Configuring IS-IS Interface-Specific Parameters

You can change IS-IS interface–specific parameters; most can be configured independently of other attached routers. You are not required to alter any interface parameters; however, some parameters must be consistent across all routers in your network. If you change certain values from the defaults, you must configure them on multiple interfaces and routers.

In the following command guidelines, many parameters are preset to a default value. If that parameter has been modified from its default, use the no version of the command to restore its default value.

Configuring Authentication

You can set a password to authenticate IS-IS hello packets, and you can configure HMAC MD5 authentication for IS-IS interfaces.

isis authentication-key

• Use to specify a password associated with an interface for authentication of IS-IS hello packets, and to enable simple authentication of level 1 or level 2 hello packets.
• You can specify whether the password is for level 1 or level 2 hellos.
• Example

  host1(config-if)#isis authentication-key 0 red5flower6

• Use the no version to delete the password.
• See isis authentication-key

isis message-digest-key

• Use to configure HMAC MD5 authentication for an interface, and to enable MD5 authentication of level 1 or level 2 hello packets.
• Generates a secure, encrypted message digest of level 1 or level 2 hello packets and inserts the digest into the packet from which it is created. Level 1 is the default.
• You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
• Example

  host1(config-if)#isis message-digest-key 3 hmac-md5 wdi6c3s39n level-2

• For point-to-point interfaces, configure keys only for level 1, because only one hello packet is sent (at level 1), not one at level 1 and one at level 2. Keys configured at level 2 are ignored for point-to-point interfaces.
• Use the no version to delete the MD5 key, specified by the key ID, from the interface.
• See isis message-digest-key

Configuring Link-State Metrics

You can configure the routing metric (cost) for an IS-IS interface. Routes with lower total path metrics are preferred over those with higher path metrics.

isis metric

• Use to configure a cost for a specified interface.
• You can select a number in the range 0–63 if you configured the router with the metric-style narrow command. You can select a number in the range 0–16277215 if you configured the router with the metric-style transition or the metric-style wide command.
• The default value is 10. The default metric is the value assigned when no quality of service (QoS) routing is performed.
• You can configure the default metric for a specified interface by selecting level 1 or level 2 routing. This resets the metric only for level 1 or level 2 routing, respectively. If you do not specify a level, the command specifies both level 1 and level 2 by default.
• We recommend that you configure a reference bandwidth if you want the default cost on interfaces to be related to link speed. If you do not, the default IS-IS metrics are simply hop-count-like metrics.
• Example

  host1(config-if)#isis metric 20 level-2

• Use the no version to restore the default value, 10.
• See isis metric

Configuring a Reference Bandwidth to Set a Default Metric

By default, all IS-IS interfaces without a configured metric have the same routing metric, 10, However, when you configure a reference bandwidth for IS-IS, the default metric is calculated differently for each IS-IS interface. The default routing metric in this case is the reference bandwidth divided by the bandwidth of the particular interface.

For example, if you set the IS-IS reference bandwidth to 50,000,000, the default metric for a 10-Mbps interface is calculated as 5. Interfaces with lower bandwidths have higher default metrics than this interface. Similarly, links with higher bandwidths have lower default metrics than this interface.

reference-bandwidth

• Use to set a reference bandwidth from which a default metric can be calculated by IS-IS for interfaces without a configured metric.
• Example

  host1(config-router)#reference-bandwidth 100000000

• Use the no version to remove the reference bandwidth. When you do so, the default metric reverts to 10.
• See reference-bandwidth

Setting the CSNP Interval

You can set the advertised complete sequence number PDU (CSNP) interval for an IS-IS interface.

isis csnp-interval

• Use to configure the isis csnp-interval level for a specified interface. The level can be configured independently for level 1 and level 2.
• For LAN interfaces: the default value is 10 seconds, which you probably do not need to change. For WAN interfaces: the default value is 0 seconds or disabled.
• On point-to-point subinterfaces use isis csnp-interval with the isis mesh-group command.
• Completed sequence number PDUs are sent by the designated router to maintain database synchronization.
• Example

  host1(config-if)#isis csnp-interval 30 level-1

• Use the no version to restore the default value.
• See isis csnp-interval

Configuring Hello Packet Parameters

You can set the hello interval and the hello multiplier for IS-IS hello packets.

isis hello-interval

isis hello-multiplier

• Use the isis hello-interval command to set the length of time (in seconds) between hello packets sent on a specific interface. Configure independently for level 1 and level 2, except on point-to-point interfaces because only a single type of hello packet is sent on serial links. For this reason, it is independent of levels 1 and 2. For example, you can specify an optional level for Frame Relay multiaccess networks.

