Configuring Global IS-IS Parameters

This section describes the commands you can use to globally configure optional IS-IS parameters.

• Set the maximum number of parallel routes.
• Set the mesh group.
• Suppress installation of default routes to level 1-2 routers.

In the following command guidelines, notice that many parameters are preset to a default value. Use the no version of those commands to restore default values.

Setting Authentication Passwords

You can configure HMAC MD5 authentication either for an area or for a domain.

    area-authentication-key

• Use to specify a password used by neighboring routers for authentication of IS-IS level 1 LSPs, CSNPs, and PSNPs.
• You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
• Example

host1(config-router)#area-authentication-key 0 bigtree 

• Use the no version to delete the password.

    area-message-digest-key

• Use to configure HMAC MD5 authentication for an area.
• Generates a secure, encrypted message digest of level 1 packets (LSPs, CSNPs, and PSNPs) and inserts the digest into the packet from which it is created.
• You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
• Example

host1(config-router)#area-message-digest-key 1 hmac-md5 
kd4s8hnEK 

• Use the no version to delete the MD5 key specified by the key-id.

    domain-authentication-key

• Use to specify a password used by neighboring routers for authentication of IS-IS level 2 LSPs, CSNPs, and PSNPs.
• You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
• Example

host1(config-router)#domain-authentication-key 8 4kl6n39us 

• Use the no version to delete the password.

    domain-message-digest-key

• Use to configure HMAC MD5 authentication for a domain.
• Generates a secure, encrypted message digest of level 2 packets (LSPs, CSNPs, and PSNPs) and inserts the digest into the packet from which it is created.
• You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
• Example

host1(config-router)#domain-message-digest-key 4 hmac-md5 
4bFjt7es 

• Use the no version to delete the MD5 key specified by the key-id.

Configuring Redistribution

You can specify how IS-IS redistributes routes received from other routing protocols, redistributes routes according to new policies, and controls redistribution of routes with access lists and route maps.

    access-list
    route-map

• Use the access-list command to create a standard or extended access list.
• Use the route-map command to create a route map.
• For detailed information about configuring access lists and route maps, see Chapter 1, Configuring Routing Policy.
• Example

1    Configure three static routes:

host1(config)#ip route 20.20.20.0 255.255.255.0 192.168.1.0

host1(config)#ip route 20.20.21.0 255.255.255.0 192.168.1.0

host1(config)#ip route 20.21.0.0 255.255.255.0 192.168.1.0

2    Configure an access list with filters on routes 20.20.20.0/24 and 20.20.21.0/24:

host1(config)#access-list boston permit 20.20.0.0 
0.0.255.255

3    Configure a route map that matches the previous access list and applies an internal metric type:

host1(config)#route-map 1 

host1(config-route-map)#match ip address 1

host1(config-route-map)#set metric-type internal

4    Configure redistribution into IS-IS of the static routes with route map 1:

host1(config)#router isis testnet

host1(config-router)#redistribute static ip route-map 1 

5    Use the show isis database command to verify the effect of the redistribution (the two static routes matching the route map are redistributed as level 2 internal routes):

host1#show isis database detail l2

IS-IS Level-2 Link State Database

LSPID LSP Seq Num  LSP Checksum  LSP Holdtime  ATT/P/OL 

0000.0000.6666.00-00  0x000002B7   0x3E1F 1198 0/0/0

  Area Address: 47.0005.80FF.F800.0000.0001.0001

  NLPID:       0xcc

  IP Address:  192.168.1.105

  Metric: 10 IS 0000.0000.6666.01

  Metric: 10 IS 0000.0000.3333.00

  Metric: 10 IS 0000.0000.7777.00 

  Metric: 30 IP 20.20.21.0 255.255.255.0

  Metric: 30 IP 20.20.20.0 255.255.255.0

• Use the no version of the access-list command to remove the access list or the specified entry in the access list.
• Use the no version of the route-map command to remove an entry.

    clear ip isis redistribution

• Use to clear all the routes that have been previously redistributed into IS-IS and redistribute them using the current policy configured.
• Use when you have made changes to route maps or access lists that affect how routes are redistributed to IS-IS.
• Example

host1#clear ip isis redistribution

• There is no no version.

    disable-dynamic-redistribute

• Use to halt the dynamic redistribution of routes that are initiated by changes to a route map.
• Dynamic redistribution is enabled by default.
• Example

host1(config-router)#disable-dynamic-redistribute

• Use the no version to reenable dynamic redistribution.

    redistribute

• Use to redistribute routes from other routing protocols in the routing table to IS-IS. IS-IS advertises these routes within its level 1 and level 2 LSPs.
• The default is no source protocol defined for redistribution.
• This command can accomplish the same results as the passive-interface command by redistributing a connected route to level 1.
• Example

host1(config-router)#redistribute static ip

• Use the no version to disable redistribution.

