by having multiple areas, therefore ABR which deny routers and network LSA, you introduce summarization (ABR only send summary LSA, mean subnet info, not topology info) in your network.
Thus you loose informations and do not have a complete topology of your network. I guess MPLS/TE prefer to seat on top of a real topology ?
Yes, summarization in the IGP has the potential to create blackholes
and/or loops.
This reminds me of:
http://tools.ietf.org/id/draft-swallow-mpls-aggregate-fec-01.txt
Mark.
When we decided to go dual-stack many many years
ago, we faced the choice of either running OSPFv2
and OSPFv3 in parallel in the core, or just running
IS-IS. Several of us on the team had experience
with IS-IS from previous jobs, so we decided to
shift over from OSPF to IS-IS to simplify the
environment by only needing a single IGP for
both address families.
Hope this helps answer your question.
Thanks!
Matt
sorry for that, but the only one I've heard about switching his core IGP is
Yahoo. I've no precision, and it's really interest me.
I know that there had OSPF in the DC area, and ISIS in the core, and decide
to switch the core from ISIS to OSPF.
Wait, what?
*checks memory*
*checks routers*
Nope. Definitely went the other way; OSPF -> IS-IS in the core.
Why spend so much time/risk to switch from ISIS to OSPF, _in the core_ a not
so minor impact/task ?
So I could guess it's for maintain only one IGP and have standardized
config. But why OSPF against ISIS ? What could be the drivers? People skills
(more people know OSPF than ISIS) --> operational reason ?
I'm sorry you received the wrong information,
the migration was from OSPF to IS-IS, not
the other way around.
Thanks!
Matt
A lot of carriers use ISIS in the core so they can make use of the' overload bit' with a 'set-overload-bit on-startup wait-for-bgp". Keeps them from black holing Traffic while BGP reconverges., when you have millions of routes to converge it can take forever. It's also a really handy tool when you're troubleshooting or repairing a link, set the OL bit, and traffic gracefully moves, then when you're done it gracefully moves back. You can do the same thing with the Metric, and Cost in OSPF, just not quite as elegant.
Largely I think it's preference, ISIS and OSPF tackle most of the same stuff just in different ways.
-D
A lot of carriers use ISIS in the core so they can make use of the'
overload bit' with a 'set-overload-bit on-startup wait-for-bgp". Keeps
them from black holing Traffic while BGP reconverges., when you have
millions of routes to converge it can take forever. It's also a really
handy tool when you're troubleshooting or repairing a link, set the OL
bit, and traffic gracefully moves, then when you're done it gracefully
moves back. You can do the same thing with the Metric, and Cost in OSPF,
just not quite as elegant.
That feature is also present in OSPF. 'max metric router-lsa'.
There is running code now for IETF HOMENET using Quagga that speaks IS-IS over IPv6 (using IP proto 124) if you want to, it's configurable per-interface.
I do not know at this time what the status is for mainline Quagga IS-IS, but I've sent a question about it to Netdef about it
This is not exactly the same thing as overload-bit set, but it can be argued that setting max-metric actually makes more sense than what the overload bit does.
The choice between IS-IS and OSPF depends more on soft than hard factors. OSPF support is more widespread amongst smaller equipment vendors, IS-IS is the traditional choice for large ISP core IGP, mostly due to the Cisco codebase for IS-IS happened to be more stable than OSPF around 1995, and that's when a lot of larger ISPs started running these protocols, and that stuck.
There is no right or wrong IGP to run, both protocols have their quirks and pro:s and con:s.
Thanks, Mikael.
Mark.
Hi everyone,
Anybody from Yahoo to share experience on IGP choice ?
IS-IS vs OSPF, why did you switch from one to the other, for what reason ?
Same question could apply to other ISP, I'd like to heard some international
ISP/carriers design choice, please.
We use IS-IS in our network mostly because I was around when a bunch
of NREN switched to IS-IS some 15 years ago, and it stuck. It is, as
has been noted, mostly a matter of preference, but there is one or two
technical arguments for IS-IS that tip the scales for me;
- One IGP for both v6 and v4. Mostly interesting if you are running a
lot of traffic outside VRFen. But nevertheless a good thing to keep v6
and v4 in sync.
- No leakage. Not many external peers speak IS-IS on their peering
interfaces, so chances are that even if I do, nothing will fall over.
This of course also applies to access interfaces, where my hosts won't
even have an OSI stack and thus won't try to process the frames.
The argument for OSPF mostly is that there are several FOSS OSPF dæmons
for Posixly machines, making it a good choice for things like anycast
name servers or similar. We do run it for precisely this setup.
Do read the presentation Vijay Gill made and that people keep pointing to.
It is a very good account of how to purge OSPF in favour of IS-IS.
i may have missed it, but one of my fave features of is-is is that it is
a link-local non-ip protocol. hard to disrupt/attack remotely.
randy
i may have missed it, but one of my fave features of is-is is that it is
a link-local non-ip protocol. hard to disrupt/attack remotely.This is overlooked far too often IMNSHO. As is the comparison of
error/attack surface of "feature-rich" OSPF against "lean" IS-IS.
i just wish the is-is protocol folk had not suffered from so much ospf
feature envy and garbaged it up in a futile attempt to penetrate the
enterprise.
randy
Hi Matthew,
Thank a lot for your answer. This help me to understand, and make more sense to me :-).
Thanks,
-Marcel
It is rather nice that IS-IS does not require level-2 to be
contiguous, unlike area 0 in OSPF. It is a valid topology
in IS-IS to have different level-2 areas connected by
level-1 areas, though you do have to be somewhat
careful about what routes you propagate into-and-back-out-of
the intervening level-1 area.
But other than that, yeah, the two protocols are
pretty much homologous.
Matt
I found Route Leaking in IS-IS to be a moot endeavour because if one
wants to keep absolute routing inside the IGP, you'll want to have the
core and Loopback interface addresses in the IGP, particularly if you're
running an MPLS network.
In such a case, the only real gain you get from multi-level IS-IS is a
little quietness re: the LSP's being propagated within a particular
Level-1 Area. However, things like PRC (Partial Route Calculation) and
iSPF (Incremental SPF) help a lot here when you have a flat Level-2
IS-IS domain.
Mark.