Technologies that Didn’t: CLNS

Note: RFC1925, rule 11, reminds us that: “Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works.” Understanding the past not only helps us to understand the future, it also helps us to take a more balanced and realistic view of the technologies being created and promoted for current and future use.

The Open Systems Interconnect (OSI) model is the most often taught model of data transmission—although it is not all that useful in terms of describing how modern networks work. What many engineers who have come into network engineering more recently do not know is there was an entire protocol suite that went with the OSI model. Each of the layers within the OSI model, in fact, had multiple protocols specified to fill the functions of that layer. For instance, X.25, while older than the OSI model, was adopted into the OSI suite to provide point-to-point connectivity over some specific kinds of physical circuits. Moving up the stack a little, there were several protocols that provided much the same service as the widely used Internet Protocol (IP).

The Connection Oriented Network Service, or CONS, ran on top of the Connection Oriented Network Protocol, or CONP (which is X.25). Using CONP and CONS, a pair of hosts can set up a virtual circuit. Perhaps the closest analogy available in the world of networks today would be an MPLS Label Switched Path (LSP). Another protocol, the Connectionless Network Service, or CLNS, ran on top of the Connectionless Network Protocol, or CLNP. A series of Transport Protocols ran on top of CLNS (these might also be described as modes of CLNS in some sense). Together, CLNS and these transport protocols provided a set of services similar to IP, the Transmission Control Protocol (TCP), and the User Datagram Protocol (UDP)—or perhaps even closer to something like QUIC.

The routing protocol that held the network together by discovering the network topology, carrying reachability, and calculating loop free paths was the venerable Intermediate System to Intermediate System (IS-IS) protocol, which is still in wide use today. The OSI protocol suite had some interesting characteristics.

For instance, each host had a single address, rather than each interface. The host address was calculated automatically based on a local Media Access Control (MAC) address, combined with other bits of information that were either learned, assumed, or locally configured. A single host could have multiple addresses, using each one to communicate to the different networks it might be connected to, or even being used to contact hosts in different domains. The Intermediate System (IS) played a vital role in the process of address calculation and routing; essentially routing ran all the way down to the host level, which allowed smart calculation of next hops. While a default router could be configured in some implementations, it was not required, as the hosts participated in routing.

A tidbit of interesting history—one of the earliest uses of address families in protocols, and one of the main drivers of the Type-Length-Vector encoding of the IS-IS routing protocol, were driven by the desire to run CLNS and TCP/IP side-by-side on a single network. ISO-IGRP was one of the first multi-protocol routing protocols to use a concept similar to address families. Some of the initial work in BGP address families was also done to support CLNS routing, as the OSI stack did not specify an interdomain routing protocol.

Why is this interesting protocol not in wide use today? There are many reasons—probably every engineer who ever worked on both can give you a different set of reasons, in fact. From my perspective, however, there are a few basic reasons why TCP/IP “won” over the CLNS suite of protocols.

First, the addressing used with CLNS was too complex. There were spots in the address for the assigning authority, the company, subdivisions within the company, flooding domains, and other elements. While this was all very neat, it assumed either one of two things: that network topologies would be built roughly parallel to the organizational chart (starting from governmental entities), or that the topology of the network and addressing did not need to be related to one another. This flies in the face of Yaakov’s rule: either the topology must follow the addressing, or the addressing must follow the topology, if you expect the network to scale.

In the later years of CLNS, this entire mess was replaced by people just using the “private” organizational information to build internal networks, and assuming these networks would never be interconnected (much like using private IPv4 address space). Sometimes this worked, of course. Sometimes it did not.

This addressing scheme left users with the impression, true or false, that CLNS implementations had to be carefully planned. Numbers must be procured, the organizational structure must be consulted, etc. IP, on the other hand, was something you could throw out there and play with. You could get it all working, and plan later, or change you plans. Well, in theory, at least—things never seem to work out in real life the way they are supposed to.

