IS-IS
What It Is
Intermediate System to Intermediate System is a link-state routing protocol. It runs directly over Layer 2, uses TLVs to carry routing information, and is common in service provider, large enterprise, and data center networks. Modern IS-IS is valued because it is stable, extensible, and useful for IPv4, IPv6, traffic engineering, and segment routing.
IS-IS can look strange if you learned OSPF first. The important pieces are levels, NET addressing, neighbors, LSPs, wide metrics, and address families.
Core Attributes
| Attribute | Value |
|---|---|
| Protocol type | Link-state IGP |
| Algorithm | Dijkstra SPF |
| Transport | Directly over Layer 2 |
| Cisco administrative distance | 115 |
| Routing data format | TLVs |
| IPv4 support | Integrated IS-IS from RFC 1195 |
| IPv6 support | RFC 5308 |
| Modern metric style | Wide metrics |
Modern note: IS-IS does not use IP to form adjacencies. If IP addressing is broken but Layer 2 is good, IS-IS may still form a neighbor.
Levels
| Level | Scope | OSPF Rough Equivalent |
|---|---|---|
| Level 1 | Inside an area | Intra-area routing |
| Level 2 | Between areas | Backbone routing |
| Level 1-2 | Connects L1 area to L2 backbone | ABR-like role |
Design note: Large IS-IS designs often keep the core as Level 2 and place access or aggregation domains in Level 1. Many smaller designs run everything Level 2-only for simplicity.
NET Address
| Part | Meaning | Example |
|---|---|---|
| AFI | Authority and format identifier | 49 for private addressing |
| Area | IS-IS area identifier | 0001 |
| System ID | Unique router identifier | 0000.0000.0001 |
| NSEL | Network selector | 00 |
Example NET:
49.0001.0000.0000.0001.00Watch out: System IDs must be unique. Duplicate system IDs create confusing database and adjacency behavior.
PDUs And TLVs
| Item | Purpose |
|---|---|
| IIH | IS-IS hello, forms and maintains neighbors |
| LSP | Link-state PDU, carries reachability and topology data |
| CSNP | Complete sequence number PDU, database summary |
| PSNP | Partial sequence number PDU, request or acknowledge LSPs |
| TLV | Type, length, value container for extensible data |
Network Types
| Network Type | DIS | Notes |
|---|---|---|
| Broadcast | Yes | Ethernet multiaccess segments elect a DIS |
| Point-to-point | No | Common on routed links and core links |
DIS behavior differs from OSPF DR behavior. The DIS can be preempted, and there is no backup DIS.
Design Choices
| Choice | Recommendation |
|---|---|
| Metric style | Use wide metrics |
| Circuit type | Set L1, L2, or L1-2 intentionally |
| Point-to-point links | Use point-to-point network type where appropriate |
| Area design | Keep the hierarchy simple |
| IPv6 | Enable address families deliberately |
| Segment routing | Plan SRGB, node SIDs, and IGP extensions together |
| Authentication | Use supported authentication for adjacencies and LSPs |
| Summarization | Summarize at L1/L2 boundaries when it reduces churn |
Modern note: Segment routing commonly uses IS-IS extensions to advertise SIDs. That makes IS-IS part of the transport control plane, not just basic reachability.
Cisco IOS/IOS-XE Examples
Basic IPv4 IS-IS with wide metrics:
router isis CORE
net 49.0001.0000.0000.0001.00
is-type level-2-only
metric-style wide
!
interface Loopback0
ip address 10.255.0.1 255.255.255.255
ip router isis CORE
!
interface GigabitEthernet1/0/1
description Core link to P2
ip address 10.0.12.1 255.255.255.252
ip router isis CORE
isis network point-to-point
isis circuit-type level-2-onlyDual-stack interface:
interface GigabitEthernet1/0/2
description Dual-stack IS-IS link
ip address 10.0.23.1 255.255.255.252
ipv6 address 2001:db8:23::1/64
ip router isis CORE
ipv6 router isis CORE
isis network point-to-pointSegment routing pattern:
segment-routing mpls
global-block 16000 23999
!
router isis CORE
address-family ipv4 unicast
segment-routing mplsNotes:
- Segment routing support and syntax vary by platform and release.
- Keep NET system IDs stable. Changing them is operationally similar to changing a router ID.
- Use loopbacks for stable node identity and BGP next hops.
Troubleshooting
| Symptom | Check | Likely Cause |
|---|---|---|
| No neighbor | Level, area, MTU, auth, L2 transport | Adjacency requirement mismatch |
| Neighbor stuck initializing | Hellos and three-way state | One-way L2 or mismatch |
| IPv4 route missing | TLVs, address family, metric style | Reachability not advertised |
| IPv6 route missing | IPv6 address family and TLVs | IPv6 not enabled in IS-IS |
| Bad path chosen | Wide metric, interface metric, L1/L2 leak | Metric or level design |
| Database churn | Flapping link, LSP lifetime, overload | Instability or overload bit |
| SR label missing | SRGB, node SID, IGP SR state | Segment routing not fully enabled |
Commands
show isis neighbors
show isis database
show isis database detail
show isis interface
show isis topology
show ip route isis
show ipv6 route isis
show isis segment-routing
show logging | include ISISExpected clues:
- Neighbor level and circuit type match the design.
- LSP database has stable sequence numbers.
- Wide metric TLVs are present where expected.
- IPv4 and IPv6 reachability are advertised intentionally.
- SR SIDs appear only where segment routing is meant to run.
Watch Out
- Do not reuse system IDs.
- Do not leave metric-style mismatched across an IS-IS domain.
- Do not assume IS-IS issues are IP reachability issues. Check Layer 2 first.
- Do not run L1/L2 everywhere unless the design needs it.
- Do not add segment routing without clear label block and SID planning.