Why IS-IS?

A colleague once asked why I expressed a preference for IS-IS as an interior gateway protocol over the better-known OSPF. I gave a fairly detailed response which appears here by request.

The main reasons why I prefer IS-IS are:

  1. Better flooding scheme for LSPs on broadcast media. In OSPF LSA updates must first be multicast to the AllDRouters address. In contrast IS-IS routers directly multicast updates to all routers on the broadcast network, meaning other routers on the network can receive the LSP directly from the originator rather than waiting until the DR gets it and resends it. The DRother1->DR->DRother2 flow in OSPF also unnecessarily doubles the LSA traffic on the network.
  2. Reduced LSP traffic in unstable networks. This is a companion to 1. An OSPF DR uses a retransmit/acknowledgment scheme to reliably deliver LSAs to routers on a broadcast network. IS-IS does things differently: the DIS periodically multicasts a CSNP that contains a complete summary of the LSPs in the DIS's database. If another router on the network is missing an LSP, it will see this by comparing the summary in the CSNP against its own database and will request the missing LSP from the DIS. The OSPF approach generates a lot of extra traffic when the network is in an unstable state and many LSAs are changing because of the acknowledgment mechanism. The IS-IS approach generates a little extra traffic all the time because of the periodic CSNPs. I'd rather have a little extra traffic when the network is stable rather than a lot of extra traffic when the network is unstable.
  3. Link state basis. OSPF uses a distance vector scheme for computing interarea routes; it's only a link state protocol within an area. IS-IS maintains separate link state databases for L1 and L2 topologies and uses SPF to compute routes in both.
  4. Hierarchical flexibility. OSPF requires a special 'backbone area' to which all ABRs must be connected (if they want to participate in interarea routing). You're either a backbone router with an interface in area 0 or you're not. IS-IS doesn't have this built-in design limitation; it uses the more general concepts of L1 and L2 routers instead. Both L1 and L2 adjacencies can be formed over the same link.
  5. Simplicity. IS-IS isn't nearly as complicated a protocol as OSPF. This decreases the number of failure scenarios and greatly simplifies trouble- shooting. OSPF has over 10 LSA types; IS-IS has two for each level: node and pseudonode. OSPF has virtual links; IS-IS doesn't need them as any router can participate in Level-2 routing by forming an L2 adjacency.
  6. Robust failure mode. IS-IS LSPs have a bit called the 'overload bit' which is used to tell other routers not to use this router as a transit when the bit is set. IS-IS routers can set this bit to prevent routing failures resulting from more traffic being sent to a router that's already having problems. Furthermore, the overload bit can be used in connection with BGP; we would set the overload bit while BGP is trying to converge to prevent black-holing of transit traffic. This is important, for example, when the router is an Internet backbone router and is reloaded; the IGP is likely to converge almost immediately but BGP will take much longer. Without a mechanism like the overload bit, a lot of traffic may be sent through the router by its neighbors because the IGP has converged, but the traffic will be black-holed if its destined for networks that haven't yet made it into BGP.
  7. Better SPF/LSP-generation backoff strategy. IS-IS uses exponential backoff to control SPF calculation and LSP generation. (OSPF didn't used to have this capability, but it's possible it's been added in our implementation more recently.)
  8. LSP aging. OSPF LSAs count up to MaxAge and are then refreshed. IS-IS LSPs count *down* based on the Remaining Lifetime which has the advantage that the age time can differ per LSP because it's set by the originator. In OSPF you have the problem of all LSAs expiring and getting refreshed at the same time, which can cause undesirable spikes in network traffic. To combat this you have to use the (relatively recent) 'timers lsa-group- pacing' directive to artificially space out LSA reflooding.
  9. Better area scaling. The largest OSPF areas encountered on customer networks are traditionally on the order of a couple of hundred routers; on the other hand it's not unusual to see a single-area IS-IS network with 500-600 routers. You can avoid area scaling problems by breaking the network up into multiple areas (obviously), but this introduces considerable complexity which may be undesirable and unnecessary with a routing protocol that scales better.
  10. Non-fascist adjacency-forming policy. An OSPF router refuses to form adjacencies if any of the (numerous) parameters in a hello packet received from a neighbor don't match its own. This is just dumb. IS-IS doesn't have this problem; rather than, for example, setting a local dead timer and rejecting a neighbor because its dead timer doesn't match, an IS-IS router sends a hold timer in its hello packet that simply specifies how long to consider its hellos valid.

Obviously there are advantages to OSPF as well, but the question was why I preferred IS-IS.

You wrote:

To me OSPF seems to be a better protocol due to the stability of the DR, and the number of adjacencies that needs to be formed on broadcast mediums.

Taking these in reverse order, the second doesn't make sense to me. Both OSPF and IS-IS use the concept of a DR/DIS on broadcast media to limit adjacencies. OSPF requires double the adjacencies because of the BDR.

The addition of the BDR in the OSPF world is an advantage in terms of stability in the event of DR failure, but it should be pointed out that failure of the DR in OSPF is more serious than failure of the DIS because the OSPF DR keeps track of a lot of state about which DRothers have which LSAs. The DIS doesn't have this state so recovery is quicker than would be true of an OSPF network without a BDR.

The OSPF DR process is 'sticky' in the sense that once a router is a DR it will tend to stay the DR. IS-IS uses a deterministic model where the DIS is always the router on the network with the best priority. It's just a matter of which behaviour you prefer. I happen to like the NLSP model best, which is the IS-IS model except that you can produce either the OSPF or IS-IS behaviour by specifying a priority increment when a router becomes the DIS.

Two further points should be mentioned in connection with OSPF and IS-IS comparison:

  1. Both protocols are functionally similar. IS-IS tends to have features that make it more desirable for use in service provider networks, whereas OSPF tends to be targeted more at enterprise networks. One of the reasons I prefer IS-IS is that I have a service provider background and prefer to work with service provider / Internet backbone, as opposed to enterprise, networks.
  2. Both protocols have been rapidly evolving over the last five years or so and have been growing closer to one another the while. The best features of OSPF have been or are being incorporated into IS-IS as options, and vice-versa. This trend makes it increasingly pointless to regard either protocol as inherently 'better' than the other.

Hope this helps.

Category 5 -- written 2001, posted May 2004