522 17. Future of IS-IS into “sub-sub-domains” by introducing a level of route reflection in the sub-AS. That would also work in a Route Reflection environment. A cluster of routers can serve another clus- ter of routers. There is no need (or desire) here to further elaborate on the different methods of iBGP scaling techniques. However, it is now obvious that the resulting iBGP mesh is a lot more complicated to describe once you are using one of the two iBGP scaling tools. Furthermore, maintaining the iBGP mesh, which means verifying that all routers are homed to the right cluster and are all producing consistent routing decisions, is a daunting task for the operation teams at all service providers. The Internet Draft draft-raszuk-isis-bgp-peer-discovery describes a method that Route Reflectors and Confederation sub-ASBRs (Autonomous System Border Routers) can use to advertise their capabilities to terminate iBGP sessions. The magic carpet to trans- port those announcements is a TLV, the number of which has not yet been determined by IANA. This is illustrated in Figure 17.14. The TLV is part of the LSP that is flooded inside an IS-IS level. Upon receipt of such a TLV the receiving router checks to see if it wants to connect to that router. Figure 17.15 shows an example of how iBGP provisioning times can be radically reduced. All Level 2 routers are part of the full mesh and advertise that they want to be full-mesh speakers in the IS-IS Level 2. Once that information is received by any Level 2 router, those routers try to connect to and bring up the BGP full mesh. In Level 1 the situation is a bit different. The L1L2 router advertises that it is a route reflector and so all the Level 1 routers connect to the proposed route reflectors. TLV Type TLV Length IANA Bytes 1 1 BGP Identifier 4 Frag 2 Checksum 2 Flooding Reserved 2 Autonomous System(s) or confederation sub-AS(s) sub-TLV variable F D BGP Reserved IPv4/IPv6 Peering Address sub-TLV AFI/SAFI for mesh topologies sub-TLV AFI/SAFI for reflection topologies sub-TLV variable variable variable FIGURE 17.14. The BGP discovery TLV empowers an IS-IS speaker to automatically provision the iBGP distribution mesh Capability Announcement 523 The authors of the draft keep emphasizing that this method should not replace the cur- rently prevailing method of manual configuration, but rather should be taken in baby steps. Auto iBGP Peer discovery is seen as a complementary technique to foster a softer transi- tion for fully automated peer discovery. Especially for larger networks, this seems to be a promising technique for migration from an overly cautious route reflection design to a full-mesh BGP setup producing good routes with diverse paths. 17.6 Capability Announcement The IS-IS working group has been busy in the last 5 years producing a lot of extensions to the base protocol. All of the extensions are documented as Internet drafts which ultim- ately get published as informational RFCs, not normative references. There is now increasing concern that the extensions to IS-IS are getting to be a pick-and-choose Route Reflection Cluster 0.0.0.1 IS-IS Level 1 Cluster 0.0.0.3 IS-IS Level 1 Cluster 0.0.0.2 IS-IS Level 1 TopLevel Full Mesh IS-IS Level 2 RR RR RRRR F IGURE 17.15. The Level 1 routers are looking for route reflector announcements, where the Level 2 routers are looking for full-mesh partner announcements self-service shop for vendors. That is, certain extensions are implemented and certain others are not. As shown in Chapter 15, “Troubleshooting”, there are failure patterns that resulted from the router’s ability to process and understand a TLV correctly. For the trou- bleshooting process it becomes important to assess the router’s capabilities in that regard. How does the network operations engineer know what TLVs a troublemaking router understands? Logging into that router, checking the router operating system version, going to the vendor’s website, and looking what TLVs can be processed is often an awk- ward and cumbersome way of getting capability information. Figure 17.16 shows the structure of a TLV that could convey the information that a certain router can process. This TLV is, like the Hostname TLV, a purely informational or convenience TLV that only addresses informational issues. There are no routing or traffic engineering decisions affected by the existence or non-existence of a bit in this TLV. It is purely a tool for giv- ing the NOC engineer help supporting the network. The Capability TLV #242 triggered an interesting question: how much information should a routing protocol really carry? This a good question especially when there is non-routing and non-topology data involved. 