Scribd Logo
Upload

Welcome to Scribd!

  • Implementing IS-IS Over IPv4 On IOS-XE and IOS-XR

    Uploaded by

    achmmygn9
    9 views14 pages

    Original Title

    3. Implementing IS-IS over IPv4 on IOS-XE and IOS-XR

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    9 views14 pages

    Implementing IS-IS Over IPv4 On IOS-XE and IOS-XR

    Uploaded by

    achmmygn9

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 14

    Task: Implementing IS-IS over IPv4 on IOS-XE and IOS-XR

    All routers have been pre-configured with IPv4 addressing. As a network engineer for INE, you have been
    assigned the following tasks to complete:

    1. Configure IS-IS adjacency between R2 and R5 and between R1 and R5. R1 must be configured as an
    L1/L2 router. R2 and R5 must be configured as an L1-only router. Area information is given in the
    topology diagram. Ensure System ID is in the format of XXXX.XXXX.XXXX, where X is the router number.
    Ensure the Loopback0 interface does not send hellos and no adjacency can be established but the link is
    still advertised in ISIS. Ensure links only run the appropriate level of IS-IS with the neighbors.

    2. Configure IS-IS adjacency between R3 and R4. R3 and R4 must be configured as an L2-only router. Area
    information is given in the topology diagram. Ensure System ID is in the format of XXXX.XXXX.XXXX,
    where X is the router number. Ensure the Loopback0 interface does not send hellos and no adjacency
    can be established but the link is still advertised in ISIS. Ensure links only run the appropriate level of IS-
    IS with the neighbors.

    3. Configure IS-IS adjacency between R6 and XR12 and between R6 and XR11. XR11 must be configured as
    an L1/L2 router. R6 and XR12 must be configured as an L1-only router. Area information is given in the
    topology diagram. Ensure System ID is in the format of XXXX.XXXX.XXXX, where X is the router number.
    Ensure the Loopback0 interface does not send hellos and no adjacency can be established but the link is
    still advertised in ISIS. Ensure links only run the appropriate level of IS-IS with the neighbors.

    4. Configure inter-area IS-IS adjacency between R1 and R3 and between R1 and R4. Configure inter-area
    IS-IS adjacency between R3 and XR11 and between R4 and XR11. Identify the problem and fix the issue
    on XR11. Your task is complete when 150.2.2.2 and 150.12.12.12 can ping each other.

    5. Configure IS-IS adjacency between R1 and R7 and between R8 and XR11. R7 and R8 must be configured
    as an L2-only router. Area information is given in the topology diagram. Ensure System ID is in the
    format of XXXX.XXXX.XXXX, where X is the router number. Ensure the Loopback0 interface of R7 and R8
    does not send hellos and no adjacency can be established but the link is still advertised in ISIS. Your task
    is complete once R2 and XR12 can ping 150.7.7.7 and 150.8.8.8.

    6. Ensure R2 can reach 150.7.7.7 if the link between R1 and R3 and between R1 and R4 goes down. Ensure
    XR12 can reach 150.8.8.8 if the link between R3 and XR11 and between R4 and XR11 goes down.
    7. Configure Point-to-Point IS-IS network type on the link between R1 and R3 and the link between R1 and
    R4. Configure Point-to-Point IS-IS network type on the link between R3 and XR11 and the link between
    R4 and XR11. XR11 must be configured as the DIS for the link between R6 and XR11. R5 must be
    configured as the DIS for the link between R2 and R5.

    8. Ensure Traffic from 150.2.2.2 to 150.12.12.12 and reverse traffic from 150.12.12.12 to 150.2.2.2 takes
    the path as per the diagram below:

    Ensure the R3 meets the output as per the diagram below:


    9. Configure MD5 authentication between R3 and XR11 using the password string as "rohit". Configure
    clear-text authentication between R4 and XR11 using the password string as "rohit".

    10. Configure BFD for ISIS between R1 and R3 so that if there is a failure of the link between them, they
    begin reconvergence in less than one second.

