using lisp to solve today's ip host mobility challenges (ios advantage webinar)
DESCRIPTION
The Locator/ID Separation Protocol (LISP) implements a new routing architecture through a set of protocols that utilize a level of indirection to separate an IP address into two namespaces: Endpoint Identifiers (EIDs), which are assigned to end-hosts, and Routing Locators (RLOCs), which are assigned to devices (primarily routers) that make up the global routing system. By separating the host address (EID) from its location (RLOC), LISP provides key benefits in many network environments, including mobility environments where hosts are now able to move anywhere within the network while keeping their IP (EID) while changing their location (RLOC). LISP Host Mobility addresses today's enterprise data center and campus mobility challenges. This session discusses how next generation technologies such as LISP and OTV solve the networking issues associated with VM mobility and multi-tenant segmentation in the data center. An overview of the technologies and their solutions for LAN extension, mobility and segmentation is provided. Agenda * Business Drivers * Brief LISP Architectural Overview * Data Center Host Mobility Deployment Use Case * Enterprise "Vision" for LISP * LISP Development Status * Conclusion Replay the WebEx recording: https://cisco.webex.com/ciscosales/lsr.php?AT=pb&SP=EC&rID=63533782&rKey=b6212b1f49aa7674 Click here for a link to the mp4: https://communities.cisco.com/servlet/JiveServlet/download/30500-6-43940/Using%20LISP%20to%20Solve%20Today%27s%20IP%20Host%20Mobility%20Challenges.mp4 Learn more about upcoming TechAdvantage (formerly IOS Advantage) sessions at: http://www.cisco.com/go/iosadvantageTRANSCRIPT
© 2012 Cisco and/or its affiliates. All rights reserved. 1
Cisco IOS Advantage Webinars Using LISP to Solve Today's IP Host Mobility Challenges
Victor Moreno and Darrel Lewis
We’ll get started a few minutes past the top of the hour.
Note: you may not hear any audio until we get started.
© 2010 Cisco and/or its affiliates. All rights reserved. 2
Register for a Techtorial Session: http://www.ciscolive.com/london/registration-packages/
• TECIPM-3191 - Advanced LISP Techtorial
Other Techtorial Sessions from Cisco Software Experts Session Number Advanced Network Automation TECNMS-3601 Application Awareness in the Network; the Route to Application Visibility and Control TECRST-2672 Converged Access: Wired/Wireless System Architecture, Design and Operations TECCRS-2678 Enterprise QoS Design Strategy TECRST-2501 IPv6 for Dummies: An Introduction to IPv6 TECMPL-2192 IPv6 Security TECRST-2680 Scaling the IP NGN with Unified MPLS TECNMS-3601 Software Defined Networking and Use Cases TECSPG-2667 Understanding and Deploying IP Multicast Networks TECIMP-1008
© 2010 Cisco and/or its affiliates. All rights reserved. 3
Panelists
Darrel Lewis Technical Leader
Engineering [email protected]
Speakers
Victor Moreno Distinguished Engineer
Technical Marketing [email protected]
Max Ardica
Technical Leader Engineering
Gregg Schudel Engineer
Technical Marketing [email protected]
Arnel Dionisio Technical Leader
Engineering [email protected]
Solomon Rajkumar SW Development Engineer
Engineering [email protected]
© 2010 Cisco and/or its affiliates. All rights reserved. 4
• Submit questions in Q&A panel and send to “All Panelists” Avoid CHAT window for better access to panelists
• Please complete the post-event survey
• For Webex audio, select COMMUNICATE > Join Audio Broadcast
• Where can I get the presentation? Or send email to: [email protected]
• Join us November 7th for our next TechAdvantage Webinar: Media Services Proxy (MSP) for Enhanced Media Awareness and Building Plug-And-Play Media Networks www.cisco.com/go/iosadvantage
• For Webex call back, click ALLOW phone button at the bottom of participants side panel
© 2010 Cisco and/or its affiliates. All rights reserved. 5
Host Mobility Business Drivers What is LISP? How Does LISP Work? How are Customers Using LISP? LISP Host Mobility
– Fundamentals – Across Subnets
– Extending Subnets – Customer Example
LISP Status and References LISP Summary
© 2010 Cisco and/or its affiliates. All rights reserved. 6
© 2010 Cisco and/or its affiliates. All rights reserved. 7
Legacy IT model: Client/Server
Emerging IT model: Mobile/Cloud
Client Server
M
M
M
M
M M
M C
C
C
C
C C
C
Attributes: • Simple • Secure • Static
Attributes: • Connected • Scalable • Multi-tenant
© 2010 Cisco and/or its affiliates. All rights reserved. 8
Distributed Data Center Goals:
• Seamless workload mobility between mul3ple datacenters
• Distributed applica3ons closer to end users
• Pool and maximize global compute resources
• Ensure business con3nuity with workload mobility and distributed deployments
Geographically Dispersed
Data Centers
© 2010 Cisco and/or its affiliates. All rights reserved. 9
• Today’s networks aren’t designed for mobility • IP addresses are statically assigned to devices, access points, or services.
• Connecting resources on different private networks and public networks with different owners is challenging
• Movement between networks means device, service or network element connectivity necessarily always lost.
• Today’s networks can’t scale
• Cloud, mobility and Internet of things are overextending the ability of today’s routers to route data packets.
• Mobility of devices and/or network elements leads to a ballooning of the amount of information stored in routing tables.
