IS-IS is fairly simple as configuration (in our lab). Very similar as OSPF so I think there is no need of details here.
Some key points are:
- LRC3 policy-statement isis-export: export received routes from ISIS to BGP
- LRC3 policy-statement eBGP-export: is updated to export received routes from BGP to ISIS plus 10.0.4.0/30 network (LRC3 FRR-arm64 network)
FRR-arm64
# frr-arm64 networks
# show interface lo
Interface lo is up, line protocol is up
Link ups: 0 last: (never)
Link downs: 0 last: (never)
vrf: default
index 1 metric 0 mtu 65536 speed 0
flags: <UP,LOOPBACK,RUNNING>
Type: Loopback
inet 200.4.4.4/32 lo:10
Interface Type Other
Interface Slave Type None
protodown: off
# show interface eth0
Interface eth0 is up, line protocol is up
Link ups: 1 last: 2023/12/08 17:49:38.93
Link downs: 1 last: 2023/12/08 17:49:35.71
vrf: default
index 2 metric 0 mtu 1500 speed 1000
flags: <UP,BROADCAST,RUNNING,MULTICAST>
Type: Ethernet
HWaddr: 6e:6a:c9:b9:01:80
inet 10.0.4.2/30
inet6 fe80::6c6a:c9ff:feb9:180/64
Interface Type Other
Interface Slave Type None
protodown: off
# frr is-is
!
ip router-id 200.4.4.4
!
interface lo
ip router isis 1
exit
!
interface eth0
ip router isis 1
exit
!
router isis 1
net 49.0002.0010.0004.0002.00
exit
!
end
LR3
# configure iso interfaces LR3 frr-arm64
set interfaces lo0 unit 3 family iso address 49.0002.0010.0004.0001.00
set interfaces ge-0/0/4 unit 0 family iso
# export routes from bgp to isis
set policy-options policy-statement isis-export term from-bgp from protocol bgp
set policy-options policy-statement isis-export term from-bgp then accept
# configure isis
set protocols isis interface lo0.3 passive
set protocols isis interface ge-0/0/4.0
set protocols isis export isis-export
# update eBGP export to include isis received routes
set policy-options policy-statement eBGP-export term from-isis from protocol isis
set policy-options policy-statement eBGP-export term from-isis then accept
# update eBGP export to include LR3 frr-adm64 network
set policy-options policy-statement eBGP-export term from-direct from protocol direct
set policy-options policy-statement eBGP-export term from-direct from route-filter 10.0.4.0/30 exact
set policy-options policy-statement eBGP-export term from-direct then accept
Validation
LR03
# note: noe4.sof.dachev.lan is frr-arm64
# check isis neighbors
lr3@acx1100:lr3> show isis adjacency
Interface System L State Hold (secs) SNPA
ge-0/0/4.0 noe4.sof.dachev.lan 1 Up 28 6e:6a:c9:b9:1:80
ge-0/0/4.0 noe4.sof.dachev.lan 2 Up 29 6e:6a:c9:b9:1:80
# isis routing table
lr3@acx1100:lr3> show isis route
IS-IS routing table Current version: L1: 27 L2: 33
IPv4/IPv6 Routes
----------------
Prefix L Version Metric Type Interface NH Via Backup Score
0.0.0.0/0 1 27 10 int ge-0/0/4.0 IPV4 noe4.sof.dachev.lan
200.4.4.4/32 1 27 20 int ge-0/0/4.0 IPV4 noe4.sof.dachev.lan
# check connectivity to frr-arm64 loopback network
lr3@acx1100:lr3> ping count 3 200.4.4.4
PING 200.4.4.4 (200.4.4.4): 56 data bytes
64 bytes from 200.4.4.4: icmp_seq=0 ttl=64 time=1.310 ms
64 bytes from 200.4.4.4: icmp_seq=1 ttl=64 time=1.262 ms
64 bytes from 200.4.4.4: icmp_seq=2 ttl=64 time=1.274 ms
--- 200.4.4.4 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.262/1.282/1.310/0.020 ms
FRR-arm64
# check isis neighbor
noe4.sof.dachev.lan# show isis neighbor
