1/0/0, is only in area 20, so it is a Level 1 router. For this interface, you disable Level 2 operation.
 
In addition to the network interfaces, you should also run IS-IS on the lo0.0 interface because this is the most straightforward way to ensure that your loopback address (or addresses) is advertised into IS-IS. IS-IS automatically treats the loopback interface as passive, which means that the interface advertises its direct addresses but does not form adjacencies. However, to have other interfaces be passive, you must configure them explicitly by including the passive statement; for example:
 
[edit protocols isis]
source@RouterA# set interface ge-1/0/1.0 level 2 passive
 
In the interfaces portion of the configuration, configure the interfaces that will be running IS-IS, here ge-0/0/1 and ge-1/0/0, so that they recognize and accept ISO packets. Do this by including family iso in the logical interface. Interfaces can have multiple address families on them, as you can see for ge-0/0/1:
 
source@RouterA> show configuration interfaces ge-0/0/1
unit 0 {
    family inet {
        address 10.0.1.2/24;
    }
    family iso;
}
 
Also, you must set a NET for the router. Technically, you can set this address on any interface but, in practice, you set it on the router's loopback interface, lo0. This address is stable, and, as long as the router is up, this interface is accessible. If you assign the NET on a network interface and that interface goes down, IS-IS will stop functioning on the router. You can assign multiple NETs to the lo0 interface, which might be useful when migrating two previously independent IS-IS domains into a single domain.
 
After this simple configuration, the IS-IS protocol takes over. You do not have to configure neighbors. IS-IS automatically discovers them and establishes adjacencies with its neighbors by first sending IS-IS Hello ( IIH) packets to ensure that the two ends of the link can communicate.
 
To check that IS-IS is running on the router interfaces, use the show isis interface command:
 
source@RouterA> show isis interface
IS-IS interface database:
Interface             L CirID Level 1 DR     Level 2 DR    L1/L2 Metric
ge-0/0/1.0            3   0x2 RouterA.02     RouterA.02         10/10
ge-1/0/0.0            1   0x3 RouterA.03     Disabled           10/10
lo0.0                 0   0x1 Passive        Passive             0/0
 
This output shows the two Fast Ethernet interfaces we configured for IS-IS, as well as the lo0 interface. The second column, L, shows that ge-0/0/1 is a Level 1Level 2 interface (represented by the number 3) and ge-1/0/0 is a Level 1 interface. The loopback address is also listed because a NET is configured on it but it does not participate in any IS-IS level (shown as 0 in the L column). The two DR columns show the name of the router that has been elected as the DIS for that level. Interface ge-1/0/0 has no Level 2 DR (Disabled) because it is a Level 1 interface. You may wonder how IS-IS discovers the name of the neighbor because it is not an IP routing protocol and hence doesn't support DNS. The answer is that the JUNOS software supports dynamic mapping of ISO system identifiers to the hostname. If you have configured a router name with the set system host-name command, this name, and not the router's NET, is displayed in all IS-IS output. The JUNOS implementation of IS-IS includes the hostname in the LSP, using the dynamic hostname TLV, type 137, to cache the symbolic name of the router.
 
In the DR columns for the lo0.0 interface, the interface is shown as Passive, which is the default when you configure IS-IS on the loopback interface.
 
The last column shows the link's Layer 1 and Layer 2 metrics, which are 10 by default.
 
You can see a brief summary of the adjacencies the router has established with the show isis adjacencies command:
 
source@RouterA> show isis adjacency
Interface             System        L State        Hold (secs) SNPA
ge-0/0/1.0            RouterC       2 Up                   21 0:5:85:c1:d1:d1
ge-1/0/0.0            RouterA       1 Up                   6 0:5:85:ca:ca:70
 
The output shows the two interfaces we configured. The interface ge-0/0/1 participates in a Level 2 area, connecting to RouterC, and interface ge-1/0/0 connects to RouterA. Notice that the lo0 interface is not listed because it doesn't form any adjacencies. The State column shows that both adjacencies are operational (Up). The Hold column shows the amount of time remaining before the router closes the adjacency. By default, IS-IS sends Hello packets, which act as adjacency keepalives, every three seconds for DIS routers and every nine seconds for Level 1 routers. Non-DIS routers send Hello packets less frequently in case IS-IS needs to re-elect a DIS. While a DIS is being elected, there is likely to be traffic loss. Having a longer hello timer interval on the non-DIS systems remedies this problem. The default hold time is three times the hello interval, or 9 seconds, and 27 seconds for DIS and Level 1 routers, respectively. The SNPA column shows the subnetwork point of attachment, which is the MAC address of the next hop.
 