• Today’s networks require new security models
• In a world of multiple devices and multi-tenancy it’s not feasible to manually build every needed virtual private network
Mobility, Scalability and Interconnection Issues Must Be Solved Together
© 2010 Cisco and/or its affiliates. All rights reserved. 10
Use-cases Global Workload Mobility Workload Portability to Cloud
Secure Multi-tenancy across organizations
Rapid IPv6 Deployment
LISP (Location / ID Separation Protocol) is an addressing architecture and set of protocols comprising an Endpoint Identifier (defining who a user is) and a Routing Locator (defining where the user is connected).
LISP separates the identity of the device or access point from where the device is located enabling Internet services to remain continually connected when users move around or change devices.
Benefits Mobility IP address Portability
Scalability On-Demand Route lookup
Security Tenant ID based Segmentation
Address Family Independence
Evolving the World’s Networks for the Cloud Era
Overview
© 2010 Cisco and/or its affiliates. All rights reserved. 11 11
Continuous Operation
Distributed Clusters with Network Stability, accelerate Disaster Recovery
Business Goals LISP Enables Business Benefits
Global Availability
Respond to Change Add Capacity at will for peaks, on-demand additions in private or public cloud
Application Resiliency
Compute Workloads Anywhere, beyond a single physical data center or organization
Geo Diversity
Dynamic Business Flexibility
© 2010 Cisco and/or its affiliates. All rights reserved. 12 12
New Services Creation Unleash Compute Virtualization
Business Goals LISP Enables Business Benefits
Maximize Asset Utilization
Reduce Expenses Simplify Inter-site Change Management
Faster Service TTM
Employ Idle Resources
Workload Migration and Server Consolidation
Lower Cost of Managing
© 2010 Cisco and/or its affiliates. All rights reserved. 13
Mobility
Applicability Active-Active Data Centers
Data Center Disaster Recovery Workload Portability to Cloud (aka Bursting)
Federated Cloud open connectivity
Topology independent addressing Overlay solution IPv4 or IPv6 agnostic
Benefits
Integrated Mobility
Mobility across organizations (SPs, Cloud Providers)
IPv4, IPv6 or a combination Optimal traffic path (no triangulation)
Provider A Provider B
Primary DC Secondary DC
Overview
Evolving the World’s Networks for the Cloud Era
© 2010 Cisco and/or its affiliates. All rights reserved. 14
© 2010 Cisco and/or its affiliates. All rights reserved. 15
IPv4 Internet Site 1
Site 2
Site 3
Tier 1 SP
Transit SP
Commodity SP
AS 300 13. 0/8
DFZ Routing
Table
AS 101 64.1.0.0/16
AS 200 12. 0/8
Locators
IDs
East-DC
64.2.0.0/16 64.1.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30 13.1.1.6/30 13.1.1.2/30
AS 102 64.2.0.0/16
eBGP 64.1.0.0/17 64.1.0.0/16
eBGP 64.2.128.0/17
64.2.0.0/16
64.1.0.12/32
eBGP 64.1.128.0/17
64.1.0.0/16 eBGP
64.2.0.0/17 64.2.0.0/16
© 2010 Cisco and/or its affiliates. All rights reserved. 16
IPv4 Internet Site 1
Site 2
Site 3
Tier 1 SP
Transit SP
Commodity SP
AS 300 13. 0/8
AS 101 64.1.0.0/16
AS 200 12. 0/8
Locators
East-DC
64.2.0.0/16 64.1.0.0/16
West-DC 64.1.0.12/32
12.1.1.2/30 12.1.1.6/30 13.1.1.6/30 13.1.1.2/30
AS 102 64.1.0.0/16
Clear Separation at the Network Layer:: • who/what you are looking for
vs. … • how to best get there
ID/Loc Split is common already! Two basic approaches:
• Translations (e.g. NAT) vs. …
• Tunnels (e.g. GRE, IPsec, MPLS) Both approaches are limited to local scope
What is needed is Locator/ID Separation on a GLOBAL Scope.
• What if ID address and Locator address are in different databases?
• This creates a “level of indirection” between ID and LOCATION in the network!
DFZ Routing
Table LISP
Mapping System
IDs
© 2010 Cisco and/or its affiliates. All rights reserved. 17
IPv4 Internet Site 1
Site 2
Site 3
Tier 1 SP
Transit SP
Commodity SP
AS 300 13. 0/8
AS 101 64.1.0.0/16
AS 200 12. 0/8
Locators
East-DC
64.2.0.0/16 64.1.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30 13.1.1.6/30 13.1.1.2/30
AS 102 64.2.0.0/16
LISP Mapping System
• Let’s scale the ID address databases to 1010 and allow it to hold any prefix length (even /32’s and /128’s)
• Let’s provide a mechanism to provide on-the-fly resolution of ID and locator (like DNS)
• High scale design, and ability to change locator for fixed ID enables Mobility!
DFZ Routing
Table
IDs
Note: Loc/ID Split enables “Mobility” But, can’t we handle “mobility” today, for example, with something like Global Site Selector (GSS)? GSS uses DNS
• what do you do for all the applications that have hard-coded IP address?
• How do you move “existing flows” without rebuilding TCP sessions?
DNS is an “application” • Using DNS for “routing” is never a good idea • If DNS goes down, routing goes down.