Redistributing Routes Between Levels

The two-level routing hierarchy of IS-IS can lead to suboptimal path selection in certain situations. Because a level 1 router by default has knowledge only of level 1 routes, traffic from a level 1 router to a router in another area passes through the nearest level 1-2 router as its next hop. Consider the topology shown in Figure 9-3.

Figure 9-3 Example of level 1 and level 2 routing

In this example, Router 4 in Area 1 considers Router 2 to be its next hop for interarea traffic, and Router 5 considers Router 3 to be its next hop for interarea traffic. Traffic from Router 4 to Router 8 passes through Router 2, requiring a total of five hops to the destination: Routers 2, 1, 3, 9, and 8. Similarly, five hops are required for traffic from Router 5 to Router 7.

Neither of these paths is optimal. For example, it would be shorter for traffic from Router 4 to take the four-hop path: Routers 5, 3, 9, and 8.

You can configure IS-IS to redistribute routes between the routing levels; this is sometimes known as route leaking between levels. The redistribute isis ip command enables you to specify a route filter (an access list) and the direction of leakage, as shown in the following example:

host1(config)#access-list leakList permit ip 100.0.0.0 
0.255.255.255 any

host1(config)#router isis 1

host1(config-router)#redistribute isis ip level-1 into 
level-2 distribute-list leakList

host1(config-router)#redistribute isis ip level-2 into 
level-1 distribute-list leakList

    redistribute isis ip

• Use to redistribute routes from level 1 to level 2 or from level 2 to level 1.
• Use the access list command to create a route filter to apply to the redistribution.
• Example

host1(config-router)#redistribute isis ip level-1 into 
level-2 distribute-list leakList

• Use the no version to stop redistribution of routes between the specified levels.

Controlling Granularity of Routing Information

You can force the distribution of level 2 routing information to level 1 routers in other areas to improve the quality of the resulting routes, but at the cost of reduced scalability.

    distribute-domain-wide

• Use to increase the granularity of routing information within a domain.
• Domain-wide prefix distribution enables a routing domain running with both level 1 and level 2 IS routers to distribute IP prefixes from level 2 to level 1 between areas.
• The major advantage for using domain-wide prefix distribution is to improve the quality of the resulting routes within a domain by distributing more specific information.
• The major disadvantage of using domain-wide prefix distribution is that it affects the scalability of IS-IS. When used, it increases the number of prefixes throughout the domain, causing increased memory consumption, transmission requirements, and computation requirements throughout the domain.
• A trade-off decision must be made between scalability and optimality.

host1(config-router)#distribute-domain-wide 

• Use the no version to halt the distribution of routes from level 2 to level 1.

Configuring Metric Type

Extensions to IS-IS traffic engineering enable the use of bigger metrics. You can specify whether your system accepts, generates, or accepts and generates only old-style metrics, only new-style metrics, or both.

    metric-style narrow

• Use to specify that the system generates and accepts only old-style TLV tuples.
• Old-style TLVs refers to TLVs having metrics with a narrow (six-bit) field that range in value from 0-63. New-style TLVs refers to TLVs having metrics with a wider field, as provided for in current extensions to IS-IS traffic engineering.
• Use the transition option to accept old-style and new-style metrics; only old-style metrics are generated.
• Specify whether the command applies to level 1, level 2, or both.
• Example

host1(config-router)#metric-style narrow level-2 

• Use the no version to restore the default, which is to generate and accept only old-style TLVs with narrow (six-bit) metric fields.

    metric-style transition

• Use to specify that the system generates and accepts both old-style and new-style TLV tuples.
• Old style refers to TLVs having metrics with a narrow (six-bit) field that range in value from 0- 63. New style refers to TLVs having metrics with a wider field, as provided for in current extensions to IS-IS traffic engineering.
• Specify whether the command applies to level 1, level 2, or both.
• Example

host1(config-router)#metric-style transition level-1 

• Issuing this command results in more resource usage than issuing the metric-style narrow or metric-style wide commands.
• Use the no version to restore the default, which is to generate and accept only old-style TLVs with narrow (six-bit) metric fields.

    metric-style wide

• Use to specify that the system generates and accepts only new-style TLV tuples.
• Old style refers to TLVs having metrics with a narrow (six-bit) field that range in value from 0- 63. New style refers to TLVs having metrics with a wider field, as provided for in current extensions to IS-IS traffic engineering.
• Use the transition option to accept old-style and new-style metrics; only new-style metrics are generated.
• Specify whether the command applies to level 1, level 2, or both.
• Example

host1(config-router)#metric-style wide level-1-2 

• Use the no version to restore the default, which is to generate and accept only old-style TLVs with narrow (six-bit) metric fields.

