Understanding IS-IS NSAP Addresses
Lammle.com is currently releasing videos for the
OK, OK, most students find this whole competing IGP to OSPF strange enough to being with, but when they learn they have to configure an NSAP (also called a NET) address, that is when their eyes really glaze over. But in all actuality, this address is not that bad to work with, and the story of why we need it is even more interesting.
Remember, the IS-IS routing protocol still uses the ISO Connectionless Network Protocol (CLNP) in its operation. In fact, you can consider this the main protocol that it is using in its operation. The IPv4 or IPv6 prefixes that it is carrying for us is quite secondary. In fact, in academic routing terms, the prefixes being carried by the protocol are considered leaves hanging off of a tree that makes up the graph of shortest path first destinations.
So the routing for CLNP that still exists is the reason we must configure an NSAP address. First, let’s remind ourselves of what this configuration looks like at the CLI:
router isis
net 49.0001.0000.0000.000a.00
interface ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip router isis
interface serial 2/0
ip router isis
ip address 192.168.1.2 255.255.255.0
So we can really see where the NET is the only thing that looks strange to us. Notice how simple it is to establish the IS-IS router process, and how straightforward it is to configure IS-IS at the interface level where appropriate.
So what is that NET all about. Well – here is the breakdown:
Let’s take a sample NET as follows:
49.0011.2222.0000.0000.000A.00
The 49 is called the authority format identifier (AFI) and you will often see it set to 49 out of habit. This indicates “private assignment” and speaks to how IS-IS was thought to be the protocol that would make the Internet a reality when IS-IS was first being designed. The first part of the NET would be effectively advertising the domain to the world (think the AS in BGP). Since IS-IS is now used exclusively as an IGP, we like to just set this first part to 49 and be done with it.
The next part of our address is 00 and this is the Initial Domain Identifier or IDI. The original idea here was that you could use this value to indicate subdomains within your “AS” like routing domain. Today, we just typically ignore this value by setting it to 00.
Next up is the high-order domain specific part. Once again, this is an opportunity for you to get create if you want to identify certain portions of your network – I have this set to 11 in our example.
Finally, we have a part of the address that we can really feel comfortable with. This is the area identifier. Notice I have set mine to 2222.
Next up is the system identifier. This must be a unique value for each of our IS-IS routers. Sure, you could generate this from the MAC address of an interface or the backplane, but notice that we can easily just set it to be unique ourself. In my example, you will note that I have set the system ID to:
0000.0000.000A
Finally, we have the N selector value that we set to 00.
So, let’s examine 6 NET addresses I might construct for three different areas. I can configure them as follows:
Area 1111
49.0011.1111.0000.0000.0001.00
49.0011.1111.0000.0000.0002.00
Area 2222
49.0011.2222.0000.0000.0003.00
49.0011.2222.0000.0000.0004.00
Area 3333
49.0011.3333.0000.0000.0005.00
49.0011.3333.0000.0000.0006.00
Notice that this is really simple and nothing to get upset about! Sure there is a chance for typos that can mess everything up, but just call upon the remarkable Notepad to assist with this. Construct your NETs there and then paste them in to the appropriate routers.
Enjoy your exploration of IS-IS in the Cisco SPCOR course only at Lammle.com!