  The hello-interval is equal to the hello multiplier times the hello interval seconds and is advertised as the holdtime in the hello packets transmitted. The range is 0–65535; the default value is 10 seconds.

  Note: The hello-interval value must be the same for all routers attached to a common network. With smaller hello intervals, topological changes are detected faster, but there is more routing traffic.

• Use the isis hello-multiplier command to set a number by which to multiply the hello interval seconds. This number determines the total holding time transmitted in the IS-IS hello packet. The default is 3. Use when hello packets are frequently lost and IS-IS adjacencies are failing unnecessarily.

  The advertised hold time in IS-IS hellos is set to the hello-multiplier times the hello-interval. Neighbors declare an adjacency to this router to be down after not having received any IS-IS hellos during the advertised hold time.

  • The hold time (and thus the hello-multiplier and the hello-interval) can be set on a per interface basis, and can be different between different routers in one area.
  • Using a smaller hello-multiplier will give fast convergence, but can result in more routing instability.
  • Increment the hello-multiplier to a larger value to help network stability when needed.

    Caution: Never configure a hello-multiplier lower than the default.

• Holding time—Time a neighbor waits for another hello packet before declaring the neighbor is down. It determines how quickly a failed link or neighbor is identified so that routes can be recalculated.
• Raise the hello multiplier and lower the hello interval simultaneously to make the hello protocol more reliable without increasing the time required to detect a link failure.
• Example

  host1(config-if)#isis hello-interval 6 level-1

  host1(config-if)#isis hello-multiplier 10 level-1

• Use the no version to restore a default value.
• See isis hello-interval
• See isis hello-multiplier

Padding IS-IS Hello Packets

You can use the isis hello padding command to configure IS-IS hello packet padding. Padding the hello packets promotes early error detection due to transmission problems with large frames or due to mismatched MTUs on adjacent interfaces.

When disabled (default), IS-IS hello packets are padded to the full MTU size until an adjacency is formed with the adjacent interface. After the adjacency is formed, the hello packets are no longer padded. When enabled, IS-IS hello packets are always padded.

isis hello padding

• Use to pad IS-IS hello packets to their full maximum transmission unit (MTU) size.
• Example

  host1(config-if)#isis hello padding

• Use the no version to restore the hello padding to its default, no padding.
• See isis hello padding

Configuring LSP Parameters

You can configure the transmission interval, retransmission interval, and retransmission throttle interval for LSPs on an interface-specific basis.

isis lsp-interval

• Use to configure the delay between successive IS-IS link-state PDU (LSP) transmissions.
• You can choose an interval in the range 1–4294967295 milliseconds. For example, setting 100 milliseconds allows 10 packets per second.
• The default value is 33 milliseconds.
• If your network has many IS-IS neighbors and interfaces, a particular router may have difficulty with the CPU load imposed by LSP transmission and reception. If this is the case, you can reduce the LSP transmission rate by issuing this command.
• Example

  host1(config-if)#isis lsp-interval 100

• Use the no version to restore the default value, 33 milliseconds.
• See isis lsp-interval

isis retransmit-interval

• Use to configure the number of seconds between the retransmission of IS-IS LSPs with the same LSP ID for point-to-point links.
• You can select an interval in the range 1–65535 seconds.
• The default value is 5 seconds.
• Specify a number greater than the expected round-trip delay between any two routers on your network.
• Always specify conservatively; otherwise, excessive retransmission can result.
• Because retransmissions occur only when LSPs are dropped, when you set isis retransmit-interval to a higher value, it has little effect on reconvergence.
• Set to a higher value when routers have many neighbors or more paths over which LSPs can be flooded.
• Use a large value for serial lines.
• Example

  host1(config-if)#isis retransmit-interval 60

• Use the no version to restore the default value, 5 seconds.
• See isis retransmit-interval

isis retransmit-throttle-interval

• Use to configure the maximum rate at which IS-IS LSPs are retransmitted on point-to-point links. The interval is the number of milliseconds between packets.
• You can choose an interval in the range 0–65535 milliseconds.
• The default delay value is 33 milliseconds.
• The isis retransmit-throttle-interval is the maximum rate at which IS-IS LSPs are retransmitted. It is different from isis lsp-interval, which is the rate at which LSPs are transmitted on the interface; and it is different from isis retransmit-interval, which is the period between successive retransmissions of the same LSP. Use all three commands with each other to control the load of routing traffic from one router to its neighbors.
• Typically, you can set this interval for very large networks with many LSPs and many interfaces as a way of controlling LSP retransmission traffic.
• Example

  host1(config-if)#isis retransmit-throttle-interval 300

• Use the no version to restore the default value, 33 milliseconds.
• See isis retransmit-throttle-interval

