IS-IS Configuration
Configuration Syntax and Commands
The following sections describe the IS-IS configuration syntax and commands.
Instance Configuration
The instance configuration hierarchy includes parameters that are required for or used by IS-IS.
Syntax:
set instance <instance-name> protocol isis <attribute> <value>
Attribute | Description |
---|---|
<name> |
Name of the IS-IS instance |
area <area> |
IS-IS area-address. The area can be represented in 1, 3, 5, 13 bytes format. |
authentication <…> |
Specifies the authentication scheme for IS-IS. Refer to section 2.2.1.1 for the IS-IS authentication configuration details. |
holding-time <holding-time> |
Specifies how long a neighbor should consider this routing device to be operative without receiving another hello packet. Default value: 30 seconds Range: 1 through 3,180 seconds |
hostname <hostname> |
Specifies the hostname mapped to the system identifier. |
ignore-attached-bit [true/false] |
This configuration allows you to enable the routing device to ignore the attached bit on incoming Level 1 link-state PDUs. If the attached bit is ignored, no default route, which points to the routing device which has set the attached bit, is installed. |
interface <…> |
Name of the interface. Refer to section 2.2.2 for the interface configuration details. |
ipv6-disable [true/false] |
Specifies whether the ipv6-disable configuration is enabled or not. When you set this value to "true", it indicates that IPv6 configuration is disabled. |
[level-1/level-2] address-family <…> |
Protocol ISIS level-1/level-2 address-family configuration. Refer to section 2.2.1.2 for the address family configuration details. |
lsp-lifetime <lsp-lifetime> |
IS-IS link-state PDUs maximum lifetime, default 65535 seconds |
multipath <multipath> |
Load sharing among multiple ISIS paths, default 256 |
no-mpls-transit-path [true/false] |
When set to true, IS-IS will not install segment routing transit path, default false |
overload [true/false] |
When set to true, IS-IS overload bit is set, default false |
router-id <router-id> |
ISIS router identifier (ipv4 format: A.B.C.D) |
system-id <system-id> |
Specifies the system ID of the device. |
Example: IS-IS Instance Configuration
{ "rtbrick-config:instance": [ { "name": "default", "protocol": { "isis": { "system-id": "1000.9900.0001", "overload": "false", "holding-time": 100, "area": "49.0001/24", "hostname": "spine1", "router-id": "198.51.100.199", "authentication": { "level-1": { "check": "enable" } } } } } ] }
IS-IS Authentication Configuration
Syntax:
set instance <instance-name> protocol isis authentication [level-1 | level-2] <attribute> <value>
Attribute | Description |
---|---|
check [disable / enable] |
Specifies an authentication check to reject PDUs that do not match the type or key requirements. You can enable or disable the authentication check. |
key-id1 <key-id1> / key-id2 <key-id2> |
The key ID allows you to specify the key identifiers for level-1/level-2 authentication. |
key1-encrypted-text <key1-encrypted-text> / key2-encrypted-text <key2-encrypted-text> |
Authentication key1 and key 2 encrypted text |
key1-plain-text <key1-plain-text> / key2-plain-text <key2-plain-text> |
The level-1/level-2 authentication keys specify the authentication keys (passwords) that are used by the neighboring routing devices to verify the authenticity of packets sent from this interface. For the key to work, you also must include the authentication-type statement. |
type |
Enables you to specify the authentication scheme for IS-IS. If you enable authentication, you must specify a password by including the authentication-key statement. The following authentication types are supported:
|
{ "ietf-restconf:data": { "rtbrick-config:instance": [ { "name": "default", "protocol": { "isis": { <...> "authentication": { "level-1": { "type": "md5", "key1-encrypted-text": "$239928e897b1f0fb3a97ed426db21aba36ca48479744a7c71255ee2c4e747e859" } }, "interface": [ { "name": "ifl-0/0/1/0", "type": "point-to-point", "level-1": { "snp-authentication": "enable", "hello-authentication": "disable", "metric": 10 }, "level-2": { "snp-authentication": "enable", "hello-authentication": "disable", "metric": 10 } }, <...>
IS-IS Address-Family Configuration
The address-family command allows you to enable the address families that IS-IS will route and configure settings that are specific to that address family.
Syntax:
set instance <instance-name> protocol isis [level-1 | level-2] address-family <attribute> <value>
Attribute | Description |
---|---|
<afi> |
Address family identifier (AFI). Supported values: ipv4, ipv6 |
<safi> |
Subsequent address family identifier (SAFI). Supported values: unicast or labeled-unicast |
Configuring Route Redistribution
Syntax:
set instance <instance-name> protocol isis [level-1 | level-2] address-family <afi> <safi> redistribute <attribute> <value>
Attribute | Description |
---|---|
<afi> |
Address family identifier (AFI). Supported values: ipv4, ipv6 |
<safi> |
Subsequent address family identifier (SAFI). Supported values: unicast or labeled-unicast |
redistribute <protocol> |
Specifies the source from which the routes are to be redistributed from. The available options include |
redistribute <protocol> <policy> |
Specifies the name of the policy map. The redistribute attach point allows routes from other sources to be advertised by IS-IS. Policy can be applied only to the routes that are redistributed from other sources to IS-IS. The support for inter-level leaking through policy is unavailable. |
Example: IS-IS address-family configuration
{ "rtbrick-config:isis": { "system-id": "1000.9900.0001", "area": "49.0001/24", "hostname": "spine1", "interface": [ { "name": "ifl-0/0/2/0", "type": "point-to-point", "level-1": { "metric": 1000 } } ], "level-1": { "address-family": [ { "afi": "ipv4", "safi": "labeled-unicast", "redistribute": [ { "source": "bgp" "policy": "filter-link-address" } ] } ] } }
Segment Routing Configuration
Syntax:
set instance <instance-name> protocol isis segment-routing <attribute> <value>
Attribute | Description |
---|---|
srgb base <srgb base> |
Specifies the segment routing global block (SRGB) in source packet routing. SRGB is used for prefix SIDs. |
srgb range <srgb range> |
IS-IS system range of labels from the base label. |
srlb base <srlb base> |
Specifies the segment routing local block (SRLB) in source packet routing. SRLB is used for adjacency SIDs. |
srlb range <srlb range> |
IS-IS system range of labels from the base label. |
Example: IS-IS Segment Routing Configuration
{ "rtbrick-config:isis": { segment-routing: { "srgb: { "base": 5000, "range": 1000 } "srlb: { "base": 5000, "range": 1000, }
Configuring IS-IS Interface
By default, there are no interfaces associated with IS-IS. You must configure at least one IS-IS interface for IS-IS adjacency formation.
