IS-IS configuration parameters

IS-IS system identifiers

The IS-IS system identifiers consist of three parts:

The Network Entity Title (NET) is the combination of all three global parameters.

All routers have at least one manual area. Typically, a Level 1 router does not participate in more than one area.

The following are the requirements for system IDs:

PSNP interval

You can change the PSNP interval rate. A longer interval reduces overhead, while a shorter interval speeds up convergence.

CSNP periodic and interval rate

You can configure the CSNP periodic and interval rate. A longer interval reduces overhead, while a shorter interval speeds up convergence.

Parameters for the link state packet

Link state packets (LSPs) contain vital information about the state of adjacencies, which must be exchanged with neighboring IS-IS systems. Routers periodically flood LSPs throughout an area to maintain synchronization. You can configure the LSP to reduce overhead or speed up convergence.

The following list describes IS-IS parameters related to LSPs:

Point-to-point mode

All SPBM links are point-to-point links. The switch does not support broadcast links.

IS-IS interface authentication

Configure IS-IS interface authentication to improve security and to guarantee that only trusted routers are included in the IS-IS network. Interface level authentication only checks the IIH PDUs. If the authentication type or key in a received IIH does not match the locally-configured type and key, the IIH is rejected. By default, authentication is disabled.

You can use either one of the following authentication methods:

Important

Important

If the .isis_md5key.txt and .isis_simplekey.txt are missing, IS-IS adjacencies cannot be established.

Password considerations

To reset the authentication password type, you must set the type to none.

The switch software supports only interface level authentication. The switch software does not support area level or domain level authentication.

SHA-256 considerations

IS-IS Hello packets are sent periodically to discover IS-IS neighbors, and to establish and maintain IS-IS adjacencies. If you enable SHA-256 authentication, the switch adds an HMAC-SHA256 digest to each Hello packet.
Note

Note

The interfaces used to make the adjacencies must have SPBM configured.

The switch that receives the Hello packet computes the digest of the packet and compares it with the received digest. If the digests match, the packet is accepted. If the digests do not match, the receiving switch discards the packet.

Directly connected switches must share the same key (secret), which can have a maximum length of 16 characters.

Hellos

To update the identities of neighboring routers, you can configure the:

IS-IS Interface Level 1 Hello interval

IS-IS uses level 1 Hello packets to initialize and maintain adjacencies between neighboring routers.

You can configure the IS-IS interface level 1 Hello interval to change how often Hello packets are sent out from an interface level.

IS-IS Interface Level 1 Hello multiplier

You can configure the IS-IS interface level 1 Hello multiplier to specify how many Hellos the switch must miss before it considers the adjacency with a neighboring switch down. By default, the hold (wait) time is the Hello interval multiplied by the Hello multiplier. By default, if the Hello interval is 9 and the Hello multiplier is 3, the hold time is 27. If the Hello multiplier is increased to 10, the hold time is increased to 90.

IS-IS Interface Level 1 Link metric

You can configure the IS-IS interface level 1 link metric to overwrite the default metric value. By configuring the metric, you can specify a preferred path. Low cost reflects high-speed media, and high cost reflects slower media. For the wide metric, the value ranges from 1 to 16,777,215.

Note

Note

When multiple paths exist to reach a node, the path with the lowest sum of metrics of the individual links is chosen. If the sum of the paths are the same, the one with the lowest number of hops is chosen. If the number of hops is the same as well, then the tie-breaking is done by the system ID.

For the primary B-VLAN, the path that has a node with the lowest system ID is chosen. Whereas, for the secondary B-VLAN, the path that has a node with the highest system ID is chosen.

Disabling IS-IS

You can disable IS-IS globally or at the interface level. If IS-IS is globally disabled, then all IS-IS functions stop. If IS-IS is enabled at the global level and disabled at one of the interface levels, then IS-IS continues on all other interfaces.

Overload Bit

A node sends the overload bit in LSP updates to inform other devices whether to use that node to pass transit traffic. For example, when a device receives an LSP with an overload bit, the device ignores that LSP in its Shortest Path First (SPF) calculation to avoid sending transit traffic through the overloaded node; however, the overloaded node can still receive traffic destined to itself.

The system activates the overload bit on bootup and clears it after 20 seconds. You can use the overload-on-startup parameter to control the time before the overload bit is cleared after bootup.

You can permanently configure the overload bit using the overload parameter. If you use this parameter, the system does not clear the overload bit after bootup and sends it in all LSP updates. If the overload bit is configured, other devices do not include this node for use as a transit node in IS-IS computations. By default, the overload parameter is set to false.

The overload and overload-on-startup parameters are configured under the router isis configuration mode in the CLI.

When IS-IS is enabled on a switch, the switch delays a reset by two seconds so that LSPs with the overload bit can be sent to all Backbone Edge Bridges (BEB) and Backbone Core Bridges (BCB) in the SPB domain.