17.7 Conclusion The further extension of the IS-IS protocol is not going to stop anytime soon. Additional functionality is required by many service providers and will continue to force evolution of the protocol. However, there is some recent discomfort caused by this functional growth. Many network engineers share the view that virtually all routing protocols are being overloaded across the board. IS-IS is no exception to that concern. Functionalities like Hostname Resolution (TLV #137), iBGP router auto-discovery and Capability Announce- ment are utilizing the flooding sub-system of IS-IS to get non-IP routing-related data across the network. As discussed in Chapter 13, “IS-IS Extensions”, there is always a tradeoff between new functionality and stability because software needs to go through a 524 17. Future of IS-IS Bit 0–3 4 5 6 7 8 9 10 11 12 13 14–31 TLV Type TLV Length 242 Bytes 1 1 Reserved 3 total subTLV length 1 subTLV Type 1 subTLV length 1 Capability Vector 4 F Reserved 1 other optional subTLVs variable (N * 4) T D 1 Capability Vector Capability Name Reserved IS-IS graceful restart capable IS-IS and BGP blackhole avoidance capable IS-IS wide metric processing capable IS-IS short metric processing capable IS-IS hmac-md5 authentication capable IS-IS Traffic Engineering support IS-IS point-to-point over LAN IS-IS Path Computation Server discovery M-ISIS capable IS-IS IPv6 capable For future assignments FIGURE 17.16. The important content of TLV 242 is the Capability Vector Sub-TLV #1 which con- tains the one set bit per supported capability maturity cycle. IS-IS is a bit special in that respect because IS-IS represents a very criti- cal part of the routing sub-system in a service provider network. If you overload BGP with a new functionality, then most likely bugs will stay within the given boundaries of that sub-system. For example, a bug in the MPLS-VPN code is unlikely to impact public BGP routing on the Internet. However, whenever you start to add new functionality to IS-IS, then you need to touch the LSP origination code, which is a much more dangerous place to play. The impact here may be much more catastrophic, as virtually all sub-systems in a network rely on a proper working IGP. If the IGP fails then everything else starts to fail: things like bogus TE databases, torn-down RSVP sessions, LDP sessions to a collapsing BGP mesh could easily result. So one needs to ask the question: How much “overloading” of the IGP is really useful? Perhaps the wise answer is to take a look at the risk versus the reward of certain functionality. In IS-IS, the risk of destabilizing things is very high and very real, so one needs to make a solid case for adding functionality to solve a real engineering problem. While it makes perfect sense to add new functionality in order to solve engineering problems like producing new services for BGP, or consolidating infrastructure (as in the G-MPLS case), it is somewhat dangerous to jeopardize the stability of the current IS-IS code base for convenience or administrative functions like capability announcements. It is the authors’ opinion that the IS-IS community should stay away from the temptation to enhance such fragile portions of the network with functionality that yields, at best, a questionable or intangible gain. What is right or wrong, and what functionalities will finally be deployed in our net- works, will always remain an open issue. Walter would like to close this chapter with something called Walter’s First Rule of Networking, formulated after more than 35 years of networking experience: When the new stuff is more