Second, the protocol stack itself was too complex. Rather than solving a series of small problems, and fitting the solutions in a sort of ad-hoc layered set of protocols, the designers of CLNS carefully thought through every possible problem, and considered every possible solution. At least they thought they did, anyway. All this thinking, however, left the impression, again, that to deploy this protocol stack you had to carefully think about what you were about. Further, it was difficult to change things in the protocol stack when problems were found, or new use cases—that had not been thought of—were discovered.

It is better, most of the time, to build small, compact units that fit together, than it is to build a detailed grand architecture. The network engineering world tends to oscillate between the two extremes of no planning or all planned; rarely do we get the temperature of the soup (or porridge) just right.

While CLNS is not around today, it is hard to call the protocol stack a failure. CLNS was widely deployed in large scale electrical networks; some of these networks may well be in use today. Further, its effects are everywhere. For instance, IS-IS is still a widely deployed protocol. In fact, because of its heritage of multiprotocol design from the beginning, it is arguably one of the easiest link state protocols to work with. Another example is the multiprotocol work that has carried over into other protocols, such as BGP. The ideas of a protocol running between the host and the router and autoconfiguration of addresses, have come back in very similar forms in IPv6, as well.

CLNS is another one of those designs that shape the thinking of network engineers today, even if network engineers don’t even know it existed.


  1. Sasanka on 27 September 2020 at 11:50 am

    Thanks Russ for the article, IS-IS as a protocol has got it’s use, and I have been fortunate to work in a enterprise where IS-IS was deployed in WAN using simple configuration and design.

  2. Henk on 27 September 2020 at 4:45 pm

    I’m just as pedantic as Ivan. Sorry. :p

    “ISO-IGRP was one of the first multi-protocol routing protocols to use a concept similar to address families.”

    Nah. ISO-IGRP was just OSI-addresses only. I can’t remember the details (I think ISO-IGRP did both L2 area-addresses as L1 host system-ids). But the packet-format was fixed. No TLVs. No room for different address-families. Just CLNS/OSI. So it was not multi-protocol for sure.

    “Some of the initial work in BGP address families was also done to support CLNS routing, as the OSI stack did not specify an interdomain routing protocol”.

    I think IPv6 support for BGP was the first new address-family that was implemented in BGP. OSI-addresses in BGP was maybe talked about, but it was never implemented, afaik. Were there any drafts or RFCs for OSI-support in BGP ?

    The OSI-stack did have its own routing-protocol for Inter-Domain Routing. It was called IDRP (eye-drip). IDRP has been specified in ISO 10747 in 1993. I don’t think anyone ever implemented it either.

    I don’t believe that OSI-addresses being longer (“complexer”) than IPv4 addresses was really a problem. I’ve been told, by folks that were there before us, that the problem with the OSI-stack was all in level-4 to level-7. And in the applications. Some of those were too complex. Like e.g. X.500 for email. I don’t know enough about OSI L4-L7 to give you more examples, sorry. L3 (CLNS and IS-IS and ES-IS) was just fine. Maybe even better than IPv4. Too bad TUBA never happened.

    Last thing. I don’t think it was ever the intention of the OSI-folks (or any other protocol-developers in the eighties or early nineties) to develop a protocol that could support multiple address-families. But the OSI-folks did believe in TLVs. They were 200% correct there. (And the IPv4-folks with their “all packet-fields must be fixed-length, fixed-location) were 200% wrong). The fact that IS-IS had TLVs allowed individual rebels to just include new TLVs with IP-networks in the existing IS-IS protocol. I imagine someone just did this. I can’t imagine the OSI (or IPv4) folks intentionally doing something to help the enemy.

    Example: IPv6 addresses are 16 octets. Long enough, but not too long. Just to make sure that 20-octet NSAPs wouldn’t fit in an IPv6 address. Can you imagine if IPv6-addresses had been 20 octets. And you could easily build a NAT-box to translate between CLNS and IPv6 ? The whole world would now run TUBA, with a few small islands of IPv6-only diehards.

    • Russ on 30 September 2020 at 8:06 am

      I’m always happy to be corrected by Henk and Ivan. 🙂 Henk, I need to get you on the Hedge some time or another. Think of a topic!