64.1.0.12/32
© 2010 Cisco and/or its affiliates. All rights reserved. 18
LISP changes the routing architecture to implement a level of indirection between a hosts IDENTITY and its LOCATION in the network
LISP radical changes the current ROUTING Architecture • Radical changes lead to DISRUPTION opportunities • LISP allows both SPs and Enterprises to do remarkably different things
than traditional approaches allow • LISP enables NEW services (VPNs, IPv6, Mobility, “cloud”) in one,
common, simple architecture
© 2010 Cisco and/or its affiliates. All rights reserved. 19
© 2010 Cisco and/or its affiliates. All rights reserved. 20
LISP Loc/ID Split namespaces ‒ EID (Endpoint Iden>fier) is the IP address of a host – just as it is today
‒ RLOC (Rou>ng Locator) is the IP address of the LISP router for the host
‒ EID-‐to-‐RLOC mapping is the distributed architecture that maps EIDs to RLOCs
Prefix Next-‐hop w.x.y.1 e.f.g.h x.y.w.2 e.f.g.h z.q.r.5 e.f.g.h z.q.r.5 e.f.g.h
Non-‐LISP
RLOC Space
EID-‐to-‐RLOC mapping
EID Space xTR
xTR
MS/MR
PxTR
xTR
EID RLOC a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
EID RLOC a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
EID Space
Network-‐based solu3on No host changes Minimal configura3on No DNS changes
Address Family agnos3c Incrementally deployable (support LISP and non-‐LISP)
Support for mobility
© 2010 Cisco and/or its affiliates. All rights reserved. 21
LISP “Level of Indirection” is analogous to a DNS lookup ‒ DNS resolves IP addresses for URL Answering the “WHO IS” question
‒ LISP resolves locators for queried identities Answering the “WHERE IS” question
host DNS Name-to-IP URL Resolution
[ who is lisp.cisco.com ] ? DNS Server
[153.16.5.29, 2610:D0:110C:1::3 ]
LISP Identity-to-locator Mapping Resolution
LISP router
LISP Mapping System
[ where is 2610:D0:110C:1::3 ] ?
[ locator is 128.107.81.169 ]
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
ETR – Egress Tunnel Router ‒ Receives packets from core-
facing interfaces
‒ De-cap packets, deliver to local EIDs at site
ITR – Ingress Tunnel Router ‒ Receives packets from site-
facing interfaces
‒ Encap to remote LISP sites, or native-fwd to non-LISP sites
packet flow
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
DNS entry: D.abc.com A 64.1.0.12
1
2 32.1.1.32 -> 64.1.0.12
EID-prefix: 64.1.0.0/16 Locator-set: 12.1.1.2, priority: 1, weight: 50 12.1.1.6, priority: 1, weight: 50
Map-Cache Entry
3
This policy controlled by the destination site
32.1.1.32 -> 64.1.0.12 10.0.0.2 -> 12.1.1.6
4
5
32.1.1.32 -> 64.1.0.12 10.0.0.2 -> 12.1.1.6
6
7 32.1.1.32 -> 64.1.0.12
Notes: ‒ The destination site controls its
ingress policy (active/active in this case)
‒ 5-tuple hash per-flow selects RLOC for encapsulation
© 2010 Cisco and/or its affiliates. All rights reserved. 24
LISP Control Plane Provides On-Demand Mappings ‒ Control Plane is separate from data plane ‒ Map-Resolver and Map-Server (similar to DNS Resolver and DNS Server) ‒ LISP Control Plane Messages for EID-to-RLOC resolution ‒ Distributed databases and map-caches hold mappings
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
Mapping System
MR MS
MR – Map-Resolver ‒ Receives Map-Request from
ITRs
‒ Forwards Map-Request to Map-Servers
‒ Sends Negative Map-Replies for Map-Requests for non-LISP sites
MS – Map-Server ‒ LISP site ETRs register their
EID prefixes here; requires “lisp site” policy, authentication key
‒ Receives Map-Requests via Mapping System; forwards Map-Requests to registered ETRs
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
Mapping System
MR MS
Map Cache (ITR) ‒ Stores mappings for sites ITR
currently sending packets to
‒ Populated by receiving Map-Replies for its Map-Requests
‒ ITRs must respect Map-Reply policy (TTLs, RLOC up/down status, RLOC priorities/weights
Mapping-Database (ETR) ‒ EID-to-RLOC mappings in all
ETRs for local LISP site
‒ ETR authoritative for site EIDs sends Map-Replies to ITRs
‒ ETRs can tailor policy based on Map-Request source
© 2010 Cisco and/or its affiliates. All rights reserved. 27
Control Plane “EID Registration” ‒ Map-Register message
Sent by ETR to MS to register its associated EID prefixes Specifies the RLOC(s) to be used by the MS when forwarding Map-Requests to the ETR
Control Plane “Data-triggered” mapping service ‒ Map-Request message
Sent by an ITR when it needs for EID/RLOC mapping, to test an RLOC for reachability, or to refresh a mapping before TTL expiration (Solicit Map-Request (SMR))
‒ Map-Reply message Sent by an ETR in response to a valid map-request to provide the EID/RLOC mapping and site ingress policy for the requested EID
‒ Map-Notify message Sent by Map-Server to ETR to acknowledge that its requested EID prefixes were registered successfully
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
Mapping System
MR MS
1
LISP Map-Register (udp 4342)
SHA-2 64.1.0.0/16
12.1.1.2, 12.1.1.6
12.1.1.6-> 66.2.2.2
Other sites… 2
Notes: ‒ The ETR registers the EIDs
that it is authoritative for
‒ The MS is configured for the site EIDs, and must have the same authentication key
66.2.2.2
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
Mapping System
MR MS
66.2.2.2
DNS entry: D.abc.com A 64.1.0.12
1
2 32.1.1.32 -> 64.1.0.12
How do I get to 64.1.0.12?
3 11.0.0.2-> 66.2.2.2 LISP ECM (udp 4342)
11.0.0.2 -> 64.1.0.12 Map-Request
(udp 4342) nonce
Notes: ‒ Encapsulated Control Message
(ECM) header is used between an xTR and the Mapping System
‒ The IP address in the Map-Request (64.1.0.12 in this case) is the host that the ITR is trying to reach.
‒ The Map-Reply includes the entire prefix (64.1.0.0/16 in this case) covering the requested host.
