When working with IPv6 prefixes in IS-IS, you can configure IS-IS to be in a single topology for both IPv4 and IPv6
or to run different topologies for IPv4 and IPv6.
For now I’ve added an IPv6 loopback and interface address. I’ve got IS-IS running in multi topology mode. I should still only see two LSPs from XR1’s perspective:
IPv6
When running both IPv4 and IPv6 at the same time, IS-IS can be run in single-topology or multi-topolgy mode. In single topology, all your IS-IS links need to have both v4 and v6 addresses as the SPF tree is run indenpently of prefix information. If the SPF tree is calculated to use a link without a v6 address, IPv6 traffic will be blackholed over that link.For now I’ve added an IPv6 loopback and interface address. I’ve got IS-IS running in multi topology mode. I should still only see two LSPs from XR1’s perspective:
RP/0/0/CPU0:XR1#show isis database Tue Aug 12 23:47:02.152 UTC IS-IS 1 (Level-2) Link State Database LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL XR1.00-00 * 0x0000001e 0x9683 1115 0/0/0 XR2.00-00 0x0000002b 0x62fa 1117 0/0/0 Total Level-2 LSP count: 2 Local Level-2 LSP count: 1IPv6 information is carried inside another TLV. Note also that there is a new NLPID value of 0x8e in the LSP. As you would guess this value represents IPv6:
RP/0/0/CPU0:XR1#show isis database detail XR2.00-00 Tue Aug 12 23:47:50.899 UTC IS-IS 1 (Level-2) Link State Database LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL XR2.00-00 0x0000002b 0x62fa 1068 0/0/0 Area Address: 49.0023 NLPID: 0xcc NLPID: 0x8e MT: Standard (IPv4 Unicast) MT: IPv6 Unicast 0/0/0 Hostname: XR2 IP Address: 2.2.2.2 IPv6 Address: 2001:db8:2:2::2 Metric: 10 IS XR1.00 Metric: 10 IP 2.2.2.2/32 Metric: 20 IP 3.3.3.3/32 Metric: 10 IP 10.0.12.0/24 Metric: 10 IP 10.0.23.0/24 Metric: 10 IP 200.200.200.200/32 Metric: 10 MT (IPv6 Unicast) IS-Extended XR1.00 Metric: 10 MT (IPv6 Unicast) IPv6 2001:db8:2:2::2/128 Metric: 10 MT (IPv6 Unicast) IPv6 2001:db8:12::/64When running multi-topology mode, you’ll see MT: plus the address families configured for multi-topology. If I change this to single topology:
RP/0/0/CPU0:XR1#show isis database XR2.00-00 detail Tue Aug 12 23:11:20.989 UTC IS-IS 1 (Level-2) Link State Database LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL XR2.00-00 0x00000023 0xd22a 1196 0/0/0 Area Address: 49.0023 NLPID: 0xcc NLPID: 0x8e Hostname: XR2 IP Address: 2.2.2.2 IPv6 Address: 2001:db8:2:2::2 Metric: 10 IS XR1.00 Metric: 10 IP 2.2.2.2/32 Metric: 10 IP 10.0.12.0/24 Metric: 10 IP 10.0.23.0/24 Metric: 10 IP 200.200.200.200/32 Metric: 10 IPv6 2001:db8:2:2::2/128 Metric: 10 IPv6 2001:db8:12::/64MT no longer shows up, and all TLVs are added as-is to the LSP.
First of all, let’s see how IS-IS works by default when activating IPv6. The lab I’m going to use is as follows:
By default, IS-IS works in single-topology mode when activating IPv4 and IPv6. This means that the IS-IS topology will be built based on IS Reachability TLVs. When the base topology is built, then IPv4 prefixes (IP Reachability TLV) and IPv6 prefixes (IPv6 Reachability TLV) are added to each node as leaves, without checking if there is IPv6 connectivity between nodes.
Let’s imagine we have the above IPv4 and IPv6 address scheme. As we can see, adjacencies are formed regardless the IP scheme on the link:
As we can see, the IS-IS IPv4 topology is built (IS Reachability TLV), and IPv4 and IPv6 prefixes are added to each node based on the information announced by each router (IP Reachability TLV and IPv6 Reachability TLV).
IS-IS doesn’t check the IPv6 consistency in the actual topology, so we
may come to the scenario where R5 thinks there is IPv6 connectivity to
reach R1 IPv6 address, when indeed, there isn’t:
What can we do to avoid this behaviour? We can activate IS-IS
Multitopology. Doing so, IS-IS creates two different topologies: one
built based on IS Reachability TLVs and dedicated to IPv4 routing info, and a second one built based on Multitopology IS Reachability TLVs and dedicated to IPv6 routing info.
Having two different topologies, now IS-IS can add IPv4 prefixes and
IPv6 prefixes to the correspondent node depending on the topology.
Because in the IPv6 topology there is no connectivity between R1 and R4,
the IPv6 info is consistent, and we can see that R4 and R5 doesn’t see
R1 and R2 IPv6 prefixes as reachable:
Of course, having two topologies increases the resources needed by
each router, and also the runs twice the spf algorithm, since you need
to keep two topology bases.
