Intermediate System to Intermediate System: The Other Link State ProtocolIntermediate System to Intermediate System, commonly abbreviated IS-IS, and unfortunately often attributed without the hyphen, began as a research project at Digital Equipment Corporation in 1986 as part of a suite of protocols named DECNET. [1]  It was a full 6 years later that IS-IS was offically recognized as “Intermediate System to Intermediate System intra-domain routeing information exchange protocol for use in conjunction with the protocol for providing the connectionless-mode network service,” with the first edition publication of ISO/IEC 10589:1992. [2] Recounting that storied six year gap is not the goal here, nor is itemizing the reasons in recent years that IS-IS has experienced a resurgence of interest. Instead, the intention of this article is to alleviate the hesitancy in adopting integrated IS-IS (TCP-IP implementation RFC 1195) in study, in lab work, and in any production network. [3]


While it is incumbent on students of networking to fill in all the puzzle pieces of a particular protocol, here the hope is to avoid getting slowed down with theory and cut to the chase operationally. The following presupposes Cisco IOS.


Network Entity Title

To be sure, a daunting part of the study of IS-IS is the Network Entity Title, or NET. Let's indulge ourselves by making the NET serve our purposes immediately.


An Intermediate System is identified by a NET, which is an obscure way of saying “address”. This NET (address) is the Network Service Access Point (NSAP), which ultimately identifies the instance of IS-IS that is running in the Intermediate System. It is roughly equivalent to an IP address. It may be between eight and twenty octets in length.


The NET is comprised of three fields:

    The Area Address may be 1 to 13 octets long

    The System ID is six octets long

    The NSEL (NSAP-Selector) is 1 octet long and is set to 00


As was alluded to earlier, simplification is key to this article; however, it cannot be stressed enough that there are many details of the NET as well as IS-IS in general that demand attention but that will not be indicated.


For the purposes of this discussion and practicality we will limit the NET to its 10-byte IP application. This is represented below by zero place holders within each field:


Note: see RFC 1629 for an exhaustive discourse [4]



As illustrated, the Area ID is comprised of 3 bytes. The first byte, reading left to right, is the Authority and Format Identifier, or AFI. The AFI has a binary value between 0 and 99, with 49 representing private address space. 49 is prevalent in most documentation, but I prefer 00 and will use 00 for the remainder of this article. Therefore, the Area ID may be represented as:




and so on...


The SysID is a 6-byte value that complies with the GOSIP version 2.0 standard (also discussed in.RFC 1629 [4] ). Let your imagination dictate the value as long as it is 6 bytes. It is convenient that a mac address fits nicely:


DABA.DABA.D000 [5]


While some might prefer a play on an ipv4 address, such as:


1920.1680.0101 representing


My preference is simplicity:




Finally, when the routing layer is expressed as the network service user, NSEL is set to 00. This is always true for the Cisco implementation. [6]


The preferred resulting NET is 00.0001.0000.0000.0001.00 which reads:


AFI 00 AREA ID 1 SysID 1 NSEL 00

or simply AREA ID 1 SysID 1 NSEL 00

and configured as:


    R1(config)#router isis

    R1(config-router)#net 00.0001.0000.0000.0001.00




Levels are are another challenge encountered when learning IS-IS. Levels delineate hierarchy, routers of type, adjacency and how the SPF calculation is performed. This looks and sounds complicatedit's not.


As areas are a hallmark of a link-state protocol, let's ensure the definition and distinction of intra-area and inter-area are on solid footing:


Intra- is a prefix used to form words that mean on the inside, within. Contrast this with inter- and you immediately see the difference. While inter- deals with open systems among groups, intra- deals with closed systems between a single group.” [7]

Briefly, intra is within and inter is between.


IS-IS proscribes a 2-level hierarchy: Level 1 and Level 2. Level 1 systems route within an area.

If a destination falls outside an area, Level 1 systems route toward Level 2 systems. Level 2 systems route between areas and toward other AS'es.


Level 1 routers share intra-area routing information, and Level 2 routers share inter-area information, and by doing so two routers of type are defined: is-type level-1 and is-type level-2-only. In the Cisco implementation there is a third router of type defined as level-1-2. This is the default role if either type level-1 or type level-2-only has not been enumerated.

In the two-level hierarchy, the three routers of type configured:


    R1(config)#router isis [optional tag *]

    R1(config-router)#net 00.0001.0000.0000.0001.00

    R1(config-router)#is-type level-1

    R1(config-router)#####this isis area- id 1 sys-id 1 router of type level-1

    R1(config-router)#####learns of destinations only within its area

    R1(config-router)#####another way of stating this is "station router" [8]

    R1(config)#router isis 10

    R1(config-router)#net 00.0001.0000.0000.0001.00

    R1(config-router)#is-type level-2-only

    R1(config-router)#####this isis area- id 1 sys-id 1 router of type level-2-only

    R1(config-router)#####is an area router only and does not communicate with

    R1(config-router)#####type level-1 routers

    R1(config)#router isis SALES

    R1(config-router)#net 00.0001.0000.0000.0001.00

    R1(config-router)#is-type level-1-2

    R1(config-router)#####this isis area- id 1 sys-id 1 router of type level-1-2

    R1(config-router)#####is a “station router” and an area router. It runs 2

    R1(config-router)#####instances of the SPF algorithm (level 1 and level 2)

    R1(config-router)#####it bears repeating this is the Cisco default if not otherwise specified.