risky to deploy, and more complex than the workaround – use the workaround! Hannes would like to close this last chapter with an insight from Pedro Marquez, a well respected protocol engineer who was at Cisco Systems and now works for Juniper Networks. Pedro was concerned about the IP-only zealots – in response he used to say: No one is paying vendors for not doing things – however we need to still keep some common sense! Conclusion 525 Index 527 AAL-5 399–400 Active configuration 68 Addresses In ISIS 96 IP 96–98 IP model 98–100 IP to OSI 102–103 NET 92–93, 100 OSI 100–104 Example 104 Private, in ISIS 103–104 Adjacency 85 Failure scenario 124–129 Scaling for LANs 183–186 Table 28 Administrative distance 145 Administrative tagging 324, 339 Aggregated routes 45–46 AFI 103 APS, and adjacency failure 124–126 Architecture, see Router architecture Area Address TLV #1 241 Areas 83–84 IDs 92, 101, 103–104 OSPF v. ISIS 85 Merging 92 Migration 90–92 Multiple IDs 91 Re-numbering 92 Splitting 92 ASICs 16, 32 ATM AAL-5 399–400 And MPLS 402–404 Flooding LSPs on 166–67 Overhead for TCP/IP 399 Overlay networks 395–400 Atomic-module kernel 25 ATT bit 89, 143 Attribute typeblock 144, 155 Authentication Implementation 356–358 Interoperability 364 IOS 358 IP Authentication TLV #133 317–318 Of routing information 351 On p2p links 355 Suppression of 361 TLV #10 211, 351 Use recommended 499–500 Weaknesses in ISIS 353 Auto-bandwidth for ISIS 320 Auto-calculation of metric 319 Auto-completion 39 BCD encoding of IP address 102 Bellman-Ford 2, 4 BFD 137 BGP And forwarding tables 276–279 And ISIS 274–276, 481–482 Auto-peering 522–523 And the IGP 160–161 Discovery TLV 522 Peer discovery 522–523 Recommendations for ISIS 485 Route reflectors 162, 522 Route resolution 273 Route selection 274 Scaling 479 Bidirectional fault detection 137–139 Bit bucket 45 Bits ATT 89, 143 EXP 404 I/E 302–303, 312 Overload see overload bit Up/down 331 Broadcast interface 80 Buffer Size TLV #14 244 Candidate configuration 68 Capability TLV #242 524 Carrier-class 23, 31 Case studies 460 Broken adjacency 460 Missing PP-OSICP 462 Non-matching area-ID 465 Non-matching authentication 466 Non-matching IP subnet 467 Non-matching level 464 CDP 50, 52, 80 CEF 27 Cell-based MPLS (L2 MPLS) 402–404 Checksum 365 For non-LSP PDUs 367–368 TLV #12 365, 368 Circuit type 112, 115 Cisco 7500 Series 27–30 And ISIS 6 CLI 35 EIGRP 6 IOS listings see Configuration examples, IOS IOS logging 22 IOS software 31 GSR 30–31 VIP 29 CLI 16, 21, 225 IOS 35–36 Activating configuration 47–50 Configuration see Configuration examples, IOS ISIS database see ISIS database Example 39 see also Commands, IOS ISIS and 50 JUNOS 35–36, 56 Activating configuration 68–69 Auto-completion 39 CLI 35, 56 Configuration examples see Configuration examples, JUNOS Configuration mode 39 Example 37 see also Commands, JUNOS Help 38 ISIS and 59 ISIS database see ISIS database ISIS implementation 37, 63–65 Logging 22 Software 33 CLNP 43, 301 CLNS 43, 80 Commands IOS Configure network 47 Configure terminal 39, 47, 466–467 Copy 49 Debug isis 53, 132, 232–233 Debug isis adj-packets 449–450, 464, 468 Debug isis authentication 467 Debug isis update-packets 450 Enable 39, 43 Exit 48 Interface pos 5/3 48 No hello padding 118 Reload 49 Router isis 39 Show cdp neighbor 50, 52 Show clns interface 198, 202, 226, 306, 443 Show clns neighbor 47, 113, 116, 316, 387, 390, 443 Show clns traffic 171–172 Show debug 54 Show interface pos 3/0 46–47, 462 Show ip route 145, 445 Show isis database 95–96, 143, 174, 199, 310, 335, 340–341, 350, 374, 443 Show isis hostname 107, 349 Show isis spf-log 266, 444 Show isis topology 444 Show logging 53–54 Show mpls ldp tunnels 420 Show mpls traffic-engineering topology 423 Show mpls traffic-engineering tunnels 415 Show privileges 43 Show running configuration 45, 56, 75, 327, 360, 373 telnet 42 terminal monitor 54 undebugging all 55 JUNOS Commit 68 Configure 39, 63, 105 528 Index Delete 67 Edit 65 Exit 65 Monitor 72, 451, 456 Request 58 Rollback 68 Set interface 67 Show 66, 70 Show bfd session 139 Show cli authorization 57 Show interfaces 62, 225–226, 463 Show isis 38 Show isis adjacency 105, 