4 66.2.2.2 -> 12.1.1.6 LISP ECM (udp 4342)
11.0.0.2 -> 64.1.0.12 Map-Request
(udp 4342) nonce
5 12.1.1.6 -> 11.0.0.2 Map-Reply (udp 4342)
nonce 64.1.0.0/16
12.1.1.2 [1, 50] 12.1.1.6 [1, 50]
EID-prefix: 64.1.0.0/16 Locator-set: 12.1.1.2, priority: 1, weight: 50 12.1.1.6, priority: 1, weight: 50
Map-Cache Entry 6
© 2010 Cisco and/or its affiliates. All rights reserved. 30
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site 2
D
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
S 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
PI EID-prefix 64.1.0.0/16
Mapping System
MR MS
66.2.2.2
64.1.0.12 has moved away…
2 11.0.0.2-> 66.2.2.2 LISP ECM (udp 4342)
11.0.0.2 -> 64.1.0.12 Map-Request
(udp 4342) nonce
Notes: ‒ Solicit Map Request is sent in
order to inform ITR’s that their Map-Cache might be out of date
Map-Reply sent… 4
12.1.1.6 -> 11.0.0.2 Map-Reply (udp 4342)
nonce 64.1.0.12/32
12.1.1.2 [1, 50] 12.1.1.6 [1, 50]
1 12.1.1.6 -> 11.0.0.2
Map-Request (udp 4342)
Nonce 64.1.0.12/32
Solicit Map Reqst
3 66.2.2.2 -> 11.0.0.2 LISP ECM (udp 4342)
11.0.0.2 -> 64.1.0.12 Map-Request
(udp 4342) nonce
© 2010 Cisco and/or its affiliates. All rights reserved. 31
© 2010 Cisco and/or its affiliates. All rights reserved. 32
1. Efficient Multi-Homing 2. IPv6 Transition Support 3. Efficient Virtualization/VPN 4. Data Center/Host Mobility 5. LISP Mobile-Node These ‘core’ Use-Cases highlight
functionality that is integrated in LISP. All use-case :: multi-homing, v6
transition, virtualization, and mobility work together as well
© 2010 Cisco and/or its affiliates. All rights reserved. 33
Needs: Host-Mobility extending subnets and
across subnets Move detection, dynamic EID-to-RLOC
mappings, traffic redirection
LISP Solution: LISP for across subnets moves Host IP (/32) remains the same
Benefits: VM/OS agnostic, seamless, integrated,
global workload mobility (cloud bursting) Direct Path after move (no triangulation) No IP address changes across move Connections survive across moves No routing re-convergence or DNS updates ARP elimination
Example: VXNet is providing Disaster Recovery and Workload mobility solutions to NYC financial institutions
LISP Site
IP Network
West DC
Legacy Site Legacy Site Legacy Site
East DC
PxTR Mapping
DB
Data Center/Host Mobility
xTR
a.b.c.1
VM
a.b.c.1
VM
VM move
© 2010 Cisco and/or its affiliates. All rights reserved. 34
Moves With LAN Extension
West-DC East-DC
Non-LISP Site
IP Network Mapping DB
LISP-‐VM (XTR)
LAN Extension
LISP Site
XTR
Rou3ng for Extended Subnets Active-Active Data Centers Distributed Data Centers
Applica3on Members Distributed Broadcasts across sites
IP Mobility Across Subnets Disaster Recovery Cloud Bursting
Applica3on Members In One Loca3on
West-DC East-DC
Moves Without LAN Extension LISP Site
Internet or Shared WAN
XTR
DR Location or Cloud
Provider DC
LISP-‐VM (XTR)
Mapping DB
© 2010 Cisco and/or its affiliates. All rights reserved. 35
1. Detect the host move a) For any host, without agents on the host or protocols b) Without dependence on any hypervisor
2. Register the new host location with the Mapping System
3. Notify other xTRs/PITRs of the move a) Update routing tables at old sites b) Update LISP Map-Caches
© 2010 Cisco and/or its affiliates. All rights reserved. 36
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.2.0.0/24
ip lisp itr-etr ip lisp database-mapping 64.1.0.0/16 12.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.1.0.0/16 12.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ASM database-mapping 64.1.0.0/24 12.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 12.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.2/24 lisp mobility WEBINAR_MOB_ASM ip proxy-arp hsrp 101 mac-address 0000.0e1d.010c ip 64.1.0.1
ip lisp itr-etr ip lisp database-mapping 64.1.0.0/16 12.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.1.0.0/16 12.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ASM database-mapping 64.1.0.0/24 12.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 12.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.3/24 lisp mobility WEBINAR_MOB_ASM ip proxy-arp hsrp 101 mac-address 0000.0e1d.010c ip 64.1.0.1
The 64.1.0.0/24 from the entire /16 is configured as able to “roam” in this case
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.2.0.0/24
ip lisp itr-etr ip lisp database-mapping 64.2.0.0/16 13.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.2.0.0/16 13.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ASM database-mapping 64.1.0.0/24 13.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 13.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.2 interface vlan 100 ip address 64.2.0.2/24 lisp mobility WEBINAR_MOB_ASM ip proxy-arp hsrp 102 mac-address 0000.0e1d.010c ip 64.2.0.1
ip lisp itr-etr ip lisp database-mapping 64.2.0.0/16 13.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.2.0.0/16 13.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ASM database-mapping 64.1.0.0/24 13.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 13.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.2 interface vlan 100 ip address 64.2.0.3/24 lisp mobility WEBINAR_MOB_ASM ip proxy-arp hsrp 102 mac-address 0000.0e1d.010c ip 64.2.0.1
The 64.1.0.0/24 from the entire /16 is configured as able to “roam” in this case
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.2.0.0/24
ip lisp itr-etr ip lisp database-mapping 64.2.0.0/16 13.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.2.0.0/16 13.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ASM database-mapping 64.1.0.0/24 13.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 13.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.2 interface vlan 100 ip address 64.2.0.3/24 lisp mobility WEBINAR_MOB_ASM ip proxy-arp hsrp 102 mac-address 0000.0e1d.010c ip 64.2.0.1
ip lisp itr-etr ip lisp database-mapping 64.1.0.0/16 12.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.1.0.0/16 12.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ASM database-mapping 64.1.0.0/24 12.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 12.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.2/24 lisp mobility WEBINAR_MOB_ASM ip proxy-arp hsrp 101 mac-address 0000.0e1d.010c ip 64.1.0.1
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.2.0.0/24
router lisp site Site1 authentication-key some-key-1 eid-prefix 32.1.1.0/24 site DC-1 authentication-key some-key-DC eid-prefix 64.1.0.0/16 accept-more-specifics eid-prefix 64.2.0.0/16 !
