Table of contents
ISIS configuration method:
Enter the ISIS process
isis 1 //创建isis进程
Set entity name
network-entity 49.0001.0000.0000.0001.00 //设置NET地址
Set the type of router
is-level level-* //设置路由器类型
Enter the interface to configure the IP address
Declare to ISIS process
isis enable 1 //在接口下宣告到ISIS进程中
Route calculation:
Level-1 equipment: calculate routes through interactive LSPs in the same area, access other areas/L-2 areas through default routes, L-1
When the device receives the LSP with ATT set by the L1/2 device, it will automatically generate a default route pointing to the L1/2 device
Level-2 device: There will be routing information of the entire network in the LSDB, because the L1/2 device will pass the routes of other areas to the
Level-2 area
Level-1/2 device: maintains the LSDB of Level-1 and Level-2 areas, will pass Level-1 routes to Level-2, and will not pass Level-2 routes to Level-1 |
ATT set condition:
①This is a Level-1/2 device
②Established the Level-2 adjacency relationship of different regions
③Established a Level-1 adjacency relationship in the same area
Routing penetration:
Level-1 devices do not have detailed routes for other areas, and are likely to generate suboptimal routes. You can use route penetration to integrate Level-2 areas
The route imported to the Level-1 area (executed on the Level-1/2 device)
Routing penetration command:
Enter the isis view of the Level-1-2 router:
import-route isis Level-2 into level-1 //route penetration
ISIS certification:
Interface authentication : Affects the establishment of the ISIS adjacency relationship, and the adjacency relationship can only be established after passing the authentication (configured under the interface)
Area authentication : For the Level-1 LSDB, the Level-1 LSP and Level-1 SNP packets are authenticated.
often receive messages
Routing Domain Authentication: Authenticate Level-2 LSP and Level-2 SNP packets for Level-2 LSDB
* As long as one section of interface authentication is enabled, it will affect the establishment of the adjacency relationship between the two parties, as long as the area authentication and routing domain authentication are enabled
The router will be affected, and the device that is not enabled will not perform authentication check on the message by default.
ISIS configuration command:
Configure ISIS zone authentication:
Enter isis view:
area-authentication-mode + authentication type + password type + password
Configure ISIS routing domain authentication:
Enter isis view:
domain-authentication-mode + authentication type + password type + password (consistent with regional authentication)
Configure ISIS interface authentication:
Enter the interface:
isis authentication-mode + authentication type + password type + password
ISIS Overhead Types:
Narrow: Narrow overhead, can receive and send routes with narrow overhead
wide: Wide cost, can receive and send routes with wide cost
compatible: Compatible overhead, can receive/send narrow/wide overhead routes
narrow-compatible: Narrow compatible, can send routes with narrow costs and receive routes with narrow/wide costs
wide-compatible: wide compatible, can send routes with wide cost and receive routes with narrow/wide cost
*The default is narrow overhead, only wide overhead supports Tag