Setting the Administrative Distance

You can indicate the dependability of a routing information source by configuring the administrative distance for learned routes.

    distance ip

• Use to configure the administrative distance for IS-IS learned routes.
• The distance indicates the dependability of a routing information source. A higher relative value indicates a lower dependability. Preference is always given to the routes with smaller values.
• Select a value between 1 and 255. A value of 255 means discard the route.
• Example

host1(config-router)#distance ip 50

• Use the no version to restore the default value, 115.

Configuring Default Routes

You can specify a default route within IS-IS routing domains. You can also suppress the installation of a default route to level-1-2 routers by level-1 routers.

    default-information originate

• Use to generate a default route into an IS-IS routing domain.
• When you specify a route map with this command and the router has a route to 0.0.0.0 in the routing table, IS-IS originates an advertisement for 0.0.0.0 in its LSPs.
• When you do not specify a route map, the default route is advertised only in level 2 LSPs.
• For level 1 routing, look for the closest level 1-2 router to find the default route. The closest level 1-2 router is found by looking at the attach bit (ATT) in level 1 LSPs.
• The default is disabled.
• Example

host1(config-router)#default-information originate

• Use the no version to disable the command.

    suppress-default

• Use to prevent level 1 routers from automatically installing a default route to a level 1-2 router in order to reach destinations outside the area.
• Suppresses level 1-2 router from indicating to level 1 routers that it can reach other areas. Consequently, the level 1 routers do not consider the level 1-2 router to be the nearest attached level 2 router, and do not install default routes to it.
• This command is useful, for example, if you issue the distribute-domain-wide command, which causes the level 2 routes to be leaked into the level 1 area. The level 1 routers then have knowledge of the routes outside the area, and will not need to rely on the nearest attached level 2 router for any unknown destination.
• Example

host1(config-router)#suppress-default

• Use the no version to disable suppression of default routes.

Setting Router Type

You can specify whether the system behaves as an IS-IS station router, area router, or both.

    is-type

• Use to configure the router to act as either a station router (level 1), an area router (level 2), or as both a station router and an area router (level 1-2).
• You should always configure the type of IS-IS router.
• Level 1-2 is the default.
• Example

host1(config-router)#is-type level-2-only

• Use the no version to restore the default value, level-1-2.

Summarizing Routes

You can summarize routes redistributed into IS-IS or within IS-IS by creating aggregate addresses for the routes.

    summary-address

• Use to create aggregate addresses of routes that are redistributed from other protocols in the routing table or distributed between level 1 and level 2 by a summary address. This process is called route summarization.
• A single summary address includes groups of addresses for a given level.
• The metric value is used when advertising the summary address. When the metric value is not used, the value of the lowest cost route (the default) is used.
• This command reduces the size of the neighbor's routing table and improves stability because a summary advertisement depends on many more specific routes.
• A disadvantage of summary addresses is that other routes might have less information to calculate the optimal routing table for all individual destinations.
• Example

host1(config-router)#summary-address 10.2.0.82 255.255.0.0 
level-1-2

• Use the no version to restore the default, the value of the lowest cost route.

Configuring the System to Be Ignored

If you have a system through which you do not want IS-IS traffic to pass, you can set the overload bit, causing other IS-IS routers to ignore the system.

    set-overload-bit

• Use to configure the router to set the overload bit in its nonpseudonode LSPs. When set, other routers ignore the unreliable router in their SPF calculations until the router problems are corrected.
• You would normally set the overload bit only when a router runs into problems such as memory shortage that may result in routing table inaccuracies.
• When set, no paths through this router can be seen by other routers in the IS-IS area. IP prefixes directly connected to this router are still reachable.
• Set this command when you want to connect a router to an IS-IS network but you do not want real traffic flowing through it. For example, you could set the overload bit if a test router were connected to a production network.
• Example

host1(config-router)#set-overload-bit

• Use the on-startup keyword to specify a period in seconds after system reboot during which the overload bit is set. Other systems cannot route through the system until the bit clears, by which time all interfaces and protocols are up and the system is fully operational.
• Example

host1(config-router)#set-overload-bit on-startup 900

• There is no default value; the overload bit is not set.
• Use the no version to disable the setting.

