IS-IS Configuration

Configuration Hierarchy

The diagram below illustrates the IS-IS configuration hierarchy.

IS-IS Configuration Hierarchy

Configuration Syntax and Commands

The following sections describe the IS-IS configuration syntax and commands.

Instance Configuration

The instance configuration hierarchy includes parameters that are required for or used by IS-IS.

Syntax:

set instance <instance-name> protocol isis <attribute> <value>

Attribute Description

<name>

Name of the IS-IS instance

area <area>

IS-IS area-address. The area can be represented in 1, 3, 5, 13 bytes format.

authentication <…​>

Specifies the authentication scheme for IS-IS. Refer to section 2.2.1.1 for the IS-IS authentication configuration details.

holding-time <holding-time>

Specifies how long a neighbor should consider this routing device to be operative without receiving another hello packet.

Default value: 30 seconds

Range: 1 through 3,180 seconds

hostname <hostname>

Specifies the hostname mapped to the system identifier.

ignore-attached-bit [true/false]

This configuration allows you to enable the routing device to ignore the attached bit on incoming Level 1 link-state PDUs. If the attached bit is ignored, no default route, which points to the routing device which has set the attached bit, is installed.

interface <…​>

Name of the interface. Refer to section 2.2.2 for the interface configuration details.

ipv6-disable [true/false]

Specifies whether the ipv6-disable configuration is enabled or not. When you set this value to "true", it indicates that IPv6 configuration is disabled.

[level-1/level-2] address-family <…​>

Protocol ISIS level-1/level-2 address-family configuration. Refer to section 2.2.1.2 for the address family configuration details.

lsp-lifetime <lsp-lifetime>

IS-IS link-state PDUs maximum lifetime, default 65535 seconds

multipath <multipath>

Load sharing among multiple ISIS paths, default 256

no-mpls-transit-path [true/false]

When set to true, IS-IS will not install segment routing transit path, default false

overload [true/false]

When set to true, IS-IS overload bit is set, default false

router-id <router-id>

ISIS router identifier (ipv4 format: A.B.C.D)

system-id <system-id>

Specifies the system ID of the device.

Example: IS-IS Instance Configuration

{
    "rtbrick-config:instance": [
      {
        "name": "default",
        "protocol": {
          "isis": {
            "system-id": "1000.9900.0001",
            "overload": "false",
            "holding-time": 100,
            "area": "49.0001/24",
            "hostname": "spine1",
            "router-id": "198.51.100.199",
            "authentication": {
              "level-1": {
                "check": "enable"
              }
            }
          }
        }
      }
    ]
  }

IS-IS Authentication Configuration

Syntax:

set instance <instance-name> protocol isis authentication [level-1 | level-2] <attribute> <value>

Attribute Description

check [disable / enable]

Specifies an authentication check to reject PDUs that do not match the type or key requirements. You can enable or disable the authentication check.

key-id1 <key-id1> / key-id2 <key-id2>

The key ID allows you to specify the key identifiers for level-1/level-2 authentication.

key1-encrypted-text <key1-encrypted-text> / key2-encrypted-text <key2-encrypted-text>

Authentication key1 and key 2 encrypted text

key1-plain-text <key1-plain-text> / key2-plain-text <key2-plain-text>

The level-1/level-2 authentication keys specify the authentication keys (passwords) that are used by the neighboring routing devices to verify the authenticity of packets sent from this interface. For the key to work, you also must include the authentication-type statement.

type

Enables you to specify the authentication scheme for IS-IS. If you enable authentication, you must specify a password by including the authentication-key statement.

The following authentication types are supported:

  • clear_text

  • md5

  • sha1

{
  "ietf-restconf:data": {
    "rtbrick-config:instance": [
      {
        "name": "default",
        "protocol": {
          "isis": {
            <...>
            "authentication": {
              "level-1": {
                "type": "md5",
                "key1-encrypted-text": "$239928e897b1f0fb3a97ed426db21aba36ca48479744a7c71255ee2c4e747e859"
              }
            },
            "interface": [
              {
                "name": "ifl-0/0/1/0",
                "type": "point-to-point",
                "level-1": {
                  "snp-authentication": "enable",
                  "hello-authentication": "disable",
                  "metric": 10
                },
                "level-2": {
                  "snp-authentication": "enable",
                  "hello-authentication": "disable",
                  "metric": 10
                }
              },
              <...>

IS-IS Address-Family Configuration

The address-family command allows you to enable the address families that IS-IS will route and configure settings that are specific to that address family.

