Introduction to IS-IS

Hello Gareth

OSPF and EIGRP run on top of IP on the Network layer. They have their own headers that are added to the IP headers. These are displayed as an additional level of information within Wireshark. An example of this for OSPF is found below:

Sometimes, EIGRP is stated that it uses RTP. But this statement can be misleading. EIGRP uses Reliable Transport Protocol and not Real-Time Transport Protocol. The latter is a Transport layer protocol used for voice and video applications. The former is an EIGRP specific framework that describes the way in which EIGRP messages are exchanged. It’s not on the Transport layer, but on a layer on top of the Network layer, much like OSPF is.

RIP on the other hand does use a transport layer mechanism, specifically using UDP port 520. You can see this in the following Wireshark output:

Finally, IS-IS doesn’t use the Transport layer, but interestingly enough, it doesn’t use IP either. It is its own communication protocol that is running over IEEE802.3 Ethernet. A Wireshark example of IS-IS in action can be seen below:

So really, each routing protocol has its own methodology of communicating, but with the exception of RIP, the most common IGPs do indeed function at up to Layer 3.

For completeness, let me just mention that BGP uses a Transport layer mechanism, specifically on TCP port 179.

I hope this has been helpful!

Laz