IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

Feature history for IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

This table provides release and platform support information for the features explained in this module.

These features are available in all the releases subsequent to the one they were introduced in, unless noted otherwise.

Release

Feature name and description

Supported platform

Cisco IOS XE 17.18.1

IS-IS Protocol Shutdown Support Maintaining Configuration Parameters: This feature allows you to disable the Integrated IS-IS protocol at the interface level or the global IS-IS process level without removing the IS-IS configuration parameters.

Cisco C9350 Series Smart Switches

Cisco C9610 Series Smart Switches

IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

The IS-IS Protocol Shutdown Support Maintaining Configuration Parameters feature allows you to disable the Integrated IS-IS protocol at the interface level or the global IS-IS process level without removing the IS-IS configuration parameters.

IS-IS is a link-state protocol that enables network designers to organize networks into flooding domains. IS-IS is often deployed as the Interior Gateway Protocol (IGP) for ISP network backbones, handling large topologies and numerous routing changes.

IS-IS process and adjacencies

IS-IS requires some configuration on both the device and the interface. An IS-IS process starts with enabling IS-IS on a device and defining a specific tag for identification. Interfaces configured with a specific tag will be part of the corresponding device process. Multiple IS-IS processes can run for Connectionless Network Service (CLNS); however, only one process is allowed for IP.

Small IS-IS networks consist of a single area containing all devices. As the network grows larger, it is usually reorganized into a backbone area made up of the connected set of all Level 2 devices from all areas. The areas are connected to local areas. Within a local area, devices know how to reach all system IDs. Between areas, devices know how to reach the backbone, and the backbone devices know how to reach other areas.

Devices establish Level 1 adjacencies for intra-area routing and Level 2 adjacencies for inter-area routing. If you do not specify Level 1 or Level 2 routing, the default behavior is Level 1-2 routing.

If Level 2 routing is configured on any process, additional processes are automatically configured as Level 1, with the exception of previously configured Level 2 process, which will remain Level 2. You can have only one Level-2 process. You can configure the Level-2 process to perform Level-1 routing at the same time. If Level-2 routing is not desired for a device instance, use the is-type command in device configuration mode to remove the Level-2 capability. Use the is-type command to configure a different device instance as a Level-2 device.

Some networks use legacy equipment that supports only Level 1 routing. These devices are typically organized into many small areas that cannot be aggregated due to performance limitations. Cisco devices interconnect each area with the Level 2 backbone.

Network entity titles (NETs) define the area addresses and the system ID of the device.

PDU packet types in IS-IS routing

The OSI stack defines a unit of data as a protocol data unit (PDU). A frame therefore is regarded by OSI as a data-link PDU, and a packet is regarded as a network PDU. There are four types of PDU packets, and each type can be Level 1 or Level 2:

  • LSP: Link-state PDU. Used to distribute link-state information.

  • IIH PDU: For IS-IS this is called the IS-IS Hello PDU. Used to establish and maintain adjacencies.


Note

On point-to-point links, Level-1 and Level-2 IIH PDUs are the same. Both Level-1 and Level-2 IIH use the same type of PDU, but they carry different circuit types.

  • PSNP: Partial sequence numbers protocol data unit (PDU). Used to acknowledge and request link-state information.

  • CSNP: Complete sequence number protocol data unit (PDU). Used to distribute the complete link-state database of a device.

IS-IS LSPs include specific information about the device’s attachments. The information is included in multiple Type Length Value (TLV) fields in the main body of the LSP:

  • The links to neighbor device intermediate systems (ISs), including the metrics of those interfaces

  • The links to the neighbor end systems (ESs)

Shut down IS-IS to make changes to your IS-IS Network

You can shut down IS-IS (placing it in an administrative down state) to make changes to the IS-IS protocol configuration, without losing your configuration parameters. You can shut down IS-IS at the interface level or at the global IS-IS process level. If you reboot the device when the protocol is turned off, the protocol will return to the disabled state. Setting the protocol to the administrative down state allows network administrators to disable IS-IS operation without losing protocol configuration. This facilitates changes in protocol configuration while avoiding undesirable intermediate states and allows the protocol to be reenabled at a suitable time.

Before the introduction of this feature, there was no nondestructive method to disable IS-IS operation. To disable IS-IS at the device level, the only method was to issue the no router isis command, resulting in the removal of the IS-IS configuration. At the interface level, there are two methods to disable IS-IS operation. Enter the no ip router isis command to remove IS-IS from the specified interface, or enable passive mode on the interface to continue advertising its IP address. In either case, the current IS-IS configuration will be removed.