*The optional tag can be used to give a meaningful name to the IS-IS routing process. If not specified, 0 (null) is assumed. Do not confuse with route tags. [9]


The minimum requirement for implementing IS-IS on a Cisco router is comprised of three command sets:

The routing process:

R1(config)#router isis

The Network Entity Title:

R1(config-router)#net 00.0001.0000.0000.0001.00

And in the integrated IS-IS space, interface(s) with ip addressing:


Clearly, the default router type is level-1-2 as depicted in the above output, and note the Area ID is expressed as area address to include the AFI, in this case 00. As mentioned above, 49 is common.


Adjacency and Link Types


There are three adjacency type possibilities in IS-IS:

    Level 1 routers form an L1 adjacency with L1 and L1/2 Routers
Level 2 routers form an L2 adjacency with L2 and L1/2 Routers
Level 1/2 routers form an L1/2 adjacency with L1/2 Routers


      Note: no adjacency is possible between strictly Level 1 and Level 2 routers.


IS-IS supports two link types, broadcast and point-to-point.

Adjacency establishment between neighbors is accomplished in three phases known universally as a three-way handshake. For completeness, ISO 10589 offered no mechanism for a three-way handshake on point-to-point links. RFC 5303 addresses this issue, and also defines the three-way handshake:


2.1.  Handshaking


  The intent is to provide a three-way handshake for point-to-point

  adjacency establishment in a backward-compatible fashion.  This is

  done by providing an optional mechanism that allows each system to

  report its adjacency three-way state, thus allowing a system to only

  declare an adjacency to be up if it knows that the other system is

  receiving its IS-IS Hello (IIH) packets.


  The adjacency three-way state can be one of the following types:



      This is the initial point-to-point adjacency three-way state.  The

      system has not received any IIH packet containing the three-way

      handshake option on this point-to-point circuit.



      The system has received an IIH packet containing the three-way

      handshake option from a neighbor but does not know whether the

      neighbor is receiving its IIH packet.



      The system knows that the neighbor is receiving its IIH packets. [10]


Circuits and Loopbacks


While it is enough to distinguish the router of type in the IS-IS process as discussed earlier, Cisco also provides a method for the establishment of unique adjacencies between interfaces. This is accomplished in interface configuration mode using the circuit type command.


Naturally, there are rules governing the use of the interface circuit type, and these rules are similar to the router types.


isis circuit-type level-1:


    A level 1 adjacency will be formed between like routers and circuits if one area address is in common. A level-2 adjacency will never be formed between these circuits.


isis circuit-type level-2-only:


    Level 2 adjacencies will be formed with level 1-2 and level 2 routers and circuits. A level 1 adjacency will never be formed.


isis circuit-type level-1-2:


    A level 1 and 2 adjacency is established if the neighbor is also level-1-2  and a shared area address exists. Without a common area address, only a level 2 adjacency will be formed. [11]


The use of loopbacks in IS-IS is counter intuitive. They are enabled in the IS-IS process with the passive-interface command. This will preclude the sending of hello packets (IIH) to and from loopbacks while ensuring they are also reachable. According to Cisco:


Loopback interfaces (loopbacks are advertised by IS-IS, not IS-IS enabled) [12]


    R1(config)#router isis

    R1(config-router)#net 00.0001.0000.0000.0001.00

    R1(config-router)#passive-interface loopback 0

DIS (Designated Intermediate System), Pseudonode, CLNS (Connectionless Network Protocol) and SNPA (Subnetwork Point of Attachment)


For these concepts I offer references and brief quotes as they are quite large in scope. Any discussion of IS-IS would be lost without them. I put the onus on the reader to explore them further and at great length.

“On broadcast multi-access networks, a single router is elected as the DIS. There is no backup DIS elected. The DIS is the router that creates the pseudonode and acts on behalf of the pseudonode.”


“The DIS is responsible for flooding. It creates and floods a new pseudonode LSP for each routing level in which it is participating (Level 1 or Level 2) and for each LAN to which it is connected. A router can be the DIS for all connected LANs or a subset of connected LANs, depending on the IS-IS priority or the Layer 2 address. The DIS will also create and flood a new pseudonode LSP when a neighbor adjacency is established, torn down, or the refresh interval timer expires. The DIS mechanism reduces the amount of flooding on LANs.” [13]


”OSI CLNS is a network layer service similar to bare IP service. A CLNS entity communicates over Connectionless Network Protocol (CLNP) with its peer CLNS entity.” [14]


“OSI subnetwork addresses, or subnetwork point-of-attachment addresses (SNPAs) are the points at which an ES or IS is physically attached to a subnetwork. The SNPA address uniquely identifies each system attached to the subnetwork. In an Ethernet network, for example, the SNPA is the 48-bit Media Access Control (MAC) address. “ [15]


A Simple Practical Example

In summation, we will configure two routers R1 and R5 to share a single area address using the default Cisco router type of L1-L2, establish adjacency and advertise their loopbacks so that an IBGP  peering may be established between them.


We'll add another loopback to R5 and spin up IBGP using the IS-IS loopbacks as the update source. Configure the new loopback for network advertisement in IBGP.


    interface loopback 5

    ip address


    And verify the new network:


In this discussion, we briefly touched upon some building blocks of IS-IS with a mind set to configure a rudimentary single area implementation to whet one's appetite for the protocol. We reviewed the minimum requirements to form a simple adjacency:


The IS-IS process


The NET or Network Entity title


And for IP implementation, IP interface addressing


We made note of DIS, CLNS and the idea of a Pseudonode, among others, which demand much more attention to use IS-IS proficiently.


And finally, we wrapped it up with a simple implementation and demonstrated its usefulness with IBGP.


I highly recommend the books “IS-IS: Deployment in IP Networks” by Russ White and Alvaro Retana,  “IS-IS Network Design Solutions” by Abe Martey and Scott Sturgess, and basically anything one can find on regarding IS-IS as well as any related RFC for more comprehensive study.