Why IS-IS?
A colleague once asked why I expressed a preference for IS-IS as an interior
gateway protocol over the better-known OSPF. I gave a fairly detailed response
which appears here by request.
The main reasons why I prefer IS-IS are:
- Better flooding scheme for LSPs on broadcast media. In OSPF LSA
updates must first be multicast to the AllDRouters address. In contrast IS-IS
routers directly multicast updates to all routers on the broadcast network,
meaning other routers on the network can receive the LSP directly from the
originator rather than waiting until the DR gets it and resends it. The
DRother1->DR->DRother2 flow in OSPF also unnecessarily doubles the LSA
traffic on the network.
- Reduced LSP traffic in unstable networks. This is a companion to
1. An OSPF DR uses a retransmit/acknowledgment scheme to reliably
deliver LSAs to routers on a broadcast network. IS-IS does things differently:
the DIS periodically multicasts a CSNP that contains a complete summary of the
LSPs in the DIS's database. If another router on the network is missing an
LSP, it will see this by comparing the summary in the CSNP against its own
database and will request the missing LSP from the DIS. The OSPF approach
generates a lot of extra traffic when the network is in an unstable state and
many LSAs are changing because of the acknowledgment mechanism. The IS-IS
approach generates a little extra traffic all the time because of the periodic
CSNPs. I'd rather have a little extra traffic when the network is stable
rather than a lot of extra traffic when the network is unstable.
- Link state basis. OSPF uses a distance vector scheme for computing
interarea routes; it's only a link state protocol within an area. IS-IS
maintains separate link state databases for L1 and L2 topologies and uses SPF
to compute routes in both.
- Hierarchical flexibility. OSPF requires a special 'backbone area'
to which all ABRs must be connected (if they want to participate in interarea
routing). You're either a backbone router with an interface in area 0 or
you're not. IS-IS doesn't have this built-in design limitation; it uses the
more general concepts of L1 and L2 routers instead. Both L1 and L2 adjacencies
can be formed over the same link.
- Simplicity. IS-IS isn't nearly as complicated a protocol as OSPF.
This decreases the number of failure scenarios and greatly simplifies trouble-
shooting. OSPF has over 10 LSA types; IS-IS has two for each level: node and
pseudonode. OSPF has virtual links; IS-IS doesn't need them as any router can
participate in Level-2 routing by forming an L2 adjacency.
- Robust failure mode. IS-IS LSPs have a bit called the 'overload
bit' which is used to tell other routers not to use this router as a transit
when the bit is set. IS-IS routers can set this bit to prevent routing
failures resulting from more traffic being sent to a router that's already
having problems. Furthermore, the overload bit can be used in connection with
BGP; we would set the overload bit while BGP is trying to converge to prevent
black-holing of transit traffic. This is important, for example, when the
router is an Internet backbone router and is reloaded; the IGP is likely to
converge almost immediately but BGP will take much longer. Without a mechanism
like the overload bit, a lot of traffic may be sent through the router by its
neighbors because the IGP has converged, but the traffic will be black-holed
if its destined for networks that haven't yet made it into BGP.
- Better SPF/LSP-generation backoff strategy. IS-IS uses exponential
backoff to control SPF calculation and LSP generation. (OSPF didn't used to
have this capability, but it's possible it's been added in our implementation
more recently.)
- LSP aging. OSPF LSAs count up to MaxAge and are then refreshed.
IS-IS LSPs count *down* based on the Remaining Lifetime which has the
advantage that the age time can differ per LSP because it's set by the
originator. In OSPF you have the problem of all LSAs expiring and getting
refreshed at the same time, which can cause undesirable spikes in network
traffic. To combat this you have to use the (relatively recent) 'timers
lsa-group- pacing' directive to artificially space out LSA reflooding.
- Better area scaling. The largest OSPF areas encountered on customer
networks are traditionally on the order of a couple of hundred routers; on the
other hand it's not unusual to see a single-area IS-IS network with 500-600
routers. You can avoid area scaling problems by breaking the network up into
multiple areas (obviously), but this introduces considerable complexity which
may be undesirable and unnecessary with a routing protocol that scales better.
- Non-fascist adjacency-forming policy. An OSPF router refuses to
form adjacencies if any of the (numerous) parameters in a hello packet
received from a neighbor don't match its own. This is just dumb. IS-IS doesn't
have this problem; rather than, for example, setting a local dead timer and
rejecting a neighbor because its dead timer doesn't match, an IS-IS router
sends a hold timer in its hello packet that simply specifies how long to
consider its hellos valid.
Obviously there are advantages to OSPF as well, but the question was why I
preferred IS-IS.
You wrote:
To me OSPF seems to be a better protocol due to the stability of
the DR, and the number of adjacencies that needs to be formed on broadcast
mediums.
Taking these in reverse order, the second doesn't make sense to me. Both OSPF
and IS-IS use the concept of a DR/DIS on broadcast media to limit adjacencies.
OSPF requires double the adjacencies because of the BDR.
The addition of the BDR in the OSPF world is an advantage in terms of
stability in the event of DR failure, but it should be pointed out that failure
of the DR in OSPF is more serious than failure of the DIS because the OSPF DR
keeps track of a lot of state about which DRothers have which LSAs. The DIS
doesn't have this state so recovery is quicker than would be true of an OSPF
network without a BDR.
The OSPF DR process is 'sticky' in the sense that once a router is a DR it
will tend to stay the DR. IS-IS uses a deterministic model where the DIS is
always the router on the network with the best priority. It's just a matter of
which behaviour you prefer. I happen to like the NLSP model best, which is the
IS-IS model except that you can produce either the OSPF or IS-IS behaviour by
specifying a priority increment when a router becomes the DIS.
Two further points should be mentioned in connection with OSPF and IS-IS
comparison:
- Both protocols are functionally similar. IS-IS tends to have features that
make it more desirable for use in service provider networks, whereas OSPF
tends to be targeted more at enterprise networks. One of the reasons I prefer
IS-IS is that I have a service provider background and prefer to work with
service provider / Internet backbone, as opposed to enterprise, networks.
- Both protocols have been rapidly evolving over the last five years or so
and have been growing closer to one another the while. The best features of
OSPF have been or are being incorporated into IS-IS as options, and
vice-versa. This trend makes it increasingly pointless to regard either
protocol as inherently 'better' than the other.
Hope this helps.
Category 5 --
written 2001, posted May 2004