Más contenido relacionado
Más de Swiss IPv6 Council (19)
LISP Update
- 1. LISP – Routing in the Cloud
LISP Update – 13 September 2012
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco PublicCisco Public 1
- 2. LISP - A Next Generation Routing Architecture
What is LISP?
How Does LISP Work?
How Customers are Using LISP
References
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
- 4. LISP Overview
Identity and Location :: an Overloaded Concept in Routing Today…
DFZ Routing
Table
Site 1
eBGP
64.1.0.0/17
AS
200
12.0/8
Enterprise 64.1.0.0/16
12.
0/8
64.1.0.0/17
Tier 1 SP
64.1.0.0/16
Site 2
AS
100
12.1.1.2/30
Location
64.1.0.0/16
13.1.1.2/30
IPv4
Internet
Identity
AS
300
13.0/8
13.
0/8
Site 3
64.1.0.0/16
eBGP
Commodity SP
64.1.128.0/17
64.1.128.0/17
Transit SP
64.1.0.0/16
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
- 5. LISP Overview
Identity and Location :: an Overloaded Concept in Routing Today…
• What if ID address and LISP
DFZ Routing
Locator address are in
different databases? Mapping Table
• This creates a “level of System
indirection” between ID and
Site 1
LOCATION in the network!
Enterprise AS
200
12.
0/8
Clear Separation at the Network Layer::
Tier 1 SP
• who/what you are looking for
Site 2
vs. …
AS
100
12.1.1.2/30
• how to best get there
Location
64.1.0.0/16
13.1.1.2/30
IPv4
Internet
Identity ID/Loc Split is common already. There are
AS
300
two basic approaches:
13.
0/8
• Translations (e.g. NAT)
Site 3
Commodity SP vs. …
• Tunnels (e.g. GRE, IPsec, MPLS)
Transit SP Both approaches are limited to local scope
What is needed is Locator/ID Separation
on a GLOBAL Scope.
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
- 6. LISP Overview
Identity and Location :: an Overloaded Concept in Routing Today…
• Let’s scale the ID address LISP
DFZ Routing
databases to 1010 and allow
it to hold any prefix length Mapping Table
(even /32’s and /128’s) System
a.a.a.a/27
x.x.x.x/25
• Let’s provide a mechanism to
Site 1
provide on-the-fly resolution
of ID and locator (like DNS)
AS
200
• High Enterprise and ability
scale design,
12.
0/8
to change locator for fixed
ID enables Mobility! Tier 1 SP
Site 2
AS
100
12.1.1.2/30
Location
64.1.0.0/16
13.1.1.2/30
IPv4
Internet
Identity
AS
300
13.
0/8
Site 3
Commodity SP
Transit SP
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
- 7. LISP Overview
LISP – A Routing Architecture, Not a Feature…
LISP
changes
the
rou3ng
architecture
to
implement
a
level
of
indirec;on
between
a
hosts
IDENTITY
and
its
LOCATION
in
the
network
LISP
radical
changes
the
current
ROUTING
Architecture
• Radical
changes
lead
to
DISRUPTION
opportuni3es
• LISP
allows
both
SPs
and
Enterprises
to
do
remarkably
different
things
than
tradi3onal
approaches
allow
• LISP
enables
NEW
services
(VPNs,
IPv6,
Mobility,
“cloud”)
in
one,
common,
simple
architecture
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
- 9. LISP Operations
LISP :: Main Attributes of LISP…
LISP Loc/ID Split namespaces EID
a.a.a.0/24
RLOC
w.x.y.1
b.b.b.0/24 x.y.w.2
‒ EID
(Endpoint
Iden;fier)
is
the
IP
address
of
a
c.c.c.0/24 z.q.r.5
MS/MR
d.d.0.0/16 z.q.r.5
EID
Space
host
–
just
as
it
is
today
EID
RLOC
a.a.a.0/24 w.x.y.1
‒ RLOC
(Rou;ng
Locator)
is
the
IP
address
of
b.b.b.0/24 x.y.w.2
c.c.c.0/24 z.q.r.5
xTR
d.d.0.0/16 z.q.r.5
Non-‐LISP
the
LISP
router
for
the
host
Prefix
Next-‐hop
EID-‐to-‐RLOC
‒ EID-‐to-‐RLOC
mapping
is
the
distributed
w.x.y.1
x.y.w.2
z.q.r.5
e.f.g.h
e.f.g.h
e.f.g.h
mapping
architecture
that
maps
EIDs
to
RLOCs
z.q.r.5
e.f.g.h
PxTR
RLOC
Space
Network-‐based
solu3on
Address
Family
agnos3c
xTR
EID
Space
xTR
No
host
changes
Incrementally
deployable
Minimal
configura3on
(support
LISP
and
non-‐LISP)
No
DNS
changes
Support
for
mobility
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
- 10. LISP Operations
LISP :: Mapping Resolution “Level of Indirection” DNS analog…
LISP “Level of Indirection” is analogous to a DNS lookup
‒ DNS resolves IP addresses for URL Answering the “WHO IS” question
[ who is lisp.cisco.com ] ?
