Configuring IS-IS Interface-Specific Parameters
You can change IS-IS interface–specific parameters; most can be configured independently of other attached routers. You are not required to alter any interface parameters; however, some parameters must be consistent across all routers in your network. If you change certain values from the defaults, you must configure them on multiple interfaces and routers.
In the following command guidelines, many parameters are preset to a default value. If that parameter has been modified from its default, use the no version of the command to restore its default value.
Configuring Authentication
You can set a password to authenticate IS-IS hello packets, and you can configure HMAC MD5 authentication for IS-IS interfaces.
isis authentication-key
- Use to specify a password associated with an interface for authentication of IS-IS hello packets, and to enable simple authentication of level 1 or level 2 hello packets.
- You can specify whether the password is for level 1 or level 2 hellos.
- Example
host1(config-if)#isis authentication-key 0 red5flower6
isis message-digest-key
- Use to configure HMAC MD5 authentication for an interface, and to enable MD5 authentication of level 1 or level 2 hello packets.
- Generates a secure, encrypted message digest of level 1 or level 2 hello packets and inserts the digest into the packet from which it is created. Level 1 is the default.
- You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
- Example
host1(config-if)#isis message-digest-key 3 hmac-md5 wdi6c3s39n level-2
Configuring Link-State Metrics
You can configure the routing metric (cost) for an IS-IS interface. Routes with lower total path metrics are preferred over those with higher path metrics.
isis metric
- Use to configure a cost for a specified interface.
- You can select a number in the range 0–63 if you configured the router with the metric-style narrow command. You can select a number in the range 0–16277215 if you configured the router with the metric-style transition or the metric-style wide command.
- The default value is 10. The default metric is the value assigned when no quality of service (QoS) routing is performed.
- You can configure the default metric for a specified interface by selecting level 1 or level 2 routing. This resets the metric only for level 1 or level 2 routing, respectively. If you do not specify a level, the command specifies both level 1 and level 2 by default.
- We recommend that you configure a reference bandwidth if you want the default cost on interfaces to be related to link speed. If you do not, the default IS-IS metrics are simply hop-count-like metrics.
- Example
host1(config-if)#isis metric 20 level-2
Configuring a Reference Bandwidth to Set a Default Metric
By default, all IS-IS interfaces without a configured metric have the same routing metric, 10, However, when you configure a reference bandwidth for IS-IS, the default metric is calculated differently for each IS-IS interface. The default routing metric in this case is the reference bandwidth divided by the bandwidth of the particular interface.
For example, if you set the IS-IS reference bandwidth to 50,000,000, the default metric for a 10-Mbps interface is calculated as 5. Interfaces with lower bandwidths have higher default metrics than this interface. Similarly, links with higher bandwidths have lower default metrics than this interface.
reference-bandwidth
- Use to set a reference bandwidth from which a default metric can be calculated by IS-IS for interfaces without a configured metric.
- Example
host1(config-router)#reference-bandwidth 100000000
Setting the CSNP Interval
You can set the advertised complete sequence number PDU (CSNP) interval for an IS-IS interface.
isis csnp-interval
- Use to configure the isis csnp-interval level for a specified interface. The level can be configured independently for level 1 and level 2.
- For LAN interfaces: the default value is 10 seconds, which you probably do not need to change. For WAN interfaces: the default value is 0 seconds or disabled.
- On point-to-point subinterfaces use isis csnp-interval with the isis mesh-group command.
- Completed sequence number PDUs are sent by the designated router to maintain database synchronization.
- Example
host1(config-if)#isis csnp-interval 30 level-1
Configuring Hello Packet Parameters
You can set the hello interval and the hello multiplier for IS-IS hello packets.
isis hello-interval
- Use the isis hello-interval command to set the length of time (in seconds) between hello packets sent on a specific interface. Configure independently for level 1 and level 2, except on point-to-point interfaces because only a single type of hello packet is sent on serial links. For this reason, it is independent of levels 1 and 2. For example, you can specify an optional level for Frame Relay multiaccess networks.