Syntax:

set instance <instance-name> protocol isis [level-1 | level-2] address-family <attribute> <value>

Attribute Description

<afi>

Address family identifier (AFI). Supported values: ipv4, ipv6

<safi>

Subsequent address family identifier (SAFI). Supported values: unicast or labeled-unicast

Configuring Route Redistribution

Syntax:

set instance <instance-name> protocol isis [level-1 | level-2] address-family <afi> <safi> redistribute <attribute> <value>

Attribute Description

<afi>

Address family identifier (AFI). Supported values: ipv4, ipv6

<safi>

Subsequent address family identifier (SAFI). Supported values: unicast or labeled-unicast

redistribute <protocol>

Specifies the source from which the routes are to be redistributed from. The available options include arp-nd, bgp, bgp-local, bgp-local-origin, direct, igmp, ospf, l2tpv2, ldp, local, pim, ppp, rib, and static.

redistribute <protocol> <policy>

Specifies the name of the policy map. The redistribute attach point allows routes from other sources to be advertised by IS-IS. Policy can be applied only to the routes that are redistributed from other sources to IS-IS. The support for inter-level leaking through policy is unavailable.

Example: IS-IS address-family configuration

{
    "rtbrick-config:isis": {
      "system-id": "1000.9900.0001",
      "area": "49.0001/24",
      "hostname": "spine1",
      "interface": [
        {
          "name": "ifl-0/0/2/0",
          "type": "point-to-point",
          "level-1": {
            "metric": 1000
          }
        }
      ],
      "level-1": {
        "address-family": [
          {
            "afi": "ipv4",
            "safi": "labeled-unicast",
            "redistribute": [
              {
                "source": "bgp"
                "policy": "filter-link-address"

              }
            ]
          }
        ]
      }
    }

Segment Routing Configuration

Syntax:

set instance <instance-name> protocol isis segment-routing <attribute> <value>

Attribute Description

srgb base <srgb base>

Specifies the segment routing global block (SRGB) in source packet routing. SRGB is used for prefix SIDs.
Supported MPLS label values are 0 - 1048575. The reserved MPLS label range is 0 - 15. In RBFS, BGP uses the label range 20000 - 100000. It is recommended to assign label values outside of these reserved ranges to avoid conflicts.

srgb range <srgb range>

IS-IS system range of labels from the base label.

srlb base <srlb base>

Specifies the segment routing local block (SRLB) in source packet routing. SRLB is used for adjacency SIDs.
Supported MPLS label values are 0 - 1048575. The reserved MPLS label range is 0 - 15. In RBFS, BGP uses the label range 20000 - 100000. It is recommended to assign label values outside of these reserved ranges to avoid conflicts.

srlb range <srlb range>

IS-IS system range of labels from the base label.

Example: IS-IS Segment Routing Configuration

{
    "rtbrick-config:isis": {
      segment-routing: {
        "srgb: {
          "base": 5000,
          "range": 1000
        }
        "srlb: {
          "base": 5000,
          "range": 1000,
        }

Configuring IS-IS Interface

By default, there are no interfaces associated with IS-IS. You must configure at least one IS-IS interface for IS-IS adjacency formation.

Syntax:

set instance <instance> protocol isis interface <name> <attribute> <value>

Attribute Description

<name>

Specifies the name of the IS-IS interface.

flood-filter <flood-filter>

Specifies the IS-IS flood filter name

level-1 / level-2

Specify IS-IS interface level configuration. Refer to section 2.2.2.1 for the IS-IS interface level configuration details.

lsp-interval <lsp-interval>

IS-IS system interface LSP interval, default 100

passive [true / false]

Enable interface in passive mode, default false

system-id <system-id>

Interface level system id

type [loopback / none / point-to-point]

Specifies the type of the IS-IS system interface

ldp-synchronization [enable / disable]

