Intermediate System to Intermediate System

IS-IS in an Interior Gateway Protocol developed in the 1980s by Digital Equipment Corporation (DEC) and submitted to the International Organization for Standardization (IOS) as the routing protocol for Open System Interconnection (OSI). The creation creation of IS-IS was an attempt to produce a standard protocol suite that could allow internetworks to scale.

In recent years, the IS-IS routing protocol has become increasingly popular, with widespread usage among Service Providers. It is a link state protocol, which enables very fast convergence with large scalability. It is also a very flexible protocol and has been extended to incorporate leading edge features such as MPLS Traffic Engineering.

The IS-IS routing protocol is a link-state protocol, as opposed to distance-vector protocols such as Interior Gateway Routing Protocol (IGRP) and Routing Information Protocol (RIP). Link-state offers several advantages over distance-vector protocols. It is faster converging, supports much larger internetworks, and is less susceptible to routing loops.

Intermediate System-to-Intermediate System (IS-IS) Protocol is an intradomain Open System Interconnection (OSI) dynamic routing protocol specified in International Organization for Standardization (ISO) 10589. The protocol is designed to operate in OSI Connectionless Network Service (CLNS). Data is carried using the protocol specified in ISO 8473.

Information about IS-IS from Cisco Systems

IS-IS Configuration on Cisco Router

Global Router Configurations

Router(config)#router isis

- Starts the IS-IS process on the router

Router(config-router)#net <network address>

- Defines the NET address of the router

Router(config-router)#is-type level-1

- Defines whether the router is acting as an L1, L2, or L1-2 router

Router(config-router)#summary-address <address> <mask>

- Enables you to summarize the networks manually

Interface Level Configurations

Router(config-if)#ip router isis

- Turns on Integrated IS-IS routing for the interface

Router(config-if)#clns router isis

- Turns CLNS routing at the interface to allow the Layer 2 LSPs to be unraveled so that the ATT bit can be seen

Router(config-if)#frame-relay map ip <destination address> <DLCI> broadcast

- Maps the Frame Relay address to the destination and defines the link as a broadcast link to be treated as a LAN

Operation Verification Commands

Router#show clns neighbor {detail}

- Displays information drawn from the neigbor table

Router#show clns interface

- Displays information about Integrated IS-IS Hello and timers seen on the interface

Router#show isis database

- Shows the link-state database

Router#show isis spf-log

- Show why and how often the SPF algorithm was calculated (listing the last 20 occurances)

Troubleshooting Commands

With troubleshooting using debug, if you're connected via the console port, turn on console logging (Router(config)#logging console) or if connected by virtual terminal, turn on the logging monitor (Router#term mon)

Router#debug isis adjacencies-packets

- Displays information on all adjacency-related activity

Router#debug isis spf-statistics

- Displays statistical information about building routes between routers

Router#debug isis update-packets

- Displays SNPs (CSNPs and PSNPs) and LSPs that are detected by the router

ISO Addressing for IS-IS

The ISO address is a variable-length address from 8-20 octets in length. There are three sections to an ISO address...


  • Area

    • The Area field is used to route between areas using Level 2 routing.
  • ID

    • The ID field is used to route to a host or router within the area using Level 1 routing.
  • SEL

    • The SEL field is used to route to an entity with the host or ES.

An ISO Address...

|IDP Part|IDP Part|DSP Part|DSP Part|DSP Part |AFI|IDI|High Order DSP|System ID|NSEL |Area|Area|Area|ID|SEL

  • IDP - Initial Domain Part. The IDP is used to route to the domain (or autonomous system). The IDP is given by the ISO and identifies the organization responsible for assigning the format for the rest of the address by defining the DSP structure.

    • AFI - Authority and Format Identifier. The AFI is the first octet of the address. It is defined as one octet. It states the authority in charge of issuing addresses and the format of the rest of the address, within the contraints of IDI and DSP, to describle Area, ID, and SEL.
    • IDI - Initial Domain Identifier.The IDI is the suborganization to the AFI.
  • DSP - Domain Specific Part. The DSP is used to route within the autonomous system. The authority specified by the IDP may further subdivide the DSP and may assign subauthorities responsible for parts of the DSP.

    • High Order DSP - High Order DSP is typically the area within the autonomous system.
    • System ID - System ID can have a value between 1 and 8 octets. It must have the same length throughout all systems in the autonomous system. Cisco for example uses 6 octets, which is a common solution because it allows the use of the MAC Address to autoconfigure the system.
    • NSEL - NSEL is one byte and identifies the particular service at the network layer to which to hand the packet.