Setting the Designated Router Priority

You can set the priority for the designated IS-IS router that you have elected to use.

isis priority

• Use to set the priority of use for your designated router.
• You can configure an individual priority for level 1 and level 2 by choosing a priority level in the range 0–127.
• The default priority level is 64.
• Specifying the level 1 or level 2 keyword resets the priority only for level 1 or level 2 routing, respectively.
• Priorities are used to determine which router in the network is the designated intermediate system (DIS); the router with the highest priority becomes the DIS. Priorities are advertised in hellos.
• IS-IS has no backup designated router. Setting the priority to 0 reduces the chance of this router becoming the DIS, but does not prevent it. If a router with a higher priority is identified, it takes over the role from the current DIS. When priorities are equal, the highest MAC address breaks the tie and becomes the DIS.
• Example

  host1(config-if)#isis priority 80 level-1

• Use the no version to restore the default value, 64.
• See isis priority

Configuring Passive Interfaces

You can configure an IS-IS passive interface. A passive interface only advertises its IP address in its LSPs; it does not send or receive IS-IS packets.

Optionally, you can set a route tag for an IS-IS passive interface by including the tag keyword and a numeric tag value in the passive-interface command.

Passive interfaces have a metric of zero by default. You can set a different metric for a particular passive interface by specifying the value along with the metric keyword. A global default metric set with the metric command does not affect any passive interface. Similarly, configuring a reference bandwidth for IS-IS has no effect on passive interfaces. Metrics specified for a passive interface apply to both level 1 and level 2 interfaces unless you restrict the metric to a single level.

passive-interface

• Use to configure an IS-IS interface so that its IP address is advertised in its link-state PDUs but no IS-IS packets are sent from or received on the interface.
• Use the optional tag keyword to specify a tag value for an IS-IS passive interface before the route is propagated to other routers in an IS-IS domain. The tag value must be a number in the range 1–4294967295.
• Use the optional metric keyword to specify a metric value for an IS-IS passive interface. The metric value must be a number in the range 1–16777215. This value overrides the default metric of zero.
• You can also accomplish the equivalent of the passive-interface command by using the redistribute command to redistribute a connected route to level 1.
• Example 1—Configures loopback 0 as a passive interface and enable IS-IS on subinterfaces ATM 2/0.1 and ATM 2/1.1. IS-IS advertises the IP address of loopback 0 in its link-state PDUs, but runs only on ATM 2/0.1 and ATM 2/1.1:

  host1(config)#router isis floor12

  host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00

  host1(config-router)#passive-interface loopback 0

  host1(config-router)#exit

  host1(config)#interface atm 2/0.1

  host1(config-subif)#ip router isis floor12

  host1(config-subif)#exit

  host1(config)#interface atm 2/1.1

  host1(config-subif)#ip router isis floor12

  You can override the passive-interface configuration simply by issuing the complementary command. For example, suppose you issue the following commands after the previous configuration:

  host1(config-router)#passive-interface atm 2/0.1

  host1(config-router)#exit

  host1(config)#interface loopback 0

  host1(config-if)#ip router isis floor12

  Now IS-IS advertises the IP address of ATM 2/0.1 in its link-state PDUs, but runs only on loopback 0 and ATM 2/1.1.

• Example 2—Sets a route tag on the IS-IS passive interface configured in Example 1.

  host1(config)#router isis floor12

  host1(config-router)#passive-interface loopback 0 tag 12

• Example 3—Sets a metric and level on the IS-IS passive interface configured in Example 1.

  host1(config)#router isis floor12

  host1(config-router)#passive-interface loopback 0 metric 45 level-2

• Use the no version to delete the passive interface, or to remove the tag, metric, or both.
• See passive-interface

Configuring Adjacency

You can configure the type (level) of adjacency you want to use on an IS-IS interface.

isis circuit-type

• Use to specify adjacency levels on a specified interface; however, normally, you do not need to use this command.
• Configure a router as a level 1-only, a level 1–level 2 system, or a level 2-only system.
• Configure some interfaces to be level 2-only for routers that are between areas. This prevents wasting bandwidth by sending out unused level 1 hellos.
• On point-to-point interfaces, the level 1 and level 2 hellos are in the same packet.
• Level 1-2 is the default.
• Example

  host1(config-if)#isis circuit-type level-2-only

• Use the no version to restore the default value, level-1-2.
• See isis circuit-type

