Specifications

ManualsBrandsCisco ManualsHome building and DecorRouter IOS XR

181

182

183

184

185

186

187

188

189

190

Implementing IS-IS on Cisco IOS XR Software

Information About Implementing IS-IS on Cisco IOS XR Software

RC-173

Cisco IOS XR Routing Configuration Guide

Overload Bit Configuration During Multitopology Operation

Because the overload bit applies to forwarding for a single topology, it may be configured and cleared

independently for IPv4 and IPv6 during multitopology operation. For this reason, the overload is set

from the router address family configuration mode. If the IPv4 overload bit is set, all routers in the area

do not use the router for IPv4 transit traffic. However, they can still use the router for IPv6 transit traffic.

Single-Topology IPv6 Support

Single-topology IPv6 support on Cisco IOS XR software allows IS-IS for IPv6 to be configured on

interfaces along with an IPv4 network protocol. All interfaces must be configured with the identical set

of network protocols, and all routers in the IS-IS area (for Level 1 routing) or the domain (for Level 2

routing) must support the identical set of network layer protocols on all interfaces.

When single-topology support for IPv6 is used, only narrow link metrics, also known as old-style type,

length, and value (TLV) arguments, may be employed. During single-topology operation, one shortest

path first (SPF) computation for each level is used to compute both IPv4 and IPv6 routes. Using a single

SPF is possible because both IPv4 IS-IS and IPv6 IS-IS routing protocols share a common link topology.

Multitopology IPv6 Support

Multitopology IPv6 support on Cisco IOS XR software for IS-IS assumes that multitopology support is

required as soon as it detects interfaces configured for both IPv6 and IPv4 within the IS-IS stanza.

Because multitopology is the default behavior in the software, you must explicitly configure IPv6 to use

the same topology as IPv4 to enable single-topology IPv6. Configure the single-topology command in

IPv6 router address family configuration submode of the IS-IS router stanza.

IS-IS Authentication

Authentication is available to limit the establishment of adjacencies by using the hello-password

command, and to limit the exchange of LSPs by using the lsp-password command.

IS-IS supports plain-text authentication, which does not provide security against unauthorized users.

Plain-text authentication allows you to configure a password to prevent unauthorized networking devices

from forming adjacencies with the router. The password is exchanged as plain text and is potentially

visible to an agent able to view the IS-IS packets.

When an HMAC-MD5 password is configured, the password is never sent over the network and is

instead used to calculate a cryptographic checksum to ensure the integrity of the exchanged data.

IS-IS stores a configured password using simple encryption. However, the plain-text form of the

password is used in LSPs, sequence number protocols (SNPs), and hello packets, which would be visible

to a process that can view IS-IS packets. The passwords can be entered in plain text (clear) or encrypted

form.

To set the domain password, configure the lsp-password command for Level 2; to set the area password,

configure the lsp-password command for Level 1.