Area 1:
System Id Interface L State Holdtime SNPA
acx1100-lr3 eth0 1 Up 21 288a.1c7d.d904
acx1100-lr3 eth0 2 Up 22 288a.1c7d.d904
# isis routing table
noe4.sof.dachev.lan# show isis route
Area 1:
IS-IS L1 IPv4 routing table:
Prefix Metric Interface Nexthop Label(s)
-----------------------------------------------------
10.0.0.0/22 20 eth0 10.0.4.1 -
10.0.4.0/30 20 eth0 10.0.4.1 -
100.1.1.1/32 20 eth0 10.0.4.1 -
100.1.2.3/32 20 eth0 10.0.4.1 -
100.2.2.2/32 20 eth0 10.0.4.1 -
100.3.3.3/32 10 eth0 10.0.4.1 -
200.4.4.4/32 0 - - -
IS-IS L2 IPv4 routing table:
Prefix Metric Interface Nexthop Label(s)
-----------------------------------------------------
10.0.0.0/22 20 eth0 10.0.4.1 -
10.0.4.0/30 20 eth0 10.0.4.1 -
100.1.1.1/32 20 eth0 10.0.4.1 -
100.1.2.3/32 20 eth0 10.0.4.1 -
100.2.2.2/32 20 eth0 10.0.4.1 -
100.3.3.3/32 10 eth0 10.0.4.1 -
200.4.4.4/32 30 eth0 10.0.4.1 -
# note: Default route is receive via dhcp :)
noe4.sof.dachev.lan# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
K>* 0.0.0.0/0 [0/0] via 10.0.4.1, eth0, 05:16:25
I>* 10.0.0.0/22 [115/20] via 10.0.4.1, eth0, weight 1, 04:14:57
I 10.0.4.0/30 [115/20] via 10.0.4.1, eth0 inactive, weight 1, 04:23:33
C>* 10.0.4.0/30 is directly connected, eth0, 05:16:25
I>* 100.1.1.1/32 [115/20] via 10.0.4.1, eth0, weight 1, 04:14:57
I>* 100.1.2.3/32 [115/20] via 10.0.4.1, eth0, weight 1, 04:14:57
I>* 100.2.2.2/32 [115/20] via 10.0.4.1, eth0, weight 1, 04:14:57
I>* 100.3.3.3/32 [115/10] via 10.0.4.1, eth0, weight 1, 04:23:33
C>* 200.4.4.4/32 is directly connected, lo, 05:16:32
# check connectivity to acx1100 loopback network (via default route)
root@noe4:~# ping -c 3 100.0.1.1
PING 100.0.1.1 (100.0.1.1) 56(84) bytes of data.
64 bytes from 100.0.1.1: icmp_seq=1 ttl=62 time=0.975 ms
64 bytes from 100.0.1.1: icmp_seq=2 ttl=62 time=0.930 ms
64 bytes from 100.0.1.1: icmp_seq=3 ttl=62 time=0.959 ms
--- 100.0.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.930/0.954/0.975/0.018 ms
# check connectivity to LRC loopback network
root@noe4:~# ping -c 3 100.1.2.3
PING 100.1.2.3 (100.1.2.3) 56(84) bytes of data.
64 bytes from 100.1.2.3: icmp_seq=1 ttl=63 time=0.792 ms
64 bytes from 100.1.2.3: icmp_seq=2 ttl=63 time=1.00 ms
64 bytes from 100.1.2.3: icmp_seq=3 ttl=63 time=1.10 ms
--- 100.1.2.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.792/0.963/1.098/0.127 ms
# check connectivity to LR1 loopback network
root@noe4:~# ping -c 3 100.1.1.1
PING 100.1.1.1 (100.1.1.1) 56(84) bytes of data.
64 bytes from 100.1.1.1: icmp_seq=1 ttl=62 time=0.758 ms
64 bytes from 100.1.1.1: icmp_seq=2 ttl=62 time=1.05 ms
64 bytes from 100.1.1.1: icmp_seq=3 ttl=62 time=1.03 ms
--- 100.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2029ms
rtt min/avg/max/mdev = 0.758/0.945/1.050/0.132 ms
# check connectivity to LR2 loopback network
root@noe4:~# ping -c 3 100.2.2.2
PING 100.2.2.2 (100.2.2.2) 56(84) bytes of data.
64 bytes from 100.2.2.2: icmp_seq=1 ttl=62 time=0.759 ms
64 bytes from 100.2.2.2: icmp_seq=2 ttl=62 time=1.09 ms
64 bytes from 100.2.2.2: icmp_seq=3 ttl=62 time=1.04 ms
--- 100.2.2.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2017ms
rtt min/avg/max/mdev = 0.759/0.962/1.092/0.145 ms
# check connectivity to LR3 loopback network
root@noe4:~# ping -c 3 100.3.3.3
PING 100.3.3.3 (100.3.3.3) 56(84) bytes of data.
