Cosmetic Bug: IS-IS Network Entity Title

cosmetic bug:

a software error condition that does not impact a system in any functional way; types of errors can include spelling mistakes, transient error messages, etc.

I thought I’d start a series of blog posts dedicated to what I call “cosmetic bugs” in terms of networking technology. What I mean by that is, things that we learn, see and do in networking without any reason as to the why, because it doesn’t impact a router, switch or protocol in anyway…Just that the why’s have somehow been lost in translation of the years.

One such case is related to the lovely link-state protocol IS-IS. IS-IS stands for “Intermediate System to Intermediate System” and was originally developed to facilitate routing between “intermediate systems” – synonymous with an IP router – over the OSI Connectionless Network Service (CLNS) protocol stack. It was later extended in RFC 1195 to support both OSI and TCP/IP networks (renamed to Integrated IS-IS or Dual IS-IS). Since the OSI protocol stack has been obsoleted by TCP/IP, IS-IS is typically used in service provider core networks due to its scalability and link-state properties.

Having taken CCNP BSCI in college and gone through ROUTE in my current profession, I’ve always been intrigued by the mystical awe that is the IS-IS protocol. Being a link-state routing protocol, IS-IS is similar to OSPF in that networks are learned through flooding of link-state information throughout a domain. However, since IS-IS originated from the ISO to work in tandem with the OSI protocol stack, certain “legacy” properties remain. As indicated in the title of this blog post, I just wanted to spend some time as to the “why” behind the Network Entity Title; also known as the IS-IS NET.

The NET is a configured identifier on IS-IS routers that defines a topology. It is a hexadecimal value and indicates both an area ID and a System ID.

An IS-IS NET is made up of Area ID and a System ID. The Area ID performs the same functions as it does with OSPF (with some key differences that I won’t go into in this blog post) and is topology-driven. The System ID performs the same functions as the Router ID does in OSPF. Unlike in OSPF, it does not have to be derived from an IP address nor requires an IP address to be configured on any interface to function. Also, unlike OSPF which sits at Layer 3 (ie. has an IP header below the OSPF header), IS-IS exists directly at Layer 2 (ie. IS-IS PDU header directly after Layer 2 header). To further compare the two, IS-IS NETs must be defined within a certain structure, whereas OSPF uses arbitary values for Area ID’s and Router ID’s. Some of the details I won’t go into just because it simply has nothing to do with the TCP/IP stack. If, like me, you’ve ever wondered why Cisco uses the same configuration example in all IS-IS documentation, hopefully I can shed some light on that. Let’s look at the structure of a NET to give us some more detail:

As indicated in the diagram above, the following rules must be followed when defining the NET:

  • AFI must be 1 byte
  • Area ID can be 0 to 12 bytes long
  • System ID must be 6 bytes long
  • SEL must be 1 byte

The reason for these “rules” is that a NET is a special version of an ISO network service access point (NSAP) address, familiar to anyone who has worked with ISO protocols.

The AFI, or the Authority & Format Identifier, holds no real value in a IP-only environment. In relation to ISO protocols, the AFI was used similarly to an OUI (Organizationally Unique Identifier) in a MAC address, which would have identified the assigning authority of the address. However, in an IP-only environment, this number has no meaning separate from the Area ID itself. Most vendors and operators tend to stay compliant with the defunct protocols by specifying an AFI of “49”. This is synonymous with RFC 1918 IP addresses – it is privately administered and not assigned to another one specific organization. While best practice, the AFI byte can be combined to format a single Area ID value and is left to the discretion of the network admin.

Area ID’s function just as they do in OSPF and are decimal-notated only.

System ID can be anything chosen by the administrator, similarly to an OSPF Router ID. However, best practice with NETs is to keep the configuration as simple as humanly possible. The System ID is typically derived from either the 48-bit MAC address of an interface (“0cad.83b4.03e9”) or an IP address such as configured on a loopback interface. When defining a System ID as derived from an IP address, you can use a few conversion methods since it must be 6 bytes in length and an IPv4 address is only 4 bytes long. One is to simply add enough zeros to fulfill the 6 byte requirement, which is the simplest. You can also convert an IP address to decimal or hexadecimal formats.

Loopback IP address of 10.255.255.200
NET System ID = 1025.5255.2000

The System ID is solely up to the administrator to choose and requires to be unique within a routing domain. MAC addresses are the easiest choice since MAC addresses are globally unique burned-in addresses and *should not* under normal circumstances be the same between different devices.

The final piece in a NET is the SEL byte, or the NSAP Selector byte. In ISO, this value is used to indicate an upper-layer function. Think of this as being similar to a TCP or UDP port number. In an IP-only network, where no upper-layer ISO protocols exist, an IP router will expect a SEL value of 0x00. This value should always be set to 0x00, which indicates the router itself is the “upper layer” protocol. The take away here is that the SEL is not relevant in an IP network and should be set to 00 to keep NET assignment simple.

*note: As pointed out by Marko Milivojevic on Twitter, a non-0 SEL value indicates a pseudonode. IS-IS on multiaccess networks elect a Designated Intermediate System (DIS). Think DR in OSPF. I’m leaving a lot of details out but just keep in mind that configuring a non-zero value for the SEL will throw you a syslog message since IOS will expect this to be configured as a 0. Non-zeros indicate pseudonodes, such as a DIS, which are “virtual nodes”. More on this later.

Below I’ll list some examples of NETs based on the above rules.

For NSAP format compliant NET, AFI of 49, Area ID of 0001, System ID of 0cad.83b4.03e9 (example MAC address) and a SEL of 00:


Router(config)#router isis
Router(config-router)#net 49.0001.0cad.83b4.03e9.00

Routers in different areas can simply use a different Area ID, no different than in OSPF. You just need to be sure the System ID is still unique, as shown below:


Router(config-router)#net 49.0002.0cad.83b4.03f0.00

For smaller networks with fewer areas, you can also define NETs according to this format:

this time using a loopback IP address of 172.31.255.254:
Router(config)#router isis
Router(config-router)#net 01.1723.1255.2540.00

An important note about NETs is that a router can only be part of ONE area. This is different than OSPF, which ABR’s will typically have at least one interface in area 0 and another interface in a standard or stub area. There are slight topology differences that account for this, which will be the topic of a future post.

The biggest thing to note when it comes to IS-IS NETs is to Keep-It-Simple-Stupid! Personally, I got hung up on the why a NET is always shown with an AFI value of 49. Details like this are just “cosmetic” – your IS-IS network will function just fine if you don’t follow ISO standards, since they’re really not relevant in an IP-only world. However, as you can see on Cisco’s website, best practices and simplicity are what determines what we’re told when learning the protocols. The “why” may not be important, but it’s still worth knowing a thing or two about it, even just to quell your own curiosity.

More on IS-IS in future post(s) – it’s worth knowing, being another tool in the Network Wizard’s tool belt.

EDIT: Thanks to Marko for his corrections and clarifications on some of the key terms and concepts. More posts in the future will be needed to explain IS-IS in more depth…stay tuned 😉