NETs and NSAPs

NETs and NSAPs are both ISO Addresses. There is a subtle difference between the two.

The NET (Network Entity Title) address is the address of the host, where the value in the NSEL field is set to 0x00. Therefore there is no upper-layer protocol identified within the host. With no application identified with the end host, the packet can be routed to the destination, but it cannot be handed off to a process after it has been delivered. However, routers do not have upper-layer protocols to identify because they are transitory ISs. Therefore, the NSAP of the router is referred to as a Network Entity Title because the NSEL field is set to 00.

The NSAP (Network Service Access Point) is the full ISO address. It not only defines the area and destination host within the area, but also specifies where to send the incoming packet after it has reached the host. The NSEL field at the end of the ISO address specifies the upper-layer protocol and is similar to the Protocol field of the IP header.

Rules of ISO Addressing

  • The ISO address is assigned to the system, not to the interface.
  • Typically, the router has one NET address. There are exceptions to this rule
  • If multiple NETs are configured on the same router, they must have the same system ID.
  • The area address must be the same for all routers in the same area.
  • All Level 2 routers must have a system ID that is unique for the entire domain.
  • All level 1 routers must have a system ID that is unique for the entire area.
  • The system ID must be the same length for all ISs and ESs with in a routing domain.

Examples of a NET Address...

A simple OSI NET Address using a MAC Address...


|AFI (Area ID)|IDI (Area ID)|HO-DSP (Area ID)|System ID|SEL |49.| |0002.|0003.6b3c.1e44.|00

A simple OSI NET Address using an IP Address (say


|AFI (Area ID)|IDI (Area ID)|HO-DSP (Area ID)|System ID|SEL |49.| |0001.|0101.0020.0254.|00

A GOSIP version 2 address, showing the external routing information...


|AFI (Area ID)|IDI (Area ID)|HO-DSP (Area ID)|System ID|SEL |49.|0001.e09a.e900.0000.|0002.|0003.6b3c.1e44.|00

