Episode 14 – Digging Deep into the IS-IS Routing Protocol

In a return to our routing protocol series, Russ White and Nick Russo join Network Collective to talk about some of the intricacies of the IS-IS routing protocol. While not usually found in enterprises, Service Providers have used IS-IS as the underlay to their MPLS networks and it is starting to make an appearance as the underlay to several newer enterprise technologies. If you’ve been curious about how it works, and how it is different than what you use today, this show is for you.


Show Links





Show Notes

  • IS-IS Characteristics
    • IS-IS is a graph
      • Vertices, edges, link types, cost
      • Uses Dijkstra’s algorithm
      • Based on Type Link Value protocol (TLV) instead of fixed type fields which allows IS-IS to be very extensible
      • Similar to OSPF, but the P-node is called the DIS, not the DR, and behaves a bit differently
      • Originally built for host routing
    • Not an IP protocol
      • direct encapsulation to L2, ethertype 0xFEFE
      • Provides some inherent security benefits (very hard to reach in and attack; OSPF solved this with TTL security)
    • QoS over L2VPNs
      • If the EFP is matching IP DSCP for QoS, ISIS may not be classified correctly. If the carrier Ethernet service is untagged, then there is no mechanism to provide QoS, notwithstanding manual Ethertype matching (not supported on all EFPs).
    • Two level hierarchy (level 1 and level 2)
      • Unlike OSPF, the two levels (areas in OSPF) can overlap
      • IS-IS levels are flooding domains
      • The two IS-IS levels can act independently enough that they can seem like two instances of a routing protocol running on top of each other
  • What does IS-IS do well? What does it do poorly?
    • What does it do well?
      • has extensive tools for handling full mesh topologies
      • new routing initiatives are based in part on IS-IS
      • Good best choice for a leaf-spine and non hub-and-spoke topologies
    • What does it do poorly?
      • Hub and Spoke topologies
      • Difficulty with QoS because it is its own protocol and not IP
  • Comparison to OSPF
    • Similarities
      • Both are link state, both have a two-tier hierarchical flooding domain
      • relatively inflexible topology/filtering options within a flooding domain
    • Differences
      • IS-IS is easier to extend to support different functions (more extensible)
      • Important: overlapping topologies can solve a lot of issues, like relatively straightforward TE issues without MPLS or fibbing. Just enable L1/L2 in specific parts of the network, assign subnets to L1 or L2, and adjust L1-specific or L2-specific costs accordingly
      • Areas in IS-IS are not like OSPF, and are mostly relevant in L1 topologies
      • The DIS in IS-IS is different from the DR in OSPF
    • Caveats
      • Two intermediate systems must be in the same area to form L1 neighbors
      • It is possible to span an IS-IS area across L1 and L2 topologies, but the AT bit won’t be set in the L1 area, potentially causing reachability issues (Depends on whether this is desirable or not)
      • A general strategy for deploying IS-IS in a network that is seen to grow is to regionalize ISIS areas.
        • For example, each regional POP can be in separate areas while the backbone is in a common one, but everything is L2. When multi-level is needed, simply migrate the POPs to L1 without changing areas.
      • Because L1/L2 can be enabled on the same pair of links without fancy extensions like OSPF has, this can solve optimal ingress/egress routing between L2 and L1 domains
  • Design Considerations
    • Wide Area Networks
      • For private WANs or MPLS L2VPN based WANs where IP tunneling (IPsec, DMVPN, etc) are not used, IS-IS is a legitimate option. Some large companies still use it
    • Data Center
      • Highly capable of handling leaf/spine designs with OL-bit set on spokes. SR-TE capabilities make it a natural choice to help enable service chaining and path selection in such fabrics. Also a core component of Cisco’s OTV
    • Carrier
      • Common in the carrier space. Could also use separate IS-IS processes for seamless MPLS designs which can scale infinitely across many levels of hierarchy (edge, pre-aggregation, aggregation, core as an example for a large mobile carrier network)


Russ White
Nicholas Russo

Jordan Martin
Eyvonne Sharp

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *