What is the role of CLNS and CLNP in ISIS?
Last updated
Last updated
ISIS was developed by the ISO for use with the OSI networking suite which includes CLNP/CLNS. ISIS uses CLNP addressing for setting the system ID (the NET), but that is where ISIS’s involvment with CLNP ends. While ISIS was originally used to route CLNP, nowdays it is essentially exclusively used to route IPv4/IPv6. ISIS runs at layer 2 which allows it to be layer 3 agnostic and carry routing information for any protocol.
It is a common misconception that you are “running CLNP” when you use ISIS. This is not true. ISIS operates at a level below CLNP, and you do not need to enable CLNP in order to run ISIS. This confusion may have been perpetuated by old IOS documentation which stated that you needed to literally enable CLNS routing before using ISIS.
CLNS stands for Connection Less Network Service
CNLP stands for Connection Less Network Protocol
CLNP is the layer 3 protocol and CLNS is the service offered to higher layers. CLNS is not exactly layer 4 - it is a layer between layer 3 and layer 4 and is best described as an API.
The fact that IOS required you to enable “CLNS routing” doesn’t really make sense. CLNS is not a routed protocol - CLNP is. Yet we still see show commands that use show clns today. However, most show clns command output can also be seen with an equivalent show isis command, allowing you to pretty much ignore CLNS references in IOS these days.
Let’s take a look at an ISIS frame:
What is unique about ISIS is that it uses the old 802.3 frame format which we rarely see today. Section 1 is the 802.3 header which is very similar to today’s Ethernet II header, except it has a length field instead of a type field. Section 2 contains the LLC which is considered part of the 802.3 frame format even though it is a separate header. The LLC has the destination and source SAP (Service Access Point). The SAP is roughly similar to the Ethertype in Ethernet II. It indicates the layer 3 protocol in use. 0xFE indicates an ISO protocol. This does not refer to CLNP specifically, just OSI as a whole. (Both CLNP and ISIS use a SAP of 0xFE, but we will see the difference between ISIS and CLNP in the next header). The control field value of 0x03 means that flow control is off.
Section 3 is the ISO header, and it uses a value of 0x83 which indicates ISIS. CLNP uses value 0x81 and ESIS uses 0x82. So ISIS is completely separate from CLNP. Section 4 is the actual ISIS hello PDU.
ISIS is a very unique protocol because it does not need a layer three protocol. Even though OSPF and EIGRP have their own IP protocol, they are still relying on IP and can be said to be at layer 4 in the stack, adjacent to where TCP lives. BGP relies on TCP and does not have its own IP protocol number - this fact is sometimes used to argue that BGP is an application. In comparison, ISIS is its own layer 3 protocol.
An OSPF hello. OSPF relies on IP. Every OSPF packet has a src/dst IP address.
For comparison to the 802.3 frame format, take a look at a ping below:
The layer 2 frame is Ethernet II and uses a Type field instead of a Length field. To ensure that Ethernet II is easily differentiated from 802.3 when parsing the frame, the Ethernet II type field value is always greater than 1500, which is the maximum allowed length value for 802.3. So if that field is equal to or less than 1500, the frame is 802.3. If it is greater than 1500, it is Ethernet II.
https://www.linkedin.com/pulse/connection-less-network-protocol-clnpand-service-clns-priyanka-kumari
https://blog.ipspace.net/2010/03/clns-and-clnp.html
https://blog.ipspace.net/2009/06/is-is-is-not-running-over-clnp.html
https://www.firewall.cx/networking-topics/ethernet/ethernet-frame-formats/200-ieee-8023-frame.html
https://www.firewall.cx/networking-topics/ethernet/ethernet-frame-formats/201-ethernet-ii.html