… updated on Saturday, December 26, 2020 09:06 UTC
IS-IS Is Not Running over CLNP
Numerous sources on the Internet claim that IS-IS runs on top of OSI’s Connectionless Network Protocol (CLNP). This is not the case; although IS-IS and CLNP share the same layer-2 Service Access Point (SAP), OSI provides an additional field (Network Layer Protocol Identifier; NLPID) in the first byte of the layer-3 header.
Contrary to the IP world where the identification of layer-3 protocol is based on Ethertype or PPP protocol ID, the identification of a layer-3 OSI protocol is performed based on layer-2 Service Access Point (DSAP = 0xFE) and the first byte of the layer-3 header, which has the following values:
- CLNP (Connectionless Network Protocol)
- ES-IS: End system (host) to Intermediate System (router) protocol - used by CLNP hosts to announce themselves to the routers
- IS-IS: Intermediate System to Intermediate System protocol – used by routers running IS-IS to advertise themselves, establish adjacency, and exchange routing information.
IS-IS is therefore a separate network-layer protocol and does not rely on CLNP for datagram transport while IP routing protocols encapsulate their packets into IP or UDP datagrams.
The relationship between various OSI protocols and their comparison with the IP protocol stack, where the layer-3 protocol demultiplexing relies exclusively on the values in the layer-2 header, is shown in the following diagram:
- IS-IS uses LLC Type 1 encapsulation while IP commonly uses Ethertype encapsulation
- You could run IP over LLC/SNAP encapsulation if you desperately want to do it… like IBM did 30 years ago.
- You could also run TCP over CLNS (see TUBA IETF working group for more details). Telnet-over-CLNS has been supported in Cisco IOS for years but seems to be missing in recent releases.
You seem to have mistyped IS-IS NLPID value in the table. It should be 0x83 (like in the picture), not 0x82 (which is the same as ES-IS).
Off-topic: I am not able to post comments from Firefox (3.0.11). I choose to comment as Name/URL, but the comment doesn't show up after pressing the Post Comment button.
It works from Google's Chrome. I haven't tried from IE.
NLPID: You're absolutely correct. Fixed.
Firefox: Congratulations, Google. You've managed to break Firefox code as well (IE has problems for months).
1. What does it means with the "0xFE/0xFE" for LLC1? Should it be "0xFE" only instead?
2. How do you capture the ES-IS packets? I means how do we setup an ES in a lab environment.
3. Where is CLNS resides in the diagram?
Appreciate that you can share out the pcap too. Thanks and have a nice day... :-)