- IS-IS Overview and Basic Configuration
- IPv6 Routing: IS-IS Support for IPv6
- Configuring Integrated IS-IS Protocol Shutdown Support Maintaining Configuration Parameters
- Customizing IS-IS for Your Network Design
- IS-IS MIB
- IS-IS Support for an IS-IS Instance per VRF for IP
- Overview of IS-IS Fast Convergence
- Setting Best Practice Parameters for IS-IS Fast Convergence
- Reducing Failure Detection Times in IS-IS Networks
- IPv6 Routing: IS-IS Multitopology Support for IPv6
- Reducing Link Failure and Topology Change Notification Times in IS-IS Networks
- IS-IS Support for Route Tags
- Enhancing Security in an IS-IS Network
- IS-IS IPv6 Administrative Tag
- Configuring IS-IS IPv4 Loop-Free Alternate Fast Reroute
- Index
- Finding Feature Information
- Prerequisites for IS-IS Support for an IS-IS Instance per VRF for IP
- Restrictions for IS-IS Support for an IS-IS Instance per VRF for IP
- Information About IS-IS Support for an IS-IS Instance per VRF for IP
- How to Configure IS-IS Support for an IS-IS Instance per VRF for IP
IS-IS Support for an IS-IS Instance per VRF for IP
This module introduces support for multiple VPN routing and forwarding (VRF)-aware Intermediate System-to-Intermediate System (IS-IS) instances. The VRF functionality allows Internet service providers (ISPs) to separate routing protocol information and propagate it to the appropriate routing table and network neighbors. Using one router with VRF functionality is more cost-effective than using separate routers to separate and forward the routing information.
- Finding Feature Information
- Prerequisites for IS-IS Support for an IS-IS Instance per VRF for IP
- Restrictions for IS-IS Support for an IS-IS Instance per VRF for IP
- Information About IS-IS Support for an IS-IS Instance per VRF for IP
- How to Configure IS-IS Support for an IS-IS Instance per VRF for IP
- Configuration Examples for IS-IS Support for an IS-IS Instance per VRF for IP
- Additional References
- Feature Information for IS-IS Support for an IS-IS Instance per VRF for IP
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for IS-IS Support for an IS-IS Instance per VRF for IP
You must be running IS-IS on your network.
The VRF configuration is a prerequisite to associating an IS-IS instance with that specific VRF. However, the VRF configuration is independent of associating it with IS-IS or any other routing protocol. An IS-IS instance cannot be referred to as being VRF-aware until it has been associated with a particular VRF.
Restrictions for IS-IS Support for an IS-IS Instance per VRF for IP
IS-IS VRF support is supported only for IPv4.
When you configure the IS-IS Support for an IS-IS Instance per VRF for IP feature, you must comply with the following nine best practices guidelines:
IS-IS instances running Connectionless Network Services (CLNS) must have the same system ID.
An IS-IS instance that is running CLNS or IPv6 cannot be associated with a VRF.
You can configure only one IS-IS instance to run both CLNS and IP.
IS-IS instances within the same VRF must have unique system IDs, although IS-IS instances located in separate VRFs can have the same system ID.
You can associate an IS-IS instance with only one VRF.
You can configure the passive-interface default command only on one IS-IS instance per VRF.
Redistribution is allowed only within the same VRF.
You can enable only one IS-IS instance per interface.
An interface can belong to an IS-IS instance only if they are associated with the same VRF.
 Note | If you are using LDP, you cannot use the route-target command when configuring a VRF. The router will use BGP for Multiprotocol Label Switching (MPLS) labels. |
Information About IS-IS Support for an IS-IS Instance per VRF for IP
VRF-Aware IS-IS
You can configure IS-IS to be VRF-aware. A VRF consists of an IP routing table, a derived Cisco Express Forwarding (CEF) table, a set of interfaces that use the forwarding table, and a set of rules and routing protocol parameters that control the information that is included in the routing table.