Enable LDP IGP synchronization, default disable

Example 1: IS-IS Interface Configuration

{
    "rtbrick-config:isis": {
      "interface": [
        {
          "name": "ifl-0/0/1/0",
          "lsp-interval": 200
        }
      ]
    }
  }

Example 2: IS-IS Interface Level Flood Filter Configuration

{
    "rtbrick-config:interface": [
      {
        "name": "ifl-0/0/1/0",
        "flood-filter": "spine1_lsr1_flood_filter"
      }
    ]
  }

Example 3: IS-IS Interface Configuration with enabled LDP synchronization

{
    "rtbrick-config:isis": {
      "interface": [
        {
          "name": "ifl-0/0/1/0",
          "lsp-interval": 200,
          "ldp-synchronization": "enable"
        }
      ]
    }
  }

IS-IS Interface Level Configuration

Syntax:

set instance <instance> protocol isis interface <name> [level-1 | level-2] <attribute> <value>

Attribute Description

adjacency-disable [true/false]

Specify the level-1/level-2 adjacency on an interface, default false

hello-authentication [disable/enable]

Authentication on hello packets

metric <metric>

Level-1/Level-2 metric on an interface, default 1000000

snp-authentication [enable/disable]

Authentication on CSNP/PSNP packets

Example: IS-IS Interface Level Configuration

{
    "rtbrick-config:interface": [
      {
        "name": "ifl-0/0/1/0",
        "lsp-interval": 200,
        "level-1": {
          "snp-authentication": "enable",
          "hello-authentication": "enable",
          "metric": 1000,
          "adjacency-disable": "false"
        }
      }
    ]
  }

Interface-level Segment Routing Configuration

Syntax:

set instance <instance> protocol isis interface <name> segment-routing <attribute> <value>

Attribute Description

segment-routing [ipv4 / ipv6] anycast-index <anycast-index>

Anycast index segment-ID. The prefix SIDs and anycast SIDs are applied on loopback interface only.

segment-routing [ipv4 / ipv6] index <index>

Prefix index segment ID.

segment-routing point-to-point [ipv4 / ipv6] adjacency-index <adjacency-index>

Adjacency index segment-ID. The adjacency SIDs are applied on active IS-IS interfaces on which adjacencies are established.

Example 1: IS-IS Interface Level Segment Routing Configuration for Prefix and Anycast SID

 "rtbrick-config:instance": [
      {
        "name": "default",
        "protocol": {
          "isis": {
            "interface": [
              {
                "name": "lo-0/0/0",
                "segment-routing": {
                  "ipv4": {
                    "index": 100
                  },
                  "ipv6": {
                    "index": 200
                  }
                }
              },
              {
                "name": "lo-0/0/1",
                "segment-routing": {
                  "ipv4": {
                    "anycast-index": 110
                  },
                  "ipv6": {
                    "anycast-index": 210
                  }
                }
              }
            ]
          }
        }
      }
    ]
  }
}

Example 2: IS-IS Interface Level Segment Routing Configuration for Adjacency SID

{
  "rtbrick-config:isis": {
    "interface": [
      {
        "name": "ifp-0/0/1/0",
        "type": "point-to-point",
        "segment-routing": {
          "point-to-point": {
            "ipv4": {
              "adjacency-index": 241
            },
            "ipv6": {
              "adjacency-index": 261
            }
          }
        }
      }
    ]
  }
}

IS-IS Global Configuration

IS-IS Flood Filter Configuration

Syntax:

set global protocol isis flood-filter <filter-name> <ordinal> <attribute> <value>

Attribute Description

<filter-name>

Filter-name which binds a flooding filter to an IS-IS interface

<ordinal>

Number to filter rule

action [block/flood]

Action required to flood or not

ordinal-name <ordinal-name>

Name for the filter rule

system-id <system-id>

IS-IS instance system-id

system-id-mask <system-id-mask>

System ID mask on which the filter should match

Example: IS-IS Flood Filter Configuration

{
    "rtbrick-config:flood-filter": [
      {
        "filter-name": "spine1_lsr1_flood_filter",
        "ordinal": 1,
        "ordinal-name": "spine1",
        "system-id": "1920.0100.4001",
        "action": "flood"
      }
    ]
  }