Isis

Another possible PE-CE routing protocol is IS-IS, which is a link state routing protocol like OSPF. Unlike OSPF, however, IS-IS runs directly over Layer 2, not over IP. Having IS-IS run across the PE-CE link requires ISIS to be VRF aware on the PE routers. You can configure ISIS for a VRF by using the command vrf vrf-name under the IS-IS process. IS-IS processes on a router are differentiated from each other by the tag as configured with the command router isis process-tag. You have to associate the PE-CE link with the correct IS-IS VRF process with the interface command ip router isis process-tag. As with OSPF, each VRF instance has its own IS-IS routing process (and SPF algorithm), IS-IS database, and routing table.

The up/down bit performs routing loop prevention when an IS-IS site is dual homed. This bit has the same functionality as the down bit for OSPF over MPLS VPN. However, the up/down bit was not invented to run IS-IS over MPLS VPN. It was introduced earlier to prevent routing loops in the case of advertising IP prefixes from Level 2 to Level 1. (You might call them interarea routes.) When an L1L2 router advertises a Level 2 prefix in the Level 1 LSP, it must set the up/down bit. That way, another L1L2 router can see this bit set and does not distribute this prefix back into Level 2. A PE router that is distributing the learned iBGP vpnv4 route into IS-IS sets the up/down bit when advertising the prefix into IS-IS. Another PE router that sees this IS-IS prefix with the up/ down bit set never distributes this prefix back into iBGP.

NOTE The up/down bit is the high order bit in the default metric field of TLV 128 and TLV 130.

Figure 7-26 shows a simple IS-IS network. Two IS-IS sites are connected to each other via the MPLS VPN backbone. The IS-IS process for this VPN customer is cust-one.

Figure 7-26 IS-IS over MPLS VPN

Router ISIS Cut-one VRF Cust-one

Net 49.0001.0000.0000.0003.00 Is-type Level-2-only Redlstribute BGP 1

Interface Loopback0 IP Address 10.10.100.1/32

Router ISIS

Net 49.0001.0000.0000.0001.00 Passive-interface Loopback0

Interface Loopback0 IP Address 10.10.100.3/32

Router ISIS

Net 49.0001.0000.0000.0002.00 Passive-interface Loopback0

Router ISIS Cut-one VRF Cust-one

Net 49.0001.0000.0000.0004.00 Is-type Level-2-only Redistribute BGP 1

Interface Loopback0 IP Address 10.10.100.1/32

Router ISIS

Net 49.0001.0000.0000.0001.00 Passive-interface Loopback0

Interface Loopback0 IP Address 10.10.100.3/32

Router ISIS

Net 49.0001.0000.0000.0002.00 Passive-interface Loopback0

Example 7-33 shows the configuration of the router london-PE.

Example 7-33 IS-IS Configuration on the Router london-PE

ip vrf cust-one rd 1 i i route-target export 1:1 route-target import 1:1

interface Ethernet0/1/2 ip vrf forwarding cust-one ip address 10.10.2.2 255.255.255.0 ip router isis cust-one isis circuit-type level-2-only

router isis cust-one vrf cust-one net 49.0001.0000.0000.0003.00 is-type level-2-only redistribute bgp 1

router bgp 1 neighbor 10.200.254.5 remote-as 1 neighbor 10.200.254.5 update-source Loopback0 I

address-family vpnv4

neighbor 10.200.254.5 activate neighbor 10.200.254.5 send-community extended exit-address-family I

address-family ipv4 vrf cust-one redistribute connected redistribute isis cust-one level-2 exit-address-family

Example 7-34 shows the output of some IS-IS commands on the PE routers for the IS-IS VRF process. You can see that the router sydney-PE has one IS-IS adjacency, namely with the sydney-ce. The prefix 10.10.100.1/32 is the loopback IP address on the router london-ce. The VPN label that is used to reach that prefix across the MPLS backbone is label 27. The label is advertised with the vpnv4 route from the router london-PE to the router sydney-PE. This VPN label is installed in the LFIB of the router london-PE to get the traffic from the MPLS VPN backbone switched to the correct CE router (london-ce).

Example 7-34 IS-IS Output on the PE Routers for VRF Cust-One sydney#show isis cust-one neighbors

System Id Type Interface IP Address sydney-ce L2 Se5/1 10.10.4.2

State Holdtime Circuit Id UP 20 00

sydney#show isis cust-one database

IS-IS Level-2 Link State Database:

LSPID LSP Seq Num LSP Checksum LSP Holdtime sydney-ce.00-00 0x00000004 0xC80A 1167

sydney.00-00 * 0x00000007 0x1377 1198

sydney#show clns cust-one protocol

IS-Type: level-2-only

IS-IS Router: cust-one

System Id: 0000.0000.0004. Manual area address(es): 49.0001

Routing for area address(es): 49.0001

Interfaces supported by IS-IS:

Serial5/1 - IP Redistributing:

static Distance: 110 RRR level: none

Generate narrow metrics: level-1-2 Accept narrow metrics: level-1-2 Generate wide metrics: none Accept wide metrics: none sydney#show ip bgp vpnv4 rd 1:1

BGP table version is 68, local router ID is 10.200.254.5 Status codes: s suppressed, d damped, h history, * valid, > best, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 1:1 (default for vrf cust-one)

internal,

*>i10.10.2.0/24 *> 10.10.4.0/24 *>i10.10.100.1/32 *> 10.10.100.3/32 *>i10.99.1.1/32 *> 10.99.1.2/32

10.200.254.2

.200.254.2

.200.254.2

32768 0

32768 0

32768

Example 7-34 IS-IS Output on the PE Routers for VRF Cust-One (Continued)

sydney#show ip bgp vpnv4 rd 1:1 10.10.100.1

BGP routing table entry for 1:1:10.10.100.1/32, version 68 Bestpath Modifiers: ignore-cost-community Paths: (1 available, best #1, table cust-one) Not advertised to any peer Local

10.200.254.2 (metric 3) from 10.200.254.2 (10.200.254.2)

Origin incomplete, metric 10, localpref 100, valid, internal, best Extended Community: RT:1:1, mpls labels in/out nolabel/27

london#show mpls forwarding-table vrf cust-one 10.10.100.1

Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC or Tunnel Id switched interface

NOTE In Cisco IOS, the IS-IS VRF process cannot run Connectionless Network Service (CLNS) routing.

Micro Expression Master

Micro Expression Master

If You Could Read Everyone Life A Book You Can Have Better Career, Great Relationships And Become Successful. This Book Is One Of The Most Valuable Resources In The World When It Comes To Reading the smallest and tiniest body Language and know what people are thinking about.

Get My Free Ebook


Post a comment