router lisp database-mapping 32.1.1.0/24 10.0.0.2 priority 1 weight 50 database-mapping 32.1.1.0/24 11.0.0.2 priority 1 weight 50
ipv4 itr ipv4 etr ipv4 itr map-resolver 66.2.2.2 ipv4 etr map-server 66.2.2.2 key some-key-1
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.2.0.0/24
64.1.0.12/32 64.1.0.12/32
1
3
Routing Table: 64.2.0.0/24 – Local 64.1.0.12/32 – Local
Map-Notify 64.1.0.12/32 13.1.1.2/13.1.1.6
4
Map-Register 64.1.0.12/32 13.1.1.2/13.1.1.6
5
Routing Table: 64.2.0.0/24 – Local 64.1.0.12/32 – Local
2
64.1.0.0/16 – 12.1.1.2/12.1.1.6 64.2.0.0/16 – 13.1.1.2/13.1.1.6 64.1.0.12/32 – 13.1.1.2/13.1.1.6
6
Map-Notify 64.1.0.12/32 13.1.1.2/13.1.1.6
7
Routing Table: 64.1.0.0/24 – Local 64.1.0.12/32 – Null0
8
9
Map-Notify 64.1.0.12/32 13.1.1.2/13.1.1.6
Routing Table: 64.1.0.0/24 – Local 64.1.0.12/32 – Null0
10
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.2.0.0/24
10.0.0.2
11.0.0.2
1. ITRs, PITRs with cached mappings continue to send traffic to the old locators until updated
Old DC xTR site knows the host has moved (/32 Null0 route)
2. Old DC xTR sends Solicit Map Request (SMR) messages to any encapsulators sending traffic to “it” for the moved host
1
2
3. SMR causes ITR to initiate a new map-request/map-reply process
3 map-request
4. Map-Reply updates map-cache with new location
64.1.0.0/16 – 12.1.1.2/12.1.1.6 64.2.0.0/16 – 13.1.1.2/13.1.1.6 64.1.0.12/32 – 13.1.1.2/13.1.1.6 4
5. Traffic now flows to the HOST at its NEW location
5
© 2010 Cisco and/or its affiliates. All rights reserved. 43
© 2010 Cisco and/or its affiliates. All rights reserved. 44
Not necessarily for moving workloads: Can be solved with IP mobility solutions: LISP Host Mobility
Application High Availability Distributed Clusters e.g. Node Discovery & Heartbeats in Clustered Applications
Hypervisor Hypervisor IP Network
Moving Workloads
Hypervisor Control Traffic (routable)
IP Network
OS OS OS Distributed App (GeoCluster)
LAN Extension (OTV)
Non-IP application traffic
(heartbeats)
© 2010 Cisco and/or its affiliates. All rights reserved. 45
A subnet usually implies location
Yet we use LAN extensions to stretch subnets across locations
Location semantics of subnets are lost
Traditional routing relies on the location semantics of the subnet
Can’t tell if a server is at the East or West location of the subnet
More granular (host level) information is required
LISP provides host level location semantics West-DC East-DC
IP Network
LAN Extension
LISP site
XTR
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.1.0.0/24
LAN Extension (OTV)
ip lisp itr-etr ip lisp database-mapping 64.1.0.0/16 12.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.1.0.0/16 12.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ESM database-mapping 64.1.0.0/24 12.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 12.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.3/24 lisp mobility WEBINAR_MOB_ESM lisp extended-subnet-mode hsrp 101 ip 64.1.0.1
ip lisp itr-etr ip lisp database-mapping 64.1.0.0/16 12.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.1.0.0/16 12.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ESM database-mapping 64.1.0.0/24 12.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 12.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.2/24 lisp mobility WEBINAR_MOB_ESM lisp extended-subnet-mode hsrp 101 ip 64.1.0.1
The 64.1.0.0/24 from the entire /16 is configured as able to “roam” in this case
The 64.1.0.0/24 from the entire /16 is on the interface as well. This will be “extended” to the other DC
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.1.0.0/24
LAN Extension (OTV)
3.7
ip lisp itr-etr ip lisp database-mapping 64.2.0.0/16 13.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.2.0.0/16 13.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ESM database-mapping 64.1.0.0/24 13.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 13.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.4/24 lisp mobility WEBINAR_MOB_ESM lisp extended-subnet-mode hsrp 101 ip 64.1.0.1
ip lisp itr-etr ip lisp database-mapping 64.2.0.0/16 13.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.2.0.0/16 13.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ESM database-mapping 64.1.0.0/24 13.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 13.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.5/24 lisp mobility WEBINAR_MOB_ESM lisp extended-subnet-mode hsrp 101 ip 64.1.0.1
Notice that a 64.1.0.0/24 is “extended” from the other DC in this case.