IS-IS Support for an IS-IS Instance per VRF for IP Feature Operation
ISPs have the capability to create multiple VRF-aware IS-IS instances that run on one router, rather than requiring duplicate hardware. IS-IS can be enabled to be VRF-aware, and ISPs can use multiple VRF-aware IS-IS instances to separate customer data while propagating the information to appropriate service providers.
For example, an ISP can create three VRFs--VRF First, VRF Second, and VRF Third--to represent three separate customers. A VRF-aware IS-IS instance is created and associated with each VRF: tagFIRST, tagSECOND, and tagTHIRD. Each instance will have its own routing process, IS-IS database, and routing table, and will calculate its own shortest path first (SPF) tree.
How to Configure IS-IS Support for an IS-IS Instance per VRF for IP
Creating a VRF
1.
enable
2.
configure
terminal
3.
ip
cef
[distributed]
4.
ip
vrf
vrf-name
5.
rd
route-distinguisher
6.
end
DETAILED STEPS
Attaching an Interface to the VRF
1.
enable
2.
configure
terminal
3.
interface
type
number
4.
ip
vrf
forwarding
vrf-name
5.
end
DETAILED STEPS
Creating VRF Aware IS-IS Instances
- Before You Begin
- Creating a VRF-Aware IS-IS Instance in Interface Configuration Mode
- Creating a VRF-Aware IS-IS Instance in Router Configuration Mode
Before You Begin
You must have IS-IS running on your network.
If CEF is not enabled by default on your platform, enable CEF to associate interfaces with VRF-aware IS-IS instances.
Creating a VRF-Aware IS-IS Instance in Interface Configuration Mode
1.
enable
2.
configure
terminal
3.
interface
type
number
4.
ip
address
ip-address
mask
[secondary]
5.
ip
router
isis
process-tag
6.
no
shutdown
7.
end
DETAILED STEPS
Creating a VRF-Aware IS-IS Instance in Router Configuration Mode
1.
enable
2.
configure
terminal
3.
router
isis
process-tag
4.
vrf
vrf-name
5.
net
network-entity-title
6.
end
DETAILED STEPS
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. |
| Step 2 |
configure
terminal
Example: Device# configure terminal |
Enters global configuration mode. |
| Step 3 |
router
isis
process-tag
Example: Device(config)# router isis tagFirst |
Enables the IS-IS routing protocol, specifies an IS-IS process, and enters router configuration mode. |
| Step 4 |
vrf
vrf-name
Example: Device(config-router)# vrf vrfFirst |
Associates an IS-IS instance with a VRF.
|
| Step 5 |
net
network-entity-title
Example: Device(config-router)# net 49.000b.0000.0001.0002.00 |
Configures an IS-IS NET for a CLNS routing process. |
| Step 6 |
end
Example: Device(config-router)# end |
Exits router configuration mode. |
Configuration Examples for IS-IS Support for an IS-IS Instance per VRF for IP
- Example: Configuring Multiple VRF-Aware IS-IS Instances
- Example: Creating an IS-IS Instance Without a Process Tag
- Example: Redistributing Routes from an IS-IS Instance
- Example: Changing the Interface Ownership
Example: Configuring Multiple VRF-Aware IS-IS Instances
In the following example, the VRF Second is created and an IS-IS instance is created explicitly by entering the router isis command on the router:
Router(config)# ip cef distributed Router(config)# ip routing Router(config)# ip vrf Second Router(config-vrf)# rd 1:1 Router(config-if)# router isis tagSecond Router(config-router)# vrf Second Router(config-router)# net 49.000b.0000.0001.0002.00
The VRF Third is created and a VRF-aware IS-IS instance is automatically created when the ip router isis command is entered:
Router(config)# ip vrf Third Router(config-vrf)# rd 1:1 Router(config-if)# interface FastEthernet0/2 Router(config-if)# ip vrf forwarding Third Router(config-if)# ip address 172.16.10.1 255.255.255.0 Router(config-if)# ip router isis tagThird Router(config-if)# no shutdown
A new IS-IS instance with the process tag tagThird will automatically be created and associated with the VRF Third. When the show running-config command is entered, the following information for the new IS-IS instance will be displayed:
Router# show running-config Building configuration . . . router isis tagThird vrf Third Router(config)# router isis tagThird Router(config-router)# net 49.000b.0000.0001.0001.00
The following sample output verifies information for the VRF-aware IS-IS instances that were created in the previous examples:
Router# show isis tagThird topology
Tag tagThird:
IS-IS paths to level-2 routers
System Id Metric Next-Hop Interface SNPA
router-02 10 router-02 Fa4/3 0010.0ddc.e00b
router-03 10 router-03 Et0/2 0006.0e03.0c45
router-04 10 router-04 Fa4/0 000a.f3c3.1c70
. router-04 Fa4/1 000a.f3c3.1c71
.
