Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

level (Global IS-IS)

 

Syntax

Hierarchy Level

Release Information

Statement introduced before Junos OS Release 7.4.

Description

Configure the global-level properties.

You can administratively divide a single AS into smaller groups called areas. You configure each routing device interface to be in an area. Any interface can be in any area. The area address applies to the entire routing device. You cannot specify one interface to be in one area and another interface in a different area. To route between areas, you must have two adjacent Level 2 routers that communicate with each other.

Level 1 routers can only route within their IS-IS area. To send traffic outside their area, Level 1 routers must send packets to the nearest intra-area Level 2 router. A routing device can be a Level 1 router, a Level 2 router, or both. You specify the router level on a per-interface basis, and a routing device becomes adjacent to other routing devices on the same level on that link only.

You can configure one Level 1 routing process and one Level 2 routing process on each interface, and you can configure the two levels differently.

Options

level-numberThe IS-IS device level number, which can be 1 or 2. The default is for the device to operate as both a Level 1 and 2 device.
authentication-key keyAuthentication key (password). Neighboring devices use the password to verify the authenticity of packets sent from this interface. For the key to work, you also must include the authentication-type statement. All devices must use the same password. If you are using the Junos OS IS-IS software with another implementation of IS-IS, the other implementation must be configured to use the same password for the domain, the area, and all interfaces adjacent to the Juniper Networks device.
Note

If you do not include this statement and the authentication-type statement, IS-IS authentication is disabled.

  • key—Authentication password. The password can be up to 1024 characters long. Characters can include any ASCII strings. If you include spaces, enclose all characters in quotation marks (“ ”).

Caution

A simple password for authentication is truncated if it exceeds 254 characters.

authentication-key-chain key-chain-nameApply and enable an authentication key-chain to the routing device. The variable key-chain-name is the authentication key-chain name. It can be up to 126 characters. Characters can include any ASCII strings. If you include spaces, enclose all characters in quotation marks (“ ”).
authentication-type authentication Enable authentication and specify the authentication scheme for IS-IS. If you enable authentication, you must specify a password by including the authentication-key statement. If you do not include this statement and the authentication-key statement, IS-IS authentication is disabled. Following are the valid values for authentication:
  • md5—Use HMAC authentication in combination with MD5. HMAC-MD5 authentication is defined in RFC 2104, HMAC: Keyed-Hashing for Message Authentication.

  • simple—Use a simple password for authentication. The password is included in the transmitted packet, making this method of authentication relatively insecure.

    Note

    Juniper Networks does not recommend using the simple authentication method, because it is not as secure as MD5.

disableDisable IS-IS on the routing device, on an interface, or on a level. Enabling IS-IS on an interface (by including the interface statement at the [edit protocols isis] or the [edit routing-instances routing-instance-name protocols isis] hierarchy level), disabling it (by including the disable statement), and not actually having IS-IS run on an interface (by including the passive statement) are mutually exclusive states. IS-IS is enabled for Level 1 and Level 2 routers on all interfaces on which family iso is enabled.
external-preference preferenceConfigure the preference of external routes. The value for preference can be 0 through 4,294,967,295 (232 – 1). The default is 15 (for Level 1 internal routes), 18 (for Level 2 internal routes), 160 (for Level 1 external routes), 165 (for Level 2 external routes).
no-authentication-checkGenerate authenticated packets and check the authentication on received packets, but do not reject packets that cannot be authenticated.
no-csnp-authenticationSuppress authentication check on complete sequence number PDU (CSNP) packets.
no-hello-authenticationSuppress authentication check on complete sequence number hello packets.
no-psnp-authenticationSuppress authentication check on partial sequence number PDU (PSNP) packets.
preference preferenceConfigure the preference of internal routes. Route preferences (also known as administrative distances) are used to select which route is installed in the forwarding table when several protocols calculate routes to the same destination. The route with the lowest preference value is selected. To change the preference values, include the preference statement (for internal routes) or the external-preference statement. The value for preference can be 0 through 4,294,967,295 (232 – 1). The default is 15 (for Level 1 internal routes), 18 (for Level 2 internal routes), 160 (for Level 1 external routes), 165 (for Level 2 external routes).
purge-originator (empty | self)Enable purge originator identification (POI) by adding the type, length and value (TLV) with the Intermediate System (IS) identification to the LSPs that do not contain POI information. If an IS generates a purge, Junos adds this TLV with the system ID of the IS to the purge. If an IS receives a purge that does not include this TLV, it adds this TLV with both its own system ID and the system ID of the IS from which it received the purge. This allows the IS that receives this purge to log the system ID of the originator, or the upstream source of the purge and makes it easier to locate the origin of the purge.
  • empty—(Optional) Add POI to a purge received from an IS that does not contain POI information.

  • self—(Optional) (Optional) Add POI only to self-originated purge LSPs.

wide-metrics-onlyConfigure IS-IS to generate metric values greater than 63 on a per IS-IS level basis. Normally, IS-IS metrics can have values up to 63, and IS-IS generates two type, length, and value (TLV) tuples, one for an IS-IS adjacency and the second for an IP prefix. To allow IS-IS to support traffic engineering, a second pair of TLVs has been added to IS-IS, one for IP prefixes and the second for IS-IS adjacency and traffic engineering information. With these TLVs, IS-IS metrics can have values up to 16,777,215 (224 – 1).

To configure IS-IS to generate only the new pair of TLVs and thus to allow the wider range of metric values, include the wide-metrics-only statement.

Note

By default, Junos OS supports the sending and receiving of wide metrics. Junos OS allows a maximum metric value of 63 and generates both pairs of TLVs.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

routing—To view this statement in the configuration.

routing-control—To add this statement to the configuration.