DNS
DNS
host Server Name-to-IP
URL Resolution
[153.16.5.29,
2610:D0:110C:1::3
]
‒ LISP resolves locators for queried identities Answering the “WHERE IS” question
[ where is 2610:D0:110C:1::3
] ?
LISP LISP
LISP Identity-to-locator
Mapping
router Mapping Resolution
System
[ locator is 128.107.81.169 ]
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
- 11. LISP Operations
LISP Data Plane :: Ingress/Egress Tunnel Router (xTR)…
ITR
–
Ingress
Tunnel
Router
‒ Receives
packets
from
site-‐facing
interfaces
‒ Encap
to
remote
LISP
sites,
or
na3ve-‐fwd
to
non-‐LISP
sites
ETR Provider
A
10.0.0.0/8
Provider
C
12.0.0.0/8
ETR ETR
–
Egress
Tunnel
Router
ITR ITR
PI
EID-‐prefix
xTR-1 xTR-3
PI
EID-‐prefix
‒ Receives
packets
from
core-‐facing
2001:db8:1::/48
2001:db8:2::/48
packet
flow
packet
flow
interfaces
ETR ETR
Provider
B
Provider
D
ITR 11.0.0.0/8
13.0.0.0/8
ITR ‒ De-‐cap
and
deliver
packets
to
local
S
xTR-2 xTR-4
D
EIDs
at
site
LISP Site 1 LISP Site 2
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
- 12. LISP Operations
LISP Data Plane :: Unicast Packet Flow…
Notes:
Map-‐Cache
Entry
EID-‐prefix:
2001:db8:2::/48
‒ The destination site controls its
Locator-‐set:
ingress policy (active/active in
12.0.0.2,
priority:
1,
weight:
50
(D1)
This policy controlled this case)
13.0.0.2,
priority:
1,
weight:
50
(D2)
by the destination site
‒ 5-tuple hash per-flow selects
3
7
2001:db8:1::1
-‐>
2001:db8:2::1
RLOC for encapsulation
ETR Provider
A
Provider
C
ETR
ITR 10.0.0.0/8
12.0.0.0/8
ITR
10.0.0.2
12.0.0.2
xTR-1 11.0.0.2
-‐>
12.0.0.2
xTR-3
PI
EID-‐prefix
5
PI
EID-‐prefix
2001:db8:1::/48
2001:db8:1::1
packet
flow
2001:db8:2::/48
packet
flow
-‐>
2001:db8:2::1
6
ETR 11.0.0.2
13.0.0.2
ETR
Provider
B
Provider
D
ITR 11.0.0.0/8
13.0.0.0/8
ITR
S
xTR-2
2001:db8:1::1
-‐>
2001:db8:2::1
xTR-4
D
LISP Site 1 LISP Site 2
2
11.0.0.2
-‐>
12.0.0.2
2001:db8:1::1
-‐>
2001:db8:2::1
1
DNS entry: 4
D.abc.com AAAA 2001:db8:2::1
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
- 13. LISP Operations
LISP Control Plane :: Introduction…
LISP Control Plane Provides On-Demand Mappings
‒ Control
Plane
is
separate
from
data
plane
‒ Map-‐Resolver
and
Map-‐Server
(similar
to
DNS
Resolver
and
DNS
Server)
‒ LISP
Control
Plane
Messages
for
EID-‐to-‐RLOC
resolu3on
‒ Distributed databases and map-caches hold mappings
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
- 14. LISP Operations
LISP Control Plane :: Map-Server/Map-Resolver (MS/MR)…
NOTE:
An MR/MS need not be deployed as a
MS
–
Map-‐Server
router. Cisco is exploring implementing
the LISP control plane on a VM. Mapping System
‒ LISP
site
ETRs
register
their
EID
MR MS prefixes
here;
requires
configured
“lisp
site”
policy,
authen3ca3on
key
‒ Receives
Map-‐Requests
via
Mapping
System,
forwards
them
to
ETR
ITR
Provider
A
10.0.0.0/8
Provider
C
12.0.0.0/8
ETR
ITR
registered
ETRs
xTR-1 xTR-3
PI
EID-‐prefix
PI
EID-‐prefix
2001:db8:1::/48
packet
flow
packet
flow
2001:db8:2::/48
MR
–
Map-‐Resolver
ETR ETR
ITR
Provider
B
11.0.0.0/8
Provider
D
13.0.0.0/8
ITR ‒ Receives
Map-‐Request
from
ITR
S
xTR-2 xTR-4
LISP Site 1 LISP Site 2 D
‒ Forwards
Map-‐Request
to
Mapping
System
‒ Sends
Nega3ve
Map-‐Replies
in
response
to
