1. Introduction to RBFS IS-IS
The RtBrick Full Stack (RBFS) is a distributed, web-scale network operating system based on micro-service architecture and packaged in a Linux container currently based on Ubuntu 18.04. The RBFS decreases the complexity of a network by providing users with capabilities such as composability, programmability, and elasticity in a visionary way.
The RBFS operating system operates on the leaf and spine framework. This framework provides the network operators with methods to configure and manage a network brick by brick, and provides full control of the network so the focus can be on the deployment of the new services and not the constant juggling of hardware. The Intermediate System-to-Intermediate System (IS-IS) protocol is an interior gateway protocol (IGP) that uses link-state information to make routing decisions.
1.1. IS-IS Overview
IS-IS, or Intermediate System to Intermediate System, is an open standard routing protocol. ISO published the standard as a way to route datagrams as part of their OSI stack. IETF later republished the standard, and added IP route support.
It is a link-state routing protocol, similar to OSPF. It forms neighbor adjacencies, has areas, exchanges link-state packets, builds a link-state database and runs the Dijkstra SPF algorithm to find the best path to each destination, which is installed in the routing table.
This guide provides the various IS-IS configuration and show CLI commands for RBFS.
2. Configuring IS-IS
The basic IS-IS configuration tasks that must be performed are:
-
enable IS-IS protocol
-
configure IS-IS Instance
-
configure system ID
-
configure area addresses
-
configure instance level
-
-
configure interfaces
-
configure address-family
2.1. Entering configuration mode
The following example shows how to enter the configuration mode.
root@rtbrick:~$ cli root@rtbrick: op> switch-mode config Activating syntax mode : cfg [config] root@rtbrick: cfg>
From this prompt, you can enter the set commands to configure the various IS-IS components.
2.2. Enabling IS-IS Protocol
To enable IS-IS, you must configure the ISIS protocol under a specific instance.
instance |
Name of the IS-IS instance |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis root@rtbrick: cfg> commit
2.3. Configuring an IS-IS Instance
After enabling IS-IS, the following parameters can be configured in an instance.
2.3.1. Configure the System ID
A system ID uniquely identifies a device.
instance |
Name of the IS-IS instance |
system_id |
specifies the system ID of the device. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis system-id 1920.0100.4001 root@rtbrick: cfg> commit
2.3.2. Configuring the ISO Area Addresses
instance |
Name of the IS-IS instance |
area |
The area can be represented in 1, 3, 5, 13 bytes format. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis area 49.000/24 root@rtbrick: cfg> commit
2.3.3. Configuring the Holding Time
instance |
Name of the IS-IS instance |
holding-time |
Specifies how long a neighbor should consider this routing device to be operative without receiving another hello packet. Default value: 30 seconds Range: 1 through 65535 seconds |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis holding-time 45 root@rtbrick: cfg> commit
2.3.4. Configuring the SRGB Base
instance |
Name of the IS-IS instance |
srgb_base |
Specifies the segment routing global block (SRGB) in source packet routing. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis srgb-base 10000 root@rtbrick: cfg> commit
2.3.5. Configuring the SRGB Index Range
instance |
Name of the IS-IS instance |
srgb_range |
Specifies the index range of the SRGB label block. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis srgb-index-range 1000 root@rtbrick: cfg> commit
2.3.6. Configuring the Host Name
instance |
Name of the IS-IS instance |
hostname |
Specifies the hostname mapped to the system identifier. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis hostname SPINE1 root@rtbrick: cfg> commit
2.3.7. Configuring the Authentication Type
instance |
Name of the IS-IS instance |
level1_authentication_type |
Enables you to specify the authentication scheme for IS-IS. If you enable authentication, you must specify a password by including the authentication-key statement. The following authentication types are supported:
|
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 type md5 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 type md5 root@rtbrick: cfg> commit
2.3.8. Configuring the Authentication Keys
instance |
Name of the IS-IS instance |
level1_authentication_key level2_authentication_key level1_authentication_key2 level2_authentication_key2 |
The level-1/level-2 authentication keys specify the authentication keys (passwords) that are used by the neighboring routing devices to verify the authenticity of packets sent from this interface. For the key to work, you also must include the authentication-type statement. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 key1-plain-text testkey1 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 key2-plain-text testkey2 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 key1-plain-text testkey1 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 key2-plain-text testkey2 root@rtbrick: cfg> commit
2.3.9. Configuring the Authentication Key ID
instance |
Name of the IS-IS instance |
level1_authentication_key_id level1_authentication_key_id2 level2_authentication_key_id level2_authentication_key_id2 |
The key ID allows you to specify the key identifiers for level-1/level-2 authentication. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 key-id1 100 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 key-id2 200 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 key-id1 100 root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 key-id2 200 root@rtbrick: cfg> commit
2.3.10. Configuring the Authentication Check
instance |
Name of the IS-IS instance |
level1_authentication_check level2_authentication_check |
