7.5 Configuration of Integrated IS-IS  
  7.5.1 Basic configuration of Integrated IS-IS  
As with any routing protocol, the first step is to plan out the logical topology, the addressing scheme, and the participating interfaces. Once this initial step is complete, Integrated IS-IS can be configured on the network.

To enable Integrated IS-IS on a router for IP routing is easy. There are many more commands used to tune the IS-IS processes. However, only the following three commands are required to start Integrated IS-IS:

  • Enable IS-IS as an IP routing protocol, using the command router isis, and assign a tag if there are multiple IS-IS processes. If the tag is omitted, a tag of zero (0) is assumed.
  • Identify the router for IS-IS by assigning a NET to the router with the net command.
  • Enable IS-IS on the interfaces participating in IS-IS, using the command ip router isis. This is slightly different to most other IP routing protocols where the participating interfaces are specified by network statements. There is no network statement under the IS-IS process. If there are multiple IS-IS processes, interfaces must state which process they belong to by specifying the appropriate tag.

These commands enable Integrated IS-IS on the router. However, further commands may be required to tune the IS-IS operation.

To troubleshoot Integrated IS-IS, even in an IP-only world, requires some investigation of CLNS data. For example, the IS-IS neighbor relationships are established over OSI, not over IP. To view IS-IS neighbors requires using the show clns neighbors command. Two ends of a CLNS adjacency can actually have IP addresses on different subnets, with no impact on the operation of IS-IS. However, IP next-hop resolution could be an issue.

Note: When enabling IS-IS on a loopback interface, the loopback is usually configured as passive in router isis configuration mode. This is to prevent sending unnecessary Hello packets out the loopback. This is because there is no chance of finding a neighbor behind the loopback interface.

Figure shows a simple topology with three routers in area 49.0001. The pertinent configuration for each of the routers is displayed in Figure .

Informative show command output for this topology is displayed in Figures - .

For added security, configure IS-IS passwords for areas or domains. The area authentication password is inserted in L1, which is the station router level, LSPs, CSNPs, and PSNPs. The routing domain authentication password is inserted in L2, which is the area router level, LSPs, CSNPs, and PSNPs. To configure area or domain authentication passwords, respectively, use the following commands in router configuration mode:

area-password password and domain-password password.

Authentication for an interface can also be configured using the isis password interface configuration command. This command gives the ability to prevent unauthorized routers from forming adjacencies with this router, and therefore, protects the network from intruders. The password is exchanged as plain text and in this way provides only limited security. Different passwords can be assigned for different routing levels using the level-1 and level-2 keyword arguments. Specifying the level-1 or level-2 keyword enables the password only for L1 or L2 routing, respectively.

Lastly, as with OSPF, aggregate addresses can be created with IS-IS, which are represented in the routing table by a summary address. One summary address can include multiple groups of addresses for a given level. Routes learned from other routing protocols can also be summarized. The metric used to advertise the summary is the smallest metric of all the more specific routes. To create a summary of addresses for a given level, use the command summary-address address mask {level-1 | level-1-2 | level-2} in router configuration mode.

 

Interactive Media Activity

Drag and Drop: Basic IS-IS Configuration

Upon completion of this activity, the student will be able to perform basic IS-IS configuration on a Cisco router.

   
 

Web Links

Configuring Integrated IS-IS

http://www.cisco.com/en/US/products/ sw/iosswrel/ps1828/products_configuration_ guide_chapter09186a00800ca56f.html