Comprehensive Guide to IS-IS Routing Protocol

Published on: July 17, 2024

10 min read

Understanding network routing protocols is crucial for developing reliable and effective network architectures, despite the fact that they could be complex. If you want information about the IS-IS (Intermediate System-to-Intermediate System) routing protocol, this page is a great place to start. Whether you're a mid-level network engineer or completely unfamiliar with routing concepts, this comprehensive investigation will provide you with the knowledge to:

Understand the fundamental features and background of IS-IS.
Recognize its function in network communication and its benefits for extensive networks.
Examine the features, types of IS-IS routers, methods involved in configuring IS-IS on Cisco equipment, and their technical characteristics.
Learn important details about its performance optimization strategies, security measures, and comparisons with other well-known routing protocols.

You will have a solid grasp of IS-IS and its possibilities by the end of this extensive article, enabling you to decide how best to use it in your network environment.

What is the IS-IS Routing Protocol?

Intermediate System-to-Intermediate System (IS-IS) is the protocol used for computer networks that we can relate to the system of highways for data packets in road networks.

Intermediate System to Intermediate System (IS-IS, sometimes also written ISIS) is a routing protocol that is used in the efficient transportation of data from one source to many different destinations on linked computers or such devices. For this to work, it must find the best way for packets to move through a network that uses packet swapping. It is the program that makes sure data packets get to their destinations safely over computer networks. DEC created IS-IS mainly for DECnet Phase V. Later, the IETF adopted it so that it could function in the TCP/IP network. This technology uses a link-state algorithm to determine the best path between devices. It can do this because it sees the whole network structure and can respond instantly to changes, making routing optimal and helpful.

Get Started with Zenarmor Today For Free

What is the history of the IS-IS Protocol?

IS-IS has a history that can hardly be neglected and is quite fascinating. It all started during the 1980s when DEC was in desperate need of a reliable routing protocol for DECnet Phase V. IS-IS was then adopted by the IETF back in the 1990s when the requirement for reliable and scalable routing had become a critical issue in the rapidly developing TCP/IP networks. One of the great things was its adoption in the Integrated IS-IS (RFC 1195) that ruled both IP and DECnet traffic. Years have come and gone, and IS-IS has become an advanced option that largely Internet Service Providers (ISPs) prefer for their great capability of scalability and strong performance.

What is the purpose of the IS-IS Protocol?

The main goal of the IS-IS algorithm is to make sure that data packets are sent across networks quickly and reliably. Its goal is to keep the routing system flexible and open to change so that it can grow to fit big, complicated networks. IS-IS does this by constantly collecting data about the structure of the network and using it to find the fastest and quickest ways for data packets to move. Because of this, there is very little delay and the best use of network resources, which makes it perfect for ISPs and big business networks.

Why is IS-IS a Layer 2 protocol?

The main reason why the IS-IS protocol exists is to ensure efficient and accurate routing of data packets throughout networks. It is about having a timely and smart routing environment that can be adapted and scaled out to support the largest and most complex networks. IS-IS goes on to do this by acquiring data related to the network's topology, which is then used to compute the shortest paths that packets take. This results in next to no time delays and the best possible use of the network. Hence, it is a great choice for ISPs and big companies.

What are the features of the IS-IS Routing Protocol?

In this section, we will discuss the distinctive features of the IS-IS (Intermediate System-to-Intermediate System) routing protocol, which set it apart from other dynamic routing protocols like OSPF (Open Shortest Path First) and EIGRP (Enhanced Interior Gateway Routing Protocol). The key features that make IS-IS a standout choice for large-scale network environments are as follows.

Link-State Protocol: IS-IS keeps an exhaustive topology map as it is a link-state protocol. To communicate its network status, every router in the IS-IS domain creates Link State Advertisements (LSAs). Each router is able to apply the Dijkstra method to determine the shortest path to any destination thanks to these LSAs, which are used to construct a thorough and current map of the network. Decisions about routing are guaranteed to be efficient and dependable because of this thorough knowledge of the network.
Scalability: The scalability of IS-IS is a notable feature. With its roots in large-scale networks, IS-IS is well-suited to manage complicated and expansive network topologies. This makes it a great fit for big business networks and Internet service providers (ISPs) looking for scalable and reliable routing solutions. Unlike OSPF and EIGRP, this protocol can handle a high number of routes without noticeably lowering performance.
Flexible Topology Support: IS-IS supports both flat and hierarchical network topologies. All routers are in a single area in a flat topology, which makes the configuration much simpler but at the same time is a disadvantage in terms of scalability. For large networks, IS-IS can be configured with additional levels (Level 1 and Level 2) to create a hierarchy that will be better in terms of both scalability and manageability. The Level 1 routers handle the routing within the area, and the Level 2 routers do the job of the higher level which is the routing between the areas, the idea is different, but the concept is the same as the OSPF area concept but with different implementation details.
Protocol Agnostic: IS-IS is designed to be protocol-agnostic, meaning it can be used to route multiple types of network layer protocols, not just IP. This was part of its original design for DECnet, and it has been extended to support IP routing seamlessly. This flexibility allows IS-IS to be used in diverse networking environments, making it a versatile choice for organizations with varied networking needs.
Fast Convergence: The speed of IS-IS to converge fast after a network change is the most important feature of it. Since this is a short period when the network is down or an item is added, IS-IS serves as a model to distribute all of the collections quickly thanks to which all routers can update their respective routing tables. This will greatly minimize the time during which there is no packet transfer and it makes sure that the packets are routed properly, thus high performance and reliability are ensured.
Support for Large Address Spaces: Even though there hasn't been much of a change IP version 6 addresses are still the default choice for the IS-IS to ensure next-generation IP protocols. It is necessary to design and develop network addressing schemes that can handle the entire network's IP needs, which in turn limits the chances of the IP address running out of capacity. This is particularly critical as more and more devices and services enter the scene, thus requiring a bigger pool of IP addresses.
Robust Security Features: IS-IS brings strong technical safety features to the table to prevent black-holing. Implementation of real authentication (AO) and the use of real-time routers in the routing domain are a couple of methods to tackle the attacks while exploiting other networks by hackers at the same time. That strengthens security and the integrity of the network as a whole, which in turn solves the most important cybersecurity issues.

What are the IS-IS Router Types?

In the IS-IS (Intermediate System-to-Intermediate System) routing protocol, routers are classified into three main types based on their roles and functions within the network hierarchy. These types are Level 1, Level 2, and Level 1-2 routers. Each type plays a distinct role in routing and network segmentation, contributing to the protocol's efficiency and scalability. IS-IS router types and their respective roles are outlined below.

Level 1 Routers (L1 Routers): Routing inside a single area is the responsibility of level 1 routers. Although they have an extensive database on the local area network topology, they are completely unaware of the global network architecture. Level 1 router basics are as follows:
- Intra-Area Routing: Level 1 routers handle routing within a local area, making them ideal for smaller, segmented parts of a larger network.
- Adjacent L1 Routers: They establish adjacencies with other Level 1 routers within the same area, sharing link-state information to ensure all routers have a consistent view of the area’s topology.
- Area Borders: If a Level 1 router needs to send data outside its area, it forwards the packets to a Level 1-2 router, which can route the data to the appropriate external area.
Level 2 Routers (L2 Routers): In order to provide routing across areas, level 2 routers function in the backbone region. Both locally and globally, they are well-versed in the complete network's architecture. The main features of Level 2 routers are as follows:
- Backbone Routers: They function as backbone routers, managing communication between different areas.
- Inter-Area Routing: Level 2 routers are responsible for routing data between different areas, ensuring efficient and seamless connectivity across the entire network.
- L2 Adjacencies: These routers form adjacencies with other Level 2 routers to exchange routing information and maintain an up-to-date topology of the entire network.
Level 1-2 Routers (L1-L2 Routers): Level 1-2 routers are versatile and can operate in both Level 1 and Level 2 modes. They play a crucial role in connecting different areas and ensuring smooth data flow across the network. The main features of Level 1-2 routers are as follows:
- Dual Functionality: Level 1-2 routers maintain separate databases for Level 1 and Level 2 information, allowing them to handle both intra-area and inter-area routing.
- Area Interconnection: They facilitate the movement of data between Level 1 and Level 2 areas, acting as a bridge that links the local areas with the backbone.
- Boundary Role: These routers serve as boundary routers, translating and forwarding routing information between Level 1 and Level 2 areas to ensure that all areas have accurate routing information.

How Does the IS-IS Routing Protocol Work?

The IS-IS routing protocol is made up of a set of clearly outlined methods that make sure routing in a network is reliable and effective. Here is a summary of how IS-IS works, including how to find neighbors, promote link states, and choose a path using the SPF algorithm.

Neighbor Discovery

While ISIS is doing neighbor detection, routers are getting to know each other. Sharing route information depends on this process, so it's very important. Network switches send and receive "Hello" packets to find peers and set up a connection. The two-way handshake and the three-way handshake are the two main ways that ISIS members communicate with their neighbors.

Two-Way Handshake: Used primarily in point-to-point networks. When Router A sends an Initial Hello (IIH) to Router B, and Router B responds, both routers transition their states from down to up, allowing them to start exchanging additional information.
Three-Way Handshake: Used in broadcast networks to ensure bidirectional communication. It involves each router sending Hello packets with its system ID and including the neighbor's system ID once it receives the initial Hello. This confirmation ensures that both routers recognize each other, transitioning their states up and confirming the adjacency.

Link-State Advertisement

Once routers are connected, they share information about their link states so that all of them can see the whole network topology. Link-State Protocol Data Units (LSPs), which are similar to OSPF's LSAs, are used by ISIS for this.

LSPs: Each router generates LSPs containing information about its directly connected links and the state of these links. This information is flooded throughout the network, ensuring all routers have a consistent view of the network topology.
Partial Sequence Number PDU (PSNP) and Complete Sequence Number PDU (CSNP): These packets are used to ensure all routers have received the latest LSPs. CSNPs list all LSPs known to a router and are sent periodically, while PSNPs are used to request missing LSPs from neighbors.

Path Selection Using SPF Algorithm

The Shortest Path First (SPF) algorithm, also known as Dijkstra's algorithm, is employed by ISIS to calculate the shortest path to each destination within the network. Here's how the SPF algorithm works in IS-IS protocol:

SPF Tree Calculation: Each router independently runs the SPF algorithm to construct a shortest-path tree using the information contained in the LSPs. This tree represents the shortest path from the router to all other routers in the network.
Route Installation: Based on the shortest path tree, each router installs the best routes into its routing table. This ensures that data packets follow the most efficient path through the network.

What are the basic configuration steps for IS-IS on Cisco devices?

We will go over the most important steps to set up IS-IS (Intermediate System to Intermediate System) on Cisco systems in this part. To do this, you need to turn on IS-IS on the router, set up the network ports, and check that everything is set up correctly.

Enable IS-IS on the Router: First, you need to enable the IS-IS routing process on the router. This is done using the router isis command. You can also specify a tag using the next command to distinguish this IS-IS process from others if multiple processes are running.
```
Router(config)# router isis [TAG]
```
Set the NET Address: The Network Entity Title (NET) is a unique identifier for each IS-IS router. It includes the area address and the system ID. Configuring the NET is essential for IS-IS operations.
```
Router(config-router)# net 49.0001.1921.6800.1001.00
```
In this example, 49.0001 is the area address, 1921.6800.1001 is the system ID, and 00 is the NSEL (Network Selector).
Configure IS-IS on Interfaces: You need to enable IS-IS on the router interfaces that will participate in the IS-IS routing process. This involves assigning an IS-IS level (Level-1, Level-2, or both) to each interface.
```
Router(config)# interface GigabitEthernet0/0

Router(config-if)# ip router isis

Router(config-if)# isis network [level-1 | level-2 | level-1-2]
```
Set the IS-Type: Specify the IS-IS level for the router. This determines if the router will operate as a Level-1 router, Level-2 router, or both (Level-1-2).
```
Router(config-router)# is-type [level-1 | level-2 | level-1-2]
```
Configure Authentication (Optional): For added security, you can configure IS-IS authentication to ensure that only trusted routers can participate in the IS-IS routing domain.
```
Router(config-if)# isis authentication-mode md5 [password]

Router(config-if)# isis password [password]
```
Optional: Configure Metrics: IS-IS uses a default metric of 10 for all interfaces, but you can adjust this based on link performance and preference.
```
Router(config-if)# isis metric [value]
```
Verify the Configuration: Finally, use various show commands to verify the IS-IS configuration and ensure that the router is correctly participating in the IS-IS routing process.
```
Router# show clns neighbors

Router# show isis database

Router# show isis topology

Router# show ip route isis
```

By following these steps, you can configure IS-IS on Cisco devices effectively, enabling efficient routing and network scalability.

Example IS-IS Configuration

An example configuration for a router with two interfaces participating in IS-IS is given below:

Router(config)# router isis

Router(config-router)# net 49.0001.1921.6800.1001.00

Router(config-router)# is-type level-2

Router(config)# interface GigabitEthernet0/0

Router(config-if)# ip router isis

Router(config-if)# isis network level-2

Router(config)# interface GigabitEthernet0/1

Router(config-if)# ip router isis

Router(config-if)# isis network level-2

What are the Benefits of IS-IS Routing Protocol?

A number of benefits, highlighted in this article, result from using the ISIS routing protocol.

Improved Dependability of Networks: Using ISIS has proven to produce faster convergence time, allowing the network to rapidly recover from problems. This makes it the greatest solution for both overall network enhancement and recovering from particular problems within a segment.
Scalability: Because of its scalability, ISIS can practically grow to a size where it can aggregate the networks comprehensively. If you want to reap the benefits that come with being a user of the product, whether you're a large-scale company or a service provider, then it's a good investment.
Flexibility: It is possible to set up IS-IS across many network topologies, and it can absorb many different types of network protocols.
Security: IS-IS has implemented security measures within its network, including authentication protocols and encryption techniques, in order to thwart any attempts at unauthorized entry. These features are designed to safeguard the network from potential threats and ensure that only authorized users are able to access it.

What makes IS-IS suitable for large-scale networks like ISPs?

The two main reasons for IS-IS's widespread deployment in major ISP networks are its tremendous scalability and its ease of use. Its reliability and scalability are assured by its ability to efficiently manage massive transmission volumes and handle a high number of routers. On top of that, IS-IS has a fast convergence time, a crucial feature for massive networks.

What are the security mechanisms available in IS-IS?

IS-IS supports various authentication mechanisms to ensure the integrity and authenticity of its control plane messages:

Clear Text Passwords: Simple password-based authentication.
HMAC-MD5: Provides cryptographic authentication using MD5 hashing.
CRYPTO_AUTH: Introduces a generic cryptographic authentication mechanism supporting algorithms like HMAC-SHA family, enhancing security and algorithm agility.

What are the Security Threats and Mitigations in IS-IS?

Some security threats to the IS-IS system and ways to protect against them are listed below.

Replay Attacks: IS-IS faces intra- and inter-session replay threats, mitigated by sequence number verification in LSPs and mechanisms like HMAC-SHA for message integrity.
Spoofing Attacks: Mitigated by shared authentication keys across routers within the same domain or area. Specific instance or topology-based keys can enhance protection.
DoS Attacks: Possible through overwhelming the authentication mechanism; mitigations involve administrative controls and possibly using digital signatures for deeper authentication.

Security Considerations

If you want to use the IS-IS routing protocol, you need to make sure that security steps are a top priority to keep the network safe and secure.

Deployment recommendations include using HMAC-SHA instead of HMAC-MD5 for stronger security.
Effective key management protocols are crucial for preventing and mitigating various security threats.
Continuous monitoring and updates are essential to address evolving security challenges.

Overall, IS-IS protocol offers robust security features but requires careful configuration and management to mitigate potential vulnerabilities effectively. Ongoing adherence to best practices and standards is critical for maintaining network integrity and resilience against security threats.

Comparison with Other Routing Protocols

When comparing routing protocols such as EIGRP, OSPF, and IS-IS, it's essential to understand their unique characteristics and how they cater to different network environments. EIGRP, known for its simplicity and fast convergence, is well-suited for medium-sized IP networks. OSPF, on the other hand, excels in scalability and is widely adopted for medium- to large-scale networks due to its efficient use of link-state information. IS-IS stands out for its suitability in large and complex networks, offering robust scalability, reliable routing, and efficient management through hierarchical segmentation. Each protocol brings distinct advantages that align with specific network requirements and operational priorities. Let us take a closer look at these types of routing protocols in detail.

What is the Difference Between OSPF and IS-IS?

Network engineers need to know the main differences between OSPF (Open Shortest Path First) and IS-IS (Intermediate System to Intermediate System) in order to choose the right protocol for each rollout situation. Both are link-state routing protocols, but they work in very different ways and are used in very different situations. OSPF and IS-IS protocols are compared in the following aspects.

The architecture and functionality: OSPF was created as a non-proprietary Interior Gateway Protocol (IGP) for the TCP/IP protocol suite that has a lot of features. It works at the IP layer (Layer 3) and needs to be connected to the internet to share route information. OSPF is set up in a hierarchy, with Area 0 acting as the hub to which all other areas must join in order to talk to each other. To keep the network stable, this rigid structure needs careful planning.

On the other hand, IS-IS was created to be the best routing system for the OSI model. It works at the data link layer (Layer 2). Since changes are sent through Connectionless Network Service (CLNS), routers don't need to be connected to the internet via IP. IS-IS uses a two-level structure that is more flexible than OSPF's strict area standards. This means that areas can talk to each other directly if there is a physical link.
Deployment Scenarios: A lot of businesses use OSPF, especially when there aren't that many servers and MPLS traffic planning isn't needed. Due to its complexity, which comes from the different Link State Advertisements (LSAs) and area types, it allows for a lot of customization but needs to be set up very carefully.

IS-IS, on the other hand, is better for big service provider networks because it is stable and easy to use. It uses new Type-Length-Values (TLVs) to handle both IPv4 and IPv6 in a single protocol, while OSPF needs two different versions (OSPFv2 for IPv4 and OSPFv3 for IPv6). This flexibility, along with the fact that there are fewer Link State Packet (LSP) types, cuts down on costs and makes control easier in large networks.
Performance and Safety: OSPF has virtual links that let you connect to backbone areas through non-backbone areas. IS-IS does not have this ability. However because IS-IS works at Layer 2, it is naturally safer because it is less vulnerable to IP-layer threats. This means that you don't need to add any extra security measures.

In broadcast networks, OSPF needs to pick a Designated Router (DR) and a Backup Designated Router (BDR), which can't be skipped. IS-IS picks a single Designated Intermediate System (DIS), which can be skipped, giving network control more dynamic freedom.

In the end, the needs of the network setting determine which of OSPF and IS-IS to use. OSPF is good for complex enterprise networks because it gives you a lot of control and freedom. On the other hand, IS-IS is better for big service provider deployments because it is simple and works well. Knowing these differences will help you choose the best protocol for a network that works reliably and efficiently.

What is the Difference Between EIGRP and IS-IS?

Both the Enhanced Interior Gateway Routing Protocol (EIGRP) and the Intermediate System to Intermediate System (IS-IS) are widely utilized routing protocols for managing routing within a single domain. However, they exhibit notable distinctions in their operational characteristics and mechanisms. EIGRP and IS-IS protocols are compared in the following aspects.

