前面我们了解了IS-IS的一些基础理论,从建立邻接、链路状态数据库同步以及路由计算,现在开始学习下配置操作。
一、IS-IS配置
网络拓扑图:
IS-IS有Level级别的区分,Level-1可以是性能较低的设备只维护区域内的LSDB,Level-1-2作为Level-1和Level-2的边界路由器,Level-2是骨干路由器,它们在LSDB的维护和路由信息上有一些差别。
上面拓扑左侧AR1模拟性能较低只维护区域内的LSDB,去往区域外的通过AR2和AR3的默认路由转发。AR2和AR3为L1-2,AR4和AR5为L2路由器。配置基本IP地址和NET地址,根据Router ID进行转换,其实只要不重复就行了。
NET地址配置转换:区域号+System ID+SEL 以1.1.1.1为例:
-
每段扩充到3位-->001.001.001.001 -
重新划分为3段-->0010.0100.1001 -
添加区域号和SEL-->49.0001.0010.0100.1001.00 -
这里扩充是以10进制,比如10--010
IS-IS通告网段是在接口启用ISIS enable 进程,可能是因为原来是数据链路层的原因,所以不是采用network方式,而是直接在接口配置。
AR1配置:
# ISIS配置
isis 1 # isis进程号,和OSPF进程号一致is-level level-1 # 手动配置为level-1,默认位level-1-2network-entity 49.0001.0010.0100.1001.00 # 配置NET地址,必须唯一# 配置接口地址
interface GigabitEthernet0/0/0ip address 12.1.1.1 255.255.255.0 isis enable 1# 配置接口地址
interface GigabitEthernet0/0/1ip address 13.1.1.1 255.255.255.0 isis enable 1AR2配置:
# 路由器默认位级别Level-1-2
isis 1network-entity 49.0001.0020.0200.2002.00
#
interface GigabitEthernet0/0/0ip address 12.1.1.2 255.255.255.0 isis enable 1
#
interface GigabitEthernet0/0/1ip address 24.1.1.2 255.255.255.0 isis enable 1AR3配置:
# 默认级别为Level-1-2
isis 1network-entity 49.0001.0030.0300.3003.00
#
interface GigabitEthernet0/0/0ip address 35.1.1.3 255.255.255.0 isis enable 1
#
interface GigabitEthernet0/0/1ip address 13.1.1.3 255.255.255.0 isis enable 1
AR4配置:
# 配置为level-2骨干区域
isis 1is-level level-2network-entity 49.0002.0040.0400.4004.00
#
interface GigabitEthernet0/0/1ip address 24.1.1.4 255.255.255.0 isis enable 1
#
interface GigabitEthernet0/0/2ip address 45.1.1.4 255.255.255.0 isis enable 1
AR5配置:
# 配置为level-2骨干区域
isis 1is-level level-2network-entity 49.0002.0050.0500.5005.00
#
interface GigabitEthernet0/0/0ip address 35.1.1.5 255.255.255.0 isis enable 1
#
interface GigabitEthernet0/0/2ip address 45.1.1.5 255.255.255.0 isis enable 1
二、验证配置
查看ISIS邻接关系:dis isis peer
# 这里能够看到邻居路由器的ID,接口、建立的邻接关系为L1
<AR1>dis isis peerPeer information for ISIS(1)System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0020.0200.2002 GE0/0/0 0010.0100.1001.01 Up 25s L1 64
0030.0300.3003 GE0/0/1 0010.0100.1001.02 Up 23s L1 64 Total Peer(s): 2# AR2分别建立L1和L2邻接关系
[AR2]dis isis peer Peer information for ISIS(1)System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0010.0100.1001 GE0/0/0 0010.0100.1001.01 Up 7s L1 64
0040.0400.4004 GE0/0/1 0020.0200.2002.02 Up 28s L2 64 Total Peer(s): 2# AR4骨干区域
[AR4]dis isis peerPeer information for ISIS(1)System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0020.0200.2002 GE0/0/1 0020.0200.2002.02 Up 9s L2 64
0050.0500.5005 GE0/0/2 0050.0500.5005.02 Up 9s L2 64 Total Peer(s): 2查看isis 链路状态数据库:dis isis lsdb
# 在AR1能够看到从AR2和AR3有一个ATT置位1的LSDB
<AR1>dis isis lsdbDatabase information for ISIS(1)--------------------------------Level-1 Link State DatabaseLSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0010.0100.1001.00-00* 0x00000016 0xb87c 995 97 0/0/0
0010.0100.1001.01-00* 0x0000000a 0xbf40 995 55 0/0/0
0010.0100.1001.02-00* 0x0000000a 0x21bb 995 55 0/0/0
0020.0200.2002.00-00 0x0000001a 0x6542 1075 86 1/0/0
0030.0300.3003.00-00 0x00000015 0xe589 1040 86 1/0/0 Total LSP(s): 5*(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