106, 114, 115, 315, 345, 385, 391, 446 Show isis database 37, 96, 143, 157–158, 174, 194, 311, 337, 342–343, 350, 375, 446, 470, 471, 473 Show isis hostname 107, 349 Show isis interface 60, 137, 197, 201, 210, 306, 445 Show isis route 145 Show isis spf log 266, 386, 447 Show isis spf results 448 Show isis statistics 172, 220 Show ldp neighbor 421 Show log 132, 243, 464 Show log isis-trace 71 Show mpls lsp ingress 416 Show route 448 Show route protocol isis 146 Show route table inet6.0 protocol isis 375 Show ted database 423 Show | compare 463–464, 467–468 Start shell 457 telnet 57 top 65, 66 Compatibility announcements 523–524 Conclusions see Summaries Configuration examples IOS Adjacency scenario 461–462 Administrative tagging 339, 341 Advertise passive only 477 Authorization 359 Basic 40 Changing configuration 47–49 CSNP interval 209 ERO (MPLS) 412–413 Forwarding adjacency 434 Hello interval 136 Host names 346–347 IPv6 373 ISIS (complete example) 452 LDP 418 LDP tunnels 431 LSP bandwidth limit 177 LSP generation interval 179 LSP parameters 150 LSP transmit interval 176 Mesh group 170 Mesh group blocking 169 Multi-topology 386 Multiple IP addresses per interface 314 No hello padding 118 NETs 104 Overload bit (dynamic) 163 Overload bit (static) 161 Passive ISIS 306 Policy 75 PRC interval 268 Pseudonode suppression 198 Redistribute RIP into ISIS 310 Retransmission interval 181 Retransmission throttle 182 Route leaking L1 to L2 338 Route leaking L2 to L1 334–335 RRO (MPLS) 415 SPF compatibility 264 SPF hold down 261 Static ISIS metric 322 Tagging 339, 341 TE tunnels 425 Three-way handshake 131 JUNOS Activating configuration 68–70 Adjacency scenario 461 Administrative tagging 342–342 Advertise passive policy 477–478 Authorization 355, 361–362 Authorization suppression 363–365 Area merging 93 Area renumbering 95 Area splicing 94 Basic 39 BFD liveliness 138 Checksum 366 Configuration mode 63–65 Index 529 Configuration examples (cont'd) CSNP interval 209 ERO (MPLS) 414 Export static to ISIS 471–472 Flags (traceoptions) 451, 464 Forwarding adjacencies 434 Hello interval 136 Host names 346–347 IGP updates 437 IPv6 374–375 ISIS (basic example) 66–68 ISIS (complete example) 454 LDP 431 LDP tunnels 431 LSP parameters 152 LSP transmit interval 177 Mesh group 170 Mesh group blocking 169 Multi-topology 383 NETs 105 Overload bit (dynamic) 163 Overload bit (static) 162 Passive ISIS 305 Policy see routing policy examples Prefix export limit 474 Pseudonode suppression 197 Reference bandwidth 320 RIP export policy 312 Route leaking L1 to L2 338 Route leaking L2 to L1 336 Routing policy (advertise passive) 477–478 Routing policy (basic) 76–77 Routing policy (export static to ISIS) 471–472 SPF compatibility 264 SPF delay 262 Static ISIS metric 323 Suppress authorization 363–365 Suppress new-style TLVs 328 Tagging 342–343 TE tunnels 425–426 Traceoptions (ISIS flags) 451, 464 Configuration mode 36, 39 COS 28, 156 MPLS 404 RSVP 408 Content checking, on TLV 298 CPU load, SPF 264–265 CR-LDP 408 Crankback 428 CSNP 208, 218, 220, 236, 239–240 Authorization 365 Header 211 PDU 211–213 Synchronization 214 CSPF 422 Calculation 428 Datagram 12 DCC 103 Debug isis 53, 132, 232–233 Debug isis adj-packets 449–450, 464, 468 Debug isis authentication 467 Debug isis update-packets 450 Debugging 40, 52 Adjacencies 132 Authentication 359–360, 363 Commands Debug isis (IOS) 53, 132, 232–233 Debug isis adj-packets (IOS) 449–450, 464, 468 Debug isis authentication (IOS) 467 Debug isis update-packets (IOS) 450 Monitor (JUNOS) 451, 456 Show | compare (JUNOS) 463–464, 467–468 Show log (JUNOS) 464 Bogus IP address 316–317 ISIS In IOS 53 In JUNOS 70 MTU size 232–233 DEC 2, 31 DECNet Phase IV 2 Phase V 2, 4 DiffServ 14 Dijkstra 2, 248 Distributed database 141–142 Distribution of prefixes 329–331 Direct translation of IP address 102–103 DIS 113, 188 (see also DR) And psuedonodes 183 Election 173, 199 ID (JUNOS) 201–202 Pre-emption 200 Priority 199–200 Redundancy 202 530 Index DR 113, 183 (see also DIS) In OSPF 203 Drafts Draft-ietf-isis-igp-p2p-over-lan-03 (P2P over LAN) 196 Draft-ietf-isis-traffic-05 (G-MPLS) 513 Draft-ietf-isis-wg-multi-topology (multi-topology) 324 Draft-katz-ward-bfd-v4v6-1hop-00 (BFD) 137 Draft-martin-neal-policy-isis-admin-tags (admin tags) 324 Draft-raszuk-isis-bgp-peer-discovery (BGP peer discovery) 522 DNS 106, 347 Drop-dead timer 112 Dynamic hostname 345 Dynamic Hostname TLV #137 347 E.164 103 EBGP see BGP EIGRP 6 Emacs 40 Encapsulation 81 End system 12, 13 Equal-cost paths 399 ES-IS 100 Ethereal 232, 457–458 Ethernet encapsulation 81 Examples see Configuration examples EXP bits 404 Explicit route object (ERO) 412–422 Extended IP Reachability TLV #135 318, 324–325 Extended IS Reachability TLV #22 293, 318 Extensibility 5, 289–291 Fabric 17, 30, 32 Failure scenarios, adjacency APS 124–126 Parallel links 126–127 Fault detection 489–490 FIB 18, 30 And CEF 27 And RIB 19–21 Juniper 32 Filter-based forwarding 14 Filters, route see Routing policy Finite state machine 109, 133 Flag-day migration 376 Flags IOS 53 JUNOS 70 Flat forwarding table 276–277 Fletcher checksum 366–267 Flooding 164–165 In OSPF 329–330 Issues 165–168, 395, 479 Meltdowns due to 296 Mesh-groups and 168 Flow control 159–160 Of LSAs 175 In ISIS 436 Forwarding 15 adjacencies 433 In LDP 418 plane 16, 18–19 tables 17, 276–279 FPCs 32, 62 FPGA 16 Fragment 0 241 Wander 242 Space 243 Fragment-ID 154, 191 Fragmentation 223 Extended 518–520 IP 228–229 For ISIS 230–232 LSPs 485–488 FreeBSD 33, 57, 61 Full SPF run 258–267 Generation interval of LSPs 178 Graceful restart 388–389 Use recommended 501 G-MPLS 504 ISIS extensions for 513–514 Issues 505–506 Overlay 506–509 Peer 509–512 Summary 514–515 GSR 30–31 GUI 35 Index 531 Handshaking 109, 166 2way (P2P) 119, 123–124, 133 3way 119–122, 134, 179 P2P 128–129 Problems with 124–127 Header, ISIS message 110 Hello messages 109–110, 124–128, 135–136, 206, 234 Capabilities 284–285 LAN 111, 183–184 P2P 114 Scheduling 185 Suppressing 304–305 Targeted 430 Help for commands 38 Hidden routes 76 Hierarchical forwarding table 278–279 HMAC-MD5 351, 356, 368 Use recommended 499–500 Hold down timer 134 SPF 258 Holding time 112, 115, 143 Hop-by-hop routing 14 Hostname, dynamic 345 Hosts 13 iBGP see BGP ICD 103 IDRP Information #131 313–314 I/E bit 302–303, 312 IETF, ISIS WG 6, 503–504 IGP, and BGP 160–161 IGP metrics see Metrics Incremental SPF run 270–272 Interface address, ISO 100–104 Example 104 Interface names 44 IOS 46 JUNOS 60 Virtual In JUNOS 80 Loopback 44–45, 99–100, 105, 339, 432, 477, 490 Null 45 Internal tracking 137 Internet drafts see drafts Interprocess communications 24–26 Interworking issues Metrics 327 IPv6 376–378 IOS 35–36, see also Cisco Activating configuration 47–50 Configuration see Configuration examples, IOS Interface names 46 ISIS database see ISIS database Example 39, see also Commands, IOS ISIS and 50 IP address 17 Model 98–100 Prefix 17, 96–97 IP Authentication TLV #133 317–318 IP External Reachability TLV #130 309, 313 IP Interface Address TLV #132 131, 298, 314 IP Internal Reachability TLV #128 304 IPv6 370–372 Interoperability 376–378 IPv6 Reachability TLV #236 372 IS Alias TLV #24 520 IS Neighbors TLV #6 122, 134 IS Reachability TLV #2 109, 186, 301–302 ISIS 8-level 515–516 Addresses 96, 100–104 Area-ID 101 Examples 104 IP addresses 102–103 NSEL 101 Private 103–104 System-ID 101–102 Areas 83–84, IDs 92, 101, 103–104 OSPF v. ISIS 85 Merging 92 Migration 90–92 Multiple IDs 91 Re-numbering 92 Splitting 92 ATT bit 89, 143 Authentication Implementation 356–358 Interoperability 364 IOS 358 IP Authentication TLV #133 317–318 On p2p links 355 Suppression of 361 TLV #10 211, 351 Use recommended 499–500 532 Index . information should a routing protocol really carry? This a good question especially when there is non -routing and non-topology data involved. 17.7 Conclusion The further extension of the IS-IS protocol. Name Reserved IS-IS graceful restart capable IS-IS and BGP blackhole avoidance capable IS-IS wide metric processing capable IS-IS short metric processing capable IS-IS hmac-md5 authentication capable IS-IS. paths. 17.6 Capability Announcement The IS-IS working group has been busy in the last 5 years producing a lot of extensions to the base protocol. All of the extensions are documented as Internet drafts