goodmorning nanog,
I heard that OSPF is only famous in asia region...
So that, please could you explain me
1. what is your backbone's IGP protocol?
2. why you choose it?
thanks,
This is a 20+ year old discussion. There are lots of comparisons.
https://nsrc.org/workshops/2017/ubuntunet-bgp-nrens/networking/nren/en/presentations/08-ISIS-vs-OSPF.pdf
https://www.nanog.org/meetings/nanog49/presentations/Sunday/Shamim_Which_Routing_N49.pdf
https://www.nada.kth.se/kurser/kth/2D1490/03/papers/Comparitive_Study_of_OSPF_and_ISIS.txt
goodmorning nanog,
I heard that OSPF is only famous in asia region...
So that, please could you explain me1. what is your backbone's IGP protocol?
IS-IS
2. why you choose it?
Single topology, supported by everything for IPv6 and IP(classic).
- jared
1. IS-IS for loopbacks and iBGP on the loopbacks for everything else.
2. It was much easier to use than OSPF and seems to scale better.
I don't know where you heard that but it is probably incorrect. Here is what I think you will find.
1. Most large networks (service providers) supporting MPLS will be using ISIS as their IGP. Some will have islands of OSPF because not everything speaks ISIS.
2. Most corporate networks will be running OSPF and/or EIGRP as an IGP.
Steven Naslund
Chicago IL
And I'm sure there's still some crazies out there using RIPv2. 
The war is over.
In IETF the OSPF and ISIS working groups merged. Now all of it is “link-state routing”.
Yeah there are those.
Steve
Notably, support for OSPF is somewhat common on "layer 3 switch" products while IS-IS support is significantly less common.
Most "router" products seem to support either.
I was of the impression that there was a draft or similar for single-topology (IPv4+IPv6) OSPF. Did anything ever come of that?
Juniper support IPv4 families (“realms”) in OSPFv3.
Aled
1. what is your backbone's IGP protocol?
IS-IS.
2. why you choose it?
Main reasons:
\- Stringy, i\.e\., no "all must pay taxes to Area 0" decree\.
\- Integrated for IPv4 and IPv6\.
\- Doesn't run over IP\.
Mark.
Multiple Address Families in OSPFv3.
But NLRI is conveyed over IPv6, even for IPv4. First saw it in Junos 9,
way back when.
Mark.
Available on IOS too.
Problem for an ISP (OSPFv3 with AFs): if v6 breaks, v4 breaks too since OSPFv3 runs over v6 (even when carrying v4 AF)? Better with separate OSPFv2 and v3 instances.
From Asia region (Bhutan):
I heard that OSPF is only famous in asia region…
Not necessarily 
1. what is your backbone's IGP protocol?
IS-IS
2. why you choose it?
OSPFv3 was quite flaky (could have been OS bugs), and there wasn’t v4 support until rfc5838, so migrated to IS-IS when deploying v6 (with Philip Smith’s help).
But preferred multi topology to allow for incremental v6 deployment (without affecting v4).
Why is this upside? I've seen on two platforms (7600, MX) ISIS punted
on routers running ISIS without interface having ISIS. With no
ability to limit it, so any connected interface can DoS device with
trivial pps rate, if ISIS is being ran. Are you testing this vector?
Also, no one really understands how 802.3+CLNS interact with ISIS.
It's probably globally dozen people, all open source implementations
seem to copy from early Zebra implementation. And implementations are
opportunistic, just enough to make it work, not actually enough to be
standard compliant 802.3+CLNS. Just question of what is ES-IS role in
all this, gives debates with subject matter experts.
To me this is downside, I'd rather have ISIS run over EthernetII and
IP. But at that point, why bother, why not just kill it and run OSPF3.
I'm paying vendor to implement and maintain both protocols, and there
does not seem to have good justification for both to exist.
Disclaimer: all networks I've operated have been ISIS networks, and
I'll continue using ISIS, not because I think it is better, but
because I think the codebase gets more exposure in networks like the
on I need to run.
Hi,
For those that got involved in fixing a network that goes down due to OSPF spoofed packets… (Before OSPFv2|3)
- Security for IS-IS
Do you know connected host can't talk ISIS to you?
ISIS is false security. In modern platforms OSPF almost always can be
protected (iACL), ISIS in many times cannot. I'd run MD5 in either
case.
Thanks for all to letting me know.
I have operating OSPF/iBGP backbone for 10+ years, now my brain has
entrenched to OSPF.
Now, I beginning to learn IS-IS for more knowledge.
thanks!
> Main reasons:
> - Doesn't run over IP.Why is this upside? I've seen on two platforms (7600, MX) ISIS punted
on routers running ISIS without interface having ISIS. With no
ability to limit it, so any connected interface can DoS device with
trivial pps rate, if ISIS is being ran.
I guess the OPs original question wasn't clear enough because, I think
most people are talking about IS-IS vs OSPF2/3 from a theoretical
protocol perspective, and you're talking from a practical vendor
implementation perspective.
From a purely theoretical perspective I see IS-IS not running over IP
as an advantage too. No mater what routes I inject into my IGP, IS-IS
won't stop working. I may totally fsck my IP reachability but IS-IS
will still work, which means that when I fix the issue, service should
be restored quite quickly. Several networks I've seen place management
in a VRF / L3 VPN, which means that by the time you have remote
management access, everything else is already working, it's like the
last thing to come up when there's been a problem. I like the
"management in the IGP + IS-IS" design.
However, in reality the vendor implementation blows the protocol
design out of the water. You need to consider both when evaluating a
new IGP. Cisco nearly implemented a handy feature with
prefix-suppression, whereby in IOS for OSPF only one would prevent
p-t-p links being advertised into the IGP database. But they didn't
implement this for IS-IS. Then in IOS-XR they removed this feature
from OSPF and implemented it for IS-IS ?!?! So yeah, vendors
implementations are just as important and the theoretical potential of
the protocol.
Oh yeah, forgot to answer the original question. For a greenfield
deployment I'd be happy with either OSPFv3 or IS-IS as long as it's
well designed I don't see much between them, it would come down to
vendor support then.
Cheers,
James.
We run a MPLS enabled network with internet in a VRF. Management is in VRF default (no VRF). The IGP is OSPFv2. IPv6 is handled by the L3VPN functionality of MPLS. So is IPv4.
The IPv4 that is controlled by OSPF is totally separate from everything except management and could really be any protocol. For a small network like ours, with everything in area 0 and VRF/L3VPN to handle dual stack, there is zero differences between is-is and OSPF. The IPv4 management network is not any more reachable than the is-is protocol. There are no raw IPv6 packets on the wire and no need for the IGP to handle IPv6.
Also not true that the management network is the last thing to boot. In contrary, everything else depends on that being ready first. And that would also be true if we used is-is.
We chose OSPF because it was one less protocol to learn and one less ethernet type on the wire. But really it could be toss a coin.
Regards
Baldur
ons. 14. nov. 2018 14.55 skrev James Bensley <jwbensley@gmail.com>: