IS-IS Lab 2 Verification

Any copyright material exchange is strictly forbidden. Any member violate this rule will be banned without warning.

Moderator: mike

Post Reply
labsproject
Posts: 16
Joined: Fri Dec 06, 2019 5:35 pm

IS-IS Lab 2 Verification

Post by labsproject » Fri Dec 06, 2019 6:34 pm

Visit my blog for more labs: https://www.labsproject.net/

Image requirements:

Cisco IOSv (vios-adventerprisek9-m.vmdk.SPA.156-2.T)

Introduction:
Learn the output of different show commands for the IS-IS routing protocol. One by one you will explore some valuable information that will allow you to understand better this link-state protocol.


Nodes Access:
Enable: cisco
Username: cisco
Password: cisco

IS-IS Verification commands:

Core1#show isis neighbors
System Id Type Interface IP Address State Holdtime Circuit Id
Core2 L1 Gi0/2 10.0.0.6 UP 8 Core2.02
Core2 L2 Gi0/2 10.0.0.6 UP 9 Core2.02
Core3 L1 Gi0/1 10.0.0.2 UP 24 Core1.01
Core3 L2 Gi0/1 10.0.0.2 UP 21 Core1.01
Core4 L1 Gi0/3 10.0.0.10 UP 7 Core4.03
Core4 L2 Gi0/3 10.0.0.10 UP 9 Core4.03
ENR1 L1 Gi0/4 10.0.1.2 UP 22 Core1.04
ENR1 L2 Gi0/4 10.0.1.2 UP 29 Core1.04
Core1#

* There are three neighbors in the output, two entries per neighbor are for each type of IS Database "level-1" and "level-2", you can derive this from the "Type" column.

* The "Interface" column shows a local interface where neighbor adjacency has been established.

* The "IP address" column identifies the layer 3 address of the neighbor.

* The "State UP" refers that IS-IS adjacency has been set up and link-state database synchronized.

* The "Holdtime" indicates in seconds how much time left before declaring IS-IS neighborship down.

* The "Circuit Id" identifies the IS-IS interface.



Core1#show isis protocol
IS-IS Router: <Null Tag>
System Id: 0000.0000.C001.00 IS-Type: level-1-2
Manual area address(es):
49.a001
Routing for area address(es):
49.a001
Interfaces supported by IS-IS:
GigabitEthernet0/4 - IP
GigabitEthernet0/3 - IP
GigabitEthernet0/2 - IP
GigabitEthernet0/1 - IP
Loopback0 - IP
Redistribute:
static (on by default)
Distance for L2 CLNS routes: 110
RRR level: none
Generate narrow metrics: level-1-2
Accept narrow metrics: level-1-2
Generate wide metrics: none
Accept wide metrics: none
Core1#

*This show command is like "show ip protocol" but only for IS-IS, a lot of valuable information could be derived from this output, it shows you System Id, Area Id, interfaces participating in the IS-IS process, redistribution from routing sources, IS-Type is a very important parameter to check when you missing entries in the database, Administrative Distance for IS-IS is 115, finally you verify what type of metrics supported. Almost forgot to mention, at the top of the output "IS-IS Router:" line says: <Null Tag> which indicates that default IS-IS topology is used. You can configure multiple topologies to reduce the size of the IS-IS database or to differentiate between routed protocols, for example by default IS-IS uses a single database for both IPv4 and IPv6 if your design requires separate databases for each of routed protocol simply configure IS-IS with two different tags.


Core1#show isis hostname
Level System ID Dynamic Hostname (notag)
* 0000.0000.C001 Core1
2 0000.0000.C002 Core2
2 0000.0000.C003 Core3
2 0000.0000.C004 Core4
2 0000.0000.E001 ENR1
2 0000.0000.ED01 EDR1
2 0000.0000.ED02 EDR2
Core1#

* Useful show command to verify real numerical System Ids associated with host-names of the IS-IS participating routers.


