Differences in IS-IS and OSPF encapsulation ..

IS-IS is cool and runs directly over the data link alongside IP. On Ethernet, IS-IS packets are always 802.3 frames, with LSAP value 0xFEFE while IP packets are either Ethernet II frames or SNAP frames identified with the protocol number 0x800. OSPF runs over IP as protocol number 89.

IS-IS runs directly over layer 2 and hence

– cannot support virtual links unless some explicit tunneling is implemented.

– packets are intentionally kept small so that they don’t require hop-by-hop fragmentation.

– uses ATM/SNAP encapsulation on ATM but there are hacks to make it use VcMux encapsulation.

– some OSs that support IP networking have been implemented to differentiate Layer 3 packets in kernel. Such OSs require a lot of kernel modifications to support IS-IS for IP routing. Ditto goes for any HW thats clever and tries to identify L3 control packets in the ASICs.

– can never be routed beyond the immediate next hop and hence shielded from IP spoofing and similar Denial of Service attacks.

– need to provide code points of access for each data link protocol types (Frame Relay, Ethernet, ATM, PPP, etc).

– doesnt need to rely on network layer protocols (like ARP) to communicate with the neighboring systems. Some implementations however, do rely on ARP or static routing to
communicate with the neighbors on LAN.

OSPF runs over IP and hence

– can support virtual links.

– can use IP fragmentation services.

– can use VcMux encapsulation on ATM.

– if an OS already supports IP, no it requires no changes to support OSPF.

– can be routed to a destination multiple hops away and thus vulnerable to DoS attacks and IP spoofing

– transmitted with additional IP header information, thereby increasing some packet overhead. I woudnt fret over this coz there arent many control packets running helter-skelter in a network anyways!

(i) IP Fragmentation

LSPs in IS-IS, unlike as in OSPF, are not regenerated hop-by-hop and so they must be small enough that they are guaranteed to be able to cross *any* media in the network and the value of the maxsized LSP should thus not be greater than the minimum link MTU size in the area.

If a router has more than maxsized LSP bytes of information to advertise into IS-IS, then this originating router must fragment its LSP before flooding.

In past, one area of concern regarding the scalability of the link state routing protocols was the way they would flood and it is believed that preventing fragmentation during flooding is the reason why IS-IS fragments only at the originating router.

OSPF does not provide any explicit fragmentation/reassembly support. When fragmentation is necessary, IP fragmentation/reassembly is used. OSPF protocol packets have been designed so that large protocol packets can be generally be split into several smaller protocol packets.

(ii) ATM Encapsulation

OSPF can run over ATM using VcMux encapsulation (which essentially assumes that all the packets carried are IP) while IS-IS requires LLC/SNAP encapsulation where ATM layer can distinguish between multiple Layer 3 protocols over the same VC. The disadvantage of using the LLC/SNAP encapsulation is that it has some additional bytes for the LLC-SNAP header which results in a packet size > 40 bytes.

Thus a simple TCP ACK message of 40 bytes along with the LLC-SNAP header adds enough bytes so that a single TCP ACK won’t fit into one ATM cell. Much bandwidth is thus wasted because now each TCP ACK requires 2 ATM cells.

An IETF draft proposes a workaround to this issue in which both IS-IS and IP packets can be sent over an ATM VC using Vc Mux encapsulation by reading into the first byte of the L3 header to distinguish between IP and ISO family packets, such as IS-IS, CLNS and ES-IS. However this did not gain popularity because of the demise of ATM cores in the largest ISPs.

The first two fields in the IP header are the 4-bit version number and the 4-bit header length. The value of the first byte is normally 0x45. If there are IP header options attached to the IP header, the first byte can be between 0x46 and 0x4F. The first byte in an IS-IS packet is always 0x83. Thus by looking at the first byte of an incoming packet, the receiver can separate IP and IS-IS packets. Because of this feature one does not need to depend on the ATM layer anymore to help with the de-multiplexing. Routers an now send and receive both IS-IS and IP packets using Vc Mux encapsulation and thus avoid the ATM cell tax.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s