The hello-interval is equal to the hello multiplier times the hello interval seconds and is advertised as the holdtime in the hello packets transmitted. The range is 0–65535; the default value is 10 seconds.
 |
NOTE: The hello-interval value must be the same for all routers attached to a common network. With smaller hello intervals, topological changes are detected faster, but there is more routing traffic. |
- Use the isis hello-multiplier command to set a number by which to multiply the hello interval seconds. This number determines the total holding time transmitted in the IS-IS hello packet. The default is 3. Use when hello packets are frequently lost and IS-IS adjacencies are failing unnecessarily.
The advertised hold time in IS-IS hellos is set to the hello-multiplier times the hello-interval. Neighbors declare an adjacency to this router to be down after not having received any IS-IS hellos during the advertised hold time.
- The hold time (and thus the hello-multiplier and the hello-interval) can be set on a per interface basis, and can be different between different routers in one area.
- Using a smaller hello-multiplier will give fast convergence, but can result in more routing instability.
- Increment the hello-multiplier to a larger value to help network stability when needed.
CAUTION: Never configure a hello-multiplier lower than the default.
- Holding time—Time a neighbor waits for another hello packet before declaring the neighbor is down. It determines how quickly a failed link or neighbor is identified so that routes can be recalculated.
- Raise the hello multiplier and lower the hello interval simultaneously to make the hello protocol more reliable without increasing the time required to detect a link failure.
- Example
host1(config-if)#isis hello-interval 6 level-1
host1(config-if)#isis hello-multiplier 10 level-1
Padding IS-IS Hello Packets
You can use the isis hello padding command to configure IS-IS hello packet padding. Padding the hello packets promotes early error detection due to transmission problems with large frames or due to mismatched MTUs on adjacent interfaces.
When disabled (default), IS-IS hello packets are padded to the full MTU size until an adjacency is formed with the adjacent interface. After the adjacency is formed, the hello packets are no longer padded. When enabled, IS-IS hello packets are always padded.
host1(config-if)#isis hello padding
Configuring LSP Parameters
You can configure the transmission interval, retransmission interval, and retransmission throttle interval for LSPs on an interface-specific basis.
isis lsp-interval
- Use to configure the delay between successive IS-IS link-state PDU (LSP) transmissions.
- You can choose an interval in the range 1–4294967295 milliseconds. For example, setting 100 milliseconds allows 10 packets per second.
- The default value is 33 milliseconds.
- If your network has many IS-IS neighbors and interfaces, a particular router may have difficulty with the CPU load imposed by LSP transmission and reception. If this is the case, you can reduce the LSP transmission rate by issuing this command.
- Example
host1(config-if)#isis lsp-interval 100
isis retransmit-interval
- Use to configure the number of seconds between the retransmission of IS-IS LSPs with the same LSP ID for point-to-point links.
- You can select an interval in the range 1–65535 seconds.
- The default value is 5 seconds.
- Specify a number greater than the expected round-trip delay between any two routers on your network.
- Always specify conservatively; otherwise, excessive retransmission can result.
- Because retransmissions occur only when LSPs are dropped, when you set isis retransmit-interval to a higher value, it has little effect on reconvergence.
- Set to a higher value when routers have many neighbors or more paths over which LSPs can be flooded.
- Use a large value for serial lines.
- Example
host1(config-if)#isis retransmit-interval 60
isis retransmit-throttle-interval
- Use to configure the maximum rate at which IS-IS LSPs are retransmitted on point-to-point links. The interval is the number of milliseconds between packets.
- You can choose an interval in the range 0–65535 milliseconds.
- The default delay value is 33 milliseconds.
- The isis retransmit-throttle-interval is the maximum rate at which IS-IS LSPs are retransmitted. It is different from isis lsp-interval, which is the rate at which LSPs are transmitted on the interface; and it is different from isis retransmit-interval, which is the period between successive retransmissions of the same LSP. Use all three commands with each other to control the load of routing traffic from one router to its neighbors.
- Typically, you can set this interval for very large networks with many LSPs and many interfaces as a way of controlling LSP retransmission traffic.
- Example
host1(config-if)#isis retransmit-throttle-interval 300
Setting the Designated Router Priority
You can set the priority for the designated IS-IS router that you have elected to use.
isis priority
- Use to set the priority of use for your designated router.
- You can configure an individual priority for level 1 and level 2 by choosing a priority level in the range 0–127.
- The default priority level is 64.
- Specifying the level 1 or level 2 keyword resets the priority only for level 1 or level 2 routing, respectively.
