[c-nsp] How to effect a totally stubby area in IS-IS
Vitkovsky, Adam
avitkovsky at emea.att.com
Fri Jun 24 03:05:45 EDT 2011
Hi there,
I believe what you are looking for is the isis multi-area feature:
=============================================================
Router in the core:
router isis
net 49.0000.0000.0000.0001.00
net 49.9999.0000.0000.0001.00
is-type level-2-only
log-adjacency-changes
passive-interface Loopback1
=============================================================
BB1
interface Serial1/0
ip address 12.0.0.2 255.255.255.0
ip router isis AREA-0
serial restart-delay 0
clns router isis AREA-0
!
interface Serial1/1
ip address 24.0.0.2 255.255.255.0
ip router isis AREA-1
serial restart-delay 0
!
interface Serial1/2
ip address 25.0.0.2 255.255.255.0
ip router isis AREA-2
serial restart-delay 0
----------------------------------------------------------
-if BB can't see the core it'll stop adv LSPs with ATT bit
-thus POP will not install default towards that BB router
clns filter-set nonexist permit 49.9999
route-map nonexist permit 10
match clns address nonsexist
-----------------------------------------------------------
router isis AREA-0 <-L12 by default
net 49.0000.0000.0000.0002.00
log-adjacency-changes
partition avoidance
!
router isis AREA-1
net 49.0001.0000.0000.0002.00
is-type level-1
set-attached-bit route-map nonexist
log-adjacency-changes
partition avoidance
!
router isis AREA-2
net 49.0002.0000.0000.0002.00
is-type level-1
set-attached-bit route-map nonexist
log-adjacency-changes
partition avoidance
(redistribution between L1 and L12 processes is automatic)
=============================================================
BB2
interface Serial1/0
ip address 13.0.0.3 255.255.255.0
ip router isis AREA-0
serial restart-delay 0
clns router isis AREA-0
!
interface Serial1/1
ip address 34.0.0.3 255.255.255.0
ip router isis AREA-1
serial restart-delay 0
!
interface Serial1/2
ip address 35.0.0.3 255.255.255.0
ip router isis AREA-2
serial restart-delay 0
clns filter-set nonexist permit 49.9999
route-map nonexist permit 10
match clns address nonsexist
router isis AREA-0
net 49.0000.0000.0000.0003.00
log-adjacency-changes
partition avoidance
!
router isis AREA-1
net 49.0001.0000.0000.0003.00
is-type level-1
set-attached-bit route-map nonexist
log-adjacency-changes
partition avoidance
!
router isis AREA-2
net 49.0002.0000.0000.0003.00
is-type level-1
set-attached-bit route-map nonexist
log-adjacency-changes
partition avoidance
!
=============================================================
POP1
router isis
net 49.0001.0000.0000.0004.00
is-type level-1
passive-interface Loopback1
=============================================================
POP2
router isis
net 49.0002.0000.0000.0005.00
is-type level-1
passive-interface Loopback1
adam
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of David Barak
Sent: Friday, June 24, 2011 3:29 AM
To: cisco-nsp at puck.nether.net; Jared Gillis
Subject: Re: [c-nsp] How to effect a totally stubby area in IS-IS
--- On Thu, 6/23/11, Jared Gillis <jared.a.gillis at gmail.com> wrote:
> Okay, I see what this is doing. I set this up in the lab,
> and it worked as you described, however, if I have two POPs
> connected to one BB router, both POP routers see each
> other's L1 announcements (I assume because they are in the
> same area). This config should limit the "leaked" routes to
> only other POPs directly connected to the same BB, but we
> really need to get the POPs to only ever receive default, as
> we've got upwards of 30 POPs connecting to each BB router.
> Also, to throw another monkey wrench in the works, each POP
> is redundantly homed off two BBs, so it would learn double
> the number of prefixes learned by the POP.
>
> Here's a quick diagram of what the network needs to look
> like:
> BB1---BB2
> |\ /|
> | \ / |
> \ POP1 /
> \ /
> \ /
> POP2
>
> The BBs should be learn all routes in the network (L2), and
> the POPs can be whatever level, but they should only learn
> default, ever.
>
That type of topology will be problematic in this context - if BB1 and BB2 are in different areas, then POP1 and POP2 would both be single-homed. If they're in the same area, then POP1 will see POP2's routes. If the POPs are L1/L2, they'll definitely see each other's routes. Would it work to use ISIS for just the loopbacks and interfaces, and then carry all of the other routes in BGP?
Alternatively, you could add more routers to the topology so that they could stay dual-homed in a single area, but that can be expensive depending on the platform.
David Barak
Need Geek Rock? Try The Franchise:
http://www.listentothefranchise.com
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list