The detail version of this command gives a bit more insight into the adjacencies:
 
source@RouterA> show isis adjacency detail
RouterC
  Interface: ge-0/0/1.0, Level: 2, State: Up, Expires in 21 secs
  Priority: 64, Up/Down transitions: 1, Last transition: 17:16:43 ago
  Circuit type: 3, Speaks: IP, IPv6, CLNS, MAC address: 0:5:85:c1:d1:d1
  Topologies: Unicast
  Restart capable: Yes
  LAN id: RouterA.02, IP addresses: 10.0.1.1
RouterA
  Interface: ge-1/0/0.0, Level: 1, State: Up, Expires in 7 secs
  Priority: 64, Up/Down transitions: 1, Last transition: 16:57:54 ago
  Circuit type: 1, Speaks: IP, IPv6, MAC address: 0:5:85:ca:ca:70
  Topologies: Unicast
  Restart capable: Yes
  LAN id: RouterA.02, IP addresses: 10.0.16.1
 
The output shows the other two IS-IS routers. RouterA reaches RouterC over interface ge-0/0/1, and it connects to RouterA over interface ge-1/0/0. The State field shows that the adjacencies are operational (Up), and the Expires field shows the amount of time remaining before the router closes the adjacency. The second line shows the router's DR priority, how many times the adjacency has gone down and come back up, and when the last up-down transition occurred. The third line shows the Circuit type, which is the IS-IS level. A value of 3 indicates the router is a Level 1Level 2 router, a value of 2 is a Level 2only router, and a value of 1 is a Level 1only router. The Speaks field shows the protocols that the router is running, and the MAC address field shows the subnetwork point of attachment, which is the MAC address of the next hop. The last line shows the IS-IS identifier of the router on the LAN and the router's IP address.
 
If the IS-IS adjacency doesn't come up, there are a few things to check when trouble-shooting. First, make sure the physical interface is operational. Here, the adjacency with RouterC is down:
 
source@RouterA> show isis adjacency
 
Interface             System       L State          Hold (secs) SNPA
ge-0/0/1.0            RouterC      2 Down                    0 0:5:85:c1:d1:d1
ge-1/0/0.0            RouterA      1 Up                      8 0:5:85:ca:ca:70
 
RouterA's interface to RouterC is up:
 
source@RouterA> show interfaces ge-0/0/1 terse
Interface               Admin Link Proto Local                  Remote
ge-0/0/1                up    up
ge-0/0/1.0              up    up   inet  10.0.1.2/24
                                  iso
 
but the interface on RouterC is not:
 
source@RouterC> show interfaces ge-0/0/1 terse
Interface               Admin Link Proto Local                  Remote
ge-0/0/1                down up
ge-0/0/1.0              up   down inet   10.0.1.1/24
                                 iso
 
Checking the configuration, you see that the interface has been disabled:
 
source@RouterC> show configuration interfaces ge-0/0/1
disable;
unit 0 {
     family inet {
         address 10.0.1.1/24;
     }
     family iso;
}
 
Delete the disable statement to activate the interface.
 
Next, check that all interfaces in a Level 1 area are configured with the same area identifier. You can check this on the local router:
 
source@RouterA> show interfaces terse lo0.0
Interface               Admin Link Proto Local                 Remote
lo0.0                   up    up   inet  192.168.19.1        --> 0/0
                                   iso   49.0020.1921.6801.9001
 
Also check on the Level 1 neighbor:
 
source@RouterA> show interfaces terse lo0.0
Interface               Admin Link Proto Local                 Remote
lo0.0                   up    up   inet  192.168.42.1        --> 0/0
                                  iso   49.0020.1921.6804.2001
 
You see that both routers are in area 20.
 
You can also find the area identifier in the IS-IS TLV field in the database:
 
source@RouterA> show isis database extensive level 1
 
IS-IS level 1 link-state database:
RouterA.00-00 Sequence: 0x63, Checksum: 0xfe33, Lifetime: 549 secs
 
  TLVs:
    Area address: 49.0020 (3)
 
Check the interface's MTU to make sure that it is at least 1,492 bytes:
 
source@RouterA> show interfaces ge-0/0/1.0
  Logical interface ge-0/0/1.0 (Index 64) (SNMP ifIndex 40)
    Flags: SNMP-Traps Encapsulation: ENET2
    Protocol inet, MTU: 1500
      Flags: None
      Addresses, Flags: Is-Preferred Is-Primary
        Destination: 10.0.1/24, Local: 10.0.1.2, Broadcast: 10.0.1.255
    Protocol iso, MTU: 1497
      Flags: Is-Primary
 
Another common mistake that results in adjacency being down is that the IP addresses on either end of the connection are in different subnets and do not match. An example is having one router interface with an IP address of 192.168.0.1/24 connect to another router with an interface IP address of 192.168.1.2/24.
 
Finally, check that each interface includes an ISO family and that the lo0 interface has an NET address:
 
source@RouterA> show interfaces terse
Interface               Admin Link Proto Local                 Remote
ge-0/0/1.0              up    up   inet  10.0.1.2/24
                                   iso
ge-1/0/0                up    up
ge-1/0/0.0              up    up   inet  10.0.16.2/24
                                   iso
lo0.0                   up    up   inet  192.168.19.1        --> 0/0
                                   iso   49.0020.1921.6801.9001
 
You are here: Home / IS-IS / Juniper Configuring IS-IS