mailing list archives
Re: IS-IS protocol implementation problem
From: smd () clock org
Date: Sun, 29 Oct 2000 18:00:19 -0800
| Because IS-IS is an IGP protocol, it does not propagate between
This is not the reason why it will not propagate between separate ASes.
The "saving factor" here is that nobody really routes CLNS natively,
and therefore, the maximum hop-count of a CLNS datagram is 1.
It would be possible to cascade an IS-IS problem across multiple
separate ASes in the unfortunate event that more than one AS
treated a single LAN (e.g. an IX) or point-to-point link as an
internal one across which IS-IS is run, with the same key.
This kind of mutual poisoning between separate ASes happens with some
regularity, amusingly often with RIP as the IGP.
An IGP based on a natively routed protocol (including routed CLNS)
widens the scope for inter-AS poisoning. This is why it is important
to have good authentication in one's IGP. Unfortunately, *no* IGPs
currently in wide use have any such thing. :-(
For clarity, a separate AS is really short hand for, "a collection
of routers participating in a common IGP instantiation"; there are
cases where different ASes (in the BGP sense) share a common IGP.
Also, "propagating between providers" seems to ignore the fact that there
are single providers who have multiple IGP instantiations.
P.S.: any chance you can be a bit more concrete about what's happening?