Internet draft: IS-IS and OSPF differences
By stretch | Friday, January 23, 2009 at 12:00 a.m. UTC
The other day I came across an interesting document detailing many of the trivial differences between OSPF and IS-IS. An apparently expired Internet draft dated July 2005, the paper (also hosted locally) is a bit of a rough read, but nonetheless informative. Some summarized excerpts:
OSPF supports NBMA and point-to-multipoint links, IS-IS does not.
IS-IS rides directly above layer two, versus on IP like OSPF, which may offer a security advantage (IS-IS attacks cannot be routed).
OSPF can support virtual links, IS-IS cannot (because it rides L2 directly).
On broadcast networks, OSPF elects a DR and BDR which cannot be preempted, whereas IS-IS elects only a single DIS which may be preempted.
OSPF designates a backbone area (area 0) for inter-area advertisements; IS-IS organizes the domain into two layers.
OSPF routers can belong to multiple areas, IS-IS routers belong to exactly one area.
OSPF has more strict requirements for forming neighbor adjacencies. The hello and dead intervals must match, and the subnet mask must match (except on point-to-point links).
Of course there any many more differences discussed in the paper, some of which should be weighed carefully when deciding between an OSPF and an IS-IS deployment.
About the Author
Jeremy Stretch is a network engineer living in the Raleigh-Durham, North Carolina area. He is known for his blog and cheat sheets here at Packet Life. You can reach him by email or follow him on Twitter.
Posted in Routing
January 23, 2009 at 4:17 p.m. UTC
Is anyone actually running IS IS somewhere? I can see a scenario where someone may have inherited a IS IS network but is anyone actually running it by choice and why?
January 23, 2009 at 8:08 p.m. UTC
Many large Internet Service Providers run Integrated IS-IS. Scalability is often cited as a reason for choosing IS-IS over OSPF.
January 23, 2009 at 11:59 p.m. UTC
we are running IS-IS (L2 only) as underlying routing-protocol in our internet backbone since quite a while. We would never change it because:
- it's easy to configure
- offers easy "traffic-engineering"-functionality by metric change
- it's scalable
- it runs and runs and runs...
Why change ?
January 26, 2009 at 2:17 p.m. UTC
my 2 cents:
- IS-IS does not need virtual links because areas can connect directly
- new things like IPv6 are easily added to IS-IS through new TLVs
- OSPF needed major overhaul for IPv6
- IS-IS is not vulnerable to IP based attacks
- Both: Multi Topology Routing (MTR) can help
January 27, 2009 at 12:56 a.m. UTC
Sprint and Global Crossing both run IS-IS; It scales better in large (see tier 1 ISP) environments.
Most enterprise people will never see an IS-IS network.
January 28, 2009 at 1:03 a.m. UTC
What a nicely timed post. I've just started studying for my CCNP, and my IS-IS experience is basically nil. This will be a useful reference for me. as for folks actually using IS-IS, check out the NANOG mailing list archives. Recently, there was a discussion on the merits of using IS-IS vs. OSPFv3 in IPv6 deployments.
November 17, 2009 at 8:04 p.m. UTC
Good and useful info about is-is as less and less people using it.
September 23, 2011 at 5:32 a.m. UTC
"OSPF routers can belong to multiple areas, IS-IS routers belong to exactly one area. "
An IS in IS-IS protocol too can be part of multiple areas as there exists a concept of max-area-addresses in ISIS indicating the max number of areas the IS allows. It carries importance in L1 where as L2 does not worry about it as L2 is designed to be spawned across areas.