Step-by-Step Troubleshooting for IS-IS on Cisco Routers
Intermediate System to Intermediate System (IS-IS) is a powerful, highly scalable link-state routing protocol widely deployed in service provider backbones and large enterprise networks. Because IS-IS operates directly at Layer 2 using CLNS, troubleshooting it can feel different from OSPF or EIGRP. This comprehensive guide walks you through a step-by-step IS-IS troubleshooting process on Cisco routers with real commands, common issues, and battle-tested fixes to quickly restore routing stability.
Why IS-IS Troubleshooting Skills Matter
IS-IS is the backbone of countless ISPs, MPLS cores, and data center underlays. Adjacency failures, NET misconfigurations, or LSP flooding problems can paralyze an entire network. Mastering IS-IS diagnostics is essential for CCNP SP, CCIE, and any engineer working in large-scale routing environments.
Step 1: Verify Physical and Interface Connectivity
IS-IS runs over Layer 2, so interface health is the first thing to confirm.
R1# show interfaces status
R1# show clns interface
Confirm the interface is up/up and that CLNS is enabled on the interface running IS-IS.
Step 2: Check IS-IS Neighbor Adjacencies
Your first IS-IS-specific command:
R1# show clns neighbors detail
R1# show isis neighbors
Understand the IS-IS adjacency states:
- Down — No hellos received.
- Init — Hello received but not yet bidirectional.
- Up — Adjacency fully established. ✅
Also verify the adjacency type: Level-1, Level-2, or Level-1-2.
Step 3: Validate the NET (Network Entity Title)
An incorrect or duplicate NET is one of the most common IS-IS issues. Each router must have a unique System ID within the area.
R1# show isis protocol
NET format: 49.0001.0000.0000.0001.00
- AFI (49) — Private addressing
- Area ID (0001) — Must match for Level-1 adjacency
- System ID — Must be unique per router
- NSEL (00) — Always 00 for routers
Step 4: Confirm IS-IS Level and Circuit Type
A frequent cause of failed adjacency is mismatched IS-IS levels between neighbors.
R1(config-if)# isis circuit-type level-2-only
Rules to remember:
- Level-1 adjacency requires matching Area IDs.
- Level-2 adjacency does not require matching Areas.
- Level-1-2 routers form both types of adjacencies.
Step 5: Inspect Interface Parameters
Several interface-level settings must match between neighbors for adjacency to form.
R1# show isis interface
Parameters that must match:
- MTU size (critical—IS-IS will not form adjacency with MTU mismatch)
- Hello and hold timers (recommended)
- Authentication type and key
- Network type (broadcast vs. point-to-point)
Step 6: Troubleshoot MTU Mismatches
Unlike OSPF, IS-IS pads hellos to the full MTU. Any MTU mismatch prevents adjacency.
R1(config-if)# no isis hello padding
Either match MTUs on both sides or disable hello padding as a workaround.
Step 7: Verify Authentication
IS-IS supports interface-level, area-level, and domain-level authentication. Any mismatch silently breaks adjacency or LSP exchange.
R1# show key chain
Ensure both routers use matching authentication mode (cleartext or HMAC-MD5) and identical key strings at each level.
Step 8: Debug IS-IS Events
When configs look correct but adjacency still fails, use targeted debugs:
R1# debug isis update-packets
R1# debug isis spf-events
Warning: Always disable debugs with undebug all in production to avoid CPU spikes.
Step 9: Examine the IS-IS LSDB
If adjacencies are up but routes are missing, inspect the Link-State Database.
R1# show isis database detail
R1# show isis topology
Look for:
- Missing LSPs from expected routers
- Corrupted or overloaded LSPs
- The overload bit set unexpectedly
- Incomplete SPF calculations
Step 10: Troubleshoot Missing Routes
If routes aren't installed in the routing table, confirm IS-IS is advertising and preferring them correctly.
R1# show isis rib
R1# show ip protocols
Common reasons for missing routes:
- Interface not enabled under IS-IS (ip router isis missing)
- Wide metrics vs. narrow metrics mismatch
- Route leaking not configured between Level-1 and Level-2
- Distribute-lists filtering prefixes
- Administrative distance favoring another protocol
Step 11: Check Metric Style Consistency
IS-IS supports narrow (6-bit) and wide (24-bit) metrics. Mixing them causes suboptimal routing or missing prefixes.
Use metric-style wide consistently across the domain for modern deployments.
Step 12: Clear IS-IS Safely
After configuration changes, force IS-IS to reconverge:
R1# clear clns neighbors
Use sparingly—these commands briefly disrupt routing.
Common IS-IS Errors and Quick Fixes
| Symptom | Likely Cause | Fix |
|---|---|---|
| Adjacency stuck in Init | Unidirectional hellos or MTU mismatch | Check ACLs and match MTUs |
| No adjacency formed | Level or area mismatch | Align circuit-type and Area ID |
| Duplicate System ID warnings | NET misconfiguration | Assign unique System IDs |
| Routes missing in table | Metric style mismatch or filter | Set wide metrics, review filters |
| Overload bit set | Router in overload state | Check resources and set-overload-bit |
Best Practices for Stable IS-IS Networks
- Use unique, well-documented System IDs across the domain.
- Deploy metric-style wide everywhere for modern traffic engineering.
- Use passive-interface default and enable IS-IS only where needed.
- Apply HMAC-MD5 authentication at interface, area, and domain levels.
- Configure Level-2-only on backbone routers for cleaner topology.
- Enable BFD for sub-second convergence on critical links.
- Use route leaking carefully to prevent suboptimal paths.
Final Thoughts
Effective IS-IS troubleshooting on Cisco routers demands a methodical approach: validate interfaces, verify NET and levels, align parameters, check the LSDB, and confirm route installation. By following the step-by-step playbook in this guide, you can resolve the vast majority of IS-IS issues efficiently—whether you're running a service provider backbone or an enterprise core.
💡 Pro Tip: Start every IS-IS incident with three commands: show clns neighbors, show isis database, and show ip route isis. They expose 90% of issues within seconds.
Keywords: IS-IS troubleshooting Cisco, Cisco IS-IS commands, IS-IS adjacency issues, IS-IS NET configuration, IS-IS MTU mismatch, CCNP SP IS-IS guide, IS-IS Level-1 Level-2.
