modules/01-isis.md

# Module 1: The Underlay — IS-IS

> **Course**: [ISP Backbone Lab Course](../README.md)
> **Next**: [Module 2: MPLS](02-mpls.md)

---

## Network Diagram

![IS-IS Level 2 Topology](../diagrams/Module1_ISIS_Topology.png)
*IS-IS Level 2 domain — all P and PE routers with NET addresses and link subnets*

---

## Why IS-IS and Not OSPF?

Every major ISP on the planet runs IS-IS as their IGP (Interior Gateway Protocol). Here's why:

1. **IS-IS runs on Layer 2** — it doesn't need IP to function. OSPF runs on top of IP. This means IS-IS is more resilient; if your IP config is broken, IS-IS still forms adjacencies.
2. **Protocol-agnostic** — IS-IS carried IPv4, IPv6, and MPLS labels long before OSPF could. It was designed to carry *any* protocol (it originally carried CLNS).
3. **Scales better** — IS-IS uses a flat TLV (Type-Length-Value) structure, making it trivially extensible. Adding Segment Routing support to IS-IS was easy. Adding it to OSPF required new LSA types and was messy.
4. **Faster convergence** — IS-IS partial route calculations (PRC) are more efficient than OSPF's.
5. **Convention** — When everyone uses IS-IS, interop is easier. It's the industry standard for SP networks.

## IS-IS Key Concepts

**Levels:**
- **Level 1 (L1)** = Intra-area routing (like OSPF's intra-area routes)
- **Level 2 (L2)** = Inter-area / backbone routing (like OSPF Area 0)
- **Level 1-2** = A router that participates in both (most PE routers)

For our ISP: **Everything runs Level 2 only.** This is standard practice in SP networks. We're one big backbone — no need for L1 areas. Keeps it simple and fast.

**NET (Network Entity Title):**
This is IS-IS's address format. It looks weird but it's simple:

```
49.0001.0000.0000.0001.00
│    │    │              │
│    │    └──────────────┘── System ID (unique per router, often based on loopback IP)
│    └── Area ID
└── AFI (49 = private, always use this in labs)
```

**Metric:**
IS-IS uses a flat metric (default: 10 on every link). We'll use **wide metrics** (mandatory for Segment Routing) and set costs based on link speed to influence traffic paths.

## Lab 1 Config: IS-IS on the Core

**Goal:** Full IS-IS adjacency across all P and PE routers. Every router can ping every other router's loopback.

**Addressing Plan:**

| Router | Loopback0 | IS-IS NET | Role |
|--------|-----------|-----------|------|
| P1 | 10.0.0.1/32 | 49.0001.0000.0000.0001.00 | Core P |
| P2 | 10.0.0.2/32 | 49.0001.0000.0000.0002.00 | Core P |
| P3 | 10.0.0.3/32 | 49.0001.0000.0000.0003.00 | Core P |
| P4 | 10.0.0.4/32 | 49.0001.0000.0000.0004.00 | Core P |
| P-CORE | 10.0.0.5/32 | 49.0001.0000.0000.0005.00 | Core P / RR |
| PE-EDGE1 | 10.0.0.11/32 | 49.0001.0000.0000.0011.00 | PE (AS65000 border) |
| PE-EDGE2 | 10.0.0.12/32 | 49.0001.0000.0000.0012.00 | PE (AS65000 cust) |
| PE-EDGE3 | 10.0.0.13/32 | 49.0001.0000.0000.0013.00 | PE (AS65100 border) |
| PE-EDGE4 | 10.0.0.14/32 | 49.0001.0000.0000.0014.00 | PE (AS65100 cust) |

**Link Addressing (point-to-point, /30s):**

| Link | Subnet | Router A IP | Router B IP |
|------|--------|-------------|-------------|
| P1 — PE-EDGE1 | 10.1.1.0/30 | .1 | .2 |
| P1 — P-CORE | 10.1.1.4/30 | .5 | .6 |
| P1 — P2 | 10.1.1.8/30 | .9 | .10 |
| P2 — PE-EDGE2 | 10.1.1.12/30 | .13 | .14 |
| P2 — P-CORE | 10.1.1.16/30 | .17 | .18 |
| P3 — PE-EDGE3 | 10.1.1.20/30 | .21 | .22 |
| P3 — P-CORE | 10.1.1.24/30 | .25 | .26 |
| P3 — P4 | 10.1.1.28/30 | .29 | .30 |
| P4 — PE-EDGE4 | 10.1.1.32/30 | .33 | .34 |
| P4 — P-CORE | 10.1.1.36/30 | .37 | .38 |
| PE-EDGE1 — IXP | 172.16.0.0/24 | .1 | — |
| PE-EDGE3 — IXP | 172.16.0.0/24 | .3 | — |

**Sample Config — P1 (IOS-XE / IOSv):**

```
hostname P1
!
interface Loopback0
 ip address 10.0.0.1 255.255.255.255
 ip router isis YOURSP
!
interface GigabitEthernet0/1
 description TO PE-EDGE1
 ip address 10.1.1.1 255.255.255.252
 ip router isis YOURSP
 isis network point-to-point
 isis metric 10
 no shutdown
!
interface GigabitEthernet0/2
 description TO P-CORE
 ip address 10.1.1.5 255.255.255.252
 ip router isis YOURSP
 isis network point-to-point
 isis metric 10
 no shutdown
!
interface GigabitEthernet0/3
 description TO P2
 ip address 10.1.1.9 255.255.255.252
 ip router isis YOURSP
 isis network point-to-point
 isis metric 10
 no shutdown
!
router isis YOURSP
 net 49.0001.0000.0000.0001.00
 is-type level-2-only
 metric-style wide
 log-adjacency-changes
 passive-interface Loopback0
```

## Verification Commands

```
show isis neighbors          ! Are adjacencies UP?
show isis database detail    ! What LSPs do we have?
show ip route isis           ! Are all loopbacks in the table?
ping 10.0.0.5 source 10.0.0.1  ! Can P1 reach P-CORE?
show isis topology           ! Visual of the IS-IS graph
```

## Understanding Check

Before moving on, you should be able to answer:
1. Why does the ISP use Level 2 only?
2. What's the System ID in the NET, and why do we derive it from the loopback?
3. Why `isis network point-to-point` on every link?
4. What happens if you forget `metric-style wide`? (Hint: Segment Routing won't work)

---

> **Next Module**: [Module 2: MPLS — Labeling the Backbone →](02-mpls.md)
Add all 8 course modules with converted markdown links Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-27 10:28:45 -07:00			`# Module 1: The Underlay — IS-IS`

			`> Course: [ISP Backbone Lab Course](../README.md)`
			`> Next: [Module 2: MPLS](02-mpls.md)`

			`---`

			`## Network Diagram`

			`![IS-IS Level 2 Topology](../diagrams/Module1_ISIS_Topology.png)`
			`IS-IS Level 2 domain — all P and PE routers with NET addresses and link subnets`

			`---`

			`## Why IS-IS and Not OSPF?`

			`Every major ISP on the planet runs IS-IS as their IGP (Interior Gateway Protocol). Here's why:`

			`1. IS-IS runs on Layer 2 — it doesn't need IP to function. OSPF runs on top of IP. This means IS-IS is more resilient; if your IP config is broken, IS-IS still forms adjacencies.`
			`2. Protocol-agnostic — IS-IS carried IPv4, IPv6, and MPLS labels long before OSPF could. It was designed to carry any protocol (it originally carried CLNS).`
			`3. Scales better — IS-IS uses a flat TLV (Type-Length-Value) structure, making it trivially extensible. Adding Segment Routing support to IS-IS was easy. Adding it to OSPF required new LSA types and was messy.`
			`4. Faster convergence — IS-IS partial route calculations (PRC) are more efficient than OSPF's.`
			`5. Convention — When everyone uses IS-IS, interop is easier. It's the industry standard for SP networks.`

			`## IS-IS Key Concepts`

			`Levels:`
			`- Level 1 (L1) = Intra-area routing (like OSPF's intra-area routes)`
			`- Level 2 (L2) = Inter-area / backbone routing (like OSPF Area 0)`
			`- Level 1-2 = A router that participates in both (most PE routers)`

			`For our ISP: Everything runs Level 2 only. This is standard practice in SP networks. We're one big backbone — no need for L1 areas. Keeps it simple and fast.`

			`NET (Network Entity Title):`
			`This is IS-IS's address format. It looks weird but it's simple:`

			```
			`49.0001.0000.0000.0001.00`
			`│ │ │ │`
			`│ │ └──────────────┘── System ID (unique per router, often based on loopback IP)`
			`│ └── Area ID`
			`└── AFI (49 = private, always use this in labs)`
			```

			`Metric:`
			`IS-IS uses a flat metric (default: 10 on every link). We'll use wide metrics (mandatory for Segment Routing) and set costs based on link speed to influence traffic paths.`

			`## Lab 1 Config: IS-IS on the Core`

			`Goal: Full IS-IS adjacency across all P and PE routers. Every router can ping every other router's loopback.`