Prerequisites for IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

Understand your network design, and plan traffic flow before configuring IS-IS. Define areas, prepare an addressing plan for the devices, including NETs, and identify the interfaces that will run Integrated IS-IS. Prepare a matrix of adjacencies before configuring your devices to display expected neighbors in the adjacency table.

Configure IS-IS Protocol Shutdown Support Maintaining Configuration Parameters

This section provides configuration information about IS-IS Protocol Shutdown Support Maintaining Configuration Parameters.

Enable IS-IS as an IP routing protocol on the device

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

router isis [area-tag ]

Example:


Device(config)# router isis

Assigns a tag to an IS-IS process. Enters router configuration mode.

  • Configure tags to identify multiple IS-IS processes with distinct and meaningful names for each routing process.. If the tag is not specified, a null tag (0) is assumed and the process is referenced with a null tag. The tag name must be unique among all IP router processes for the device.

Step 4

net network-entity-title

Example:


Device(config-router)# net 49.0001.0000.0000.000b.00

Configures the NET on the device.

  • The NET identifies the device for IS-IS.

Step 5

end

Example:


Device(config-router)# end

Exits router configuration mode and returns to privileged EXEC mode.

Enable IS-IS as an IP routing protocol on the interface

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

interface type number

Example:


Device(config)# interface Gigabitethernet 1/0/2

Enters interface configuration mode.

Step 4

ip address ip-address mask [secondary ]

Example:


Device(config-if)# ip address 172.16.1.27 255.255.255.0

Sets the primary IP address on the interface.

Step 5

ip router isis [area - tag ]

Example:


Device(config-if)# ip router isis company1

Enables IS-IS on interfaces utilized for distributing IP information and establishing IS-IS adjacencies.

  • Use the area-tag argument to specify to which IS-IS process the device belongs.

  • If multiple IS-IS processes exist on the device, repeat the ip router isis command for each interface. Specify an area tag to associate each interface with its specific IS-IS process.

Step 6

end

Example:


Device(config-if)# end

Exits interface configuration mode and returns to privileged EXEC mode.

Shut down IS-IS in interface mode

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

interface type number

Example:


Device(config)# interface Gigabitethernet 0/0

Configures an interface and enters interface configuration mode.

Step 4

isis protocol shutdown

Example:


Device(config-if)# isis protocol shutdown

Disables the IS-IS protocol so that it cannot form adjacencies on a specified interface and places the IP address of the interface into the LSP that is generated by the device.

Step 5

end

Example:


Device(config-if)# end

Exits interface configuration mode and returns to privileged EXEC mode.

Shut down IS-IS in router mode

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

router isis area-tag

Example:


Device(config)# router isis 1

Enables the IS-IS routing protocol and specifies an IS-IS process, and enters router configuration mode.

Step 4

protocol shutdown

Example:


Device(config-router)# protocol shutdown

Prevents IS-IS from forming any adjacency on any interface and clears the IS-IS LSP database, without actually removing the IS-IS configuration.

Step 5

end

Example:


Device(config-router)# end

Exits router configuration mode and returns to privileged EXEC mode.

Monitor IS-IS

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

isis display delimiter [return count | character count ]

Example:


Device(config)# isis display delimiter return 3

Makes output from multiarea displays easier to read by specifying the delimiter to use to separate displays of information.

Step 4

exit

Example:


Device(config)# exit

Returns to privileged EXEC mode.

Step 5

show ip protocols

Example:


Device# show ip protocols

Displays the parameters and current state of the active routing protocol process.

  • Use this command to learn about active protocols, active interfaces, routed networks, and other related routing protocol parameters.

Step 6

show clns area-tag is-neighbors [type number ] [detail ]

Example:


Device# show clns is-neighbors detail

Displays IS-IS information for IS-IS device adjacencies.

Step 7

show clns interface [type number ]

Example:


Device# show clns interface

List the CLNS-specific information about each interface.

Step 8

show clns area-tag neighbors [type number ] [area ] [detail ]

Example:


Device# show clns area3 neighbors

Displays both ES and IS neighbors.

  • The show clns neighbor command output verifies that the right adjacencies have established. A matrix of adjacencies should be prepared before you configure your devices, showing what neighbors should be expected in the adjacencies table, to facilitate verification.

Step 9

show clns area-tag traffic

Example:


Device# show clns area3 traffic

Displays traffic statistics.

To monitor IS-IS for stability once it has been deployed across your network, enter the show clns traffic command to check the following important statistics: high numbers of SPFs, checksum errors, and retransmissions. To troubleshoot IS-IS behavior, you can use the output from the show clns traffic command to check for the\ese indicators:

  • The number of link-state PDUs (LSPs) can help you determine the stability of the IS-IS network. The number of LSPs should never be zero. However, an LSP count that keeps increasing over a short time period indicates a network issue.