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.1.0.0/24
LAN Extension (OTV)
ip lisp itr-etr ip lisp database-mapping 64.2.0.0/16 13.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.2.0.0/16 13.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ESM database-mapping 64.1.0.0/24 13.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 13.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.5/24 lisp mobility WEBINAR_MOB_ESM lisp extended-subnet-mode hsrp 101 ip 64.1.0.1
ip lisp itr-etr ip lisp database-mapping 64.1.0.0/16 12.1.1.2 pri 1 wei 50 ip lisp database-mapping 64.1.0.0/16 12.1.1.6 pri 1 wei 50 ip lisp itr map-resolver 66.2.2.2 ip lisp etr map-server 66.2.2.2 key some-key-DC lisp dynamic-eid WEBINAR_MOB_ESM database-mapping 64.1.0.0/24 12.1.1.2 pri 1 wei 50 database-mapping 64.1.0.0/24 12.1.1.6 pri 1 wei 50 map-notify-group 239.1.1.1 interface vlan 100 ip address 64.1.0.2/24 lisp mobility WEBINAR_MOB_ESM lisp extended-subnet-mode hsrp 101 ip 64.1.0.1
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.1.0.0/24
LAN Extension (OTV)
router lisp database-mapping 32.1.1.0/24 10.0.0.2 priority 1 weight 50 database-mapping 32.1.1.0/24 11.0.0.2 priority 1 weight 50
ipv4 itr ipv4 etr ipv4 itr map-resolver 66.2.2.2 ipv4 etr map-server 66.2.2.2 key some-key-1
router lisp site Site1 authentication-key some-key-1 eid-prefix 32.1.1.0/24 site DC authentication-key some-key-DC eid-prefix 64.1.0.0/16 accept-more-specifics eid-prefix 64.2.0.0/16 !
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR 32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.1.0.0/24
LAN Extension (OTV)
64.1.0.12/32 64.1.0.12/32
LISP Site DC-1
Map-Notify 64.1.0.12/32 13.1.1.2/13.1.1.6
Map-Register 64.1.0.12/32 13.1.1.2/13.1.1.6
5
64.1.0.0/16 – 12.1.1.2/12.1.1.6 64.1.0.12/32 – 12.1.1.2/12.1.1.6 64.2.0.0/16 – 13.1.1.2/13.1.1.6
6
Routing Table: 64.1.0.0/24 – Local 64.1.0.12/32 – Local
4
Map-Notify 64.1.0.12/32 13.1.1.2/13.1.1.6
Note: • Null0 host routes indicate the
host is “away” • 64.1.0.0/24 is configured as
the dynamic-EID range
Routing Table: 64.1.0.0/24 – Local 64.1.0.12/32 – Null0
4 Routing Table: 64.1.0.0/24 – Local 64.1.0.12/32 – Null0
2
Routing Table: 64.1.0.0/24 – Local 64.1.0.12/32 – Local
4
1 3
64.1.0.12/32 – Null0
64.1.0.12/32 – 13.1.1.2/13.1.1.6
64.1.0.12/32 – Local 64.1.0.12/32 – Local
64.1.0.12/32 – Null0
IPv4 Internet Site 3
East-DC
64.2.0.0/16
West-DC
12.1.1.2/30 12.1.1.6/30
PI EID-prefix 32.1.1.0/24
LISP Site DC-1
LISP Site 1
xTR-1 ETR
ITR
xTR-2
ETR
ITR
64.1.0.12/32
32.1.1.32
10.0.0.2
11.0.0.2
xTR-2 ETR
ITR xTR-1
ETR
ITR
64.1.0.0/16
Mapping System
MR MS
64.1.0.12/32
13.1.1.6/30 13.1.1.2/30
LISP Site DC-2
xTR-4 ETR
ITR xTR-3 ETR
ITR
66.2.2.2
64.1.0.0/24 64.1.0.0/24
1. ITRs, PITRs with cached mappings continue to send traffic to the old locators until updated
Old DC xTR site knows the host has moved (/32 Null0 route)
2. Old DC xTR sends Solicit Map Request (SMR) messages to any encapsulators sending traffic to “it” for the moved host
3. SMR causes ITR to initiate a new map-request/map-reply process
3
4. Map-Reply updates map-cache with new location
64.1.0.0/16 – 12.1.1.2/12.1.1.6 64.1.0.12/32 – 12.1.1.2/12.1.1.6 64.2.0.0/16 – 13.1.1.2/13.1.1.6
4
5. Traffic now flows to the HOST at its NEW location
1
2
map-request
5
64.1.0.12/32 – 12.1.1.2/12.1.1.6 64.1.0.12/32 – 13.1.1.2/13.1.1.6
© 2010 Cisco and/or its affiliates. All rights reserved. 52
© 2010 Cisco and/or its affiliates. All rights reserved. 53
Customer-‐A MPLS-‐VPN
MPLS Core
PE5 PE6
Blue/DC 1 (Loca>on 1)
CE5 CE6
Blue/DC 2 (Loca>on 2)
CE7 CE8
ITR/ETR
Customer-‐A Site 4
PE4
Customer-‐A Site 3 PE3
MS/MR MS/MR
Customer-‐A Site 2
PE2
Customer-‐A Site 1 PE1
CE2
ITR/ETR
LAN Extension (OTV)
CE1
ITR/ETR
CE3
ITR/ETR
CE4
ITR/ETR
ITR/ETR 172.18.0.0/16 172.17.0.0/16
DYNAMIC EID 172.17.0.0/24
© 2010 Cisco and/or its affiliates. All rights reserved. 54
Customer-‐A MPLS-‐VPN
MPLS Core
PE5 PE6
Blue/DC 1 (Loca>on 1)
CE5 CE6
Blue/DC 2 (Loca>on 2)
CE7 CE8
ITR/ETR
Customer-‐A Site 4
PE4
Customer-‐A Site 3 PE3
MS/MR MS/MR
Customer-‐A Site 2
PE2
Customer-‐A Site 1 PE1
CE2
ITR/ETR
LAN Extension (OTV)
CE1
ITR/ETR
CE3
ITR/ETR
CE4
ITR/ETR
ITR/ETR
EID 172.16.1.0/24
RLOC GE0/0/0 10.1.1.2/30
RLOC GE0/0/0 10.1.5.1
RLOC GE0/0/0 10.1.6.1
router lisp eid-‐table default instance-‐id 0 database-‐mapping 172.16.1.0/24 10.1.1.2 pri 1 wei 100 exit ! ipv4 itr ipv4 etr ipv4 itr map-‐resolver 10.1.5.1 ipv4 etr map-‐server 10.1.5.1 key s3cr3t ipv4 itr map-‐resolver 10.1.6.1 ipv4 etr map-‐server 10.1.6.1 key s3cr3t !