Core1#show isis topology
IS-IS TID 0 paths to level-1 routers
System Id Metric Next-Hop Interface SNPA
Core1 --
Core2 10 Core2 Gi0/2 fa16.3e92.c846
Core3 10 Core3 Gi0/1 fa16.3e37.b956
Core4 10 Core4 Gi0/3 fa16.3eb9.63a6
ENR1 10 ENR1 Gi0/4 fa16.3e16.4245
EDR1 20 Core3 Gi0/1 fa16.3e37.b956
Core4 Gi0/3 fa16.3eb9.63a6
EDR2 20 Core3 Gi0/1 fa16.3e37.b956
Core4 Gi0/3 fa16.3eb9.63a6


IS-IS TID 0 paths to level-2 routers
System Id Metric Next-Hop Interface SNPA
Core1 --
Core2 10 Core2 Gi0/2 fa16.3e92.c846
Core3 10 Core3 Gi0/1 fa16.3e37.b956
Core4 10 Core4 Gi0/3 fa16.3eb9.63a6
ENR1 10 ENR1 Gi0/4 fa16.3e16.4245
EDR1 20 Core3 Gi0/1 fa16.3e37.b956
Core4 Gi0/3 fa16.3eb9.63a6
EDR2 20 Core3 Gi0/1 fa16.3e37.b956
Core4 Gi0/3 fa16.3eb9.63a6
Core1#


* This is a very useful command especially when you are not familiar with topology of the IS-IS domain, also it is good to keep this output in your baseline documentation, you always could quickly determine which router is not participating in the IS-IS process. The command shows you all routers participating in the routing process, the metric to the neighboring routers and its next-hop to reach them as well outgoing interface and MAC address of the neighbors' interfaces. In this particular output, you can notice that there are two parts, one for Level-1 and another for level-2 it because the router is operating as an L1/L2 IS-type router. There are 7 routers in the topology, pay attention to the routers EDR1 and EDR2 they are both have the metric of 20 and reachable via Core3 and Core4 routers using outgoing interfaces g0/1 and g0/3.


Core1#show isis spf-log
TID 0 level 1 SPF log
When Duration Nodes Count First trigger LSP Triggers
02:50:06 0 1 4 Core1.00-00 PERIODIC NEWADJ NEWLSP TLVCODE CLNSBACKUP
02:49:56 3 6 8 Core2.02-00 NEWADJ NEWLSP TLVCONTENT
02:49:43 3 14 13 Core1.00-00 NEWADJ NEWLSP TLVCONTENT
02:49:33 6 19 12 EDR1.00-00 NEWADJ NEWLSP TLVCONTENT
02:35:08 2 19 1 PERIODIC CLNSBACKUP
02:20:08 2 19 1 PERIODIC CLNSBACKUP
02:05:08 2 19 1 PERIODIC CLNSBACKUP
01:50:08 2 19 1 PERIODIC CLNSBACKUP
01:35:08 2 19 1 PERIODIC CLNSBACKUP
01:20:08 2 19 1 PERIODIC CLNSBACKUP
01:05:08 2 19 1 PERIODIC CLNSBACKUP
00:50:08 2 19 1 PERIODIC CLNSBACKUP
00:35:08 2 19 1 PERIODIC CLNSBACKUP
00:20:08 2 19 1 PERIODIC CLNSBACKUP
00:05:08 2 19 1 PERIODIC CLNSBACKUP