.
Router# show clns tagSecond neighbors
Tag tagSecond:
System Id Interface SNPA State Holdtime Type Protocol
router-03 Fa0/2 00d0.2b7f.9502 Up 9 L2 IS-IS
router-03 PO2/2.1 DLCI 211 Up 27 L2 IS-IS
router-02 PO2/0.1 DLCI 131 Up 29 L2 IS-IS
router-11 Fa0/4 000e.d79d.7920 Up 7 L2 IS-IS
router-11 Fa0/5 000e.d79d.7921 Up 8 L2 IS-IS
router-11 PO3/2.1 DLCI 451 Up 24 L2 IS-IS
.
.
.
Router# show isis tagThird database level-2
Tag tagThird:
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
router-01.00-00 0x0000000A 0x5E73 914 0/0/0
router-01.03-00 0x00000001 0x8E41 894 0/0/0
router-01.04-00 0x00000001 0x8747 894 0/0/0
router-03.00-00 * 0x00000005 0x55AD 727 0/0/0
router-03.02-00 * 0x00000001 0x3B97 727 0/0/0
router-02.00-00 0x00000004 0xC1FB 993 0/0/0
router-02.01-00 0x00000001 0x448D 814 0/0/0
router-04.00-00 0x00000004 0x76D0 892 0/0/0
Router# show isis tagThird database level-1
Tag tagThird:
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
router-03.00-00 * 0x0000000B 0xBDF6 1005 1/0/0
router-03.02-00 * 0x00000001 0xC473 940 0/0/0
router-07.00-00 0x00000006 0x403A 940 0/0/0
Router# show clns tagSecond protocol
IS-IS Router: tagSecond
System Id: 0000.0001.0002.00 IS-Type: level-2-only
Manual area address(es):
49.000b
Routing for area address(es):
49.000b
Interfaces supported by IS-IS:
FastEthernet4/1 - IP
FastEthernet4/0 - IP
Ethernet0/2 - IP
FastEthernet4/3 - IP
Redistributing:
static
Distance: 110
RRR level: none
Generate narrow metrics: level-1-2
Accept narrow metrics: level-1-2
Generate wide metrics: none
Accept wide metrics: none
Router# show clns tagThird protocol
IS-IS Router: tagThird
System Id: 0000.0001.0001.00 IS-Type: level-1-2
Manual area address(es):
49.000b
Routing for area address(es):
49.000b
Interfaces supported by IS-IS:
POS2/2.1 - IP
FastEthernet0/2 - IP
FastEthernet0/4 - IP
POS2/0.1 - IP
FastEthernet0/5 - IP
POS3/2.1 - IP
Redistributing:
static
Distance: 110
RRR level: none
Generate narrow metrics: none
Accept narrow metrics: none
Generate wide metrics: level-1-2
Accept wide metrics: level-1-2
Example: Creating an IS-IS Instance Without a Process Tag
In the following example, an IS-IS instance was created without the optional process tag. When an IS-IS instance is created without the optional process tag, you can display its information by entering the commands such as show clns protocol with "null" specified for the process-tag argument.
