IP Routing: ISIS Configuration Guide, Cisco IOS XE Fuji 16.9.x
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Configuring Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
The Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters feature allows you to disable the Integrated
Intermediate System-to-Intermediate System (IS-IS) protocol at the interface level or at the global IS-IS process level without
removing the IS-IS configuration parameters.
This module describes the tasks to configure and monitor a basic Intermediate System-to-Intermediate System (IS-IS) network.
The IS-IS process and adjacency formation are also explained. IS-IS is link-state protocol that allows the network designer
to organize the network into a group of flooding domains. Often deployed as the Interior Gateway Protocol (IGP) for an ISP
network backbone, IS-IS is capable of handling large topologies and large numbers of routing changes.
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information,
see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module,
and to see a list of the releases in which each feature is supported, see the feature information table.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature
Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
Before performing the tasks in this module, you should be familiar with the concepts described in the “Integrated IS-IS Routing
Protocol Overview” module.
You should know your network design and how you want traffic to flow through it before configuring IS-IS. Define areas, prepare
an addressing plan for the devices (including defining the NETs), and determine the interfaces that will run Integrated IS-IS.
To facilitate verification, a matrix of adjacencies should be prepared before you configure your devices, showing what neighbors
should be expected in the adjacencies table. For more information about verifying IS-IS configuration and formed adjacencies,
see “Monitoring IS-IS”.
Information About Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
IS-IS Process and Adjacencies
IS-IS requires some configuration on both the device and the interface. An IS-IS process is created when you enable IS-IS
on a device and define a specific tag to identify that routing process. Interfaces configured with a specific tag will be
part of the corresponding device process. More than one IS-IS process can run on a device for Connectionless Network Service
(CLNS), but only one IS-IS process can run for IP.
Small IS-IS networks are built as a single area that includes all the devices in the network. As the network grows larger,
it is usually reorganized into a backbone area made up of the connected set of all Level 2 devices from all areas. The areas
are connected to local areas. Within a local area, devices know how to reach all system IDs. Between areas, devices know how
to reach the backbone, and the backbone devices know how to reach other areas.
Devices establish Level 1 adjacencies to perform routing within a local area (intra-area routing). Devices establish Level
2 adjacencies to perform routing between Level 1 areas (inter-area routing).
If the network administrator does not specify Level 1 or Level 2 routing for the routing process being configured, the default
routing behavior for the routing process will be Level 1-2.
If Level 2 routing is configured on any process, additional processes are automatically configured as Level 1, with the exception
of previously configured Level 2 process, which will remain Level 2. You can have only one Level-2 process. You can configure
the Level-2 process to perform Level-1 routing at the same time. If Level-2 routing is not desired for a device instance,
use the
is-type command in device configuration mode to remove the Level-2 capability. You can also use the
is-type command to configure a different device instance as a Level-2 device.
Some networks use legacy equipment that supports only Level 1 routing. These devices are typically organized into many small
areas that cannot be aggregated due to performance limitations. Cisco devices are used to interconnect each area to the Level
2 backbone.
Network entity titles (NETs) define the area addresses and the system ID of the device. See the “Configuring ISO CLNS” module
in the
Cisco IOS ISO CLNS Configuration Guide for a more detailed discussion of NETs.
PDU Packet Types in IS-IS Routing
The OSI stack defines a unit of data as a protocol data unit (PDU). A frame therefore is regarded by OSI as a data-link PDU,
and a packet is regarded as a network PDU. There are four types of PDU packets, and each type can be Level 1 or Level 2:
LSP—Link-state PDU. Used to distribute link-state information.
IIH PDU—For IS-IS this is called the IS-IS Hello PDU. Used to establish and maintain adjacencies.
Note
On point-to-point links, IIH PDUs will be the same for Level 1 and Level 2. Both Level-1 and Level-2 IIH use the same type
of PDU, but they carry different circuit types.
PSNP—Partial sequence numbers protocol data unit (PDU). Used to acknowledge and request link-state information.
CSNP—Complete sequence number protocol data unit (PDU). Used to distribute the complete link-state database of a device.
IS-IS LSPs include specific information about the device’s attachments. The following information is included in multiple
Type Length Value (TLV) fields in the main body of the LSP:
The links to neighbor device intermediate systems (ISs), including the metrics of those interfaces
The links to the neighbor end systems (ESs)
How to Create, Monitor and Make Changes to Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
Enabling IS-IS as an IP
Routing Protocol on the Device
SUMMARY STEPS
enable
configure terminal
router isis [area-tag]
net network-entity-title
end
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables
privileged EXEC mode.
Enter your
password if prompted.
Step 2
configure terminal
Example:
Device# configure terminal
Enters global
configuration mode.
Step 3
router isis [area-tag]
Example:
Device(config)# router isis
Assigns a tag
to an IS-IS process. Enters router configuration mode.
Configure
tags to identify multiple IS-IS processes by giving a meaningful name for each
routing process. If the tag is not specified, a null tag (0) is assumed and the
process is referenced with a null tag. The tag name must be unique among all IP
router processes for the device.
Step 4
net network-entity-title
Example:
Device(config-router)# net 49.0001.0000.0000.000b.00
Configures the
NET on the device.
The NET
identifies the device for IS-IS.
Step 5
end
Example:
Device(config-router)# end
Exits router
configuration mode and returns to privileged EXEC mode.
Enabling IS-IS as an IP
Routing Protocol on the Interface
SUMMARY STEPS
enable
configure terminal
interface typenumber
ip address ip-addressmask[secondary]
ip router isis [ area- tag]
end
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables
privileged EXEC mode.
Enter your
password if prompted.
Step 2
configure terminal
Example:
Device# configure terminal
Enters global
configuration mode.
Step 3
interface typenumber
Example:
Enters
interface configuration mode.
Step 4
ip address ip-addressmask[secondary]
Example:
Device(config-if)# ip address 172.16.1.27 255.255.255.0
Sets the
primary IP address on the interface.
Step 5
ip router isis [ area- tag]
Example:
Device(config-if)# ip router isis company1
Enables IS-IS
on the interfaces that are to use IS-IS to distribute their IP information (and
additionally that might be used to establish IS-IS adjacencies).
Use the
area-tag
argument to specify to which IS-IS process the device belongs.
If there is
more than one IS-IS process on the device, repeat the
ip router isis command for each interface, specifying an
area tag for each interface to associate each interface with the specific
process to which it belongs.
Step 6
end
Example:
Device(config-if)# end
Exits interface
configuration mode and returns to privileged EXEC mode.
Makes output
from multiarea displays easier to read by specifying the delimiter to use to
separate displays of information.
Step 4
exit
Example:
Device(config)# exit
Returns to
privileged EXEC mode.
Step 5
show ip protocols
Example:
Device# show ip protocols
Displays the
parameters and current state of the active routing protocol process.
You can use
this command to learn what protocols are active, what interfaces they are
active on, what networks they are routing for, and other parameters that relate
to the routing protocols.
Step 6
show clns area-tagis-neighbors [typenumber] [detail ]
Example:
Device# show clans is-neighbors detail
Displays IS-IS
information for IS-IS device adjacencies.
Step 7
show clns interface [typenumber]
Example:
Device# show clns interface
List the
CLNS-specific information about each interface.
Step 8
show clns area-tagneighbors [typenumber]
[area ] [detail ]
Example:
Device# show clns area3 neighbors
Displays both
ES and IS neighbors.
The
show clns neighbor command output verifies that the right
adjacencies have established. A matrix of adjacencies should be prepared before
you configure your devices, showing what neighbors should be expected in the
adjacencies table, to facilitate verification.
Step 9
show clns area-tagtraffic
Example:
Device# show clns area3 traffic
Displays
traffic statistics.
To monitor
IS-IS for stability once it has been deployed across your network, enter the
show clns traffic command to check the following important
statistics: high numbers of SPFs, checksum errors, and retransmissions. To
troubleshoot IS-IS behavior, you can use the output from the
show clns traffic command to check for the following
indicators:
The
number of link-state PDUs (LSPs) can help you determine the stability of the
IS-IS network. The number of LSPs should never be zero. However, an LSP count
that keeps increasing over a short time period indicates a network issue.
