The IS-IS system identifiers consist of three parts:
System ID — The system ID is any 6 bytes that are unique in a given area or level. The system ID defaults to the baseMacAddress of the chassis but you can configure a non-default value. The system ID must use a unicast MAC address; do not use a multicast MAC address. A MAC address that has the low order bit 1 set in the highest byte is a multicast MAC address. For example, the following are multicast MAC addresses: x1xx.xxxx.xxxx, x3xx.xxxx.xxxx, x5xx.xxxx.xxxx, x7xx.xxxx.xxxx, x9xx.xxxx.xxxx, xBxx.xxxx.xxxx, xDxx.xxxx.xxxx, and xFxx.xxxx.xxxx.
Manual area — The manual area or area ID is up to 13 bytes long. The first byte of the area number (for example, 49) is the Authority and Format Indicator (AFI). The next bytes are the assigned domain (area) identifier, which is up to 12 bytes (for example, 49.0102.0304.0506.0708.0910.1112). IS-IS supports a maximum of three manual areas, but the switch software only supports one manual area.
NSEL — The last byte (00) is the n-selector. In this implementation, this part is automatically attached. There is no user input accepted.
The Network Entity Title (NET) is the combination of all three global parameters.
All routers have at least one manual area. Typically, a Level 1 router does not participate in more than one area.
The following are the requirements for system IDs:
All IS-IS enabled routers must have one manual area and a unique system ID.
All routers in the same area must have the same area ID.
All routers must have system IDs of the same length (6 bytes).
All IS-IS enabled routers must have a unique nickname.
You can change the PSNP interval rate. A longer interval reduces overhead, while a shorter interval speeds up convergence.
You can configure the CSNP periodic and interval rate. A longer interval reduces overhead, while a shorter interval speeds up convergence.
Link state packets (LSPs) contain vital information about the state of adjacencies, which must be exchanged with neighboring IS-IS systems. Routers periodically flood LSPs throughout an area to maintain synchronization. You can configure the LSP to reduce overhead or speed up convergence.
The following list describes IS-IS parameters related to LSPs:
The max-lsp-gen-interval is the time interval at which the generated LSP is refreshed. The default is 900 seconds with a range of 30 to 900.
The retransmit-lsp-interval is the minimum amount of time between retransmission of an LSP. When transmitting or flooding an LSP an acknowledgement (ACK) is expected. If the ack is not received within retransmit-lsp-interval, the LSP is re-transmitted. The default is 5 seconds with a range of 1 to 300.
All SPBM links are point-to-point links. The switch does not support broadcast links.
Configure IS-IS interface authentication to improve security and to guarantee that only trusted routers are included in the IS-IS network. Interface level authentication only checks the IIH PDUs. If the authentication type or key in a received IIH does not match the locally-configured type and key, the IIH is rejected. By default, authentication is disabled.
You can use either one of the following authentication methods:
Simple password authentication — Uses a text password in the transmitted packet. The receiving router uses an authentication key (password) to verify the packet.
MD5 authentication — Creates a Message Digest (MD5) key.
SHA-256 — Adds a Hash-based Message Authentication Code (HMAC) digest to each IS-IS Hello packet.
Important
If the .isis_md5key.txt and .isis_simplekey.txt are missing, IS-IS adjacencies cannot be established.
To reset the authentication password type, you must set the type to none.
The switch software supports only interface level authentication. The switch software does not support area level or domain level authentication.
Note
The interfaces used to make the adjacencies must have SPBM configured.
The switch that receives the Hello packet computes the digest of the packet and compares it with the received digest. If the digests match, the packet is accepted. If the digests do not match, the receiving switch discards the packet.
Directly connected switches must share the same key (secret), which can have a maximum length of 16 characters.
To update the identities of neighboring routers, you can configure the:
IS-IS Interface Level 1 Hello interval
IS-IS Interface Level 1 Hello multiplier
IS-IS uses level 1 Hello packets to initialize and maintain adjacencies between neighboring routers.
You can configure the IS-IS interface level 1 Hello interval to change how often Hello packets are sent out from an interface level.
You can configure the IS-IS interface level 1 Hello multiplier to specify how many Hellos the switch must miss before it considers the adjacency with a neighboring switch down. By default, the hold (wait) time is the Hello interval multiplied by the Hello multiplier. By default, if the Hello interval is 9 and the Hello multiplier is 3, the hold time is 27. If the Hello multiplier is increased to 10, the hold time is increased to 90.
You can configure the IS-IS interface level 1 link metric to overwrite the default metric value. By configuring the metric, you can specify a preferred path. Low cost reflects high-speed media, and high cost reflects slower media. For the wide metric, the value ranges from 1 to 16,777,215.
The switch only supports the wide metric.
The total cost of a path equals the sum of the cost of each link.
The default value for wide metrics is 10.
Note
When multiple paths exist to reach a node, the path with the lowest sum of metrics of the individual links is chosen. If the sum of the paths are the same, the one with the lowest number of hops is chosen. If the number of hops is the same as well, then the tie-breaking is done by the system ID.
For the primary B-VLAN, the path that has a node with the lowest system ID is chosen. Whereas, for the secondary B-VLAN, the path that has a node with the highest system ID is chosen.
You can disable IS-IS globally or at the interface level. If IS-IS is globally disabled, then all IS-IS functions stop. If IS-IS is enabled at the global level and disabled at one of the interface levels, then IS-IS continues on all other interfaces.
A node sends the overload bit in LSP updates to inform other devices whether to use that node to pass transit traffic. For example, when a device receives an LSP with an overload bit, the device ignores that LSP in its Shortest Path First (SPF) calculation to avoid sending transit traffic through the overloaded node; however, the overloaded node can still receive traffic destined to itself.
The system activates the overload bit on bootup and clears it after 20 seconds. You can use the overload-on-startup parameter to control the time before the overload bit is cleared after bootup.
You can permanently configure the overload bit using the overload parameter. If you use this parameter, the system does not clear the overload bit after bootup and sends it in all LSP updates. If the overload bit is configured, other devices do not include this node for use as a transit node in IS-IS computations. By default, the overload parameter is set to false.
The overload and overload-on-startup parameters are configured under the router isis configuration mode in the CLI.
When IS-IS is enabled on a switch, the switch delays a reset by two seconds so that LSPs with the overload bit can be sent to all Backbone Edge Bridges (BEB) and Backbone Core Bridges (BCB) in the SPB domain.