64 bytes from 100.3.3.3: icmp_seq=1 ttl=64 time=0.763 ms
64 bytes from 100.3.3.3: icmp_seq=2 ttl=64 time=1.07 ms
64 bytes from 100.3.3.3: icmp_seq=3 ttl=64 time=1.02 ms
--- 100.3.3.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2018ms
rtt min/avg/max/mdev = 0.763/0.952/1.071/0.135 ms
# check connectivity to internet
root@noe4:~# ping -c 3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=11.0 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=9.42 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=56 time=6.52 ms
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 6.517/8.975/10.987/1.851 ms
# traceroute to internet
root@noe4:~# traceroute -n 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 10.0.4.1 2.243 ms 2.165 ms 2.120 ms
2 10.0.3.2 2.662 ms 2.619 ms 2.577 ms
3 10.0.0.1 2.535 ms 2.495 ms 2.454 ms
4 172.20.13.254 333.059 ms 333.018 ms 332.982 ms
5 82.137.110.2 332.948 ms 332.903 ms 332.862 ms
6 * * *
7 * * *
8 212.39.66.222 330.174 ms 330.335 ms 330.046 ms
9 * * *
10 8.8.8.8 499.099 ms 498.991 ms 498.868 ms
# traceroute to LR1
root@noe4:~# traceroute -n 100.1.1.1
traceroute to 100.1.1.1 (100.1.1.1), 30 hops max, 60 byte packets
1 10.0.4.1 2.097 ms 2.235 ms 2.190 ms
2 10.0.3.2 2.146 ms 2.104 ms 2.340 ms
3 100.1.1.1 1.801 ms 1.760 ms 1.718 msFRR-arm64 (to any network)
We will use the arm64 sbc to check connectivity to all networks since will be more easy to be done with simple scripting 🙂 .. more info here
# all configured ip addresses
root@noe4:~# cat /tmp/ips.txt
8.8.8.8
172.20.13.254
10.0.0.1
100.0.1.1
10.0.0.2
10.0.1.2
10.0.2.2
10.0.3.2
100.1.2.3
10.0.1.1
100.1.1.1
10.0.2.1
100.2.2.2
10.0.3.1
10.0.4.1
100.3.3.3
10.0.4.2
200.4.4.4
# very simple ping test
root@noe4:~# for i in `cat /tmp/ips.txt`; do echo ''; ping -c 3 $i; done
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=3.55 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=3.10 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=56 time=3.06 ms
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 3.057/3.237/3.554/0.224 ms
PING 172.20.13.254 (172.20.13.254) 56(84) bytes of data.
64 bytes from 172.20.13.254: icmp_seq=1 ttl=61 time=1.90 ms
64 bytes from 172.20.13.254: icmp_seq=2 ttl=61 time=1.16 ms
64 bytes from 172.20.13.254: icmp_seq=3 ttl=61 time=1.38 ms
--- 172.20.13.254 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.160/1.479/1.903/0.312 ms
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=62 time=0.868 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=62 time=1.03 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=62 time=1.03 ms
--- 10.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.868/0.975/1.034/0.076 ms
PING 100.0.1.1 (100.0.1.1) 56(84) bytes of data.
64 bytes from 100.0.1.1: icmp_seq=1 ttl=62 time=0.827 ms
64 bytes from 100.0.1.1: icmp_seq=2 ttl=62 time=1.03 ms
64 bytes from 100.0.1.1: icmp_seq=3 ttl=62 time=4.13 ms
--- 100.0.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.827/1.997/4.133/1.512 ms
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=0.951 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=63 time=1.10 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=63 time=1.04 ms
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.951/1.030/1.099/0.060 ms
PING 10.0.1.2 (10.0.1.2) 56(84) bytes of data.
64 bytes from 10.0.1.2: icmp_seq=1 ttl=63 time=0.905 ms
64 bytes from 10.0.1.2: icmp_seq=2 ttl=63 time=1.04 ms
64 bytes from 10.0.1.2: icmp_seq=3 ttl=63 time=0.903 ms
--- 10.0.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.903/0.947/1.035/0.061 ms
PING 10.0.2.2 (10.0.2.2) 56(84) bytes of data.
64 bytes from 10.0.2.2: icmp_seq=1 ttl=63 time=0.841 ms
64 bytes from 10.0.2.2: icmp_seq=2 ttl=63 time=1.05 ms
64 bytes from 10.0.2.2: icmp_seq=3 ttl=63 time=1.11 ms
--- 10.0.2.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.841/1.002/1.113/0.116 ms
PING 10.0.3.2 (10.0.3.2) 56(84) bytes of data.
64 bytes from 10.0.3.2: icmp_seq=1 ttl=63 time=0.742 ms
64 bytes from 10.0.3.2: icmp_seq=2 ttl=63 time=1.04 ms
64 bytes from 10.0.3.2: icmp_seq=3 ttl=63 time=1.08 ms
--- 10.0.3.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2017ms
rtt min/avg/max/mdev = 0.742/0.954/1.079/0.150 ms
PING 100.1.2.3 (100.1.2.3) 56(84) bytes of data.