The level-1/level-2 authentication check parameter specifies an authentication check to reject PDUs that do not match the type or key requirements. You can enable or disable the authentication check. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 check disable root@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 check disable root@rtbrick: cfg> commit
Configuration example
admin@rtbrick:~$ cli admin@rtbrick: op> switch-mode config Activating syntax mode : cfg [config] admin@rtbrick: cfg> set instance ip2vrf protocol isis system-id 1920.0100.4001 admin@rtbrick: cfg> set instance ip2vrf protocol isis area 49.000/24 admin@rtbrick: cfg> set instance ip2vrf protocol isis holding-time 45 admin@rtbrick: cfg> set instance ip2vrf protocol isis srgb-base 10000 admin@rtbrick: cfg> set instance ip2vrf protocol isis srgb-index-range 1000 admin@rtbrick: cfg> set instance ip2vrf protocol isis hostname SPINE1 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 type md5 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 key1-plain-text testkey1 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 key2-plain-text testkey2 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-1 check disable admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 type md5 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 key1-plain-text testkey1 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 key2-plain-text testkey2 admin@rtbrick: cfg> set instance ip2vrf protocol isis authentication level-2 check disable admin@rtbrick: cfg> commit admin@rtbrick: cfg>
3. Configuring IS-IS Interface
By default, there are no interfaces associated with IS-IS.You must configure at least one IS-IS interface for ISIS adjacency formation.
After enabling IS-IS, you need to specify on which interface IS-IS will be run with the following command:
instance |
Name of the IS-IS instance |
interface |
Name of the interface |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 root@rtbrick: cfg> commit
3.1. Configuring the Interface Type
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
interface_type |
The interface_type specifies the interface type. NOTE: The point-to-point is the default interface type and hence you actually do not need to configure it. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 type point-to-point root@rtbrick: cfg> commit
3.2. Configuring the Interface Adjacency
These commands allow you to disable level-1/level-2 adjacencies on an interface.
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
level1_disable level2_disable |
These parameters allow you to enable to disable the level-1/level-2 interface adjacency |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-1 adjacency-disable true root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-2 adjacency-disable true root@rtbrick: cfg> commit
3.3. Configuring the Interface Level Metric
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
level1_metric level2_metric |
These parameters allow you to specify the interface level-1/level-2 metric value. If the metric value is not set, the default value is set to 1000000. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-1 metric 10 root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-2 metric 10 root@rtbrick: cfg> commit
3.4. Configuring the IS-IS interfaces as passive
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
is_passive |
This parameter sets the interface in passive mode. In this mode, no IS-IS hello
packets are sent out on the interface and no IS-IS adjacencies are created. But the
IP prefixes will be mentioned in the self LSP to make the network reachable via
other links. The |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 passive true root@rtbrick: cfg> commit
3.5. Configuring IS-IS LSP Interval
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
lsp_interval |
Specifies the link-state PDU interval time. The default interval time is 100 milliseconds. The range is 1 to 1000 milliseconds. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 lsp-interval 600 root@rtbrick: cfg> commit
3.6. Configuring the Interface System ID
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
local_system_id |
The local_system_id specifies the system ID of the device. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 system-id 2af0.1100.da44 root@rtbrick: cfg> commit
3.7. Configuring the Segment Routing IPv4/IPv6 Index
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
ipv4_sid ipv6_sid ipv4_anycast_sid ipv6_anycast_sid |
These parameters specify the segment routing IPv4/IPv6 index |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 segment-routing ipv4 index 100 root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 segment-routing ipv6 index 200 root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 segment-routing ipv4 anycast-index 300 root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 segment-routing ipv6 anycast-index 400 root@rtbrick: cfg> commit
3.8. Configuring the Level-1/Level-2 SNP Authentication
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
level1_snp_authentication level2_snp_authentication |
These parameters allow you to specify the Sequence Number PDU (SNP) Authentication. You can either enable or disable the SNP authentication. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-1 snp-authentication disable root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-2 snp-authentication disable root@rtbrick: cfg> commit
3.9. Configuring the Level-1/Level-2 Hello Authentication
instance |
Name of the IS-IS instance |
interface |
Name of the IS-IS interface |
level1_hello_authentication level2_hello_authentication |
These parameters can be used to enable or disable the authentication for hello packets. |
Example
root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-1 hello-authentication disable root@rtbrick: cfg> set instance ip2vrf protocol isis interface memif-1/2/1/0 level-2 hello-authentication disable root@rtbrick: cfg> commit
4. Configuring Address Family
The address-family command allows you to enable the address families that IS-IS will route and configure settings that are distinct to that address family. The address families supported are IPv4 unicast and IPv6 unicast.
