router : isis
 
isis
IS-IS is described in RFC 1142. You can enable and configure IS‑IS on your FortiGate unit if this routing protocol is in use on your network.
 
For each routing protocol, you can also use a redistribute command to redistribute IS-IS routes with the other protocol. For example, to redistribute IS-IS routes over OSFP enter:
config router ospf
config redistribute isis
set status enable
end
end
config router isis
set adjacency-check {enable | disable}
set auth-keychain-l1 <keychain_str>
set auth-keychain-l2 <keychain_str>
set auth-mode-l1 {md5 | password}
set auth-mode-l2 {md5 | password}
set auth-password-l1 <password>
set auth-password-l2 <password>
set auth-sendonly-l1 {enable | disable}
set auth-sendonly-l2 {enable | disable}
set default-originate {enable | disable}
set dynamic-hostname {enable | disable}
set ignore-lsp-errors {enable | disable}
set is-type {level‑1 | level‑1-2 | level‑2‑only}
set lsp-gen-interval-l1 <interval_int>
set lsp-gen-interval-l2 <interval_int>
set lsp-refresh-interval <interval_int>
set max-lsp-lifetime <lifetime_int>
set metric-style {narrow | narrow-transition | narrow-transition-l1 | narrow-transition-l2 | transition | transition-l1 | transition-l2 | wide | wide-l1 | wide-l2 | wide-transition | wide-transition-l1 | wide-transition-l2}
set overload-bit {enable | disable}
set overload-bit-on-startup
set overload-bit-suppress external interlevel
set redistribute-l1 {enable | disable}
set redistribute-l1-list <access_list_str>
set redistribute-l2 {enable | disable}
set redistribute-l2-list <access_list_str>
set spf-interval-exp-l1 <min_delay_int> <max_delay_int>
set spf-interval-exp-l2 <min_delay_int> <max_delay_int>
config isis-interface
edit <interface_str>
set auth-keychain-l1 <keychain_str>
set auth-keychain-l2 <keychain_str>
set auth-mode-l1 {md5 | password}
set auth-mode-l2 {md5 | password}
set auth-password-l1 <password>
set auth-password-l2 <password>
set auth-send-only-l1 {enable | disable}
set auth-send-only-l2 {enable | disable}
set circuit-type {level‑1 | level-1-2 | level‑2‑only}
set csnp-interval-l1 <interval_int>
set csnp-interval-l2 <interval_int>
set hello-interval-l1 <interval_int>
set hello-interval-l2 <interval_int>
set hello-multiplier-l1 <multipler_int>
set hello-multiplier-l2 <multipler_int>
set hello-padding {enable | disable}
set lsp-interval <interval_int>
set lsp-retransmit-interval <interval_int>
set mesh-group {enable | disable}
set mesh-group-id <id_int>
set metric-l1 <metric_int>
set metric-l2 <metric_int>
set network-type {broadcast | point‑to‑point}
set priority-l1 <priority_int>
set priority-l2 <priority_int>
set status {enable | disable}
set wide-metric-l1 <metric_int>
set wide-metric-l2 <metric_int>
config isis-net
edit <id>
set net <user_defined>
config redistribute {bgp | connected | ospf | rip | static}
set status {enable | disable}
set metric <metric_int>
set metric-type {external | internal}
set level {level‑1 | level-1-2 | level‑2}
set routemap <routmap_name>
config summary-address
edit <id>
set level {level‑1 | level‑1‑2 | level‑2}
set prefix <prefix_ipv4> <prefix_mask>
end
end
 
Variable
Description
Default
adjacency-check {enable | disable}
Enable to check neighbor protocol support.
disable
auth-keychain-l1 <keychain_str>
Authentication key-chain for level 1 PDUs. Available when auth-mode-l1 is set to md5.
 
auth-keychain-l2 <keychain_str>
Authentication key-chain for level 2 PDUs. Available when auth-mode-l2 is set to md5.
 