64 bytes from 100.1.2.3: icmp_seq=1 ttl=63 time=0.771 ms
64 bytes from 100.1.2.3: icmp_seq=2 ttl=63 time=1.06 ms
64 bytes from 100.1.2.3: icmp_seq=3 ttl=63 time=1.11 ms
--- 100.1.2.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.771/0.979/1.110/0.148 ms
PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data.
64 bytes from 10.0.1.1: icmp_seq=1 ttl=62 time=0.810 ms
64 bytes from 10.0.1.1: icmp_seq=2 ttl=62 time=1.09 ms
64 bytes from 10.0.1.1: icmp_seq=3 ttl=62 time=1.12 ms
--- 10.0.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.810/1.005/1.117/0.138 ms
PING 100.1.1.1 (100.1.1.1) 56(84) bytes of data.
64 bytes from 100.1.1.1: icmp_seq=1 ttl=62 time=0.787 ms
64 bytes from 100.1.1.1: icmp_seq=2 ttl=62 time=1.06 ms
64 bytes from 100.1.1.1: icmp_seq=3 ttl=62 time=1.09 ms
--- 100.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.787/0.978/1.088/0.135 ms
PING 10.0.2.1 (10.0.2.1) 56(84) bytes of data.
64 bytes from 10.0.2.1: icmp_seq=1 ttl=62 time=0.774 ms
64 bytes from 10.0.2.1: icmp_seq=2 ttl=62 time=1.07 ms
64 bytes from 10.0.2.1: icmp_seq=3 ttl=62 time=1.10 ms
--- 10.0.2.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.774/0.979/1.098/0.145 ms
PING 100.2.2.2 (100.2.2.2) 56(84) bytes of data.
64 bytes from 100.2.2.2: icmp_seq=1 ttl=62 time=0.777 ms
64 bytes from 100.2.2.2: icmp_seq=2 ttl=62 time=1.06 ms
64 bytes from 100.2.2.2: icmp_seq=3 ttl=62 time=1.10 ms
--- 100.2.2.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.777/0.979/1.096/0.143 ms
PING 10.0.3.1 (10.0.3.1) 56(84) bytes of data.
64 bytes from 10.0.3.1: icmp_seq=1 ttl=64 time=0.925 ms
64 bytes from 10.0.3.1: icmp_seq=2 ttl=64 time=1.06 ms
64 bytes from 10.0.3.1: icmp_seq=3 ttl=64 time=1.08 ms
--- 10.0.3.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.925/1.022/1.082/0.069 ms
PING 10.0.4.1 (10.0.4.1) 56(84) bytes of data.
64 bytes from 10.0.4.1: icmp_seq=1 ttl=64 time=0.787 ms
64 bytes from 10.0.4.1: icmp_seq=2 ttl=64 time=0.887 ms
64 bytes from 10.0.4.1: icmp_seq=3 ttl=64 time=1.08 ms
--- 10.0.4.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.787/0.919/1.084/0.123 ms
PING 100.3.3.3 (100.3.3.3) 56(84) bytes of data.
64 bytes from 100.3.3.3: icmp_seq=1 ttl=64 time=0.755 ms
64 bytes from 100.3.3.3: icmp_seq=2 ttl=64 time=1.18 ms
64 bytes from 100.3.3.3: icmp_seq=3 ttl=64 time=1.04 ms
--- 100.3.3.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.755/0.992/1.178/0.176 ms
PING 10.0.4.2 (10.0.4.2) 56(84) bytes of data.
64 bytes from 10.0.4.2: icmp_seq=1 ttl=64 time=0.111 ms
64 bytes from 10.0.4.2: icmp_seq=2 ttl=64 time=0.181 ms
64 bytes from 10.0.4.2: icmp_seq=3 ttl=64 time=0.183 ms
--- 10.0.4.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2027ms
rtt min/avg/max/mdev = 0.111/0.158/0.183/0.033 ms
PING 200.4.4.4 (200.4.4.4) 56(84) bytes of data.
64 bytes from 200.4.4.4: icmp_seq=1 ttl=64 time=0.105 ms
64 bytes from 200.4.4.4: icmp_seq=2 ttl=64 time=0.164 ms
64 bytes from 200.4.4.4: icmp_seq=3 ttl=64 time=0.165 ms
--- 200.4.4.4 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2038ms
rtt min/avg/max/mdev = 0.105/0.144/0.165/0.028 msAt this point any logical system/node must have access to any ip / network