    1.
    Solutions:

    Based on the diagram the Area portion is 49.0005 and the system ID is based on the router number
    which must be unique for every router. System ID is like the router-id in OSPF.

    o R1:
    2.
    3. router isis 1

    4. net 49.0005.1111.1111.1111.00

    5. passive-interface Loopback0

    6. is-type level-1-2

    7. interface GigabitEthernet0/0

    8. ip router isis 1

    isis circuit-type level-1

    o R2:

    router isis 1

    net 49.0005.2222.2222.2222.00

    passive-interface Loopback0

    is-type level-1

    interface GigabitEthernet0/2

    ip router isis 1

    isis circuit-type level-1

    o R5:

    router isis 1
    net 49.0005.5555.5555.5555.00

    passive-interface Loopback0

    is-type level-1

    interface GigabitEthernet0/0

    ip router isis 1

    isis circuit-type level-1

    interface GigabitEthernet0/2

    ip router isis 1

    isis circuit-type level-1

    9. Based on the diagram the Area portion is 49.0034 and the system ID is based on the router number
    which must be unique for every router. System ID is like the router-id in OSPF.

    o R3:
    10.
    11. router isis 1

    12. net 49.0034.3333.3333.3333.00

    13. passive-interface Loopback0

    14. is-type level-2

    15. interface GigabitEthernet0/0

    16. ip router isis 1

    isis circuit-type level-2

    o R4:

    router isis 1

    net 49.0034.4444.4444.4444.00

    passive-interface Loopback0

    is-type level-2

    interface GigabitEthernet0/0

    ip router isis 1

    isis circuit-type level-2


    17. Based on the diagram the Area portion is 49.0006 and the system ID is based on the router number
    which must be unique for every router. System ID is like the router-id in OSPF.

    o R6:
    18.
    19. router isis 1

    20. net 49.0006.6666.6666.6666.00

    21. passive-interface Loopback0

    22. is-type level-1

    23. interface GigabitEthernet0/1

    24. ip router isis 1

    25. isis circuit-type level-1

    26. interface GigabitEthernet0/2

    27. ip router isis 1

    isis circuit-type level-1

    o XR11:

    router isis 1

    net 49.0006.1111.1111.1111.00

    is-type level-1-2

    interface Loopback0

    passive

    address-family ipv4 unicast

    interface GigabitEthernet0/0/0/2

    address-family ipv4 unicast

    circuit-type level-1

    commit

    o XR12:
    router isis 1

    net 49.0006.1212.1212.1212.00

    is-type level-1

    interface Loopback0

    passive

    address-family ipv4 unicast

    circuit-type level-1

    interface GigabitEthernet0/0/0/1

    address-family ipv4 unicast

    circuit-type level-1

    commit

    28. Inter-Area IS-IS adjacency is always formed using L2 adjacency. Level 2 routes learned by the L1/L2
    router is never advertised to an L1 router. A default route is generated by the L1 router towards the
    closest L1/L2 router because the L1/L2 router sets the attached bit.

    o R1:
    29.
    30. interface GigabitEthernet0/1

    31. ip router isis 1

    32. isis circuit-type level-2

    33. interface GigabitEthernet0/2

    34. ip router isis 1

    isis circuit-type level-2

    o R3:

    interface GigabitEthernet0/1

    ip router isis 1

    isis circuit-type level-2

    interface GigabitEthernet0/3
    ip router isis 1

    isis circuit-type level-2

    o R4:

    interface GigabitEthernet0/1

    ip router isis 1

    isis circuit-type level-2

    interface GigabitEthernet0/2

    ip router isis 1

    isis circuit-type level-2

    o XR11:

    router isis 1

    no net 49.0006.1111.1111.1111.00

    net 49.0006.1111.1111.0011.00

    interface GigabitEthernet0/0/0/1

    address-family ipv4 unicast

    circuit-type level-2

    interface GigabitEthernet0/0/0/3

    address-family ipv4 unicast

    circuit-type level-2

    commit

    35. By default all Level-1 learned routes are automatically converted by the L1/L2 router to L2 routes and
    advertised to L2 neighbors.

    o R1:
    36.
    37. interface GigabitEthernet0/3

    38. ip router isis 1


    isis circuit-type level-2

    o R7:

    router isis 1

    net 49.0005.7777.7777.7777.00

    passive-interface Loopback0

    is-type level-2

    interface GigabitEthernet0/3

    ip router isis 1

    isis circuit-type level-2

    o R8:

    router isis 1

    net 49.0006.8888.8888.8888.00

    passive-interface Loopback0

    is-type level-2

    interface GigabitEthernet0/4

    ip router isis 1

    isis circuit-type level-2

    o XR11:

    router isis 1

    interface GigabitEthernet0/0/0/4

    circuit-type level-2-only

    address-family ipv4 unicast

    commit
    39. Route-leaking can be done by the L1/L2 router using redistribution on an IOS XE router and using the
    propagate command on IOS XR. Route-leaking can also be used for path selection.