LSP
retransmissions should stay low. A later execution of the
show clns traffic command that shows an increase in LSP
retransmissions, as compared to an earlier execution of the command, can
indicate instability or traffic problems.
To check
for partial route calculations (PRCs), enter the
show clns traffic command. PRCs are flooded when a change
that does not affect topology is reported through an LSP; typical examples
include the addition or removal of a prefix or metric changes for external or
passive interfaces. A PRC update queue that remains full or increases to the
maximum value for long periods of time indicates network instability.
LSP
checksum errors indicate a problem.
The
update queue should not stay full and should not drop much.
Step 10
show ip route [ip-address
[mask]]
[[longer-prefixes ] |
protocol
[process-id] |
list [access-list-number |
access-list-name] |
static download ]]
Displays
additional information about the IS-IS database.
Displays
the link-state database for Level-1 and Level-2, the contents for each LSP, and
the link-state protocol PDU identifier.
Step 12
show isis database verbose
Example:
Device# show isis database verbose
Displays
additional information about the IS-IS database such as the sequence number,
checksum, and holdtime for LSPs.
Step 13
show isis lsp-log
Example:
Device# show isis lsp-log
Displays a
log of LSPs including time of occurrence, count, interface, and the event that
triggered the LSP.
Step 14
show isis [area-tag]
[ipv6 |
* ]
spf-log
Example:
Device# show isis spf-log
Displays how
often and why the device has run a full shortest path first (SPF) calculation.
If the
device continues to run SPF without ceasing, there might be an issue regarding
a change in the network (intra-area). The cause for the continued SPF
calculations could be an interconnecting link that is transitioning
up/down/up/down or a metric change. It is normal for the SPF calculation to run
a few times when a network change occurs, but then it should cease.
Step 15
show isis [process-tag]
[ipv6 |
* ]topology
Example:
Device# show isis topology
Displays a
list of all connected devices in all areas.
Step 16
show isis [area-tag]neighbors [detail ]
Example:
Device# show isis neighbors detail
Displays
IS-IS adjacency information.
The
show isis neighbor detail command output verifies that the right
adjacencies have established. A matrix of adjacencies should be prepared before
you configure your devices, showing what neighbors should be expected in the
adjacencies table, to facilitate verification.
Example
When the
show isis neighbors command is entered with the
detail
keyword, the output provides information about the IS-IS adjacencies that have
formed.
Device1# show isis neighbors detail
System Id Type Interface IP Address State Holdtime Circuit Id
Device2 L2 Et1/0 10.1.1.0 UP 255 Circuit3.01
Area Address(es): 32
SNPA: aabb.cc00.2001
State Changed: 00:00:14
LAN Priority: 64
Format: Phase V
Troubleshooting Tips
You can use the following two system debugging commands to check your IS-IS IPv4 implementation.
If adjacencies are not coming up properly, use the debug isis adj-packets command.
To display a log of significant events during an IS-IS SPF calculation, use the debug isis spf-events command.
Shutting Down IS-IS to Make Changes to Your IS-IS Network
You can shut down IS-IS (placing it in an administrative down state) to make changes to the IS-IS protocol configuration,
without losing your configuration parameters. You can shut down IS-IS at the interface level or at the global IS-IS process
level. If the device was rebooted when the protocol was turned off, the protocol would be expected to come back up in the
disabled state. When the protocol is set to the administrative down state, network administrators are allowed to administratively
turn off the operation of the IS-IS protocol without losing the protocol configuration, to make a series of changes to the
protocol configuration without having the operation of the protocol transition through intermediate—and perhaps undesirable—states,
and to then reenable the protocol at a suitable time.
Before the introduction of the Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters feature, there
was no nondestructive way to disable IS-IS operation. The only way to disable IS-IS at the device level was to issue the
no router isis command, which removes the IS-IS configuration. At the interface level there are two ways to disable IS-IS operation. You
can enter the
no ip router isis command to remove IS-IS from the specified interface, or you can put the interface into passive mode such that the IP address
of the specified interface will still be advertised. In either case, the current IS-IS configuration will be removed.