  • LSP retransmissions should stay low. A later execution of the show clns traffic command that shows an increase in LSP retransmissions, as compared to an earlier execution of the command, can indicate instability or traffic problems.

  • To check for partial route calculations (PRCs), enter the show clns traffic command. PRCs are flooded when a change that does not affect topology is reported through an LSP; typical examples include the addition or removal of a prefix or metric changes for external or passive interfaces. A PRC update queue that remains full or increases to the maximum value for long periods of time indicates network instability.

  • LSP checksum errors indicate a problem.

  • The update queue should not stay full and should not drop much.

Step 10

show ip route [ip-address [mask ]] [[longer-prefixes ] | protocol [process-id ] | list [access-list-number | access-list-name ] | static download ]]

Example:


Device# show ip route 172.16.0.21

Displays the current state of the routing table.

Step 11

show isis [process-tag ] database [level-1 ] [level-2 ] [l1 ] [l2 ] [detail ] [lspid ]

Example:


Device# show isis database detail

Displays additional information about the IS-IS database.

  • Displays the link-state database for Level-1 and Level-2, the contents for each LSP, and the link-state protocol PDU identifier.

Step 12

show isis database verbose

Example:


Device# show isis database verbose

Displays additional information about the IS-IS database such as the sequence number, checksum, and holdtime for LSPs.

Step 13

show isis lsp-log

Example:


Device# show isis lsp-log

Displays a log of LSPs including time of occurrence, count, interface, and the event that triggered the LSP.

Step 14

show isis [area-tag ] [ipv6 | * ] spf-log

Example:


Device# show isis spf-log

Displays how often and why the device has run a full shortest path first (SPF) calculation.

  • If the device continues to run SPF without ceasing, there might be an issue regarding a change in the network (intra-area). The cause for the continued SPF calculations could be an interconnecting link that is transitioning up/down/up/down or a metric change. It is normal for the SPF calculation to run a few times when a network change occurs, but then it should cease.

Step 15

show isis [process-tag ] [ipv6 | * ] topology

Example:


Device# show isis topology

Displays a list of all connected devices in all areas.

Step 16

show isis [area-tag ] neighbors [detail ]

Example:


Device# show isis neighbors detail

Displays IS-IS adjacency information.

  • The show isis neighbor detail command output verifies that the right adjacencies have established. A matrix of adjacencies should be prepared before you configure your devices, showing what neighbors should be expected in the adjacencies table, to facilitate verification.

When the show isis neighbors command is entered with the detail keyword, the output provides information about the IS-IS adjacencies that have formed. 

Device1# show isis neighbors detail

System Id      Type Interface IP Address      State Holdtime Circuit Id
Device2         L2   Et1/0     10.1.1.0        UP   255      Circuit3.01          
  Area Address(es): 32
  SNPA: aabb.cc00.2001      
  State Changed: 00:00:14
  LAN Priority: 64
  Format: Phase V

What to do next

You can use these two system debugging commands to check your IS-IS IPv4 implementation.

  • If adjacencies are not coming up properly, use the debug isis adj-packets command.

  • To display a log of significant events during an IS-IS SPF calculation, use the debug isis spf-events command.

Configuration examples

Refer this section for configuration examples of IS-IS Protocol Shutdown Support Maintaining Configuration Parameters.

Example: Configure a basic IS-IS Network

This example shows how to configure three devices to run IS-IS as an IP routing protocol.

Device A configuration


router isis
 net 49.0001.0000.0000.000a.00
interface ethernet0/0
 ip address 10.1.1.1 255.255.255.0
 ip router isis
interface serial 2/0
 ip router isis
 ip address 192.168.1.2 255.255.255.0

Device B configuration


router isis
 net 49.0001.0000.0000.000b.00
interface ethernet0/0
 ip router isis
 ip address 172.17.1.1 255.255.255.0
interface serial2/0
 ip router isis
 ip address 192.168.1.1 255.255.255.0
interface serial5/0
 ip router isis
 ip address 172.21.1.1 255.255.255.0

Device C configuration


router isis
 net 49.0001.0000.0000.000c.00
interface ethernet2/0
 ip router isis
 ip address 172.21.1.2 255.255.255.0
interface serial5/0
 ip router isis
 ip address 172.22.1.1 255.255.255.0

The show isis topology command displays this information about how the devices are connected within the IS-IS network: 


DeviceB# show isis topology

IS-IS paths to level-1 routers
System Id            Metric     Next-Hop             Interface   SNPA
DeviceA              10         DeviceA              Se2/0       *HDLC*         
DeviceB              --
DeviceC              10         DeviceC              Se5/0       *HDLC*         
IS-IS paths to level-2 routers
System Id            Metric     Next-Hop             Interface   SNPA
DeviceA              10         DeviceA              Se2/0       *HDLC*         
DeviceB              --
DeviceC              10         DeviceC              Se5/0       *HDLC*

The show isis database command displays this information for the Level 1 and Level 2 LSPs for each device in the IS-IS network. 