Router(config)# router isis Router(config-router)# vrf first Router(config-router)# net 49.000b.0000.0001.ffff.00 Router(config-router)# is-type level-1 Router(config)# interface POS 6/1 Router(config-if)# ip vrf forwarding first Router(config-if)# ip address 172.16.2.1 255.255.255.0 Router(config-if)# ip router isis Router(config-if)# no shutdown
Because the IS-IS instance is created without the optional process tag, its information is displayed when the show clns protocol command is entered with with "null" specified for the process-tag argument:
Router# show clns null protocol
IS-IS Router: <Null Tag>
System Id: 0000.0001.FFFF.00 IS-Type: level-1
Manual area address(es):
49.000b
Routing for area address(es):
49.000b
Interfaces supported by IS-IS:
POS6/1 - IP
Redistributing:
static
Distance: 110
RRR level: none
Generate narrow metrics: level-1-2
Accept narrow metrics: level-1-2
Generate wide metrics: none
Accept wide metrics: none
Example: Redistributing Routes from an IS-IS Instance
In the following sample configuration, routes have been redistributed from the IS-IS instance "null" into the IS-IS instance named tagBLUE. Routes from an OSPF process in VRF Blue have been redistributed into the IS-IS instance named tagBLUE.
In order to redistribute between two different IS-IS instances they must be configured in the same VRF context.
Router(config)# router isis tagBLUE Router(config-router)# redistribute isis null ip metric 10 route-map isisMAP1 Router(config-router)# redistribute ospf 1 vrf BLUE metric 1 metric-type external level-1-2 . . . Router(config)# route-map isisMAP1 permit 10 Router(config-route-map)# match route-type level-2 level-1 Router(config-route-map)# set level level-2
Example: Changing the Interface Ownership
In the following sample configuration, POS interface 6/1 was originally enabled for IS-IS IP routing for a "null" instance that does not have a process tag, which is in vrfSecond. The new configuration changes the ownership of POS interface 6/1 to another instance tagSecond, which is also in vrfSecond.
Note | Use of the ip router isis command in interface configuration mode will overwrite the prior configuration on that interface, but only if the new configuration is attempting to change the interface ownership to a different instance that is in the same VRF as the currently configured owner instance. The configuration will be rejected if the attempted change is between two instances that are associated with different VRFs. |
Router(config)# interface POS 6/1 Router(config-if)# ip router isis tagSecond %ISIS: Interface detached from null and to be attached to instance tagSecond.
Additional References
Related Documents
|
Related Topic |
Document Title |
|---|---|
|
IS-IS commands: complete command syntax, command mode, defaults, command history, usage guidelines, and examples |
Cisco IOS IP Routing: ISIS Command Reference |
|
Overview of Cisco IS-IS conceptual information with links to all the individual IS-IS modules |
"Integrated IS-IS Routing Protocol Overview" module |
|
ISO CLNS commands |
Cisco IOS ISO CLNS Command Reference |
|
Command Lookup Tool |
http://tools.cisco.com/Support/CLILookup |
Standards
|
Standards |
Title |
|---|---|
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. |
-- |
MIBs
|
MIBs |
MIBs Link |
|---|---|
|
No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
RFCs
|
RFCs |
Title |
|---|---|
|
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature. |
-- |
Technical Assistance
|
Description |
Link |
|---|---|
|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
Feature Information for IS-IS Support for an IS-IS Instance per VRF for IP
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
IS-IS Support for an IS-IS Instance per VRF for IP |
12.0(29)S 12.2(33)SRB 15.0(1)M 15.0(1)SY |
This feature provides multiple VPN routing and forwarding (VRF)-aware Intermediate System-to-Intermediate System (IS-IS) instances. The VRF functionality allows Internet service providers (ISPs) to separate routing protocol information and propagate it to the appropriate routing table and network neighbors. Using one router with VRF functionality is more cost-effective than using separate routers to separate and forward the routing information. The following commands were introduced or modified: show clns neighbors, show clns protocol, show isis database, show isis topology, and vrf (router configuration). |
Feedback