IS-IS Terms

|Adjacency|Local routing information that shows the reachability of a directly connect End System (ES)- Node or Intermediate System (IS) - Router. A separate adjacency is created for each neighbor on a circuit, and for each level of routing (that is Level 1 and Level 2) on a broadcast circuit. |Administrative Domain|A group of routers that share the same routing protocol within one organization. |Area|A subdomain with an Administrative Domain. Routers in an area maintain detailed routing information about the area's internal composition. The routers also maintain routing information that allows them to reach other areas. the area address is contained in the NET and NSAP address. |Circuit|The local routing information for a single subnet point of attachment (SNPA). |Code/Length/Value (CLV)|These are the variable-length fields in a PDU. The code field specifies the information in the Content field as a number. The length field states the size of the Value field. The Value field contains the information itself. |Complete sequence number packet (CSNP)|CSNPs describe every link in the link-state database. CSNPs are sent on point-to-point links. When the link comes up to synchronize the link-state databases. The designated router (DR), or designated intermediate system (DIS), on a multicast network sends out CSNPs every 10 seconds. |Connectionless Network Protocol (CLNP)|The is the ISO protocol used to carry data and error indications at the network layer. CLNP is similar to IP and has no facilities to detect errors in data transmission. It relies on the transport layer to provide guaranteed data delivery. |Connectionless Network Service (CLNS)|CLNS uses a datagram transfer service and does not require a circuit to be established before data is transmitted. Whereas CLNP defines the actual protocol, CLNS describes a service provided up to the transport layer. Being a connectionless service, CLNP provides a "best effort" delivery of data; therefore, there is no guarantee that the data will be lost, corrupted, misordered, or duplicated. If you require guaranteed delivery, the transport layer or application layer needs to provide the service that will correct the problems when they arise. |Designated intermediate system (DIS)|The router (IS) on a LAN that is designated to perform additional duties. In particular, the DIS generates link-state PDUs on behalf of the LAN by treating the LAN as a pseudonode. |Dual IS-IS|IS-IS that supports both OSI and IP routing information. Areas within the autonomous system can run either OSI or IP or both. However, the configuration chosen must be consistent within the entire area. |End System (ES)|The end node or host, which has limited routing capabilities. The ES has the OSO or IP Layer 3 protocol running and can receive and send data. |End System-to-Intermediate System (ES-IS)|The protocol by which the OSI ES and the IS communicate to dynamically learn Layer 2 adjacencies. |Hello|Hello packets are used to dicover and maintain adjacencies. |Host Address|This is the subset of the NET address, which includes both the domain, area, and system ID. |Integrated IS-IS|Another term for Dual IS-IS. Indicates IS-IS can be used to support routing for two Layer 3 protocols (IP and CLNP) in the same network simultaneously. |Intermediate system (IS)|A router. The IS is a device capable of directing traffic to remote destinations. |Intermediate System-to-Intermediate System (IS-IS)|The OSI routing protocol that learns the location of the network within the autonomous system so that data can be forwarded to the remote hosts. |IS-IS domain|A group of routers running the IS-IS protocols for exchanging routing information. |Level 1 (L1)|These routers are internal to the area, which means that they receive routing information for their area only and have no knowlege of the other area's networks. The reach other areas, Level 1 routers maintain a default route to the nearest Level 2 router. |Level 1-2 (L1-2)|A router that connects areas. This router connects a Level 1 area to the Level 2 backbone. It will have a Level 1 routing table to route to ES and IS in its own area by system ID. It will maintain a Level 2 prefix table to route to other areas. |Level 2 (L2)|These router are connected only to the backbone and provide transit traffic between areas. |Link|A physical connection to a neighbor. This link is then transmitted to all the other routers in the area via the LSP. |Link-state packet (LSP)|A Packet that describes a router's links. these are separate LSPs for Level 1 and Level 2 updates. |Neighbor|A router on the same link with which an adjacency is formed and routing information is then exchanged. |Network entity title (NET)|Part of an OSI address. The NET describes both the area and system ID of a system in the IS-IS network but excludes the NSEL, which defines the NSAP address of the system. |Network protocol data unit (NPDU)|See protocol data unit (PDU). |Network Selector (NSEL)|Sometimes referred to as the SEL field. This field describes the service at the network layer by which the packet is to be sent. NSEL is similar to the Protocol filed in IP. |Network service access point (NSAP)|Describes a service at the network layer to which the packet is to be directed. The NSAP is the NET address with the SEL field set to a value other than 0x00. |Overload (OL) bit|The OL is set on an LSP if the router cannot store the entire link-state database. When other routers receive LSPs with this bit set, they will not send the router any transmit traffic for fear that its routing table is incomplete. If the router is making decisions using incomplete data, its decisions may result in suboptimal paths or even routing loops. Traffic destined for the router can still be sent to the directly connected interfaces of a router transmitting the OL bit in its LSPs. |Partial sequence number packet (PSNP)|PSNPs are sent on point-to-point links to acknowlege explicitly each LSP the router recieves. A router on a broadcast subnetwork sends a PSNP requesting the LSPs it needs to synchronize its link-state database. |Protocol data unit (PDU)|A unit of data passed from one layer of the OSI model to the same level of the OSI model on another node. Each layer prefixes the PDU to indicate the sending OSI layer so that the network layer sends NPDUs and the data-link layer sends DLPDUs. |Pseudonode|The LAN identifier for a broadcast subnetwork. The pseudonode makes the broadcast medium appear as a virtual router and the routers appear as connected interfaces. the routers maintain adjacencies to the pseudonode, which are managed by the DIS, instead of to all other routers on the medium (thus reducing memory, CPU, and bandwitch resources). |Routeing Domain|Routeing Domain is the same as the Administrative Domain. It defines the bondaries of a network of interconnected routers operated and managed by the same administrative group.
The spelling of Routeing Domain is not a typographic error but the British spelling adopted by the ISO committee. |Sequence number PDU (SNP)|SNPs are used to acknowledge the receipt of LSPs and to synchronize link-state databases. |Subnetwork|The data-link layer. |Subnetwork dependent layer|Interfaces with the data-link layer and hides the different kinds of data-link layers from the network layer. This sublayer transmits and receives PDUs from the subnetwork, translates DLPDUs into NPDUs, and hands them to the appropriate OSI process. The subnetwork dependent layer is also responsible for creating and maintaining adjacencies through the exchange of IS-IS Hello PDUs. |Subnetwork independent layer|Interfaces with the transport layer and provides it with network services. It describes how CLNS creates and maintains knowledge of the network by exchanging and processing routing information so that data can be transmitted efficiently to remote destination hosts and handed to the transport layer. |Subetwork point of attachment (SNPA)|The data-link layer offers two services; the physical connection to the medium and the services offered to the physical layer and network layer. The SNPA refers to these services. The SNPA address is the physical address (for example, the MAC address on a LAN). |Type/Length/Value (TLV)|TLV is the same as a CLV, but some literature refers to the variable-length fields as TLV in accordance with the IP terminology.