Configure IS-IS as your IGP and as PE to CE

Contents
1 Network side configuration :
G
2 IS-IS on your VRF configuration.
G
3 Check IS-IS.
G
3.1 Check Routers Around you :
H
3.2 Check IS-IS database :
H
3.3 Check IP route learned with IS-IS
H
It is more a memo than a hard documentation, but this post will describe how to confiure IS-IS as
your IGP and as your PE to CE protocol in one of your VRF.
First of all, IS-IS is used as our IGP. So, we have to configure our network side to run this protocol
as a L1 router. Then, as IS-IS is based on Area mechanism, we will put our network side in a L1 area
and our Customer interface in a L2 mode (according than customer must run a L1 area on its own
network.
Network side configuration :
First of all, we configure interface connected to our network to run IS-IS :
interface GigabitEthernet1
description "** Vlan 730 - Network side"
ip address xxx.xxx.xxx.251 255.255.255.0
ip router isis
negotiation auto
ipv6 address 2001:472:6843:xxx::251/64
ipv6 router isis
mpls ip
no mop enabled
!
Most important elements are ip router isis and ipv6 router isis. other paramters are standard
elements to run IPv4 and IPv6.
Then, we have to configure IS-IS routing :
router isis
net 49.0730.0730.0000.0251.00
metric-style wide
log-adjacency-changes
passive-interface Loopback0
!
In our configuration, there is no more route advertisement than our interfaces configured to run
IS-IS.
IS-IS on your VRF configuration.
First of all, we have to configure our VRF :
ip vrf VPN-Cust1
rd 73.0.0.251:201
route-target export 730:201
route-target import 730:201
!
Then, configure interface connected to our custmer :
interface GigabitEthernet2
description "** VLAN 734 - VPN MPLS LAN - Metasploitable -- VRF VPN-Cust1"
ip vrf forwarding VPN-Cust1
ip address 10.73.4.254 255.255.255.0
ip router isis VPN-Cust1
negotiation auto
!
And then finally, configure an IS-IS router for your VRF :
router isis VPN-Cust1
vrf VPN-Cust1
net 50.0730.0730.0000.0251.00
is-type level-2-only
metric-style wide
redistribute connected
redistribute static ip
passive-interface Loopback201
!

Check IS-IS.
Check Routers Around you :
c1000V-rtr03#show isis hostname
Level System ID Dynamic Hostname (notag)
1 0730.0000.0003 firefly-rs01
* 0730.0000.0251 c1000V-rtr03
1 0730.0000.0253 firefly-rtr01
1 0730.0000.0252 firefly-rtr02-bgp
1 0730.0000.0245 srx100-fw02
Level System ID Dynamic Hostname (VPN-YANN)
* 0730.0000.0251 c1000V-rtr03
2 0730.0000.0245 srx100-fw02

c1000V-rtr03#show isis neighbors
Tag null:
System Id Type Interface IP Address State Holdtime Circuit Id
firefly-rs01 L1 Gi1 10.73.0.3 UP 26 srx100-fw02.02
srx100-fw02 L1 Gi1 10.73.0.245 UP 7 srx100-fw02.02
firefly-rtr02-bL1 Gi1 10.73.0.252 UP 20 srx100-fw02.02
firefly-rtr01 L1 Gi1 10.73.0.253 UP 26 srx100-fw02.02
Tag VPN-Cust1:
System Id Type Interface IP Address State Holdtime Circuit Id
srx100-fw02 L2 Gi2 10.73.4.253 UP 7 srx100-fw02.03
Check IS-IS database :
c1000V-rtr03#show isis database
Tag null:
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
firefly-rs01.00-00 0x00000471 0xC77F 765 0/0/0
srx100-fw02.00-00 0x00000498 0x966A 928 1/0/0
srx100-fw02.02-00 0x0000045D 0x83D1 928 0/0/0
c1000V-rtr03.00-00 * 0x00000224 0x04F6 671 0/0/0
firefly-rtr02-.00-00 0x0000045D 0x0A32 1159 0/0/0
firefly-rtr01.00-00 0x00000474 0xED5B 1188 0/0/0
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
c1000V-rtr03.00-00 * 0x00000234 0x1383 815 0/0/0
Tag VPN-YANN:
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
srx100-fw02.00-00 0x00000499 0xBCAA 629 0/0/0
srx100-fw02.03-00 0x0000012E 0x648D 531 0/0/0
c1000V-rtr03.00-00 * 0x00000131 0x4957 747 0/0/0
Check IP route learned with IS-IS
c1000V-rtr03#show ip route vrf VPN-Cust1 isis
Routing Table: VPN-Cust1
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static
route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
i L2 10.73.0.0/24 [115/20] via 10.73.4.253, 2d14h, GigabitEthernet2