IGP protocol

Saku Ytti saku at ytti.fi
Tue Nov 13 12:07:20 UTC 2018


On Tue, 13 Nov 2018 at 12:37, Mark Tinka <mark.tinka at seacom.mu> wrote:

> Main reasons:
>     - Doesn't run over IP.

Why is this upside? I've seen on two platforms (7600, MX) ISIS punted
on routers running ISIS without interface having ISIS.  With no
ability to limit it, so any connected interface can DoS device with
trivial pps rate, if ISIS is being ran. Are you testing this vector?

Also, no one really understands how 802.3+CLNS interact with ISIS.
It's probably globally dozen people, all open source implementations
seem to copy from early Zebra implementation. And implementations are
opportunistic, just enough to make it work, not actually enough to be
standard compliant 802.3+CLNS. Just question of what is ES-IS role in
all this, gives debates with subject matter experts.

To me this is downside, I'd rather have ISIS run over EthernetII and
IP. But at that point, why bother, why not just kill it and run OSPF3.
I'm paying vendor to implement and maintain both protocols, and there
does not seem to have good justification for both to exist.

Disclaimer: all networks I've operated have been ISIS networks, and
I'll continue using ISIS, not because I think it is better, but
because I think the codebase gets more exposure in networks like the
on I need to run.

-- 
  ++ytti



More information about the NANOG mailing list