So all these make me think that a single-topology architecture is thought for dual-stack networks, where there is IPv4 and IPv6 connectivity end to end. While multitopology is for those scenarios where there may be some segments where IPv6 connectivity is not granted.
Let’s imagine we have the above IPv4 and IPv6 address scheme. As we can see, adjacencies are formed regardless the IP scheme on the link:
R4# show isis neighbors System Id Type Interface IP Address State Holdtime Circuit Id R1 L1 Fa1/0 10.10.14.1 UP 24 R4.01 R1 L2 Fa1/0 10.10.14.1 UP 29 R4.01 R5 L1 Fa2/0 10.10.45.5 UP 9 R5.01 R5 L2 Fa2/0 10.10.45.5 UP 9 R5.01 R4# show isis ipv6 topology R4# R4# show isis topology IS-IS TID 0 paths to level-1 routers System Id Metric Next-Hop Interface SNPA R1 10 R1 Fa1/0 ca00.0f26.0038 R2 20 R1 Fa1/0 ca00.0f26.0038 R4 -- R5 10 R5 Fa2/0 ca04.0f5d.001c IS-IS TID 0 paths to level-2 routers System Id Metric Next-Hop Interface SNPA R1 10 R1 Fa1/0 ca00.0f26.0038 R2 20 R1 Fa1/0 ca00.0f26.0038 R4 -- R5 10 R5 Fa2/0 ca04.0f5d.001cR4#
R5# show isis neighbors System Id Type Interface IP Address State Holdtime Circuit Id R4 L1 Fa1/0 10.10.45.4 UP 24 R5.01 R4 L2 Fa1/0 10.10.45.4 UP 28 R5.01 R5# show isis ipv6 topology R5# R5# show isis topology IS-IS TID 0 paths to level-1 routers System Id Metric Next-Hop Interface SNPA R1 20 R4 Fa1/0 ca03.0f3b.0038 R2 30 R4 Fa1/0 ca03.0f3b.0038 R4 10 R4 Fa1/0 ca03.0f3b.0038 R5 -- IS-IS TID 0 paths to level-2 routers System Id Metric Next-Hop Interface SNPA R1 20 R4 Fa1/0 ca03.0f3b.0038 R2 30 R4 Fa1/0 ca03.0f3b.0038 R4 10 R4 Fa1/0 ca03.0f3b.0038 R5 --
R5#
R5# sh ipv6 route
....
I1 2001:CC1E:1:1::1/128 [115/20]
via FE80::C803:FFF:FE3B:38, FastEthernet1/0
I1 2001:CC1E:2:2::2/128 [115/30]
via FE80::C803:FFF:FE3B:38, FastEthernet1/0
I1 2001:CC1E:4:4::4/128 [115/10]
via FE80::C803:FFF:FE3B:38, FastEthernet1/0
LC 2001:CC1E:5:5::5/128 [0/0]
via Loopback0, receive
...
R5# ping ipv6 2001:CC1E:1:1::1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2001:CC1E:1:1::1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R5# R5# ping ipv6 2001:cc1e:4:4::4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2001:CC1E:4:4::4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/32 ms
(in each router) router isis net 49.0001.0050.0500.5005.00 metric-style wide passive-interface Loopback0 ! address-family ipv6 multi-topology exit-address-family
R5# show isis topology IS-IS TID 0 paths to level-1 routers System Id Metric Next-Hop Interface SNPA R1 20 R4 Fa1/0 ca03.0f3b.0038 R2 30 R4 Fa1/0 ca03.0f3b.0038 R4 10 R4 Fa1/0 ca03.0f3b.0038 R5 -- IS-IS TID 0 paths to level-2 routers System Id Metric Next-Hop Interface SNPA R1 20 R4 Fa1/0 ca03.0f3b.0038 R2 30 R4 Fa1/0 ca03.0f3b.0038 R4 10 R4 Fa1/0 ca03.0f3b.0038 R5 -- R5# show isis ipv6 topology IS-IS TID 2 paths to level-1 routers System Id Metric Next-Hop Interface SNPA R1 ** R2 ** R4 10 R4 Fa1/0 ca03.0f3b.0038 R5 -- IS-IS TID 2 paths to level-2 routers System Id Metric Next-Hop Interface SNPA R1 ** R2 ** R4 10 R4 Fa1/0 ca03.0f3b.0038 R5 --
R5# show ipv6 route
...
I1 2001:CC1E:4:4::4/128 [115/10]
via FE80::C803:FFF:FE3B:38, FastEthernet1/0
LC 2001:CC1E:5:5::5/128 [0/0]
via Loopback0, receive
...
R5# ping 2001:cc1e:4:4::4 sour lo0 Packet sent with a source address of 2001:CC1E:5:5::5 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/10/20 ms
So all these make me think that a single-topology architecture is thought for dual-stack networks, where there is IPv4 and IPv6 connectivity end to end. While multitopology is for those scenarios where there may be some segments where IPv6 connectivity is not granted.