DeviceB# show isis database

IS-IS Level-1 Link State Database:
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
DeviceA.00-00         0x00000005   0x1A1D        1063              0/0/0
DeviceB.00-00       * 0x00000006   0xD15B        1118              0/0/0
DeviceC.00-00         0x00000004   0x3196        1133              1/0/0
IS-IS Level-2 Link State Database:
LSPID                 LSP Seq Num  LSP Checksum  LSP Holdtime      ATT/P/OL
DeviceA.00-00         0x00000008   0x0BF4        1136              0/0/0
DeviceB.00-00       * 0x00000008   0x1701        1137              0/0/0
DeviceC.00-00         0x00000004   0x3624        1133              0/0/0

The show ip route command displays information about the interfaces of each device, including their IP addresses and how they are connected to Device B: 


DeviceB# show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     172.17.0.0/24 is subnetted, 1 subnets
C       172.17.1.0 is directly connected, Ethernet0/0
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, Serial4/0
     172.21.0.0/24 is subnetted, 1 subnets
C       172.21.1.0 is directly connected, Serial5/0
     172.22.0.0/24 is subnetted, 1 subnets
i L1    172.22.1.0 [115/20] via 172.21.1.2, Serial5/0
     10.0.0.0/24 is subnetted, 1 subnets
i L1    10.1.1.0 [115/20] via 192.168.1.2, Serial2/0
C    192.168.1.0/24 is directly connected, Serial2/0
C    192.168.3.0/24 is directly connected, Serial3/0

The show isis spf-log command displays logs of Level 1 and Level 2 LSPs including time of occurrence, duration, count, and the event that triggered the LSP. 


DeviceC## show isis spf-log

   level 1 SPF log
  When   Duration  Nodes  Count    First trigger LSP   Triggers
00:01:30       0      3      7        DeviceB.00-00  PERIODIC NEWADJ NEWLSP TLVT
   level 2 SPF log
  When   Duration  Nodes  Count    First trigger LSP   Triggers
00:01:31       0      3      7        DeviceB.00-00  PERIODIC NEWADJ NEWLSP TLVT

This figure illustrates the sample configuration.

Figure 1. IS-IS routing

Example: Shut down IS-IS in interface mode

This device output shows that the device has two IS-IS adjacencies: 


Device# show clns neighbors

System Id  Interface  SNPA            State  Holdtime  Type      Protocol
first      Et3/1      0002.7dd6.1c21  Up     25        L1L2      IS-IS
second     Et3/2      0004.6d25.c056  Up     29        L1L2      IS-IS

When the isis protocol shutdown command is entered for Ethernet interface 3/1, the IS-IS protocol will be disabled for the specified interface: 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# Interface Gigabitethernet 0/0
Device(config-if)# isis protocol shutdown
Device(config-if)# end

This device output shows that the adjacency for Ethernet interface 3/1 has not formed: 


Device# show clns neighbors

System Id  Interface  SNPA            State  Holdtime  Type      Protocol
second     Et3/2      0004.6d25.c056  Up     27        L1L2      IS-IS

Example: Shut down IS-IS in router mode

This device output shows that the device has two IS-IS adjacencies: 


Device# show clns neighbors

System Id  Interface  SNPA            State  Holdtime  Type      Protocol
south      Et3/1      0002.7dd6.1c21  Up     29        L1L2      IS-IS
north      Et3/2      0004.6d25.c056  Up     28        L1L2      IS-IS

The protocol shutdown command is entered so that IS-IS is disabled and no adjacencies will be formed on any interface: 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router isis area1
Device(config-router)# protocol shutdown
Device(config-router)# end

This device output now shows that both adjacencies are gone. 


Device# show clns neighbors

System Id  Interface  SNPA            State  Holdtime  Type      Protocol

When the no protocol shutdown command is entered, the adjacencies will again be formed on both interfaces: 


Device(config)# router isis area1
Device(config-router)# no protocol shutdown
Device(config-router)# end

Device# show clns neighbors

System Id  Interface  SNPA            State  Holdtime  Type      Protocol
south      Et3/1      0002.7dd6.1c21  Up     24        L1L2      IS-IS
north      Et3/2      0004.6d25.c056  Up     24        L1L2      IS-IS