Re: OSPF -vs- ISIS
Hi Manav, Excellent Document! I see that this document has expired. Are you folks thinking of respinning a copy of this draft? Thanks, Abhishek On 6/23/05, Manav Bhatia <[EMAIL PROTECTED]> wrote: > > Hi Daniel, > > We wrote a draft some time back comparing the two protocols ISIS and OSPF. > It should address some of your doubts and concerns. > > Here's a pointer to my local copy: > > http://geocities.com/mnvbhatia/draft-bhatia-manral-diff-isis-ospf-00.txt > > Thanks, > Manav > > !> -Original Message- > !> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > !> On Behalf Of Dan Evans > !> Sent: Tuesday, June 21, 2005 7:35 PM > !> To: nanog@merit.edu > !> Subject: OSPF -vs- ISIS > !> > !> > !> All, > !> > !> Can anyone point me to information on what the top N service > !> providers > !> are using for their IGP? I'm trying to build a case for > !> switching from > !> OSPF to IS-IS. Those on this list who are currently running IS-IS, do > !> you find better scalability and stability running IS-IS than OSPF? I > !> understand that this question is a lot more complex than a simple yes > !> or no since factors like design and routing policy will certainly > !> affect the protocols behavior. > !> > !> Any insights or experiences that you can share would be most helpful. > !> > !> Thanks, > !> > !> Daniel Evans > !> Alltel Communications > !> > !> > > > -- -- Class of 2004 Institute of Technology, BHU Varanasi, India
Re: OSPF -vs- ISIS
Thanks to everyone who offered advice and links to resources. The information I've gathered with your help will greatly assist me moving forward, regardless of our decision on which protocol to use. Regards, Daniel
RE: OSPF -vs- ISIS
Hi Daniel, We wrote a draft some time back comparing the two protocols ISIS and OSPF. It should address some of your doubts and concerns. Here's a pointer to my local copy: http://geocities.com/mnvbhatia/draft-bhatia-manral-diff-isis-ospf-00.txt Thanks, Manav !> -Original Message- !> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] !> On Behalf Of Dan Evans !> Sent: Tuesday, June 21, 2005 7:35 PM !> To: nanog@merit.edu !> Subject: OSPF -vs- ISIS !> !> !> All, !> !> Can anyone point me to information on what the top N service !> providers !> are using for their IGP? I'm trying to build a case for !> switching from !> OSPF to IS-IS. Those on this list who are currently running IS-IS, do !> you find better scalability and stability running IS-IS than OSPF? I !> understand that this question is a lot more complex than a simple yes !> or no since factors like design and routing policy will certainly !> affect the protocols behavior. !> !> Any insights or experiences that you can share would be most helpful. !> !> Thanks, !> !> Daniel Evans !> Alltel Communications !> !>
Re: OSPF -vs- ISIS
On Tue, Jun 21, 2005 at 03:16:06PM +0100, Richard Dumoulin wrote: > Hi Eric, what's the reason for migrating to ISIS? There are currently a few projects that we're doing which prompted us to take a look at how we're doing routing, both IGP and EGP. We're altering our border connectivity by spreading our multiple commodity Internet and Internet2 peers across multiple routers that connect into our core at multiple locations. As a result, we're likely to bring iBGP into our core and, clearly, this is going to alter our IGP setup. We're also looking into MPLS layer 2 VPNs to solve certain traffic classification issues (e.g. limiting I2 access, allowing "guest wireless" etc), which also means that we'd likely need to make modifications to our IGP/EGP setup. Though we filter OSPF multicast traffic, we wanted to add in MD5 passwords to our neighbors. We're deploying IPv6 within our campus, so we needed to look for an IGP to support this. Since we're going to have to make changes, some significant, to our IGP setup (currently multi-area OSPF) no matter what, we felt it made sense to review our options. It looks like IS-IS and OSPF are pretty much the same in terms of functionality. IS-IS, though, looks like it handles IPv6 networks more efficiently, its area scheme seems to match a little more to our topology, and the "security' element (i.e. you can't inject packets) of the adjacencies seems interesting. Also, as I said, we're likely going to move to an iBGP-based core, which seems to run parrallel to what service providers are doing, so I have to admit that "follow the leader" also played into the decision as larger ISP seem to be doing the iBGP/IS-IS combo. Eric :)
RE: OSPF -vs- ISIS
> For more information, see the talk by Dave Katz at > http://www.nanog.org/mtg-0006/katz.html > > Also, AOL's experience in switching from OSPF to ISIS is > covered at http://www.nanog.org/mtg-0310/gill.html > the PDF on that page is actually an older version. The full > version I used at NANOG is available at > http://www.vijaygill.com/oi.pdf Add Ryan's talk about other security benefits of ISIS: Implications of Securing Backbone Router Infrastructure http://www.nanog.org/mtg-0405/mcdowell.html Also look at the other ISIS talks and tutorials here: http://www.nanog.org/subjects.html#I
Re: OSPF -vs- ISIS
"Wayne E. Bouchard" <[EMAIL PROTECTED]> writes: >> One vendor in particular sees ISIS as "an ISP protocol" and OSPF as "an >> enterprise protocol". Their implementation of the latter has often gotten >> many enterprise-oriented features (e.g. dial-on-demand link support) that >> the other didn't, whereas the former was known for reliability because the >> coders were admonished to touch it rarely and test the heck out of every >> change because screwing up might break the Internet. > > To that end, you also need to be aware that outside of the "major" > vendors, most don't even know what ISIS is. So if you're trying to > integrate other vendors' equipment into your network, you may have no > choice but OSPF. The other edge of that sword is that letting someone outside of the "major" vendors' OSPF (1) talk to your cloud qualifies as "risky behavior". ---rob (1) where "major vendors" means "widely deployed", not "widely deployed for money". the question is whether installing on your network is an unspoke part of their beta testing strategy.