auth-mode-l1 {md5 | password}
Level 1 authentication mode.
password
auth-mode-l2 {md5 | password}
Level 2 authentication mode.
password
auth-password-l1 <password>
Authentication password for level 1 PDUs. Available when auth-keychain-11 is set to password.
 
auth-password-l2 <password>
Authentication password for level 2 PDUs. Available when auth-keychain-12 is set to password.
 
auth-sendonly-l1 {enable | disable}
Level 1 authentication send-only.
disable
auth-sendonly-l2 {enable | disable}
Level 2 authentication send-only.
disable
default-originate {enable | disable}
Control distribution of default information.
disable
dynamic-hostname {enable | disable}
Enable dynamic hostname.
disable
ignore-lsp-errors {enable | disable}
Enable to ignore LSPs with bad checksums.
disable
is-type {level‑1 | level‑1-2 | level‑2‑only}
Set the ISIS level to use. IS-IS routers are designated as being: Level 1 (intra-area); Level 2 (inter area); or Level 1-2 (both).
level-1-2
lsp-gen-interval-l1 <interval_int>
Minimum interval for level 1 link state packet (LSP) regenerating. Range 1 to 120.
30
lsp-gen-interval-l2 <interval_int>
Minimum interval for level 2 LSP regenerating. Range 1 to 120.
30
lsp-refresh-interval <interval_int>
LSP refresh time in seconds. Range 1 to 65535 seconds.
900
max-lsp-lifetime <lifetime_int>
Maximum LSP lifetime in seconds. Range 350 to 65535 seconds.
1200
metric-style {narrow | narrow-transition | narrow-transition-l1 | narrow-transition-l2 | transition | transition-l1 | transition-l2 | wide | wide-l1 | wide-l2 | wide-transition | wide-transition-l1 | wide-transition-l2}
Use old-style (ISO 10589) or new-style packet formats.
narrow Use old style of TLVs with narrow metric.
narrow-transition narrow, and accept both styles of TLVs during transition.
narrow-transition-l1 narrow-transition level-1 only.
narrow-transition-l2 narrow-transition level-2 only.
transition Send and accept both styles of TLVs during transition.
transition-l1 transition level-1 only.
transition-l2 transition level-2 only.
wide Use new style of TLVs to carry wider metric.
wide-l1 wide level-1 only.
wide-l2 wide level-2 only.
wide-transition wide, and accept both styles of TLVs during transition.
wide-transition-l1 wide-transition level-1 only.
wide-transition-l2 wide-transition level-2 only.
narrow
overload-bit {enable | disable}
Signal other routers not to use us in SPF.
disable
overload-bit-on-startup
Set overload-bit only temporarily after reboot. Range is 5-86400 seconds. Enter unset overload-bit-on-startup to disable. Entering set overload-bit-on-startup 0 is invalid.
0
overload-bit-suppress external interlevel
Suppress overload-bit for the specific prefixes. You can suppress the overload-bit for external prefixes, internal prefixes or both. Enter unset overload-bit-suppress to disable.
 
redistribute-l1 {enable | disable}
Redistribute level 1 routes into level 2. If enabled, configure redistribute-l1-list.
disable
redistribute-l1-list <access_list_str>
Access-list for redistribute l1 to l2. Available if redistribute-l1 enabled.
(null)
redistribute-l2 {enable | disable}
Redistribute level 2 routes into level 1. If enabled, configure redistribute-l2-list.
disable
redistribute-l2-list <access_list_str>
Access-list for redistribute l2 to l1. Available if redistribute-l2 enabled.
(null)
spf-interval-exp-l1 <min_delay_int> <max_delay_int>
Level 1 SPF calculation delay in milliseconds. Enter the maximum and maximum delay between receiving a change to the level 1 SPF calculation in milliseconds.
500 50000
spf-interval-exp-l2 <min_delay_int> <max_delay_int>
Level 2 SPF calculation delay. Enter the maximum and maximum delay between receiving a change to the level 2 SPF calculation in milliseconds.
500 50000