TID 0 level 2 SPF log
When Duration Nodes Count First trigger LSP Triggers
02:50:06 0 1 2 Core1.00-00 PERIODIC NEWLSP CLNSBACKUP
02:49:56 6 6 10 Core1.00-00 NEWADJ NEWLSP TLVCODE TLVCONTENT
02:49:46 3 11 10 Core3.00-00 NEWADJ NEWLSP TLVCONTENT
02:49:36 10 19 17 Core4.00-00 NEWADJ NEWLSP TLVCONTENT
02:49:26 3 19 2 Core2.00-00 TLVCONTENT
02:35:08 2 19 1 PERIODIC CLNSBACKUP
02:20:08 2 19 1 PERIODIC CLNSBACKUP
02:05:08 2 19 1 PERIODIC CLNSBACKUP
01:50:08 2 19 1 PERIODIC CLNSBACKUP
01:35:08 2 19 1 PERIODIC CLNSBACKUP
01:20:08 2 19 1 PERIODIC CLNSBACKUP
01:05:08 2 19 1 PERIODIC CLNSBACKUP
00:50:08 2 19 1 PERIODIC CLNSBACKUP
00:35:08 2 19 1 PERIODIC CLNSBACKUP
00:20:08 2 19 1 PERIODIC CLNSBACKUP
00:05:08 2 19 1 PERIODIC CLNSBACKUP

* This particular command reveals how often the SPF algorithm runs, check it if you suspect that there are some instabilities on the network, like flapping interfaces, for example, use it in conjunction with these debug commands:

Core1# debug isis spf-triggers
Core1# debug isis spf-events
Core1# debug isis spf-statistics


Core1#show isis database
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime/Rcvd ATT/P/OL
Core1.00-00 * 0x00000012 0x9C27 628/* 0/0/0
Core1.01-00 * 0x0000000F 0xA35D 1051/* 0/0/0
Core1.04-00 * 0x0000000E 0x617F 555/* 0/0/0
Core2.00-00 0x00000013 0x0E9B 1052/1199 0/0/0
Core2.01-00 0x0000000F 0xC23B 1035/1199 0/0/0
Core2.02-00 0x0000000E 0x728E 484/1199 0/0/0
Core2.03-00 0x0000000F 0x9B61 860/1199 0/0/0
Core2.04-00 0x0000000E 0x6777 645/1199 0/0/0
Core3.00-00 0x00000012 0x42B2 610/1199 0/0/0
Core3.02-00 0x0000000F 0xC139 721/1199 0/0/0
Core3.05-00 0x0000000E 0xB815 752/1199 0/0/0
Core4.00-00 0x00000012 0x03BA 1131/1199 0/0/0
Core4.03-00 0x0000000E 0x7784 510/1199 0/0/0
ENR1.00-00 0x00000010 0x4327 1036/1199 0/0/0
EDR1.00-00 0x00000010 0x9130 896/1198 0/0/0
EDR1.01-00 0x0000000E 0x5A4D 683/1198 0/0/0
EDR1.02-00 0x0000000F 0x6A3A 1154/1198 0/0/0
EDR2.00-00 0x00000011 0x4298 1181/1198 0/0/0
EDR2.02-00 0x0000000F 0x7032 1001/1198 0/0/0
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime/Rcvd ATT/P/OL
Core1.00-00 * 0x00000015 0x684F 554/* 0/0/0
Core1.01-00 * 0x0000000F 0x3356 860/* 0/0/0
Core1.04-00 * 0x0000000F 0xEE79 1169/* 0/0/0
Core2.00-00 0x00000016 0x3C77 520/1199 0/0/0
Core2.01-00 0x0000000F 0x5234 1132/1199 0/0/0
Core2.02-00 0x0000000E 0x0287 552/1199 0/0/0
Core2.03-00 0x0000000F 0x2B5A 1040/1199 0/0/0
Core2.04-00 0x0000000E 0xF670 580/1199 0/0/0
Core3.00-00 0x00000016 0x0865 488/1199 0/0/0
Core3.02-00 0x0000000F 0x5132 1069/1199 0/0/0
Core3.05-00 0x0000000E 0x480E 597/1199 0/0/0
Core4.00-00 0x00000015 0x9E9F 596/1199 0/0/0
Core4.03-00 0x0000000F 0x057E 1176/1199 0/0/0
ENR1.00-00 0x00000013 0x1DAC 1158/1199 0/0/0