Map-‐Requests
for
non-‐LISP
sites
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
- 15. LISP Operations
LISP Control Plane :: Mapping Database (ETR), Map-Cache (ITR)…
LISP
Site
Mapping-‐Database
(ETR)
Mapping System
‒ EID-‐to-‐RLOC
mappings
in
all
ETRs
MR MS for
local
LISP
site
‒ ETR
is
“authorita3ve”
for
its
EIDs,
sends
Map-‐Replies
to
ITRs
ETR Provider
A
Provider
C
ETR
‒ ETRs
can
tailor
policy
based
on
ITR 10.0.0.0/8
12.0.0.0/8
ITR Map-‐Request
source
xTR-1 xTR-3
PI
EID-‐prefix
PI
EID-‐prefix
2001:db8:1::/48
packet
flow
packet
flow
2001:db8:2::/48
LISP
Map
Cache
(ITR)
‒ Only
stores
mappings
for
sites
ITR
ETR ETR
Provider
B
Provider
D
ITR 11.0.0.0/8
13.0.0.0/8
ITR
S
xTR-2 xTR-4 currently
sending
packets
to
LISP Site 1 LISP Site 2 D
‒ Populated
by
sending
receiving
Map-‐Replies
from
ETRs
‒ ITRs
must
respect
Map-‐Reply
policy
(TTLs,
RLOC
up/down
status,
RLOC
priori3es/weights
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
- 16. LISP Operations
LISP Control Plane :: Control Plane Messages…
Control Plane EID
Registra3on
‒ Map-‐Register
message
Sent
by
ETR
to
MS
to
register
its
associated
EID
prefixes
Specifies
the
RLOC(s)
to
be
used
by
the
MS
when
forwarding
Map-‐Requests
to
the
ETR
Control
Plane
“Data-‐triggered”
mapping
service
‒ Map-‐Request
message
Sent
by
an
ITR
when
it
needs
for
EID/RLOC
mapping,
to
test
an
RLOC
for
reachability,
or
to
refresh
a
mapping
before
TTL
expira3on
‒ Map-‐Reply
message
Sent
by
an
ETR
in
response
to
a
valid
map-‐request
to
provide
the
EID/RLOC
mapping
and
site
ingress
policy
for
the
requested
EID
‒ Map-‐No;fy
message
Sent
by
Map-‐Server
to
ETR
to
acknowledge
that
its
requested
EID
prefixes
were
registered
successfully
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
- 17. LISP Operations
LISP Control Plane :: Map Registration Example…
router lisp 2
Other
2001:db8::/32
sites…
site Site2
description Site 2
Notes:
authentication-key S3cr3t
12.0.0.2-‐>
66.2.2.2
1
eid-prefix 2001:db8:2::/48 System
Mapping
LISP
Map-‐Register
‒ The ETR registers for EIDs
MR MS
(udp
4342)
SHA-‐2
that it is authoritative for
2001:db8:2::/48
12.0.0.2,
13.0.0.2
‒ The MS is configured for the
66.2.2.2
site EIDs, and must have the
same authentication key
ETR Provider
A
Provider
C
ETR
ITR 10.0.0.0/8
12.0.0.0/8
ITR
10.0.0.2
12.0.0.2
xTR-1 xTR-3
PI
EID-‐prefix
PI
EID-‐prefix
2001:db8:1::/48
2001:db8:2::/48
ETR 11.0.0.2
13.0.0.2
ETR
Provider
B
Provider
D
ITR 11.0.0.0/8
13.0.0.0/8
ITR
S
xTR-2 xTR-4
D
LISP Site 1 LISP Site 2
router lisp
database-mapping 2001:db8:2::/48 12.0.0.2 priority 1 weight 50
database-mapping 2001:db8:2::/48 13.0.0.2 priority 1 weight 50
ipv4 itr
ipv4 etr
ipv4 itr map-resolver 66.2.2.2
ipv4 etr map-server 66.2.2.2 key S3cr3t
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
- 18. LISP Operations
LISP Control Plane :: Map-Request/Map-Reply Example…
3
11.0.0.2-‐>
66.2.2.2
Notes:
LISP
ECM
4
66.2.2.2-‐>
12.0.0.2
LISP
ECM
(udp
4342)
Mapping System
(udp
4342)
‒ The IP address in the Map-
11.0.0.2
-‐>
2001:db8:2::1
Map-‐Request
MR MS 11.0.0.2
-‐>
2001:db8:2::1
Request (2001:db8:2::1 in this
Map-‐Request
(udp
4342)
nonce
(udp
4342)
case) is the host that the ITR is
66.2.2.2 nonce
trying to reach.