Ignoring LSP Errors

You can configure the system to ignore, rather than purge, link state packets received with errors.

    ignore-lsp-errors

• Use to enable your router to ignore rather than purge IS-IS LSPs that are received with internal checksum errors.
• Under normal conditions, the IS-IS protocol definition requires that received LSPs with incorrect data link checksums are to be purged by the receiver. This causes the LSP initiator to regenerate LSPs. If a network link causes data corruption while still delivering LSPs with correct data link checksums, a continuous cycle of regenerating and purging LSPs may result. This can render the network nonfunctional. Enabling this command prevents this continuous cycle from occurring by ignoring LSPs rather than purging them.
• Example

host1(config-router)#ignore-lsp-errors

• Use the no version to disable the function.

Logging Adjacency State Changes

You can configure the system to log messages that track when adjacencies change state between up and down.

    log-adjacency-changes

• Use to generate log messages that track IS-IS adjacency state changes (up or down).
• The default is not to log adjacency state changes.
• Recommended for monitoring large networks.
• Messages are logged using the system error message facility.
• Specify the minimum severity (0-7) or verbosity (low, medium, high) of this log category's messages.
• Example

host1(config-router)#log-adjacency-changes severity 3 
verbosity low

• Alternatively, you can use the system log command to generate the desired log messages.
• Use the no version to disable the function.

Configuring LSP Parameters

You can specify the following parameters for link state packets:

• Maximum transmission unit (MTU)
• Transmission rate
• Generation rate
• Maximum lifetime

    lsp-mtu

• Use to specify the MTU LSP size in bytes. The size must be less than or equal to the smallest MTU of any link in the area.
• Use this command to limit the size of LSPs generated by this router only. The system can receive LSPs of any size up to the maximum.
• You can set the value in the range 128-9180.
• The default LSP MTU value is 1497.
• When a very large amount of information is generated by a single router, we recommend that you increase the LSP MTU. However, the default MTU is usually sufficient.
• If the MTU of a link is lowered to less than 1500 bytes, the LSP MTU must be lowered accordingly on each router in the network. If this is not done, then routing may become unpredictable.
• Example

host1(config-router)#lsp-mtu 1500

• Use the no version to restore the default value, 1497.

    lsp-gen-interval

• Use to set the minimum interval rate that LSPs are generated on a per-LSP basis.
• You can set an interval value in the range 0-120 seconds.
• The default interval value is 5 seconds. When a link is changing state at a high rate, the default value limits the signalling of the changing state to once every 5 seconds. Because the generation of an LSP may cause all routers in the area to perform the shortest path first (SPF) calculation, controlling this interval can have an area-wide effect.
• When you raise this interval, you reduce the load on the network imposed by a rapidly changing link.
• Example

host1(config-router)#lsp-gen-interval level-2 30

• Use the no version to restore the default value, 5.

    lsp-refresh-interval

• Use to set the LSP rate at which locally generated LSPs are periodically transmitted.
• The refresh interval determines the rate at which the system software periodically transmits the route topology information that it originates. These transmissions prevent the information from becoming obsolete.
• You can set the interval rate in the range 1-65535 seconds; the default is 900 seconds.
• LSPs must be periodically refreshed before their lifetimes expire. The refresh interval must be less than the LSP lifetime specified by max-lsp-lifetime.
• In the unlikely event that link stage database corruption is undetected, reducing the refresh interval reduces the amount of time that it can persist.
• Increasing the interval reduces the link utilization caused by the flooding of refreshed packets.
• Example

host1(config-router)#lsp-refresh-interval 1000

• Use the no version to restore the default value, 900.

    max-lsp-lifetime

• Use to set the maximum time that LSPs persist without being refreshed.
• You can select a maximum time in the range 1-65535 seconds.
• The default value is 1200 seconds (20 minutes).
• You might need to adjust the maximum LSP lifetime if you change the LSP refresh interval with the lsp-refresh-interval command. The maximum LSP lifetime must be greater than the LSP refresh interval.
• Example

host1(config-router)#max-lsp-lifetime 1500

• Use the no version to restore the default value, 1200.

