Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Understanding IS-IS Configuration

To configure IS-IS, you must enable IS-IS on the interfaces and configure a NET address on one of the device interfaces (preferably, the lo0 interface) by setting family iso address net-address on the interface. To create the NET address (also known as the system ID or the NSAP address), you can use the convention that is dictated by your network design, or you can follow this convention:

  1. Take the router ID, remove the dots (.), and insert leading zeroes where necessary so that the string is 12 characters long.

    For example, if the router ID is 192.168.0.4, the 12-character string would be 192168000004. If the router ID is 10.12.23.1, the 12-character string would be 010012023001.

  2. Add a dot after every 4th character.

    The strings would become 1921.6800.0004 and 0100.1202.3001.

  3. Prepend the area number.

    If the routing devices are in area 47, the strings would become 47.1921.6800.0004 and 47.0100.1202.3001.

  4. Append the selector (00).

    The strings would become 47.1921.6800.0004.00 and 47.0100.1202.3001.00.

You must configure the ISO family on all interfaces that are supporting the IS-IS protocol by setting family iso on the interface. This means that IS-IS related frames are not discarded by the routing devices.

You must enable IS-IS to run on the interfaces by setting interface interface-name in the protocol configuration. This means that the interfaces are advertised into IS-IS.

Unlike OSPF, when you enable IS-IS on the lo0 interface, you do not need to explicitly set passive mode. Passive mode means that the interface is advertised into the link-state protocol, but the interface does not send or receive protocol control packets, such as IS-IS hello and link-state PDUs. In IS-IS, the lo0 interface is always passive.

When you enable IS-IS on an interface, both levels (Level 1 and Level 2) are enabled by default. To specify that an interface is on a Level 1 link, disable Level 2. To specify that an interface is on a Level 2 link, disable Level 1. You can disable a level on the entire device or per-interface. If two routing devices, R1 and R2, are both in the same IS-IS area, they communicate at Level 1 if one or both devices have Level 2 disabled.

For security devices only, you must enable IS-IS by setting mode packet-based at the [edit security forwarding-options family iso] hierarchy level.

Note:

Junos releases prior to and including 19.2R1-S2 supported ISIS PDU exchange without explicitly setting packet mode for ISIS under [edit security forwarding-options family iso]. In newer releases this setting is required in order for ISIS to operate properly. When upgrading an SRX device to a Junos version newer than 19.2R1-S2 you must configure packet mode for ISIS or adjacencies will not form.

Related Documentation