Syntax:
set instance <instance> protocol isis interface <name> <attribute> <value>
Attribute | Description |
---|---|
<name> |
Specifies the name of the IS-IS interface. |
flood-filter <flood-filter> |
Specifies the IS-IS flood filter name |
level-1 / level-2 |
Specify IS-IS interface level configuration. Refer to section 2.2.2.1 for the IS-IS interface level configuration details. |
lsp-interval <lsp-interval> |
IS-IS system interface LSP interval, default 100 |
passive [true / false] |
Enable interface in passive mode, default false |
system-id <system-id> |
Interface level system id |
type [loopback / none / point-to-point] |
Specifies the type of the IS-IS system interface |
ldp-synchronization [enable / disable] |
Enable LDP IGP synchronization, default disable |
Example 1: IS-IS Interface Configuration
{ "rtbrick-config:isis": { "interface": [ { "name": "ifl-0/0/1/0", "lsp-interval": 200 } ] } }
Example 2: IS-IS Interface Level Flood Filter Configuration
{ "rtbrick-config:interface": [ { "name": "ifl-0/0/1/0", "flood-filter": "spine1_lsr1_flood_filter" } ] }
Example 3: IS-IS Interface Configuration with enabled LDP synchronization
{ "rtbrick-config:isis": { "interface": [ { "name": "ifl-0/0/1/0", "lsp-interval": 200, "ldp-synchronization": "enable" } ] } }
IS-IS Interface Level Configuration
Syntax:
set instance <instance> protocol isis interface <name> [level-1 | level-2] <attribute> <value>
Attribute | Description |
---|---|
adjacency-disable [true/false] |
Specify the level-1/level-2 adjacency on an interface, default false |
hello-authentication [disable/enable] |
Authentication on hello packets |
metric <metric> |
Level-1/Level-2 metric on an interface, default 1000000 |
snp-authentication [enable/disable] |
Authentication on CSNP/PSNP packets |
Example: IS-IS Interface Level Configuration
{ "rtbrick-config:interface": [ { "name": "ifl-0/0/1/0", "lsp-interval": 200, "level-1": { "snp-authentication": "enable", "hello-authentication": "enable", "metric": 1000, "adjacency-disable": "false" } } ] }
Interface-level Segment Routing Configuration
Syntax:
set instance <instance> protocol isis interface <name> segment-routing <attribute> <value>
Attribute | Description |
---|---|
segment-routing [ipv4 / ipv6] anycast-index <anycast-index> |
Anycast index segment-ID. The prefix SIDs and anycast SIDs are applied on loopback interface only. |
segment-routing [ipv4 / ipv6] index <index> |
Prefix index segment ID. |
segment-routing point-to-point [ipv4 / ipv6] adjacency-index <adjacency-index> |
Adjacency index segment-ID. The adjacency SIDs are applied on active IS-IS interfaces on which adjacencies are established. |
Example 1: IS-IS Interface Level Segment Routing Configuration for Prefix and Anycast SID
"rtbrick-config:instance": [ { "name": "default", "protocol": { "isis": { "interface": [ { "name": "lo-0/0/0", "segment-routing": { "ipv4": { "index": 100 }, "ipv6": { "index": 200 } } }, { "name": "lo-0/0/1", "segment-routing": { "ipv4": { "anycast-index": 110 }, "ipv6": { "anycast-index": 210 } } } ] } } } ] } }
Example 2: IS-IS Interface Level Segment Routing Configuration for Adjacency SID
{ "rtbrick-config:isis": { "interface": [ { "name": "ifp-0/0/1/0", "type": "point-to-point", "segment-routing": { "point-to-point": { "ipv4": { "adjacency-index": 241 }, "ipv6": { "adjacency-index": 261 } } } } ] } }
IS-IS Global Configuration
IS-IS Flood Filter Configuration
Syntax:
set global protocol isis flood-filter <filter-name> <ordinal> <attribute> <value>
Attribute | Description |
---|---|
<filter-name> |
Filter-name which binds a flooding filter to an IS-IS interface |
<ordinal> |
Number to filter rule |
action [block/flood] |
Action required to flood or not |
ordinal-name <ordinal-name> |
Name for the filter rule |
system-id <system-id> |
IS-IS instance system-id |
system-id-mask <system-id-mask> |
System ID mask on which the filter should match |
Example: IS-IS Flood Filter Configuration
{ "rtbrick-config:flood-filter": [ { "filter-name": "spine1_lsr1_flood_filter", "ordinal": 1, "ordinal-name": "spine1", "system-id": "1920.0100.4001", "action": "flood" } ] }