How
do
I
get
to
2001:db8:2::1?
‒ The Map-Reply includes the
ETR
ITR
Provider
A
10.0.0.0/8
Provider
C
12.0.0.0/8
ETR
ITR
entire prefix (2001:db8:2::/48
10.0.0.2
12.0.0.2
PI
EID-‐prefix
xTR-1 xTR-3 in this case) covering the
PI
EID-‐prefix
2001:db8:1::/48
packet
flow
packet
flow
2001:db8:2::/48
requested host.
ETR 11.0.0.2
ETR
Provider
B
12.0.0.2
-‐13.0.0.2
Provider
D
>11.0.0.2
ITR 11.0.0.0/8
13.0.0.0/8
Map-‐Reply
ITR
S
xTR-2
2001:db8:1::1
-‐>
2001:db8:2::1
(udp
4342)
xTR-4
D
LISP Site 1 nonce
LISP Site 2
2
2001:db8:2::/48
12.0.0.2
[1,
50]
1
6
13.0.0.2
[1,
50]
5
DNS entry:
Map-‐Cache
Entry
D.abc.com AAAA 2001:db8:2::1
EID-‐prefix:
2001:db8:2::/48
Locator-‐set:
12.0.0.2,
priority:
1,
weight:
50
(D1)
13.0.0.2,
priority:
1,
weight:
50
(D2)
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
- 19. LISP Operations
LISP Control Plane :: Proxy Map-Reply Example…
2
11.0.0.2
-‐>
66.2.2.2
Notes:
LISP
ECM
12.0.0.2-‐>
66.2.2.2
(udp
4342)
Mapping System
LISP
Map-‐Register
1
‒ The ETR can register with the
11.0.0.2
-‐>
2001:db8:2::1
Map-‐Request
MR MS
(udp
4342)
SHA-‐2
“proxy bit” set.
(udp
4342)
Proxy
Bit
set
nonce
2001:db8:2::/48
‒ The Map-Server creates and
66.2.2.2
12.0.0.2,
13.0.0.2
sends the Map-Rely on behalf
of the ETR in this case.
ETR Provider
A
Provider
C
ETR
ITR
10.0.0.2
10.0.0.0/8
12.0.0.0/8
12.0.0.2
ITR ‒ This is useful for LISP-MN
PI
EID-‐prefix
xTR-1 xTR-3
PI
EID-‐prefix
cases to reduce control plane
2001:db8:1::/48
2001:db8:2::/48
packet
flow
packet
flow
messaging (and increase
ETR 11.0.0.2
Provider
B
Provider
D
-‐>
113.0.0.2
66.2.2.2
1.0.0.2
ETR
battery life).