Shutting Down IS-IS in
Interface Mode
SUMMARY STEPS
enable
configure terminal
interface typenumber
isis protocol shutdown
end
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables
privileged EXEC mode.
Enter your
password if prompted.
Step 2
configure terminal
Example:
Device# configure terminal
Enters global
configuration mode.
Step 3
interface typenumber
Example:
Configures an
interface and enters interface configuration mode.
Step 4
isis protocol shutdown
Example:
Device(config-if)# isis protocol shutdown
Disables the
IS-IS protocol so that it cannot form adjacencies on a specified interface and
places the IP address of the interface into the LSP that is generated by the
device.
Step 5
end
Example:
Device(config-if)# end
Exits interface
configuration mode and returns to privileged EXEC mode.
Shutting Down IS-IS in Router Mode
SUMMARY STEPS
enable
configure terminal
router isis area-tag
protocol shutdown
end
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configure terminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
router isis area-tag
Example:
Device(config)# router isis 1
Enables the IS-IS routing protocol and specifies an IS-IS process.
Enters router configuration mode.
Step 4
protocol shutdown
Example:
Device(config-router)# protocol shutdown
Prevents IS-IS from forming any adjacency on any interface and clears the IS-IS LSP database, without actually removing the
IS-IS configuration.
Step 5
end
Example:
Device(config-router)# end
Exits router configuration mode and returns to privileged EXEC mode.
Configuration Examples for Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
Example: Configuring a Basic
IS-IS Network
The following
example shows how to configure three devices to run IS-IS as an IP routing
protocol.
Device A
Configuration
router isis
net 49.0001.0000.0000.000a.00
interface ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip router isis
interface serial 2/0
ip router isis
ip address 192.168.1.2 255.255.255.0
Device B
Configuration
router isis
net 49.0001.0000.0000.000b.00
interface ethernet0/0
ip router isis
ip address 172.17.1.1 255.255.255.0
interface serial2/0
ip router isis
ip address 192.168.1.1 255.255.255.0
interface serial5/0
ip router isis
ip address 172.21.1.1 255.255.255.0
Device C
Configuration
router isis
net 49.0001.0000.0000.000c.00
interface ethernet2/0
ip router isis
ip address 172.21.1.2 255.255.255.0
interface serial5/0
ip router isis
ip address 172.22.1.1 255.255.255.0
The
show isis topology command displays the following
information about how the devices are connected within the IS-IS network:
DeviceB# show isis topology
IS-IS paths to level-1 routers
System Id Metric Next-Hop Interface SNPA
DeviceA 10 DeviceA Se2/0 *HDLC*
DeviceB --
DeviceC 10 DeviceC Se5/0 *HDLC*
IS-IS paths to level-2 routers
System Id Metric Next-Hop Interface SNPA
DeviceA 10 DeviceA Se2/0 *HDLC*
DeviceB --
DeviceC 10 DeviceC Se5/0 *HDLC*
The
show isis database command displays following information
for the Level 1 and Level 2 LSPs for each device in the IS-IS network.
DeviceB# show isis database
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
DeviceA.00-00 0x00000005 0x1A1D 1063 0/0/0
DeviceB.00-00 * 0x00000006 0xD15B 1118 0/0/0
DeviceC.00-00 0x00000004 0x3196 1133 1/0/0
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
DeviceA.00-00 0x00000008 0x0BF4 1136 0/0/0
DeviceB.00-00 * 0x00000008 0x1701 1137 0/0/0
DeviceC.00-00 0x00000004 0x3624 1133 0/0/0
The
show ip route command displays information about the
interfaces of each device, including their IP addresses and how they are
connected to Device B:
DeviceB# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.17.0.0/24 is subnetted, 1 subnets
C 172.17.1.0 is directly connected, Ethernet0/0
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Serial4/0
172.21.0.0/24 is subnetted, 1 subnets
C 172.21.1.0 is directly connected, Serial5/0
172.22.0.0/24 is subnetted, 1 subnets
i L1 172.22.1.0 [115/20] via 172.21.1.2, Serial5/0
10.0.0.0/24 is subnetted, 1 subnets
i L1 10.1.1.0 [115/20] via 192.168.1.2, Serial2/0
C 192.168.1.0/24 is directly connected, Serial2/0
C 192.168.3.0/24 is directly connected, Serial3/0
The
show isis spf-log command displays logs of Level 1 and Level
2 LSPs including time of occurrence, duration, count, and the event that
triggered the LSP.
