Fortinet black logo

Administration Guide

Home FortiSwitch 6.4.2 Administration Guide
6.4.2
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.9
7.0.8
7.0.6
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.11
6.4.6
6.4.5
6.4.3
6.4.2
6.4.0
6.2.5
6.2.2
6.2.1
6.2.0

IS-IS routing

IS-IS routing

NOTE: You must have an advanced features license to use IS-IS routing.

Intermediate System to Intermediate System Protocol (IS-IS) allows routing of ISO’s OSI protocol stack Connectionless Network Service (CLNS). IS-IS is an Interior Gateway Protocol (IGP) that is not intended to be used between Autonomous Systems (AS).

IS-IS is a link state protocol that is well-suited to smaller networks. It is in widespread use and has near universal support on routing hardware. It is quick to configure and works well if there are no redundant paths. However, IS-IS updates are sent out node-by-node, so it can be slow to find a path around network outages. IS-IS also lacks good authentication, can not choose routes based on different quality-of-service methods, and can create network loops if you are not careful. IS-IS uses Djikstra’s algorithm to find the best path, like OSPF.

While OSPF is more widely known, IS-IS is a viable alternative to OSPF in enterprise networks and ISP infrastructures, largely due to its native support for IPv6 and its nondisruptive methods for splitting, merging, migrating, and renumbering network areas.

This chapter covers the following topics:

Terminology

TLV: IS-IS uses type-length-value (TLV) parameters to carry information in Link-State PDUs (LSPs). The TLV field consists of one octet of type (T), one octet of length (L), and “L” octets of value (V).

Link-state PDU (LSP): The LSP contains information about each router in an area and its connected interfaces.

Complete sequence number PDU (CSNP): CSNPs contain a list of all LSPs in the current LSDB.

Authentication keychain: A keychain is a list of one or more authentication keys including the send and receive lifetimes for each key. Keys are used for authenticating routing packets only during the specified lifetimes.

Configuring IS-IS

The following is an example of an IS-IS configuration:

config router isis

set default-information-metric 60

config interface

edit "vlan100"

set circuit-type level-1

set priority-l1 80

set wide-metric-l1 200

next

edit "vlan102"

set circuit-type level-2

next

end

config net

edit 1

set net 49.0002.0000.0000.1048.00

next

end

set metric-style wide

config redistribute "connected"

set status enable

end

config redistribute "rip"

end

config redistribute "ospf"

end

config redistribute "bgp"

end

config redistribute "static"

end

end

Configuring BFD for IS-IS

You can use bidirectional forwarding detection (BFD) for the IS-IS routing protocol:

config router isis

config interface

edit <IS-IS interface name>

set bfd {enable| disable}

next

end

end

For example, if you want to enable BFD on vlan100:

config router isis

config interface

edit "vlan100"

set bfd enable

next

end

end

Checking the IS-IS configuration

Use the following commands to check your IS-IS configuration:

get router info isis interface

get router info isis route

get router info isis summary

get router info isis topology

Previous
Next

IS-IS routing

NOTE: You must have an advanced features license to use IS-IS routing.

Intermediate System to Intermediate System Protocol (IS-IS) allows routing of ISO’s OSI protocol stack Connectionless Network Service (CLNS). IS-IS is an Interior Gateway Protocol (IGP) that is not intended to be used between Autonomous Systems (AS).

IS-IS is a link state protocol that is well-suited to smaller networks. It is in widespread use and has near universal support on routing hardware. It is quick to configure and works well if there are no redundant paths. However, IS-IS updates are sent out node-by-node, so it can be slow to find a path around network outages. IS-IS also lacks good authentication, can not choose routes based on different quality-of-service methods, and can create network loops if you are not careful. IS-IS uses Djikstra’s algorithm to find the best path, like OSPF.

While OSPF is more widely known, IS-IS is a viable alternative to OSPF in enterprise networks and ISP infrastructures, largely due to its native support for IPv6 and its nondisruptive methods for splitting, merging, migrating, and renumbering network areas.

This chapter covers the following topics:

Terminology

TLV: IS-IS uses type-length-value (TLV) parameters to carry information in Link-State PDUs (LSPs). The TLV field consists of one octet of type (T), one octet of length (L), and “L” octets of value (V).

Link-state PDU (LSP): The LSP contains information about each router in an area and its connected interfaces.

Complete sequence number PDU (CSNP): CSNPs contain a list of all LSPs in the current LSDB.

Authentication keychain: A keychain is a list of one or more authentication keys including the send and receive lifetimes for each key. Keys are used for authenticating routing packets only during the specified lifetimes.

Configuring IS-IS

The following is an example of an IS-IS configuration:

config router isis

set default-information-metric 60

config interface

edit "vlan100"

set circuit-type level-1

set priority-l1 80

set wide-metric-l1 200

next

edit "vlan102"

set circuit-type level-2

next

end

config net

edit 1

set net 49.0002.0000.0000.1048.00

next

end

set metric-style wide

config redistribute "connected"

set status enable

end

config redistribute "rip"

end

config redistribute "ospf"

end

config redistribute "bgp"

end

config redistribute "static"

end

end

Configuring BFD for IS-IS

You can use bidirectional forwarding detection (BFD) for the IS-IS routing protocol:

config router isis

config interface

edit <IS-IS interface name>

set bfd {enable| disable}

next

end

end

For example, if you want to enable BFD on vlan100:

config router isis

config interface

edit "vlan100"

set bfd enable

next

end

end

Checking the IS-IS configuration

Use the following commands to check your IS-IS configuration:

get router info isis interface

get router info isis route

get router info isis summary

get router info isis topology

Previous
Next