Configuring Route Tags for IS-IS Interfaces

To configure a route tag for the IP addresses on an IS-IS interface:

1. Specify an IS-IS routing process, and access Router Configuration mode.

   host1(config)#router isis engineering

   host1(config-router)#

2. Configure a NET for the IS-IS process.

   host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00

3. Configure the router to accept and generate only new-style TLV tuples with a wider metric field. New-style TLV tuples include TLV type 135, which contains the route tag.

   host1(config-router)#metric-style wide

4. Exit Router Configuration mode.

   host1(config-router)#exit

5. Specify the interface on which you want to route IS-IS.

   The procedure assumes that at least one IP address is already configured on this interface.

   host1(config)#interface atm 2/2.1

6. Configure a route tag for the interface.

   host1(config-subif)#isis tag 221

7. Specify the IS-IS process to apply to the interface.

   host1(config-subif)#ip router isis engineering

8. (Optional) Access Privileged Exec mode, and verify the route tag assignment.

   host1(config-subif)#exit

   host1(config)#exit

   host1#show isis database detail

isis tag

• Use to set a route tag for the IP addresses on an IS-IS interface before the route is propagated to other routers in an IS-IS domain.
• Specify a numeric tag value in the range 1–4294967295.
• To make use of the route tag to modify route attributes or redistribute routes, you must reference the tag value in a route map.
• Example

  host1(config)#interface atm 3/0

  host1(config-if)#isis tag 45

• Use the no version to remove the route tag from the interface.
• See isis tag

Configuring Point-to-Point-over-LAN Circuits

You can deploy IS-IS on broadcast and point-to-point circuits. IS-IS treats these circuits differently in several ways, such as when establishing neighbor adjacencies or flooding link-state information.

Broadcast circuits use designated routers and are represented as virtual nodes in the network topology. They require periodic database synchronization. By default, IS-IS treats the broadcast link as LAN media and tries to bring up the LAN adjacency even when the interface is configured as unnumbered or only a single neighbor exists on that link.

In contrast, point-to-point circuits have less overhead, because they do not use designated routers, the link-state database has no representation of the pseudonode or network LSA, and they do not require periodic database synchronization. However, if more than two routers are connected on the LAN media, routing information in the network is reduced.

Although broadcast circuits are intended to handle more than two devices, in some circumstances you might connect only two routers over the physical or virtual LAN. Even though only two routers are connected, IS-IS treats the circuit as a broadcast circuit that has many more connected routers, with all the associated broadcast overhead but without the benefits of reduced routing information and of optimized flooding that result from having more than two routers on the LAN.

You can use the isis network point-to-point command to configure IS-IS to operate using point-to-point connections on a broadcast circuit when only two routers are on the circuit. This configuration is known as a point-to-point-over-LAN or P2P circuit. This interface configuration tears down the current LAN adjacency that IS-IS has over this interface. IS-IS then reestablishes the adjacency as a point-to-point connection and regenerates the LSPs. The broadcast link is thereafter treated as simple point-to-point interface.

Treating the LAN as a P2P circuit reduces the amount of information that IS-IS has to maintain and manage. For example, there is no need to elect a designated router for the interface. LSP flooding is performed as in P2P links without the need for using periodic CSNPs.

This circuit configuration can be advantageous even when many routers are on the LAN. For example, you might want to organize the routers into multiple smaller VLANs so that you can assign different costs to the IS-IS neighbors. You can apply this configuration to any such VLAN that has only two routers. IS-IS then views the LAN as a mesh of point-to-point connections.

The use of IP unnumbered interfaces makes the most of scarce IP address resources and provides for simpler network management and configuration. This configuration enables IP processing on a point-to-point interface without an explicit IP address. The IP unnumbered interface borrows the IP address of another interface on the node. Point-to-point-over-LAN circuits separate the concept of network type from media type, and enable you to apply unnumbered interface configurations to LANs.

The point-to-point-over-LAN feature requires the following:

• The LAN must have only two routers.
• Both routers must support the feature.
• You must configure the interface at each end as a P2P connection.
• If you are using numbered interfaces, both ends must be in same IPv4 subnet.
• If you are using unnumbered interfaces, both ends require static ARP entry configuration.

isis network point-to-point

• Use to specify that the broadcast circuit is to be treated as a point-to-point circuit.
• Issuing this command tears down existing adjacencies, originates or flushes LSPs, and establishes new adjacencies
• Example

  host1(config-intf)#isis network point-to-point

• Use the no version to restore the default value, treating the circuit as a broadcast circuit.
• See isis network point-to-point

Summary Example

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.