Introduction of Is-is protocol in Juniper Firewall

Source: Internet
Author: User
Tags firewall

The NSAP address is up to 20 bytes long, which is much longer than an IP address with a fixed 4-byte length. The following illustration shows the address format for an NSAP address:

As shown below is an NSAP address 49.0001.1921.6800.1001.00

49-afi

0001-area ID

1921.6800.1001-system identifier

00-selector

The NSAP address consists of two major parts, IDP (Initial domain part, initial field section) and DSP (domain-specific part, specific domain section), and IDP is divided into AFI (authority and Format Identifier, mechanism and format identifiers) and IDI (Initial domain Identifier, initial field identifier). The AFI field is a decimal number with a value range of 0~99, and a AFI value of 49 indicates that this address is a private address. This is similar to the private IP address range specified in RFC 1918. Is-is can route these addresses, but these addresses should not be advertised to other CLNP networks. Other networks that use the AFI value of 49 may have different address schemes, and the use of two different address schemes may result in a addressing problem with a System ID of 6 bytes. When defining Sysid, the following points need to be noted:

The sysid of each node in the Is-is routing domain must be unique.

The sysid length of all nodes in the Is-is routing domain must be the same, typically 6 bytes.

The sysid of each node in the same zone must be unique.

If both routers belong to different zones and are not involved in L2 routing, then the SYSID is not required. However, if both routers are connected to the L2 backbone area, that is, to participate in L2 routing, then it is necessary to keep sysid unique. However, it is recommended that the sysid of each node in the Is-is routing domain be unique, as described in the first article. In order to avoid the problem of routing information calculation.

There are several ways to configure SYSID in a router net address.

The first is to use the MAC address of the LAN interface as a SYSID, because the MAC address is unique, so this setting ensures that SYSID is unique throughout the domain.

The second approach is to convert the IP address into sysid, which usually uses the address of the loopback interface. The specific method is to take 0 of the starch decimal ring back to the IP address of 12 characters address, then bar 12 characters 4 digits for a group, divided into 3 groups, separated by dots, in the form of 16. A node can have up to 3 NSAP addresses, but the sysid of each address must be the same, except for the regional address. When a router running is-is has more than one net address, it is called a multihomed (multihoming). It is important to note that multiple hosts do not represent routers connected to multiple zones, but instead configure multiple net addresses on a single router with different zone addresses, primarily for regional, regional, and relocation.

System ID cannot be configured as 0000.0000.0000

Junos only supports IP routing in Is-is and does not support CLNP and CLNS routing

This article is from the "Rista" blog, please be sure to keep this source http://rista.blog.51cto.com/2526140/961193

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.