ITR 11.0.0.0/8
13.0.0.0/8
Map-‐Reply
ITR
S
xTR-2 (udp
4342)
xTR-4
D
LISP Site 1 nonce
LISP Site 2
2001:db8:2::/48
12.0.0.2
[1,
50]
4
13.0.0.2
[1,
50]
3
Map-‐Cache
Entry
EID-‐prefix:
2001:db8:2::/48
Locator-‐set:
12.0.0.2,
priority:
1,
weight:
50
(D1)
13.0.0.2,
priority:
1,
weight:
50
(D2)
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
- 20. LISP Operations
LISP Control Plane :: Negative Map-Reply Example…
2
11.0.0.2-‐>
66.2.2.2
Notes:
LISP
ECM
(udp
4342)
Mapping System
‒ When an ITR queries for a
11.0.0.2
-‐>
2001:db7:1::1
Map-‐Request
MR MS destination that is not in the
(udp
4342)
nonce
Mapping System, the Map-
66.2.2.2 Resolver returns an NMR.
How
do
I
get
to
2001:db7:1::1?
ETR Provider
A
Provider
C
ETR
ITR 10.0.0.0/8
12.0.0.0/8
ITR
10.0.0.2
12.0.0.2
xTR-1 xTR-3
PI
EID-‐prefix
PI
EID-‐prefix
2001:db8:1::/48
2001:db8:2::/48
packet
flow
packet
flow
ETR 11.0.0.2
Provider
B
Provider
D
-‐>
113.0.0.2
66.2.2.2
1.0.0.2
ETR
ITR 11.0.0.0/8
13.0.0.0/8
Nega;ve-‐Map-‐Reply
ITR
S
xTR-2 (udp
4342)
xTR-4
D
LISP Site 1
2001:db8:1::1
-‐>
2001:db7:1::1
3
nonce
LISP Site 2
1
2001:8000::/21
NOTE:
4
The actual “covering prefix” returned in an NMR
Map-‐Cache
Entry
depends on the number and distribution of EID
EID-‐prefix:
2001:8000::/21
prefixes in the Mapping System. The NMR prefix
forward-‐na;ve
will cover the shortest prefix that doesn’t cover
any LISP Sites in the Mapping System
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
- 21. LISP Operations The LISP Beta Network operates this way today…
LISP Control Plane :: Mapping System Scaling…
DDT
–
Delegated
Distributed
Tree
‒ Hierarchy
for
Instance
IDs
and
for
MR MS EID
Prefixes
‒ DDT
Map-‐Resolvers
sends
(ECM)
Map-‐Requests
‒ DDT
Nodes
Return
Map-‐Referral
messages
xTRs
xTRs
PxTRs
xTRs ‒ DDT
Resolvers
resolve
the
Map-‐
xTRs
MS/MRs
MS/MRs
MS/MRs
xTRs Server’s
RLOC
itera3vely
xTRs xTRs
MS/MRs DHT
ALT
DHT
ALT
DDT
DHT
ALT MS/MRs ‒ Conceptually,
similar
to
DNS
(IN-‐
DDT DDT
PxTRs
MS/MRs
DHT
ALT
DDT
MS/MRs
xTRs ADDR
hierarchy)
but
different
prefix
xTRs
xTRs
MS/MRs PxTRs encoding,
messages,
etc.
xTRs xTRs
xTRs xTRs
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
- 22. LISP Operations
LISP Internetworking :: Day-One Incremental Deployment
Early
Recogni3on
‒ LISP
will
not
be
widely
deployed
day-‐one
‒ Up-‐front
recogni3on
of
an
incremental
deployment
plan
Interworking
for:
‒ LISP-‐sites
to
non-‐LISP
sites
(e.g.