- Priorities are used to determine which router in the network is the designated intermediate system (DIS); the router with the highest priority becomes the DIS. Priorities are advertised in hellos.
- IS-IS has no backup designated router. Setting the priority to 0 reduces the chance of this router becoming the DIS, but does not prevent it. If a router with a higher priority is identified, it takes over the role from the current DIS. When priorities are equal, the highest MAC address breaks the tie and becomes the DIS.
- Example
host1(config-if)#isis priority 80 level-1
Configuring Passive Interfaces
You can configure an IS-IS passive interface. A passive interface only advertises its IP address in its LSPs; it does not send or receive IS-IS packets.
Optionally, you can set a route tag for an IS-IS passive interface by including the tag keyword and a numeric tag value in the passive-interface command.
Passive interfaces have a metric of zero by default. You can set a different metric for a particular passive interface by specifying the value along with the metric keyword. A global default metric set with the metric command does not affect any passive interface. Similarly, configuring a reference bandwidth for IS-IS has no effect on passive interfaces. Metrics specified for a passive interface apply to both level 1 and level 2 interfaces unless you restrict the metric to a single level.
passive-interface
- Use to configure an IS-IS interface so that its IP address is advertised in its link-state PDUs but no IS-IS packets are sent from or received on the interface.
- Use the optional tag keyword to specify a tag value for an IS-IS passive interface before the route is propagated to other routers in an IS-IS domain. The tag value must be a number in the range 1–4294967295.
- Use the optional metric keyword to specify a metric value for an IS-IS passive interface. The metric value must be a number in the range 1–16777215. This value overrides the default metric of zero.
- You can also accomplish the equivalent of the passive-interface command by using the redistribute command to redistribute a connected route to level 1.
- Example 1—Configures loopback 0 as a passive interface and enable IS-IS on subinterfaces ATM 2/0.1 and ATM 2/1.1. IS-IS advertises the IP address of loopback 0 in its link-state PDUs, but runs only on ATM 2/0.1 and ATM 2/1.1:
host1(config)#router isis floor12
host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00
host1(config-router)#passive-interface loopback 0
host1(config-router)#exit
host1(config)#interface atm 2/0.1
host1(config-subif)#ip router isis floor12
host1(config-subif)#exit
host1(config)#interface atm 2/1.1
host1(config-subif)#ip router isis floor12
You can override the passive-interface configuration simply by issuing the complementary command. For example, suppose you issue the following commands after the previous configuration:
host1(config-router)#passive-interface atm 2/0.1
host1(config-router)#exit
host1(config)#interface loopback 0
host1(config-if)#ip router isis floor12
Now IS-IS advertises the IP address of ATM 2/0.1 in its link-state PDUs, but runs only on loopback 0 and ATM 2/1.1.
host1(config)#router isis floor12
host1(config-router)#passive-interface loopback 0 tag 12
host1(config)#router isis floor12
host1(config-router)#passive-interface loopback 0 metric 45 level-2
Configuring Adjacency
You can configure the type (level) of adjacency you want to use on an IS-IS interface.
isis circuit-type
- Use to specify adjacency levels on a specified interface; however, normally, you do not need to use this command.
- Configure a router as a level 1-only, a level 1–level 2 system, or a level 2-only system.
- Configure some interfaces to be level 2-only for routers that are between areas. This prevents wasting bandwidth by sending out unused level 1 hellos.
- On point-to-point interfaces, the level 1 and level 2 hellos are in the same packet.
- Level 1-2 is the default.
- Example
host1(config-if)#isis circuit-type level-2-only
Configuring Route Tags for IS-IS Interfaces
To configure a route tag for the IP addresses on an IS-IS interface:
- Specify an IS-IS routing process, and access Router Configuration mode.
- Configure a NET for the IS-IS process.
- Configure the router to accept and generate only new-style TLV tuples with a wider metric field. New-style TLV tuples include TLV type 135, which contains the route tag.
- Exit Router Configuration mode.
- Specify the interface on which you want to route IS-IS.
host1(config)#router isis engineering
host1(config-router)#
host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00
host1(config-router)#metric-style wide
host1(config-router)#exit
The procedure assumes that at least one IP address is already configured on this interface.
host1(config)#interface atm 2/2.1
- Configure a route tag for the interface.
