North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IS-IS protocol implementation problem
| Because IS-IS is an IGP protocol, it does not propagate between | providers. This is not the reason why it will not propagate between separate ASes. The "saving factor" here is that nobody really routes CLNS natively, and therefore, the maximum hop-count of a CLNS datagram is 1. It would be possible to cascade an IS-IS problem across multiple separate ASes in the unfortunate event that more than one AS treated a single LAN (e.g. an IX) or point-to-point link as an internal one across which IS-IS is run, with the same key. This kind of mutual poisoning between separate ASes happens with some regularity, amusingly often with RIP as the IGP. An IGP based on a natively routed protocol (including routed CLNS) widens the scope for inter-AS poisoning. This is why it is important to have good authentication in one's IGP. Unfortunately, *no* IGPs currently in wide use have any such thing. :-( For clarity, a separate AS is really short hand for, "a collection of routers participating in a common IGP instantiation"; there are cases where different ASes (in the BGP sense) share a common IGP. Also, "propagating between providers" seems to ignore the fact that there are single providers who have multiple IGP instantiations. Sean. P.S.: any chance you can be a bit more concrete about what's happening?