			`Addressing Plan:`

			`\| Router \| Loopback0 \| IS-IS NET \| Role \|`
			`\|--------\|-----------\|-----------\|------\|`
			`\| P1 \| 10.0.0.1/32 \| 49.0001.0000.0000.0001.00 \| Core P \|`
			`\| P2 \| 10.0.0.2/32 \| 49.0001.0000.0000.0002.00 \| Core P \|`
			`\| P3 \| 10.0.0.3/32 \| 49.0001.0000.0000.0003.00 \| Core P \|`
			`\| P4 \| 10.0.0.4/32 \| 49.0001.0000.0000.0004.00 \| Core P \|`
			`\| P-CORE \| 10.0.0.5/32 \| 49.0001.0000.0000.0005.00 \| Core P / RR \|`
			`\| PE-EDGE1 \| 10.0.0.11/32 \| 49.0001.0000.0000.0011.00 \| PE (AS65000 border) \|`
			`\| PE-EDGE2 \| 10.0.0.12/32 \| 49.0001.0000.0000.0012.00 \| PE (AS65000 cust) \|`
			`\| PE-EDGE3 \| 10.0.0.13/32 \| 49.0001.0000.0000.0013.00 \| PE (AS65100 border) \|`
			`\| PE-EDGE4 \| 10.0.0.14/32 \| 49.0001.0000.0000.0014.00 \| PE (AS65100 cust) \|`

			`Link Addressing (point-to-point, /30s):`

			`\| Link \| Subnet \| Router A IP \| Router B IP \|`
			`\|------\|--------\|-------------\|-------------\|`
			`\| P1 — PE-EDGE1 \| 10.1.1.0/30 \| .1 \| .2 \|`
			`\| P1 — P-CORE \| 10.1.1.4/30 \| .5 \| .6 \|`
			`\| P1 — P2 \| 10.1.1.8/30 \| .9 \| .10 \|`
			`\| P2 — PE-EDGE2 \| 10.1.1.12/30 \| .13 \| .14 \|`
			`\| P2 — P-CORE \| 10.1.1.16/30 \| .17 \| .18 \|`
			`\| P3 — PE-EDGE3 \| 10.1.1.20/30 \| .21 \| .22 \|`
			`\| P3 — P-CORE \| 10.1.1.24/30 \| .25 \| .26 \|`
			`\| P3 — P4 \| 10.1.1.28/30 \| .29 \| .30 \|`
			`\| P4 — PE-EDGE4 \| 10.1.1.32/30 \| .33 \| .34 \|`
			`\| P4 — P-CORE \| 10.1.1.36/30 \| .37 \| .38 \|`
			`\| PE-EDGE1 — IXP \| 172.16.0.0/24 \| .1 \| — \|`
			`\| PE-EDGE3 — IXP \| 172.16.0.0/24 \| .3 \| — \|`

			`Sample Config — P1 (IOS-XE / IOSv):`

			```
			`hostname P1`
			`!`
			`interface Loopback0`
			`ip address 10.0.0.1 255.255.255.255`
			`ip router isis YOURSP`
			`!`
			`interface GigabitEthernet0/1`
			`description TO PE-EDGE1`
			`ip address 10.1.1.1 255.255.255.252`
			`ip router isis YOURSP`
			`isis network point-to-point`
			`isis metric 10`
			`no shutdown`
			`!`
			`interface GigabitEthernet0/2`
			`description TO P-CORE`
			`ip address 10.1.1.5 255.255.255.252`
			`ip router isis YOURSP`
			`isis network point-to-point`
			`isis metric 10`
			`no shutdown`
			`!`
			`interface GigabitEthernet0/3`
			`description TO P2`
			`ip address 10.1.1.9 255.255.255.252`
			`ip router isis YOURSP`
			`isis network point-to-point`
			`isis metric 10`
			`no shutdown`
			`!`
			`router isis YOURSP`
			`net 49.0001.0000.0000.0001.00`
			`is-type level-2-only`
			`metric-style wide`
			`log-adjacency-changes`
			`passive-interface Loopback0`
			```

			`## Verification Commands`

			```
			`show isis neighbors ! Are adjacencies UP?`
			`show isis database detail ! What LSPs do we have?`
			`show ip route isis ! Are all loopbacks in the table?`
			`ping 10.0.0.5 source 10.0.0.1 ! Can P1 reach P-CORE?`
			`show isis topology ! Visual of the IS-IS graph`
			```

			`## Understanding Check`

			`Before moving on, you should be able to answer:`
			`1. Why does the ISP use Level 2 only?`
			`2. What's the System ID in the NET, and why do we derive it from the loopback?`
			3. Why `isis network point-to-point` on every link?
			4. What happens if you forget `metric-style wide`? (Hint: Segment Routing won't work)

			`---`

			`> Next Module: [Module 2: MPLS — Labeling the Backbone →](02-mpls.md)`