IGP protocol

Baldur Norddahl baldur.norddahl at gmail.com
Thu Nov 15 01:51:28 UTC 2018


We run a MPLS enabled network with internet in a VRF. Management is in VRF
default (no VRF). The IGP is OSPFv2. IPv6 is handled by the L3VPN
functionality of MPLS. So is IPv4.

The IPv4 that is controlled by OSPF is totally separate from everything
except management and could really be any protocol. For a small network
like ours, with everything in area 0 and VRF/L3VPN to handle dual stack,
there is zero differences between is-is and OSPF. The IPv4 management
network is not any more reachable than the is-is protocol. There are no raw
IPv6 packets on the wire and no need for the IGP to handle IPv6.

Also not true that the management network is the last thing to boot. In
contrary, everything else depends on that being ready first. And that would
also be true if we used is-is.

We chose OSPF because it was one less protocol to learn and one less
ethernet type on the wire. But really it could be toss a coin.

Regards

Baldur


ons. 14. nov. 2018 14.55 skrev James Bensley <jwbensley at gmail.com>:

> On Tue, 13 Nov 2018 at 12:09, Saku Ytti <saku at ytti.fi> wrote:
> >
> > On Tue, 13 Nov 2018 at 12:37, Mark Tinka <mark.tinka at seacom.mu> wrote:
> >
> > > Main reasons:
> > >     - Doesn't run over IP.
> >
> > Why is this upside? I've seen on two platforms (7600, MX) ISIS punted
> > on routers running ISIS without interface having ISIS.  With no
> > ability to limit it, so any connected interface can DoS device with
> > trivial pps rate, if ISIS is being ran.
>
> I guess the OPs original question wasn't clear enough because, I think
> most people are talking about IS-IS vs OSPF2/3 from a theoretical
> protocol perspective, and you're talking from a practical vendor
> implementation perspective.
>
> From a purely theoretical perspective I see IS-IS not running over IP
> as an advantage too. No mater what routes I inject into my IGP, IS-IS
> won't stop working. I may totally fsck my IP reachability but IS-IS
> will still work, which means that when I fix the issue, service should
> be restored quite quickly. Several networks I've seen place management
> in a VRF / L3 VPN, which means that by the time you have remote
> management access, everything else is already working, it's like the
> last thing to come up when there's been a problem. I like the
> "management in the IGP + IS-IS" design.
>
> However, in reality the vendor implementation blows the protocol
> design out of the water. You need to consider both when evaluating a
> new IGP. Cisco nearly implemented a handy feature with
> prefix-suppression, whereby in IOS for OSPF only one would prevent
> p-t-p links being advertised into the IGP database. But they didn't
> implement this for IS-IS. Then in IOS-XR they removed this feature
> from OSPF and implemented it for IS-IS ?!?! So yeah, vendors
> implementations are just as important and the theoretical potential of
> the protocol.
>
> Oh yeah, forgot to answer the original question. For a greenfield
> deployment I'd be happy with either OSPFv3 or IS-IS as long as it's
> well designed I don't see much between them, it would come down to
> vendor support then.
>
> Cheers,
> James.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20181115/c735fe4e/attachment.html>


More information about the NANOG mailing list