EDR1.00-00 0x00000012 0x9EF7 581/1198 0/0/0
EDR1.01-00 0x0000000F 0xE747 1001/1198 0/0/0
EDR1.02-00 0x0000000F 0xF933 569/1198 0/0/0
EDR2.00-00 0x00000012 0x5861 639/1198 0/0/0
EDR2.02-00 0x0000000E 0x022A 774/1198 0/0/0
Core1#

* The output of this command briefly shows you the entries of the LSP database for entire IS-IS topology, each line represents some part of the database obtained from different nodes participating in the routing process. Two sets of databases exist on this router, one for "Level-1" and another of "level-2" because the Core1's IS-type is L1/L2. IS-Type will be discussed in future labs. Asterisks right after the top three lines for Core1 indicate that the origin of these entries Core1 router itself. More information about the IS-IS Link-state database will be described in the next lab.


Core1#show ip route isis
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 16 subnets, 2 masks
i L1 10.0.0.12/30 [115/20] via 10.0.0.10, 03:23:19, GigabitEthernet0/3
[115/20] via 10.0.0.6, 03:23:19, GigabitEthernet0/2
i L1 10.0.0.16/30 [115/20] via 10.0.0.6, 03:23:32, GigabitEthernet0/2
[115/20] via 10.0.0.2, 03:23:32, GigabitEthernet0/1
i L1 10.0.0.20/30 [115/20] via 10.0.0.10, 03:23:19, GigabitEthernet0/3
[115/20] via 10.0.0.2, 03:23:19, GigabitEthernet0/1
i L1 10.0.2.0/30 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
[115/20] via 10.0.0.6, 03:23:09, GigabitEthernet0/2
i L1 10.0.3.0/30 [115/20] via 10.0.0.2, 03:23:32, GigabitEthernet0/1
i L1 10.0.3.4/30 [115/20] via 10.0.0.2, 03:23:32, GigabitEthernet0/1
i L1 10.0.4.0/30 [115/20] via 10.0.0.10, 03:23:19, GigabitEthernet0/3
i L1 10.0.4.4/30 [115/20] via 10.0.0.10, 03:23:19, GigabitEthernet0/3
172.16.0.0/32 is subnetted, 7 subnets
i L1 172.16.100.2 [115/20] via 10.0.0.6, 03:23:32, GigabitEthernet0/2
i L1 172.16.100.3 [115/20] via 10.0.0.2, 03:23:32, GigabitEthernet0/1
i L1 172.16.100.4 [115/20] via 10.0.0.10, 03:23:19, GigabitEthernet0/3

i L1 172.16.100.11 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.16.100.21 [115/30] via 10.0.0.10, 03:23:09, GigabitEthernet0/3
[115/30] via 10.0.0.2, 03:23:09, GigabitEthernet0/1
i L1 172.16.100.22 [115/30] via 10.0.0.10, 03:23:19, GigabitEthernet0/3
[115/30] via 10.0.0.2, 03:23:19, GigabitEthernet0/1
172.17.0.0/24 is subnetted, 8 subnets
i L1 172.17.0.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.1.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.2.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.3.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.4.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.5.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.6.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
i L1 172.17.7.0 [115/20] via 10.0.1.2, 03:23:09, GigabitEthernet0/4
Core1#

* The famous "show ip route" command is one of the most used command, amongst network professionals, here the output shows IS-IS routes have been learned from other nodes, small "i" indicates that IS-IS is responsible for the entries in the routing table, L1 shows that routes are coming from Level1 IS-IS topology and belong to the local Area.


Core1#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "isis"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: isis
Address Summarization:
None
Maximum path: 4
Routing for Networks:
Loopback0
GigabitEthernet0/1
GigabitEthernet0/2
GigabitEthernet0/3
GigabitEthernet0/4
Routing Information Sources:
Gateway Distance Last Update
172.16.100.21 115 00:07:38
172.16.100.22 115 00:07:38
172.16.100.11 115 00:07:38
172.16.100.2 115 00:07:38
172.16.100.3 115 00:07:38
172.16.100.4 115 00:07:38
Distance: (default is 115)

* Surprisingly this show command works for IS-IS as well, here addition information can be obtained, for example, if route filtering in place or address summarization enabled.