Specifying the SPF Interval

You can configure how often the system performs the shortest path first (SPF) calculation.

    spf-interval

• Use to control the minimum interval between the SPF calculations.
• You can select an interval value in the range 0-120 seconds.
• The default value is 5 seconds.
• If you do not specify level1 or level2, the interval applies to both level 1 and level 2.
• SPF calculations are performed only when the topology of the area changes. They are not performed when external routes change.
• Controls how often the system software can perform the SPF calculation. The SPF calculation is processor-intensive. Therefore, it may be useful to limit how often this is done, especially when the area is large and the topology changes often. Increasing the SPF interval reduces the processor load of the router, but potentially slows down the rate of convergence.
• Example

host1(config-router)#spf-interval level-2 30

• Use the no version to restore the default value, 5.

Setting CLNS Parameters

You can specify transmission rates for ES and IS hello packets, the period for which the system considers ES and IS hello packets to be valid, and name-to-network service access point mappings.

    clns configuration-time

• Use to specify the rate (in seconds) at which ES hello and IS hello packets are sent.
• The hello packet recipient creates an adjacency entry for the system that sent it. If the next hello packet is not received within the specified interval, the adjacency times out, and the adjacent node is determined to be unreachable.
• In most cases, these parameters should be left at their default value, which is 10 seconds.
• Example

host1(config)#clns configuration 240

• Use the no version to restore the default value, 10.

    clns holding-time

• Use to enable sender of an ES hello or IS hello packet to specify the length of time you consider the information in these packets to be valid.
• In most cases, these parameters should be left at their default value, which is 30 seconds.
• Example

host1(config)#clns holding-time 900

• Use the no version to restore the default value, 30.

    clns host

• Use to define a name-to-NSAP mapping that can then be used with commands requiring NSAPs.
• The default is that no mapping is defined.
• The assigned NSAP name is displayed, where applicable, in show commands.
• The first character can be either a letter or a number.
• This command is generated after all other CLNS commands when the configuration file is parsed. As a result, the NVRAM version of the configuration cannot be edited to specifically change the address defined in the original clns host command. You must specifically change any commands that refer to the original address. This affects commands that accept names, such as the net command.
• Enables dynamic resolution of hostnames to system IDs (within the NSAP address). The hostname mapping is sent in the LSPs within the Dynamic Hostname type-length-value (TLV type 137). Display the TLV by issuing the show isis database detail command.
• Use the show host command to display the mapping.
• Example

host1(config)#clns host

• Use the no version to restore the default state of no mapping defined.

Setting the Maximum Parallel Routes

You can configure how many parallel routes IS-IS supports to a destination.

    maximum-paths

• Use to control the maximum number of parallel routes IS-IS can support.
• You can select a number of routes (or paths) in the range 1-16.
• The default number for IS-IS is 4 paths.
• Example

host1(config-router)#maximum-paths 12

• Use the no version to restore the default value, 4.

Configuring a Virtual Multiaccess Network

You can specify that interfaces within a given mesh group will act as a virtual multiaccess network.

    isis mesh-group

• Use when you want interfaces in the same mesh group to act as a virtual multiaccess network.
• LSPs seen on one interface in a mesh group will not be flooded to another interface in the same mesh group.
• Example

host1(config-if)#isis mesh-group blocked

• Use the no version to disable the feature.

Summary Example

host1(config)#router isis floor12

host1(config-router)#net 
47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00

host1(config-router)#exit

host1(config)#interface atm 0/1

host1(config-if)#ip router isis floor12

host1(config-if)#isis mesh-group blocked

host1(config-if)#exit

host1(config)#interface atm 1/0

host1(config-if)#ip router isis floor12

host1(config-router)#distribute-domain-wide

host1(config-router)#distance 100 ip

host1(config-router)#default-information originate 

route-map 9

host1(config-router)#is-type level-1-2 

host1(config-router)#summary-address 10.2.0.82 255.255.0.0 
level-1-2

host1(config-router)#set-overload-bit

host1(config-router)#ignore-lsp-errors

host1(config-router)#log-adjacency-changes

host1(config-router)#lsp-mtu 1500

host1(config-router)#lsp-refresh-interval 1000

host1(config-router)#lsp-gen-interval level-2 30

host1(config-router)#max-lsp-lifetime 1500

host1(config-router)#spf-interval level-2 30

host1(config-router)#maximum-paths 32

host1(config-router)#redistribute static ip 

host1(config-router)#exit

host1(config)#clns configuration-time 120

host1(config)#clns holding-time 600