Mar
13

IS-IS Multitopology: IPv4 and IPv6

1 Comment

When working with IPv6 prefixes in IS-IS, you can configure IS-IS to be in a single topology for both IPv4 and IPv6 or to run different topologies for IPv4 and IPv6. Reading all the official documentation about IS-IS Multitopology I didn’t get a clear conclusion, so I decided to check it out on the lab. And that’s what we’re going to do in this post :)

First of all, let’s see how IS-IS works by default when activating IPv6. The lab I’m going to use is as follows:

isis_multitopology

By default, IS-IS works in single-topology mode when activating IPv4 and IPv6. This means that the IS-IS topology will be built based on IS Reachability TLVs. When the base topology is built, then IPv4 prefixes (IP Reachability TLV) and IPv6 prefixes (IPv6 Reachability TLV) are added to each node as leaves, without checking if there is IPv6 connectivity between nodes.

Let’s imagine we have the above IPv4 and IPv6 address scheme. As we can see, adjacencies are formed regardless the IP scheme on the link:

R4# show isis neighbors
System Id      Type Interface   IP Address      State Holdtime Circuit Id
R1             L1   Fa1/0       10.10.14.1      UP    24       R4.01
R1             L2   Fa1/0       10.10.14.1      UP    29       R4.01
R5             L1   Fa2/0       10.10.45.5      UP    9        R5.01
R5             L2   Fa2/0       10.10.45.5      UP    9        R5.01
R4# show isis ipv6 topology
R4#
R4# show isis topology
IS-IS TID 0 paths to level-1 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   10         R1                   Fa1/0       ca00.0f26.0038
R2                   20         R1                   Fa1/0       ca00.0f26.0038
R4                   --
R5                   10         R5                   Fa2/0       ca04.0f5d.001c 

IS-IS TID 0 paths to level-2 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   10         R1                   Fa1/0       ca00.0f26.0038
R2                   20         R1                   Fa1/0       ca00.0f26.0038
R4                   --
R5                   10         R5                   Fa2/0       ca04.0f5d.001c

R4#


R5# show isis neighbors
System Id      Type Interface   IP Address      State Holdtime Circuit Id
R4             L1   Fa1/0       10.10.45.4      UP    24       R5.01
R4             L2   Fa1/0       10.10.45.4      UP    28       R5.01
R5# show isis ipv6 topology
R5#
R5# show isis topology
IS-IS TID 0 paths to level-1 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   20         R4                   Fa1/0       ca03.0f3b.0038
R2                   30         R4                   Fa1/0       ca03.0f3b.0038
R4                   10         R4                   Fa1/0       ca03.0f3b.0038
R5                   --

IS-IS TID 0 paths to level-2 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   20         R4                   Fa1/0       ca03.0f3b.0038
R2                   30         R4                   Fa1/0       ca03.0f3b.0038
R4                   10         R4                   Fa1/0       ca03.0f3b.0038
R5                   --
R5#

As we can see, the IS-IS IPv4 topology is built (IS Reachability TLV), and IPv4 and IPv6 prefixes are added to each node based on the information announced by each router (IP Reachability TLV and IPv6 Reachability TLV). IS-IS doesn’t check the IPv6 consistency in the actual topology, so we may come to the scenario where R5 thinks there is IPv6 connectivity to reach R1 IPv6 address, when indeed, there isn’t:

R5# sh ipv6 route
....
I1  2001:CC1E:1:1::1/128 [115/20]
     via FE80::C803:FFF:FE3B:38, FastEthernet1/0
I1  2001:CC1E:2:2::2/128 [115/30]
     via FE80::C803:FFF:FE3B:38, FastEthernet1/0
I1  2001:CC1E:4:4::4/128 [115/10]
     via FE80::C803:FFF:FE3B:38, FastEthernet1/0
LC  2001:CC1E:5:5::5/128 [0/0]
     via Loopback0, receive
...
R5# ping ipv6 2001:CC1E:1:1::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:CC1E:1:1::1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R5#
R5# ping ipv6 2001:cc1e:4:4::4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:CC1E:4:4::4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/32 ms

What can we do to avoid this behaviour? We can activate IS-IS Multitopology. Doing so, IS-IS creates two different topologies: one built based on IS Reachability TLVs and dedicated to IPv4 routing info, and a second one built based on Multitopology IS Reachability TLVs and dedicated to IPv6 routing info.

(in each router)
router isis
 net 49.0001.0050.0500.5005.00
 metric-style wide
 passive-interface Loopback0
 !
 address-family ipv6
  multi-topology
 exit-address-family
R5# show isis topology
IS-IS TID 0 paths to level-1 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   20         R4                   Fa1/0       ca03.0f3b.0038
R2                   30         R4                   Fa1/0       ca03.0f3b.0038
R4                   10         R4                   Fa1/0       ca03.0f3b.0038
R5                   --

IS-IS TID 0 paths to level-2 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   20         R4                   Fa1/0       ca03.0f3b.0038
R2                   30         R4                   Fa1/0       ca03.0f3b.0038
R4                   10         R4                   Fa1/0       ca03.0f3b.0038
R5                   --

R5# show isis ipv6 topology
IS-IS TID 2 paths to level-1 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   **
R2                   **
R4                   10         R4                   Fa1/0       ca03.0f3b.0038
R5                   --

IS-IS TID 2 paths to level-2 routers
System Id            Metric     Next-Hop             Interface   SNPA
R1                   **
R2                   **
R4                   10         R4                   Fa1/0       ca03.0f3b.0038
R5                   --

Having two different topologies, now IS-IS can add IPv4 prefixes and IPv6 prefixes to the correspondent node depending on the topology. Because in the IPv6 topology there is no connectivity between R1 and R4, the IPv6 info is consistent, and we can see that R4 and R5 doesn’t see R1 and R2 IPv6 prefixes as reachable:

R5# show ipv6 route
...
I1  2001:CC1E:4:4::4/128 [115/10]
     via FE80::C803:FFF:FE3B:38, FastEthernet1/0
LC  2001:CC1E:5:5::5/128 [0/0]
     via Loopback0, receive
...
R5# ping 2001:cc1e:4:4::4 sour lo0
Packet sent with a source address of 2001:CC1E:5:5::5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/10/20 ms

Of course, having two topologies increases the resources needed by each router, and also the runs twice the spf algorithm, since you need to keep two topology bases.
So all these make me think that a single-topology architecture is thought for dual-stack networks, where there is IPv4 and IPv6 connectivity end to end. While multitopology is for those scenarios where there may be some segments where IPv6 connectivity is not granted.

Please, if you like our post don’t forget to hit the google +1 button at the beginning of the article

Have fun!!

Jose Miguel Huertas

Jomi has been working on the networking industry for the last 9 years. Nowadays, he works as a Consultant Engineer at Telindus Spain. He holds the following certifications: CCIE R&S (#27028), CCNP, CCIP and JNCIS. In addition to networking and technological stuff, he loves playing funky music, and he's trying to learn to play trombone (hard stuff, man!!)

More Posts

Creative Commons License
The IS-IS Multitopology: IPv4 and IPv6 by CCIE Blog, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Tags: , , ,

Posted in CCIE SP Featured IPv6 Routing
1 Comment Posted by Jose Miguel Huertas

1 Response to "IS-IS Multitopology: IPv4 and IPv6"

  • Ralfjon says:
    March 21, 2013 at 10:36
    Reply

    Thanks for your post, I spend so long time to find reason why TE tunnel kills all my ISIS iPv6 RIB table… this was why!

Leave a Comment

CAPTCHA Image
*

Notify me of followup comments via e-mail. You can also subscribe without commenting.