Layer 2 Mapping for IS-IS
IS-IS is a Layer 2 protocol that uses the Ethernet logical link control (LLC) encapsulation format for exchanging information. IS-IS Layer 2 mapping ensures that forwarding next-hop resolution is topology-driven rather than traffic-driven, which results in minimal traffic loss while activating an Ethernet link.
Typically, IS-IS installs Layer 3 routes that point to Layer 2 next hops into the forwarding table. Junos OS uses a Layer 3 anchor address notation to standardize the description of a next hop. IS-IS uses Address Resolution Protocol (ARP) to map these IPv4 Layer 3 next-hop anchors to a Layer 2 Media Access Control (MAC) address and installs the Layer 2 MAC addresses in the forwarding table for an Ethernet network. For IPv6 routes, Junos OS uses neighbor discovery to resolve IPv6 Layer 3 next-hop anchors. The Routing Engine installs a Layer 3 prefix along with the set of Layer 3 next-hop anchors for a route in the forwarding table. This method of referencing a Layer 2 next hop using its Layer 3 anchor address in IS-IS networks has the following undesired ramifications:
When a new route is added to the kernel, its forwarding next hop might not have been resolved yet.
As next-hop resolution is traffic-driven and always reactive, there is a nonzero traffic loss when you activate an Ethernet link.
Enabling Layer 2 mapping helps to overcome these undesired ramifications in IS-IS networks. IS-IS LAN and point-to point Hellos supply all relevant Layer 2 and Layer 3 binding address information, which the device at the receiving end can use to populate the ARP or neighbor discovery cache of the kernel even before the route installation time. When Layer 2 mapping is enabled, IS-IS installs ARP or neighbor discovery next-hop entries into the forwarding table. Because this provides Layer 2 next-hop bindings ahead of time, IS-IS networks do not experience traffic loss while bringing up a link. Each entry gets enqueued as a semi-static ARP or neighbor discovery entry for simplifying garbage collection by a crashed or restarting routing protocol process (rpd). Therefore, each entry gets refreshed periodically.
The advantages of address resolution using IS-IS Hello messages are as follows:
Forwarding next-hop resolution is topology-driven and not traffic-driven.
Less Layer 2 resolution on core links because IS-IS already carries this information.
Better security because IS-IS provides HMAC-MD5 and HMAC-SHA1 digests.
The ARP and neighbor discovery methods of address resolution are susceptible to MAC address spoofing attacks.
Junos OS supports all Ethernet based interface types. However, non-Ethernet based interface types are not supported. Unnumbered IPv4 and IPv6 addresses are not supported as currently IS-IS does not have the capability to generate the IP address neighbor TLVs #132 and #232 from the loopback interface and advertise them on the unnumbered interface.