Re: OSPF -vs- ISIS
On Tue, Jun 21, 2005 at 11:50:59AM -0500, Stephen Sprunk wrote: > > Thus spake "Mike Bernico" <[EMAIL PROTECTED]> > > The State of Illinois converted to ISIS in 2002 from EIGRP and it > > has definitely been a good thing for us. It's been operationally > > bullet proof, and simple to maintain. > > > > We typically get features faster than we would if we ran OSPF. > > For example, we have a desire in the future to use IPFRR. Every > > indication from the vendor is that this feature will be available to > > ISIS first, most likely because of either the extensibility of ISIS > > or more likely because ISIS is in so many larger providers. > > This points to something that's really unrelated to the minor technical > differences between the two protocols: how they're viewed by your vendor. > > One vendor in particular sees ISIS as "an ISP protocol" and OSPF as "an > enterprise protocol". Their implementation of the latter has often gotten > many enterprise-oriented features (e.g. dial-on-demand link support) that > the other didn't, whereas the former was known for reliability because the > coders were admonished to touch it rarely and test the heck out of every > change because screwing up might break the Internet. To that end, you also need to be aware that outside of the "major" vendors, most don't even know what ISIS is. So if you're trying to integrate other vendors' equipment into your network, you may have no choice but OSPF. > The difference in stability is less apparent today, but the mindset is still > quite alive. That means ISIS gets "ISP" features faster, and the code still > tends to be more solid than OSPF even though ISIS might now be getting > changes more frequently than it did in the past. Personally, I still favor ISIS in provider style networks, especially as they grow larger but with the passage of time, there really isn't a great deal of difference between ISIS level 2 only and one great big area 0 these days. (Personal experience has suggested to me that ISIS tends to handle that somewhat better but that doesn't say you won't be just as happy with OSPF.) So the long and short of it really boils down to your personal preference. --- Wayne Bouchard [EMAIL PROTECTED] Network Dude http://www.typo.org/~web/
Re: OSPF -vs- ISIS
Thus spake "Mike Bernico" <[EMAIL PROTECTED]> > The State of Illinois converted to ISIS in 2002 from EIGRP and it > has definitely been a good thing for us. It's been operationally > bullet proof, and simple to maintain. > > We typically get features faster than we would if we ran OSPF. > For example, we have a desire in the future to use IPFRR. Every > indication from the vendor is that this feature will be available to > ISIS first, most likely because of either the extensibility of ISIS > or more likely because ISIS is in so many larger providers. This points to something that's really unrelated to the minor technical differences between the two protocols: how they're viewed by your vendor. One vendor in particular sees ISIS as "an ISP protocol" and OSPF as "an enterprise protocol". Their implementation of the latter has often gotten many enterprise-oriented features (e.g. dial-on-demand link support) that the other didn't, whereas the former was known for reliability because the coders were admonished to touch it rarely and test the heck out of every change because screwing up might break the Internet. The difference in stability is less apparent today, but the mindset is still quite alive. That means ISIS gets "ISP" features faster, and the code still tends to be more solid than OSPF even though ISIS might now be getting changes more frequently than it did in the past. S Stephen Sprunk "Those people who think they know everything CCIE #3723 are a great annoyance to those of us who do." K5SSS --Isaac Asimov
Re: OSPF -vs- ISIS
Isn't that because Dave re-wrote all of the IS-IS code? ;-) - ferg -- vijay gill <[EMAIL PROTECTED]> wrote: Daniel, in short, we've found ISIS to be slightly easier to maintain and run, with slightly more peace of mind in terms of securitiy than OSPF. Performance and stability wise, no major difference that was noticable. For more information, see the talk by Dave Katz at http://www.nanog.org/mtg-0006/katz.html Also, AOL's experience in switching from OSPF to ISIS is covered at http://www.nanog.org/mtg-0310/gill.html the PDF on that page is actually an older version. The full version I used at NANOG is available at http://www.vijaygill.com/oi.pdf /vijay -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
RE: OSPF -vs- ISIS
The State of Illinois converted to ISIS in 2002 from EIGRP and it has definitely been a good thing for us. It's been operationally bullet proof, and simple to maintain. We typically get features faster than we would if we ran OSPF. For example, we have a desire in the future to use IPFRR. Every indication from the vendor is that this feature will be available to ISIS first, most likely because of either the extensibility of ISIS or more likely because ISIS is in so many larger providers. Mike Bernico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of vijay gill Sent: Tuesday, June 21, 2005 9:20 AM To: Dan Evans Cc: nanog@merit.edu Subject: Re: OSPF -vs- ISIS Dan Evans wrote: > All, > > Can anyone point me to information on what the top N service providers > are using for their IGP? I'm trying to build a case for switching from > OSPF to