DeviceC## show isis spf-log
level 1 SPF log
When Duration Nodes Count First trigger LSP Triggers
00:01:30 0 3 7 DeviceB.00-00 PERIODIC NEWADJ NEWLSP TLVT
level 2 SPF log
When Duration Nodes Count First trigger LSP Triggers
00:01:31 0 3 7 DeviceB.00-00 PERIODIC NEWADJ NEWLSP TLVT
The figure below
illustrates the sample configuration.
Example: Shutting Down IS-IS
in Interface Mode
The following
device output shows that the device has two IS-IS adjacencies:
Device# show clns neighbors
System Id Interface SNPA State Holdtime Type Protocol
first Et3/1 0002.7dd6.1c21 Up 25 L1L2 IS-IS
second Et3/2 0004.6d25.c056 Up 29 L1L2 IS-IS
When the
isis protocol shutdown command is entered for Ethernet interface
3/1, the IS-IS protocol will be disabled for the specified interface:
Device# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Device(config)#
Device(config-if)# isis protocol shutdown
Device(config-if)# end
The following
device output shows that the adjacency for Ethernet interface 3/1 has not
formed:
Device# show clns neighbors
System Id Interface SNPA State Holdtime Type Protocol
second Et3/2 0004.6d25.c056 Up 27 L1L2 IS-IS
Example: Shutting Down IS-IS in Router Mode
The following device output shows that the device has two IS-IS adjacencies:
Device# show clns neighbors
System Id Interface SNPA State Holdtime Type Protocol
south Et3/1 0002.7dd6.1c21 Up 29 L1L2 IS-IS
north Et3/2 0004.6d25.c056 Up 28 L1L2 IS-IS
The
protocol shutdown command is entered so that IS-IS is disabled and no adjacencies will be formed on any interface:
Device# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Device(config)# router isis area1
Device(config-router)# protocol shutdown
Device(config-router)# end
The following device output now shows that both adjacencies are gone.
Device# show clns neighbors
System Id Interface SNPA State Holdtime Type Protocol
When the
no protocol shutdown command is entered, the adjacencies will again be formed on both interfaces:
Device(config)# router isis area1
Device(config-router)# no protocol shutdown
Device(config-router)# end
Device# show clns neighbors
System Id Interface SNPA State Holdtime Type Protocol
south Et3/1 0002.7dd6.1c21 Up 24 L1L2 IS-IS
north Et3/2 0004.6d25.c056 Up 24 L1L2 IS-IS
““Where to Go Next
To customize IS-IS for your network design, see the "Customizing IS-IS for Your Network Design" module.
To customize IS-IS for achieving fast convergence and scalability, see the following modules:
“Overview of IS-IS Fast Convergence”
“Setting Best Practice Parameters for IS-IS Fast Convergence”
“Reducing Failure Detection Times in IS-IS Networks”
“Reducing Link Failure and Topology Change Notification Times in IS-IS Networks”
“Reducing Alternate-Path Calculation Times in IS-IS Networks”
To enhance IS-IS network security, see the “Enhancing Security in an IS-IS Network” module.
Additional References for Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
Use of OSI IS-IS for Routing in TCP/IP and Dual Environments
Use of OSI IS-IS for Routing in TCP/IP and Dual Environments (http://www.ietf.org/rfc/rfc1195.txt)
Technical Assistance
Description
Link
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use
these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products
and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.
Feature Information for
Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
The following table provides release information about the feature or features described in this module. This table lists
only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise,
subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco
Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for
Integrated IS-IS Protocol Shutdown Support Maintaining Configuration
Parameters
Feature
Name
Releases
Feature
Information
Integrated
IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
The
Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
feature allows you to disable the Integrated Intermediate
System-to-Intermediate System (IS-IS) protocol at the interface level or at the
global IS-IS process level without removing the IS-IS configuration parameters.