IOS
172.18.0.0/16 172.17.0.0/16
DYNAMIC EID 172.17.0.0/24
IOS
router lisp ! site DCs authen>ca>on-‐key DCs3cr3t eid-‐prefix 172.17.0.0/16 accept-‐more-‐specifics eid-‐prefix 172.18.0.0/16 exit ! site Site-‐1 authen>ca>on-‐key s3cr3t eid-‐prefix 172.16.1.0/24 exit ! -‐-‐<more sites>-‐-‐-‐ ipv4 map-‐server ipv4 map-‐resolver exit !
© 2010 Cisco and/or its affiliates. All rights reserved. 55
Customer-‐A MPLS-‐VPN
MPLS Core
PE5 PE6
Blue/DC 1 (Loca>on 1)
CE5 CE6
Blue/DC 2 (Loca>on 2)
CE7 CE8
ITR/ETR
Customer-‐A Site 4
PE4
Customer-‐A Site 3 PE3
MS/MR MS/MR
Customer-‐A Site 2
PE2
Customer-‐A Site 1 PE1
CE2
ITR/ETR
LAN Extension (OTV)
CE1
ITR/ETR
CE3
ITR/ETR
CE4
ITR/ETR
ITR/ETR
RLOC-A 10.2.5.1
RLOC-B 10.2.5.5
RLOC-C 10.2.6.1
RLOC-D 10.2.6.5
ip lisp itr-‐etr ip lisp database-‐mapping 172.18.0.0/16 10.2.6.1 p 1 w 50 ip lisp database-‐mapping 172.18.0.0/16 10.2.6.5 p 1 w 50 ip lisp itr map-‐resolver 10.1.5.1 ip lisp itr map-‐resolver 10.1.6.1 ip lisp etr map-‐server 10.1.5.1 key DCs3cr3t ip lisp etr map-‐server 10.1.6.1 key DCs3cr3t lisp dynamic-‐eid CUST-‐A-‐ROAM database-‐mapping 172.17.0.0/24 10.2.6.1 p 1 w 50 database-‐mapping 172.17.0.0/24 10.2.6.5 p 1 w 50 map-‐no>fy-‐group 239.1.1.1
interface vlan 100 ip address 172.17.0.4/24 (or 172.17.0.5/24) lisp mobility CUST-‐A-‐ROAM lisp extended-‐subnet-‐mode hsrp 101 preempt delay reload 300 (one side only) priority 130 (or 120) ip 172.17.0.1
NX-‐OS
ip lisp itr-‐etr ip lisp database-‐mapping 172.17.0.0/16 10.2.5.1 p 1 w 50 ip lisp database-‐mapping 172.17.0.0/16 10.2.5.5 p 1 w 50 ip lisp itr map-‐resolver 10.1.5.1 ip lisp itr map-‐resolver 10.1.6.1 ip lisp etr map-‐server 10.1.5.1 key DCs3cr3t ip lisp etr map-‐server 10.1.6.1 key DCs3cr3t lisp dynamic-‐eid CUST-‐A-‐ROAM database-‐mapping 172.17.0.0/24 10.2.5.1 p 1 w 50 database-‐mapping 172.17.0.0/24 10.2.5.5 p 1 w 50 map-‐no>fy-‐group 239.1.1.1
interface vlan 100 ip address 172.17.0.2/24 (or 172.17.0.3/24) lisp mobility CUST-‐A-‐ROAM lisp extended-‐subnet-‐mode hsrp 101 preempt delay reload 300 (one side only) priority 130 (or 120) ip 172.17.0.1
NX-‐OS
172.18.0.0/16 172.17.0.0/16
DYNAMIC EID 172.17.0.0/24
© 2010 Cisco and/or its affiliates. All rights reserved. 56
Customer-‐A MPLS-‐VPN
MPLS Core
PE5 PE6
Blue/DC 1 (Loca>on 1)
CE5 CE6
Blue/DC 2 (Loca>on 2)
CE7 CE8
ITR/ETR
Customer-‐A Site 4
PE4
Customer-‐A Site 3 PE3
MS/MR MS/MR
Customer-‐A Site 2
PE2
Customer-‐A Site 1 PE1
CE2
ITR/ETR
LAN Extension (OTV)
CE1
ITR/ETR
CE3
ITR/ETR
CE4
ITR/ETR
ITR/ETR
RLOC-A 10.2.5.1
RLOC-B 10.2.5.5
RLOC-C 10.2.6.1
RLOC-D 10.2.6.5
EID 172.16.1.0/24
RLOC GE0/0/0 10.1.1.2/30
172.17.0.12/32
the server is here
EID-‐prefix: 172.17.0.12/32 Locator-‐set: 10.2.5.1, priority: 1, weight: 50 10.2.5.5, priority: 1, weight: 50
map-cache
172.18.0.0/16 172.17.0.0/16
DYNAMIC EID 172.17.0.0/24
© 2010 Cisco and/or its affiliates. All rights reserved. 57
Customer-‐A MPLS-‐VPN
MPLS Core
PE5 PE6
Blue/DC 1 (Loca>on 1)
CE5 CE6
Blue/DC 2 (Loca>on 2)
CE7 CE8
ITR/ETR
Customer-‐A Site 4
PE4
Customer-‐A Site 3 PE3
MS/MR MS/MR
Customer-‐A Site 2
PE2
Customer-‐A Site 1 PE1
CE2
ITR/ETR
LAN Extension (OTV)
CE1
ITR/ETR
CE3
ITR/ETR
CE4
ITR/ETR
ITR/ETR
RLOC-A 10.2.5.1
RLOC-B 10.2.5.5
RLOC-C 10.2.6.1
RLOC-D 10.2.6.5
EID 172.16.1.0/24
RLOC GE0/0/0 10.1.1.2/30
172.17.0.12/32
the server moves here
172.18.0.0/16 172.17.0.0/16
DYNAMIC EID 172.17.0.0/24
EID-‐prefix: 172.17.0.12/32 Locator-‐set: 10.2.5.1, priority: 1, weight: 50 10.2.5.5, priority: 1, weight: 50