Routing Algorithm: EIGRP blends aspects of both distance-vector and link-state routing protocols. It keeps a record of distances to destinations (a distance table) along with next-hop details, using metrics like bandwidth, delay, reliability, and load to determine the best routes. On the other hand, IS-IS operates purely as a link-state protocol. Each router shares details about its directly connected links with neighboring routers. Using Dijkstra's algorithm, routers autonomously compute the shortest paths to all reachable destinations based on this collective link-state information.
Network Layer Support: EIGRP was initially crafted with IP networks in mind, although some vendors have extended support to include AppleTalk. Meanwhile, IS-IS was originally created to work with the Connectionless Network Protocol (CLNP), but there's an integrated version tailored specifically for IP networks, known as integrated IS-IS.
Convergence Speed: People often praise EIGRP for how quickly it converges. This is possible thanks to its incremental updates and the Diffusing Update Algorithm (DUAL), which works well. This means it can quickly adjust to changes in the network, keeping routes as smooth as possible. The convergence times for IS-IS, on the other hand, are usually longer than those for EIGRP. It is reliable, though, because it always has a full picture of how the network is set up. Over time, this deep understanding helps IS-IS make better, more stable route choices.
Scalability: Because EIGRP uses distance vectors that count hops, it can be hard for it to work in very big networks. As networks get bigger and more complicated, this way may not work as well. IS-IS, on the other hand, works well for large, complicated networks. Its link-state method makes it easy for routers to share specific information about the structure of a network. IS-IS lets you set up network areas in a hierarchical way, which makes it easier to manage and share routing information in large settings.
Security: EIGRP has easy password authentication to protect against route updates that aren't allowed. This simple safety step helps keep route information from being changed by bad people. While this is going on, IS-IS allows password security and some stronger authentication methods like MD5 and SHA. The security of routing changes is improved by these stronger encryption methods. This makes sure that only trusted devices can safely share routing information. Both protocols depend on extra security measures at the network level to make the total defense against threats stronger.
Configuration Complexity: EIGRP is often seen as easier to set up and configure, especially for smaller networks. Its configuration typically involves fewer steps and is more straightforward, making it accessible even for less experienced network administrators.

In contrast, IS-IS can be more complex to configure, especially when dealing with setting up area hierarchies and other advanced features. However, this complexity offers greater flexibility and scalability, making IS-IS well-suited for large and complex network designs where precise control over routing domains is crucial.

Choosing Between EIGRP, OSPF, and IS-IS

When choosing between EIGRP and IS-IS for your network, consider the following criteria:

EIGRP: Best suited for medium-sized IP networks that prioritize quick convergence and easy configuration.
IS-IS: Ideal for large and complex IP networks that require high scalability, reliable routing, and efficient management of network segments using area hierarchies.
OSPF: Suitable for medium to large networks, with a rigid design and complex configuration, offering fast convergence and efficient management of network segments.

This decision should align with your specific network requirements, ensuring you choose the protocol that best supports your network's size, complexity, and operational needs.

Characteristics	EIGRP	OSPF	IS-IS
Implementation	Easy	Difficult	Difficult
Design	Flexible	Rigid	Somewhat flexible
Scalability	Medium to large networks	Medium to large networks	Large to extremely large networks
Updates	Trigger updates	Summary every 30 min and trigger updates	Trigger updates
Convergence	Extremely fast	Fast	Fast
Load balancing	Equal and unequal	Equal	Equal
IPv6 Support	EIGRP for IPv6	OSPFv3	IS-IS for IPv6
Resource Efficiency	Most efficient	Efficient	Efficient
Provider Support	Less likely supported	Most likely supported	Most likely supported in large service providers
Popularity	Popular	Very popular	Popular only in large service providers

Table 1. EIGRP vs OSPF vs IS-IS

What is the IS-IS Routing Protocol?​

What is the history of the IS-IS Protocol?​

What is the purpose of the IS-IS Protocol?​

Why is IS-IS a Layer 2 protocol?​

What are the features of the IS-IS Routing Protocol?​

What are the IS-IS Router Types?​

How Does the IS-IS Routing Protocol Work?​

Neighbor Discovery​

Link-State Advertisement​

Path Selection Using SPF Algorithm​

What are the basic configuration steps for IS-IS on Cisco devices?​

Example IS-IS Configuration​

What are the Benefits of IS-IS Routing Protocol?​

What makes IS-IS suitable for large-scale networks like ISPs?​

What are the security mechanisms available in IS-IS?​

What are the Security Threats and Mitigations in IS-IS?​

Security Considerations​

Comparison with Other Routing Protocols​

What is the Difference Between OSPF and IS-IS?​

What is the Difference Between EIGRP and IS-IS?​

Choosing Between EIGRP, OSPF, and IS-IS​