Environments with the IS-IS protocol.
IS-IS is an internal routing protocol for use in internal networks. This is how it differs from external routing protocols, primarily the Border Gateway Protocol (BGP), which is used for routing between autonomous systems.
IS-IS is a protocol based on link states, it uses information about the link status of other routers. Each IS-IS router forms its own network topology database, collecting the information received.
Both IS-IS and OSPF are link-state protocols. Both support variable mask length, can use multicasting to detect neighboring routers via hello packets, and work with route exchange authentication.
IS-IS routing is performed as follows. Each ES (external network) belongs to a specific area. ES detect the nearest IS (internal network) by listening for ISH packets. If any ES wants to send a packet to another ES, it forwards the packet to one of the IS networks to which it is directly connected. The router scans the destination address and pushes the packet along the best route. If the destination's ES is on the same subnet, the local IS will find out about it as a result of listening to the ESH and will promote the packet accordingly. In this case, IS can also provide a forwarding message (redirect - RD) to the packet source to inform about the availability of a more direct path. If the destination address is some ES on another subnet in the same area, then IS will know about the exact route and will promote the packet accordingly. If the destination address is some ES in another area, the Layer 1 IS sends this packet to the nearest Layer 2 IS. The packet continues to advance through the layer 2 IS until it reaches the layer 2 IS in the destination area. Within the destination area, the IS promotes the packet along the best route until the ES of the destination is reached.
Each IS generates an adjustment that defines the ES and IS it is connected to, as well as the associated metrics. This adjustment is sent to all neighboring IS, which promote it to their neighbors, etc. (avalanche addressing). Sequence numbers stop avalanche addressing and distinguish old adjustments from new ones. Since each IS receives channel status adjustments from all other IS, each IS can build a complete database of the entire network topology. When the topology changes, new adjustments are sent.
Accordingly, the main threats typical for the OSPF routing protocol are:
false routes;
"flooding" with HELLO packets.
Oleg Petukhov, lawyer in the field of international law and personal data protection, information security specialist security, protection of information and personal data.
Telegram channel: https://t.me/protectioninformation
Telegram Group: https://t.me/informationprotection1
Website: https://legascom.ru
Email: online@legascom.ru
#informationprotection #informationsecurity