IS-IS. Those on this list who are currently running IS-IS, do > you find better scalability and stability running IS-IS than OSPF? I > understand that this question is a lot more complex than a simple yes > or no since factors like design and routing policy will certainly > affect the protocols behavior. > > Any insights or experiences that you can share would be most helpful. > > Thanks, > > Daniel Evans > Alltel Communications Daniel, in short, we've found ISIS to be slightly easier to maintain and run, with slightly more peace of mind in terms of securitiy than OSPF. Performance and stability wise, no major difference that was noticable. For more information, see the talk by Dave Katz at http://www.nanog.org/mtg-0006/katz.html Also, AOL's experience in switching from OSPF to ISIS is covered at http://www.nanog.org/mtg-0310/gill.html the PDF on that page is actually an older version. The full version I used at NANOG is available at http://www.vijaygill.com/oi.pdf /vijay
Re: OSPF -vs- ISIS
It is a dangerous thing when, in the course of engineering, you have a solution looking for a problem, instead of a problem looking for a solution. I'd say that the biggest benefit in using IS-IS over OSPF is the tuning of route metrics, but aside from that, I'd say that the two routing protocols are substantially similar enough to warrant close consideration of exactly what one would want bad enough to switch from one to the other. - ferg -- Erik Haagsman <[EMAIL PROTECTED]> wrote: On Tue, 2005-06-21 at 09:04 -0500, Dan Evans wrote: > Can anyone point me to information on what the top N service providers > are using for their IGP? I'm trying to build a case for switching from > OSPF to IS-IS. Why are you trying to build a case...? Would you already have operational benefit from switching and are you building a case round that and if not, why switch...? Switching IGP in a non-trivial network isn't something you'd want to do unless you've got a clear motive and it gives you some operational advantage... -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
Re: OSPF -vs- ISIS
We're currently running OSPF. Believe me, I understand that switching IGP's is not a simple undertaking. There are several benefits that I'm looking at, some of which have already been mentioned in replies to my original thread. Security is one, the other being IPv6 support. I'm going to have to turn on another protocol in order to support IPv6. My two choices are OSFPv3 or IS-IS. The decision then becomes, do I have a single IGP protocol that maintains both IPv4 and IPv6 information, or do I run two seperate (although closely related) protocols. -Dan On 6/21/05, Dan Evans <[EMAIL PROTECTED]> wrote: > All, > > Can anyone point me to information on what the top N service providers > are using for their IGP? I'm trying to build a case for switching from > OSPF to IS-IS. Those on this list who are currently running IS-IS, do > you find better scalability and stability running IS-IS than OSPF? I > understand that this question is a lot more complex than a simple yes > or no since factors like design and routing policy will certainly > affect the protocols behavior. > > Any insights or experiences that you can share would be most helpful. > > Thanks, > > Daniel Evans > Alltel Communications >
Re: OSPF -vs- ISIS
Dan Evans wrote: All, Can anyone point me to information on what the top N service providers are using for their IGP? I'm trying to build a case for switching from OSPF to IS-IS. Those on this list who are currently running IS-IS, do you find better scalability and stability running IS-IS than OSPF? I understand that this question is a lot more complex than a simple yes or no since factors like design and routing policy will certainly affect the protocols behavior. Any insights or experiences that you can share would be most helpful. Thanks, Daniel Evans Alltel Communications Daniel, in short, we've found ISIS to be slightly easier to maintain and run, with slightly more peace of mind in terms of securitiy than OSPF. Performance and stability wise, no major difference that was noticable. For more information, see the talk by Dave Katz at http://www.nanog.org/mtg-0006/katz.html Also, AOL's experience in switching from OSPF to ISIS is covered at http://www.nanog.org/mtg-0310/gill.html the PDF on that page is actually an older version. The full version I used at NANOG is available at http://www.vijaygill.com/oi.pdf /vijay
Re: OSPF -vs- ISIS
On Tue, 2005-06-21 at 09:04 -0500, Dan Evans wrote: > Can anyone point me to information on what the top N service providers > are using for their IGP? I'm trying to build a case for switching from > OSPF to IS-IS. Why are you trying to build a case...? Would you already have operational benefit from switching and are you building a case round that and if not, why switch...? Switching IGP in a non-trivial network isn't something you'd want to do unless you've got a clear motive and it gives you some operational advantage... Cheers, -- --- Erik Haagsman Network Architect We Dare BV Tel: +31(0)10-7507008 Fax: +31(0)10-7507005 http://www.we-dare.nl
Re: OSPF -vs- ISIS
> Can anyone point me to information on what the top N service providers > are using for their IGP? Can we expand this to include enterprise networks as well? The University that I work for is planning to do a switch-over from OSPF to ISIS, but I'd like to know if we're really a one off. Eric :)