# 可以查看LSP的具体信息,通过LSPID
#
<AR1>dis isis lsdb 0010.0100.1001.00-00 verbose Database information for ISIS(1)--------------------------------Level-1 Link State DatabaseLSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0010.0100.1001.00-00* 0x00000016 0xb87c 918 97 0/0/0 SOURCE 0010.0100.1001.00NLPID IPV4AREA ADDR 49.0001 INTF ADDR 12.1.1.1INTF ADDR 13.1.1.1NBR ID 0010.0100.1001.01 COST: 10 NBR ID 0010.0100.1001.02 COST: 10 IP-Internal 12.1.1.0 255.255.255.0 COST: 10 IP-Internal 13.1.1.0 255.255.255.0 COST: 10 Total LSP(s): 1*(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload# 在AR2上可以看到两个级别的LSDB信息
[AR2]dis isis lsdbDatabase information for ISIS(1)--------------------------------Level-1 Link State DatabaseLSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0010.0100.1001.00-00 0x00000016 0xb87c 869 97 0/0/0
0010.0100.1001.01-00 0x0000000a 0xbf40 869 55 0/0/0
0010.0100.1001.02-00 0x0000000a 0x21bb 869 55 0/0/0
0020.0200.2002.00-00* 0x0000001a 0x6542 950 86 1/0/0
0030.0300.3003.00-00 0x00000015 0xe589 913 86 1/0/0 Total LSP(s): 5*(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-OverloadLevel-2 Link State DatabaseLSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0020.0200.2002.00-00* 0x00000018 0xce3e 950 110 0/0/0
0020.0200.2002.02-00* 0x00000009 0x1a5b 950 55 0/0/0
0030.0300.3003.00-00 0x00000015 0xc0b9 913 110 0/0/0
0040.0400.4004.00-00 0x0000000f 0x7652 975 97 0/0/0
0050.0500.5005.00-00 0x0000000d 0x7bdd 915 113 0/0/0
0050.0500.5005.01-00 0x00000009 0x5e6d 915 55 0/0/0
0050.0500.5005.02-00 0x00000009 0xbfe8 915 55 0/0/0 Total LSP(s): 7*(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload查看isis路由信息:dis isis route
# AR1只有当前区域的明细路由和两条通过AR2和AR3的默认路由
# 如果需要L2的路由需要进行路由渗透
<AR1>dis isis routeRoute information for ISIS(1)-----------------------------ISIS(1) Level-1 Forwarding Table--------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
0.0.0.0/0 10 NULL GE0/0/0 12.1.1.2 A/-/-/-GE0/0/1 13.1.1.3
12.1.1.0/24 10 NULL GE0/0/0 Direct D/-/L/-
13.1.1.0/24 10 NULL GE0/0/1 Direct D/-/L/-
24.1.1.0/24 20 NULL GE0/0/0 12.1.1.2 A/-/-/-
35.1.1.0/24 20 NULL GE0/0/1 13.1.1.3 A/-/-/-Flags: D-Direct, A-Added to URT, L-Advertised in LSPs, S-IGP Shortcut,U-Up/Down Bit Set# AR2有两个级别路由
[AR2]dis isis routeRoute information for ISIS(1)-----------------------------ISIS(1) Level-1 Forwarding Table--------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
0.0.0.0/0 20 NULL
12.1.1.0/24 10 NULL GE0/0/0 Direct D/-/L/-
13.1.1.0/24 20 NULL GE0/0/0 12.1.1.1 A/-/L/-
24.1.1.0/24 10 NULL GE0/0/1 Direct D/-/L/-
35.1.1.0/24 30 NULL GE0/0/0 12.1.1.1 A/-/L/-Flags: D-Direct, A-Added to URT, L-Advertised in LSPs, S-IGP Shortcut,U-Up/Down Bit SetISIS(1) Level-2 Forwarding Table--------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
8.8.8.8/32 20 NULL GE0/0/1 24.1.1.4 A/-/-/-
12.1.1.0/24 10 NULL GE0/0/0 Direct D/-/L/-
13.1.1.0/24 40 NULL
24.1.1.0/24 10 NULL GE0/0/1 Direct D/-/L/-
35.1.1.0/24 30 NULL
45.1.1.0/24 20 NULL GE0/0/1 24.1.1.4 A/-/-/-Flags: D-Direct, A-Added to URT, L-Advertised in LSPs, S-IGP Shortcut,U-Up/Down Bit Set
总结:总的来说配置倒是挺简单的,需要理解它的邻接关系,查看LSDB,路由的计算等等。大致步骤:配置接口地址、配置路由器级别、配置NET地址、在接口启用ISIS。
本文由 mdnice 多平台发布