    o R1:
    40.
    41. router isis 1

    42. redistribute isis ip level-2 into level-1 route-map R7_Routes

    43. route-map R7_Routes permit 10

    44. match ip address 1

    access-list 1 permit 150.7.7.7

    o XR11:

    route-policy R8_Routes

    if destination in (150.8.8.8) then

    pass

    endif

    end-policy

    router isis 1

    address-family ipv4 unicast

    propagate level 2 into level 1 route-policy R8_Routes

    45. On broadcast media, one IS-IS router becomes the DIS and forms the pseudo-node. This election is based
    on the priority configured on each router's interface. The pseudo-node represents a LAN segment, and
    all routers form an adjacency with it.

    o R1:
    46.
    47. interface GigabitEthernet0/1

    48. isis network point-to-point

    49. interface GigabitEthernet0/2

    isis network point-to-point

    o R3:
    interface GigabitEthernet0/1

    isis network point-to-point

    interface GigabitEthernet0/3

    isis network point-to-point

    o R4:

    interface GigabitEthernet0/1

    isis network point-to-point

    interface GigabitEthernet0/2

    isis network point-to-point

    o R5:

    interface GigabitEthernet0/2

    isis priority 127

    o XR11:

    router isis 1

    interface GigabitEthernet0/0/0/1

    point-to-point

    interface GigabitEthernet0/0/0/3

    point-to-point

    interface GigabitEthernet0/0/0/2

    priority 127

    50. The maximum metric that can be configured is 63. Since the output requires metric to be set to 300, we
    must change metric-style to wide.

    o R1:
    51.
    52. router isis 1

    53. metric-style wide

    54. interface GigabitEthernet0/2

    isis metric 30

    o R2:

    router isis 1

    metric-style wide

    o R3:

    router isis 1
    metric-style wide
    interface GigabitEthernet0/3
    isis metric 300

    o R4:

    router isis 1

    metric-style wide

    interface GigabitEthernet0/2

    isis metric 30

    o R5:

    router isis 1

    metric-style wide

    o R6:
    router isis 1

    metric-style wide

    o R7:

    router isis 1

    metric-style wide

    o R8:

    router isis 1

    metric-style wide

    o XR11:

    router isis 1

    address-family ipv4 unicast

    metric-style wide

    interface GigabitEthernet0/0/0/3

    address-family ipv4 unicast

    metric 30

    o XR12:

    router isis 1

    address-family ipv4 unicast

    metric-style wide

    55. IS-IS has several authentication methods, each one designed for a specific purpose. Authentication
    information is carried inside of the Authentication Information TLV, type 10, in all PDUs. Interface level
    authentication is used to authenticate the hello (IIH) packets. It can be configured using either clear text
    with the legacy 'isis password' command, or MD5 using key-chains at the interface level. The level can
    also be specified, by default both L1 and L2 hello packets are authenticated.

    o R3:
    56.
    57. key chain ISIS_MD5

    58. key 1

    59. key-string rohit

    60. interface GigabitEthernet0/3

    61. isis authentication mode md5 level-2

    isis authentication key-chain ISIS_MD5

    o R4:

    key chain ISIS_CLEAR

    key 1

    key-string rohit

    interface GigabitEthernet0/1

    isis authentication mode text level-2

    isis authentication key-chain ISIS_CLEAR

    o XR11:

    router isis 1

    interface GigabitEthernet0/0/0/3

    hello-password hmac-md5 rohit

    interface GigabitEthernet0/0/0/1

    hello-password text rohit

    62. When R1 and R3 are configured as BFD adjacent neighbors, any link failure between them would be
    detected in less than 1 second and ISIS adjacency would be torn down so that they can re-converge using
    an alternate path.

    o R1:
    63.
    64. interface GigabitEthernet0/1

    65. bfd interval 250 min_rx 250 multiplier 3

    isis bfd

    o R3:

    interface GigabitEthernet0/1

    bfd interval 250 min_rx 250 multiplier 3

    isis bfd

    You might also like