cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2487
Views
5
Helpful
7
Replies

ISIS 3 way handshake

Ratheesh mv
Level 1
Level 1

What is the difference between  "isis three-way-handshake ietf" and "isis three-way-handshake cisco" ?

 

When I did packet capture with isis three-way-handshake ietf there were extended local circuit ID , Neighbor system-ID  and neighbor extended local circuit ID fields in the TLV 240 but these fields were not present with isis three-way-handshake cisco.

 

Can someone explain the difference between those? 

 

Thanks in advance 

 

2 Accepted Solutions

Accepted Solutions

Harold Ritter
Cisco Employee
Cisco Employee

Hi @Ratheesh mv ,

 

"isis three-way-handshake ietf" enables the behavior describes in RFC5303.

 

"isis three-way-handshake cisco" is the default behavior and enables the pre RFC5303 behavior.

 

Please refer to RFC55303 for more information.

https://datatracker.ietf.org/doc/html/rfc5303

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Hello @Ratheesh mv ,

 

pre RFC 5303 behaviuor is described in RFC Abstract:

 

>>

The IS-IS routing protocol (Intermediate System to Intermediate
   System, ISO 10589) requires reliable protocols at the link layer for
   point-to-point links.  As a result, it does not use a three-way
   handshake when establishing adjacencies on point-to-point media.
   This paper defines a backward-compatible extension to the protocol
   that provides for a three-way handshake.  It is fully interoperable
   with systems that do not support the extension.

   Additionally, the extension allows the robust operation of more than
   256 point-to-point links on a single router.

 

So pre RFC5303 implementations have the following limitations:

no three way handshake is actually performed on point to point links by IS-IS itself

Note: Cisco may have had a 3 way handshake using standard circuit IDs.

The second important limitation is the original circuit descriptors allowed to describe up to 256 different p2p links ( a single octet was used to describe the circuit ID)  on  a single router and this limit is too low for modern routers that can have thousands of logical interfaces and hundreds of physical interfaces.

 

Your wireshark packet captures confirm the use of extended circuit IDs descriptors when using ietf option.

>> When I did packet capture with isis three-way-handshake ietf there were extended local circuit ID , Neighbor system-ID and neighbor extended local circuit ID fields in the TLV 240 but these fields were not present with isis three-way-handshake cisco.

 

 

Hope to help

Giuseppe

 

View solution in original post

7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

check this information may helop you :

 

try command - isis three-way-handshake ietf

 

https://www.ciscopress.com/articles/article.asp?p=26850&seqNum=5

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Harold Ritter
Cisco Employee
Cisco Employee

Hi @Ratheesh mv ,

 

"isis three-way-handshake ietf" enables the behavior describes in RFC5303.

 

"isis three-way-handshake cisco" is the default behavior and enables the pre RFC5303 behavior.

 

Please refer to RFC55303 for more information.

https://datatracker.ietf.org/doc/html/rfc5303

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Harold Ritter

I have understood working of RFC 5303.

 

Can you briefly explain about pre RFC5303 behaviour in your words ? It will be appreciated.

Hello @Ratheesh mv ,

 

pre RFC 5303 behaviuor is described in RFC Abstract:

 

>>

The IS-IS routing protocol (Intermediate System to Intermediate
   System, ISO 10589) requires reliable protocols at the link layer for
   point-to-point links.  As a result, it does not use a three-way
   handshake when establishing adjacencies on point-to-point media.
   This paper defines a backward-compatible extension to the protocol
   that provides for a three-way handshake.  It is fully interoperable
   with systems that do not support the extension.

   Additionally, the extension allows the robust operation of more than
   256 point-to-point links on a single router.

 

So pre RFC5303 implementations have the following limitations:

no three way handshake is actually performed on point to point links by IS-IS itself

Note: Cisco may have had a 3 way handshake using standard circuit IDs.

The second important limitation is the original circuit descriptors allowed to describe up to 256 different p2p links ( a single octet was used to describe the circuit ID)  on  a single router and this limit is too low for modern routers that can have thousands of logical interfaces and hundreds of physical interfaces.

 

Your wireshark packet captures confirm the use of extended circuit IDs descriptors when using ietf option.

>> When I did packet capture with isis three-way-handshake ietf there were extended local circuit ID , Neighbor system-ID and neighbor extended local circuit ID fields in the TLV 240 but these fields were not present with isis three-way-handshake cisco.

 

 

Hope to help

Giuseppe

 

Hi Harold,

What commando is equivalent in IOS XR 7.1.2??

 

RP/0/RP0/CPU0:Oct 6 02:20:00.782 CDT: isis[1012]: BFD TLV GigabitEthernet0/0/0/0: Adding MTID 0 IPv4 (NLPID 0xcc)
RP/0/RP0/CPU0:Oct 6 02:20:00.782 CDT: isis[1012]: BFD TLV GigabitEthernet0/0/0/0: Added BFD-enabled TLV length 3
RP/0/RP0/CPU0:Oct 6 02:20:00.782 CDT: isis[1012]: SEND P2P IIH (L2) on GigabitEthernet0/0/0/0: Holdtime 30s, Length 8983
RP/0/RP0/CPU0:Oct 6 02:20:00.782 CDT: isis[1012]: SCHED P2P IIH (L2) on GigabitEthernet0/0/0/0: Send IIH in 9.05s ... (requested non-jittered delay was 10.00s)
RP/0/RP0/CPU0:Oct 6 02:20:09.837 CDT: isis[1012]: SEND P2P IIH (L2) on GigabitEthernet0/0/0/0: Do IETF 3-way handshake: State DOWN; ifnum 0x1000018Local Ext Circuit Number 0x6; Nbor System ID N/A, Nbor Ext. Circuit Number N/A
RP/0/RP0/CPU0:Oct 6 02:20:09.837 CDT: isis[1012]: SEND P2P IIH (L2) on GigabitEthernet0/0/0/0: Add of HMAC-MD5 authentication succeeded
RP/0/RP0/CPU0:Oct 6 02:20:09.837 CDT: isis[1012]: SEND P2P IIH (L2) on GigabitEthernet0/0/0/0: SA bit set

 

thanks,

 

Hi @ramoalva ,

XR does not need a special knob to support the IETF 3 way hand shake. Does the session come up?

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold,

The session does not come up, but we are looking if there is any issue with the UCS C220 M6S ethernet card.

In these case we have a XRv9K with vRR profile connected to NCS5502.

 

Thanks for your help.

 

Review Cisco Networking for a $25 gift card