4.1. Configuring Route Redistribution
instance |
Name of the IS-IS instance |
afi safi |
These parameters specify the address-family. |
source |
Specifies the source from which the routes are to be redistributed from. The available options are bgp, ospf, direct, and static. |
Configuration Example
root@rtbrick: cfg> set instance ip2vrf protocol isis address-family ipv4 unicast redistribute level-1 static root@rtbrick: cfg> set instance ip2vrf protocol isis address-family ipv4 unicast redistribute level-2 static admin@rtbrick: cfg> commit
5. IS-IS Show Configuration
The following examples show how to display the IS-IS running configurations.
root@rtbrick: cfg> show config global protocol isis
{
"rtbrick-network-instance:isis": {
"flood-filter": [
{
"filter-name": "spine1_lsr1_flood_filter",
"ordinal": 1,
"ordinal-name": "spine1",
"system-id": "1920.0100.4001",
"action": "flood"
}
]
}
}
root@rtbrick: cfg> show config instance ip2vrf protocol isis
{
"rtbrick-config:isis": {
"system-id": "1920.0100.4001",
"holding-time": 45,
"area": "49.0001/24",
"hostname": "SPINE1",
"authentication": {
"level-1": {
"type": "md5",
"key1-encrypted-text": "$2630a640edb7d6b5cf66795402f66ed20",
"key2-encrypted-text": "$21b4a9a2a404ea5878cb2aa5c5a4a716b",
"check": "disable"
},
"level-2": {
"type": "md5",
"key1-encrypted-text": "$2630a640edb7d6b5cf66795402f66ed20",
"key2-encrypted-text": "$21b4a9a2a404ea5878cb2aa5c5a4a716b",
"check": "disable"
}
},
"srgb-base": 10000,
"srgb-index-range": 1000,
"interface": [
{
"name": "lo-0/0/1/0",
"segment-routing": {
"ipv4": {
"index": 100
},
"ipv6": {
"index": 200
}
}
},
{
"name": "lo-0/0/2/0",
"segment-routing": {
"ipv4": {
"anycast-index": 300
},
"ipv6": {
"anycast-index": 400
}
}
},
{
"name": "memif-1/2/1/0",
"flood-filter": "spine1_lsr1_flood_filter",
"type": "point-to-point",
"lsp-interval": 600,
"passive": true,
"level-1": {
"snp-authentication": "disable",
"hello-authentication": "disable",
"metric": 10,
"adjacency-disable": "true"
},
"level-2": {
"snp-authentication": "disable",
"hello-authentication": "disable",
"metric": 10,
"adjacency-disable": "true"
}
}
],
"address-family": [
{
"afi": "ipv4",
"safi": "unicast",
"redistribute": [
{
"source": "static",
"destination-subtype": "level-1"
},
{
"source": "static",
"destination-subtype": "level-2"
}
]
}
]
}
}
©Copyright 2020 RtBrick, Inc. All rights reserved. The information contained herein is subject to change without notice. The trademarks, logos and service marks ("Marks") displayed in this documentation are the property of RtBrick in the United States and other countries. Use of the Marks are subject to RtBrickās Term of Use Policy, available at https://www.rtbrick.com/privacy. Use of marks belonging to other parties is for informational purposes only.