Core1#show clns interface g0/1
GigabitEthernet0/1 is up, line protocol is up
Checksums enabled, MTU 1497, Encapsulation SAP
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching disabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 39 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x1, local circuit ID 0x1
Level-1 Metric: 10, Priority: 64, Circuit ID: Core1.01
DR ID: Core1.01
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 1
Level-2 Metric: 10, Priority: 64, Circuit ID: Core1.01
DR ID: Core1.01
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 1
Next IS-IS LAN Level-1 Hello in 1 seconds
Next IS-IS LAN Level-2 Hello in 173 milliseconds

* This command reveals similar information as OSPF's "show ip ospf interface g0/1" You can observe the output regarding the hello timers, priority of interface, Circuit Type and ID, Metric configuration, number of active adjacencies, and even who the Designated router is.


Core1#show clns traffic
CLNS: Time since last clear: never
CLNS & ESIS Output: 270, Input: 33778
Dropped Protocol not enabled on interface: 0
CLNS Local: 0, Forward: 0
CLNS Discards:
Hdr Syntax: 0, Checksum: 0, Lifetime: 0, Output cngstn: 0
No Route: 0, Discard Route: 0, Dst Unreachable 0, Encaps. Failed: 0
NLP Unknown: 0, Not an IS: 0
CLNS Options: Packets 0, total 0 , bad 0, GQOS 0, cngstn exprncd 0
CLNS Segments: Segmented: 0, Failed: 0
CLNS Broadcasts: sent: 0, rcvd: 0
Echos: Rcvd 0 requests, 0 replies
Sent 0 requests, 0 replies
ESIS(sent/rcvd): ESHs: 0/0, ISHs: 270/0, RDs: 0/0, QCF: 0/0
Tunneling (sent/rcvd): IP: 0/0, IPv6: 0/0
Tunneling dropped (rcvd) IP/IPV6: 0
ISO-IGRP: Querys (sent/rcvd): 0/0 Updates (sent/rcvd): 0/0
ISO-IGRP: Router Hellos: (sent/rcvd): 0/0
ISO-IGRP Syntax Errors: 0

IS-IS: Time since last clear: never
IS-IS: Level-1 Hellos (sent/rcvd): 12907/12909
IS-IS: Level-2 Hellos (sent/rcvd): 12905/12920
IS-IS: PTP Hellos (sent/rcvd): 0/0
IS-IS: Level-1 LSPs sourced (new/refresh): 7/52
IS-IS: Level-2 LSPs sourced (new/refresh): 10/53
IS-IS: Level-1 LSPs flooded (sent/rcvd): 802/720
IS-IS: Level-2 LSPs flooded (sent/rcvd): 816/784
IS-IS: LSP Retransmissions: 0
IS-IS: Level-1 CSNPs (sent/rcvd): 3223/3222
IS-IS: Level-2 CSNPs (sent/rcvd): 3221/3219
IS-IS: Level-1 PSNPs (sent/rcvd): 0/2
IS-IS: Level-2 PSNPs (sent/rcvd): 0/2
IS-IS: Level-1 DR Elections: 10
IS-IS: Level-2 DR Elections: 10
IS-IS: Level-1 SPF Calculations: 19
IS-IS: Level-2 SPF Calculations: 20
IS-IS: Level-1 Partial Route Calculations: 0
IS-IS: Level-2 Partial Route Calculations: 12
IS-IS: LSP checksum errors received: 0
IS-IS: Update process queue depth: 0/200
IS-IS: Update process packets dropped: 0
Core1#

* This command gives you statistics about IS-IS counters for Hello messages, LSPs, CSNPs and PSNPs updates, how many DR Elections occurred, and SPF calculations.


There are also some CLNS commands you can use the same way as "show isis", for example:
Core1#show clns neighbors
Core1#show clns protocol
Core1#show clns is-neighbors


Topology:
You do not have the required permissions to view the files attached to this post.

Post Reply