- Specify the IS-IS process to apply to the interface.
- (Optional) Access Privileged Exec mode, and verify the route tag assignment.
host1(config-subif)#isis tag 221
host1(config-subif)#ip router isis engineering
host1(config-subif)#exit
host1(config)#exit
host1#show isis database detail
isis tag
- Use to set a route tag for the IP addresses on an IS-IS interface before the route is propagated to other routers in an IS-IS domain.
- Specify a numeric tag value in the range 1–4294967295.
- To make use of the route tag to modify route attributes or redistribute routes, you must reference the tag value in a route map.
- Example
host1(config)#interface atm 3/0
host1(config-if)#isis tag 45
Configuring Point-to-Point-over-LAN Circuits
You can deploy IS-IS on broadcast and point-to-point circuits. IS-IS treats these circuits differently in several ways, such as when establishing neighbor adjacencies or flooding link-state information.
Broadcast circuits use designated routers and are represented as virtual nodes in the network topology. They require periodic database synchronization. By default, IS-IS treats the broadcast link as LAN media and tries to bring up the LAN adjacency even when the interface is configured as unnumbered or only a single neighbor exists on that link.
In contrast, point-to-point circuits have less overhead, because they do not use designated routers, the link-state database has no representation of the pseudonode or network LSA, and they do not require periodic database synchronization. However, if more than two routers are connected on the LAN media, routing information in the network is reduced.
Although broadcast circuits are intended to handle more than two devices, in some circumstances you might connect only two routers over the physical or virtual LAN. Even though only two routers are connected, IS-IS treats the circuit as a broadcast circuit that has many more connected routers, with all the associated broadcast overhead but without the benefits of reduced routing information and of optimized flooding that result from having more than two routers on the LAN.
You can use the isis network point-to-point command to configure IS-IS to operate using point-to-point connections on a broadcast circuit when only two routers are on the circuit. This configuration is known as a point-to-point-over-LAN or P2P circuit. This interface configuration tears down the current LAN adjacency that IS-IS has over this interface. IS-IS then reestablishes the adjacency as a point-to-point connection and regenerates the LSPs. The broadcast link is thereafter treated as simple point-to-point interface.
Treating the LAN as a P2P circuit reduces the amount of information that IS-IS has to maintain and manage. For example, there is no need to elect a designated router for the interface. LSP flooding is performed as in P2P links without the need for using periodic CSNPs.
This circuit configuration can be advantageous even when many routers are on the LAN. For example, you might want to organize the routers into multiple smaller VLANs so that you can assign different costs to the IS-IS neighbors. You can apply this configuration to any such VLAN that has only two routers. IS-IS then views the LAN as a mesh of point-to-point connections.
The use of IP unnumbered interfaces makes the most of scarce IP address resources and provides for simpler network management and configuration. This configuration enables IP processing on a point-to-point interface without an explicit IP address. The IP unnumbered interface borrows the IP address of another interface on the node. Point-to-point-over-LAN circuits separate the concept of network type from media type, and enable you to apply unnumbered interface configurations to LANs.
The point-to-point-over-LAN feature requires the following:
- The LAN must have only two routers.
- Both routers must support the feature.
- You must configure the interface at each end as a P2P connection.
- If you are using numbered interfaces, both ends must be in same IPv4 subnet.
- If you are using unnumbered interfaces, both ends require static ARP entry configuration.
isis network point-to-point
- Use to specify that the broadcast circuit is to be treated as a point-to-point circuit.
- Issuing this command tears down existing adjacencies, originates or flushes LSPs, and establishes new adjacencies
- Example
host1(config-intf)#isis network point-to-point
Summary Example
host1(config-router)#passive-interface loopback 0
host1(config-if)#interface atm 8/0
host1(config-if)#isis tag 55
host1(config-if)#isis metric 20 level-2
host1(config-if)#isis csnp-interval 30 level-1
host1(config-if)#isis hello-interval 6 level-1
host1(config-if)#isis hello-multiplier 10 level-1
host1(config-if)#isis lsp-interval 100
host1(config-if)#isis retransmit-interval 60
host1(config-if)#isis retransmit-throttle-interval 300
host1(config-if)#isis priority 80 level-1
host1(config-if)#isis circuit-type level-2-only
host1(config-intf)#no isis network point-to-point