Professional Documents
Culture Documents
Configure Is Is As Your Igp and As Pe To Ce
Configure Is Is As Your Igp and As Pe To Ce
Configure Is Is As Your Igp and As Pe To Ce
Contents
1 Network side configuration :
G
2 IS-IS on your VRF configuration.
G
3 Check IS-IS.
G
3.1 Check Routers Around you :
H
3.2 Check IS-IS database :
H
3.3 Check IP route learned with IS-IS
H
It is more a memo than a hard documentation, but this post will describe how to confiure IS-IS as
your IGP and as your PE to CE protocol in one of your VRF.
First of all, IS-IS is used as our IGP. So, we have to configure our network side to run this protocol
as a L1 router. Then, as IS-IS is based on Area mechanism, we will put our network side in a L1 area
and our Customer interface in a L2 mode (according than customer must run a L1 area on its own
network.
Network side configuration :
First of all, we configure interface connected to our network to run IS-IS :
interface GigabitEthernet1
description "** Vlan 730 - Network side"
ip address xxx.xxx.xxx.251 255.255.255.0
ip router isis
negotiation auto
ipv6 address 2001:472:6843:xxx::251/64
ipv6 router isis
mpls ip
no mop enabled
!
Most important elements are ip router isis and ipv6 router isis. other paramters are standard
elements to run IPv4 and IPv6.
Then, we have to configure IS-IS routing :
router isis
net 49.0730.0730.0000.0251.00
metric-style wide
log-adjacency-changes
passive-interface Loopback0
!
In our configuration, there is no more route advertisement than our interfaces configured to run
IS-IS.
IS-IS on your VRF configuration.
First of all, we have to configure our VRF :
ip vrf VPN-Cust1
rd 73.0.0.251:201
route-target export 730:201
route-target import 730:201
!
Then, configure interface connected to our custmer :
interface GigabitEthernet2
description "** VLAN 734 - VPN MPLS LAN - Metasploitable -- VRF VPN-Cust1"
ip vrf forwarding VPN-Cust1
ip address 10.73.4.254 255.255.255.0
ip router isis VPN-Cust1
negotiation auto
!
And then finally, configure an IS-IS router for your VRF :
router isis VPN-Cust1
vrf VPN-Cust1
net 50.0730.0730.0000.0251.00
is-type level-2-only
metric-style wide
redistribute connected
redistribute static ip
passive-interface Loopback201
!
Check IS-IS.
Check Routers Around you :
c1000V-rtr03#show isis hostname
Level System ID Dynamic Hostname (notag)
1 0730.0000.0003 firefly-rs01
* 0730.0000.0251 c1000V-rtr03
1 0730.0000.0253 firefly-rtr01
1 0730.0000.0252 firefly-rtr02-bgp
1 0730.0000.0245 srx100-fw02
Level System ID Dynamic Hostname (VPN-YANN)
* 0730.0000.0251 c1000V-rtr03
2 0730.0000.0245 srx100-fw02
c1000V-rtr03#show isis neighbors
Tag null:
System Id Type Interface IP Address State Holdtime Circuit Id
firefly-rs01 L1 Gi1 10.73.0.3 UP 26 srx100-fw02.02
srx100-fw02 L1 Gi1 10.73.0.245 UP 7 srx100-fw02.02
firefly-rtr02-bL1 Gi1 10.73.0.252 UP 20 srx100-fw02.02
firefly-rtr01 L1 Gi1 10.73.0.253 UP 26 srx100-fw02.02
Tag VPN-Cust1:
System Id Type Interface IP Address State Holdtime Circuit Id
srx100-fw02 L2 Gi2 10.73.4.253 UP 7 srx100-fw02.03
Check IS-IS database :
c1000V-rtr03#show isis database
Tag null:
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
firefly-rs01.00-00 0x00000471 0xC77F 765 0/0/0
srx100-fw02.00-00 0x00000498 0x966A 928 1/0/0
srx100-fw02.02-00 0x0000045D 0x83D1 928 0/0/0
c1000V-rtr03.00-00 * 0x00000224 0x04F6 671 0/0/0
firefly-rtr02-.00-00 0x0000045D 0x0A32 1159 0/0/0
firefly-rtr01.00-00 0x00000474 0xED5B 1188 0/0/0
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
c1000V-rtr03.00-00 * 0x00000234 0x1383 815 0/0/0
Tag VPN-YANN:
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
srx100-fw02.00-00 0x00000499 0xBCAA 629 0/0/0
srx100-fw02.03-00 0x0000012E 0x648D 531 0/0/0
c1000V-rtr03.00-00 * 0x00000131 0x4957 747 0/0/0
Check IP route learned with IS-IS
c1000V-rtr03#show ip route vrf VPN-Cust1 isis
Routing Table: VPN-Cust1
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static
route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
i L2 10.73.0.0/24 [115/20] via 10.73.4.253, 2d14h, GigabitEthernet2