map-cache
10.2.6.1, priority: 1, weight: 50 10.2.6.5, priority: 1, weight: 50
© 2010 Cisco and/or its affiliates. All rights reserved. 58
© 2010 Cisco and/or its affiliates. All rights reserved. 59
Cisco Releases NX-OS since December 2009… Nexus 7000, UCS C200 IOS since December 2009… ISR, ISRG2, 7200 IOS-XE since March 2010… ASR1K IOS-XR since March 2012… CRS-3 Coming soon… ASR9K, and others
Other Releases Furukawa Network Solutions Corp FreeBSD :: Open LISP Linux :: Aless, LISPmob, OpenWrt (coming soon…) Android :: Gingerbread (coming soon…) Other vendors… Check the site!
Cisco LISP Releases: http://lisp.cisco.com
Other LISP Releases: http://www.lisp4.net
© 2010 Cisco and/or its affiliates. All rights reserved. 60
LISP Information IETF LISP Working Group …………..… http://tools.ietf.org/wg/lisp/ LISP Beta Network Site ………………… http://www.lisp4.net or http://www.lisp6.net Cisco LISP Site ………………………… http://lisp.cisco.com (IPv4 and IPv6) Cisco LISP Marketing Site …………….. http://www.cisco.com/go/lisp/ LISP DDT Root ………………………..… http://www.ddt-root.org
LISP Host Mobility Information LISP Host Mobility Configuration Guide …. http://lisp.cisco.com/lisp_down.html
LISP Mailing Lists IETF LISP Working Group ………… [email protected] Cisco LISP Questions ……………… [email protected] LISPmob Questions ………………... [email protected]
© 2010 Cisco and/or its affiliates. All rights reserved. 61
© 2010 Cisco and/or its affiliates. All rights reserved. 62
1. Multihoming
2. IPv6 Transition
3. Virtualization/VPN
4. Mobility
LISP is an Architecture…
IPv4 Core
IPv4 Core
v4
IPv4 Network
xTR
xTR
© 2010 Cisco and/or its affiliates. All rights reserved. 63
1. Multihoming
2. IPv6 Transition
3. Virtualization/VPN
4. Mobility
LISP is an Architecture…
IPv4 Network
IPv6 Network
IPv4 Core
IPv6 Core xTR
xTR v6
v4
© 2010 Cisco and/or its affiliates. All rights reserved. 64
1. Multihoming
2. IPv6 Transition
3. Virtualization/VPN
4. Mobility
LISP is an Architecture…
IPv4 Network
IPv6 Network
IPv4 Core v6
v4
IPv6 Core xTR
xTR
© 2010 Cisco and/or its affiliates. All rights reserved. 65
1. Multihoming
2. IPv6 Transition
3. Virtualization/VPN
4. Mobility
LISP is an Architecture…
IPv4 Network
IPv6 Network
IPv4 Core v6
v4
IPv6 Core xTR
xTR
© 2010 Cisco and/or its affiliates. All rights reserved. 66
Deployment simplicity ‒ No host changes ‒ Minimal CPE changes
‒ Some new core infrastructure components
LISP use-cases are complimentary ‒ Simplified multi-homing with Ingress traffic
Engineering; no need for BGP
‒ Address Family agnostic support
‒ Virtualization support ‒ End-host mobility without renumbering
An Open Standard ‒ No Cisco Intellectual Property Rights
Enables IP Number Portability ‒ With session survivability ‒ Never change host IP addresses; No renumbering costs
‒ No DNS “name == EID” binding change
Uses pull vs. push routing ‒ OSPF and BGP are push models;
routing stored in the forwarding plan
‒ LISP is a pull model; Analogous to DNS; massively scalable
Can be used over any IP network ‒ Address Family agnostic
‒ Incrementally deployable
‒ End systems can be unaware of LISP
© 2010 Cisco and/or its affiliates. All rights reserved. 67
• Thank you! • Please complete the post-event survey.
• Join us November 7th for our next webinar: Media Services Proxy (MSP) for Enhanced Media Awareness and building Plug-And-Play Media Networks To register, go to www.cisco.com/go/iosadvantage