I mentioned in former posts that learning VXLAN required me to research a variety of concepts to understand what was happening in the control plane. I’ll outline a few of them here.
IS-IS was the first detour. I could have used OSPF for the underlay but I had studied OSPF enough to know most of the LSAs by heart. I wanted to see why IS-IS was the preferred protocol for Clos fabrics. One of the first quirky things I discovered about this protocol was the NET entity. It basically acts like a router id and an area id mushed into one thing. Strangely the NET can range from eight to twenty bytes long and must be an even number of bytes. It usually looks something like this: 00.0000.0000.0001.00.
IS-IS was not designed for IP networks specifically, though it was designed to be flexible to carry both IPv4 and IPv6 information, so a few parts of the NET is always constant in IP networks. The last byte is always 00 and the six bytes to the left of it always represents the router ID (officially the system ID.) Anything to the left of the system ID is the area ID. Breaking it down, the NET represents a router in area 0 with a router ID of 0000.0000.0001.
Unlike OSPF where interfaces are assigned to areas, the IS-IS area applies to the entire router. There are two types of adjacencies in IS-IS. L1 adjacencies form between interfaces in the same area only. L2 adjacencies can form between routers in different areas or in the same area. If a router isn’t configured to be an L1 only or and L2 only router, it can form both an L1 and an L2 adjacency on the same interface.
As with any protocol, you can go as deep and get into as much detail as you’d like. What’s important here is that an L2 only area is called an L2 subdomain and is equivalent to the backbone area for OSPF. L1 areas are not like non-backbone areas, however. They are more like NSSAs, restricting inter-area advertisements but allowing for external route redistribution. By default, routes are not advertised from an L2 subdomain into an L1 subdomain. You have to deliberately leak routes into an L1 subdomain.
A really amazing aspect of the IS-IS design is the TLVs that it uses to advertise information. TLVs, if you don’t know, stands for type, length, value and is a way to mark the boundary of information domains within a continuous batch of data. The type can be a hello message, a graceful restart message or whatever type of information that the IS-IS protocol supports. The length then tells the router how many of the following bytes to associate with the information and the value field is a variable length field that holds the information itself. Extending IS-IS is as easy as defining a new TLV. Any routers not supporting that TLV will just ignore it but communication still occurs. Contrast this to extending OSPF where an entirely new LSA has to be designed, tested and then rolled out.
IPv6 support for IS-IS required adding a new TLV. An entirely new protocol, OSPFv3, was required to add IPv6 support for OSPF.
If you’re interested in deep diving into IS-IS, I’d check out OSPF and IS-IS Choosing an IGP for Large-Scale Networks by Jeff Doyle. It contains all the juicy details from the history of link state protocols to exponential back off and message flooding.
Here’s sample configuration of an L2 only router on IOS:
The NET is the only mandatory thing that needs to be configured for the IS-IS process. I’ve configured the router to be an L2 only router using the is-type command. The process is enabled on individual interfaces. I’ve also configured a neighbor to share a loopback address so you can see what the IS-IS route is like in the rib. Overall, the configuration is very similar to OSPF.