the
rest
of
the
Internet)
‒ non-‐LISP
sites
to
LISP-‐sites
Proxy-‐ITR/Proxy-‐ETR
are
deployed
today
‒ Infrastructure
LISP
network
en3ty
‒ Creates
a
mone3zed
service
opportunity
for
infrastructure
players
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
- 23. LISP Operations
LISP Internetworking :: Day-One Incremental Deployment
PITR
–
Proxy
ITR
Mapping System
‒ Receives
traffic
from
non-‐LISP
sites;
MR MS encapsulates
traffic
to
LISP
sites
‒ Adver3ses
coarse-‐aggregate
EID
PITR
IPv6
PETR
prefixes
Internet
ETR Provider
A
Provider
C
ETR
‒ LISP
sites
see
ingress
TE
“day-‐one”
ITR 10.0.0.0/8
12.0.0.0/8
ITR
10.0.0.2
12.0.0.2
xTR-1 xTR-3
PI
EID-‐prefix
PI
EID-‐prefix
2001:db8:1::/48
2001:db8:2::/48
PETR
–
Proxy
ETR
ETR 11.0.0.2
13.0.0.2
ETR
ITR
Provider
B
11.0.0.0/8
Provider
D
13.0.0.0/8
ITR ‒ Allows
a
LISP
Site
in
one
AF
[IPv4
S
xTR-2 xTR-4
D
or
IPv6]
and
the
opposite
RLOC
LISP Site 1 LISP Site 2
[IPv6
or
IPv4]
to
reach
non-‐
that
AF
[IPv4
or
IPv6]
(AF-‐hop-‐over)
‒ Allows
LISP
sites
with
uRPF
restric3ons
to
reach
non-‐LISP
sites
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
- 24. LISP Operations
LISP Internetworking :: Day-One Incremental Deployment
Notes:
1
Non-‐LISP
Mapping System
-‐>
2001:db8:2::1
2001:d:1::1
v6
Site
‒ PITRs advertise coarse-
MR MS 2001:d:1::1
aggregates (2001:db8::/32 in
2001:db8::/32
2001:f:f::1
2001:f:e::1
6
this case) to attract non-LISP
2001:db8:2::1
-‐>
2001:d:1::1
IPv6
traffic and encapsulate it to
3
PITR
Internet
PETR
2001:d:1::1
-‐>
2001:db8:2::1
LISP sites.
ETR
ITR
Provider
A
10.0.0.0/8
Provider
C
12.0.0.0/8
ETR
ITR
‒ PETRs provide LISP to non-
10.0.0.2
12.0.0.2
PI
EID-‐prefix
xTR-1 10.9.1.1
-‐>
12.0.0.2
xTR-3 LISP AF hop-over (among
PI
EID-‐prefix
2001:db8:1::/48
2001:d:1::1
-‐>
2001:db8:2::1
2001:db8:2::/48
other services).
2
ETR 11.0.0.2
ETR
Provider
B
12.0.0.2
-‐>
12.9.2.1
13.0.0.2
Provider
D
ITR 11.0.0.0/8
13.0.0.0/8
2001:db8:2::1
-‐>
2001:d:1::1
ITR
S
xTR-2 5
xTR-4 2001:db8:2::1
-‐>
2001:d:1::1
D
LISP Site 1 LISP Site 2
4
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
- 26. LISP Use-Cases
Core LISP Use-Cases…
1. Efficient
Mul3-‐Homing
2. IPv6
Transi3on
Support
3. Efficient
Virtualiza3on/VPN
4. Data
Center/Host
Mobility
5. LISP
Mobile-‐Node
These
‘core’
Use-‐Cases
highlight
func3onality
that
is
integrated
in
LISP.
All
use-‐case
::
mul3-‐homing,
v6
transi3on,
virtualiza3on,
and
mobility
work
together
as
well
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
- 27. LISP Use-Cases :: Efficient Multihoming
Overview…
Efficient Multihoming
Needs:
‒ Site connectivity to multiple providers for SP
resiliency AS
200
‒ Low OpEx/CapEx solution for Ingress TE Internet
LISP
Site
LISP Solution: SP
‒ LISP provides a streamlined solution for AS
300
handling multi-provider connectivity and
policy without BGP complexities
No eBGP
Benefits:
‒ OpEx-friendly multi-homing across different
providers Example:
‒ Simple policy management ‒ NJEdge.NET is providing multihoming
services using LISP for 190 educational
‒ Ingress Traffic Engineering that actually institutions in New Jersey
“works”
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
- 28. LISP Use-Cases :: IPv6 Transition Support
Overview…
Address Family independence
Needs:
‒ Rapid IPv6 Deployment IPv6
Network
‒ Minimal Infrastructure disruption IPv6
Core
xTR
LISP Solution: v6
‒ LISP encapsulation is Address Family IPv4
Network
xTR
v4
agnostic, allowing for IPv6 over an IPv4
Core
IPv4 core, or IPv4 over an IPv6 core
Benefits:
‒ Accelerated IPv6 adoption Examples:
‒ Minimal added configurations
‒ No core network changes
‒ Can be transitional or permanent
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
- 29. LISP Use-Cases :: Virtualization Support
Overview…
Efficient Virtualization
IID
11
IID
22
Needs:
IID
33
IID
44
IPv4
IPv4
‒ Integrated Segmentation xTR
IP
Core
PE4
xTR
IID
11
IID
22
‒ Global scale and interoperability IPv4
PE1
BLUE
MPLS-‐VPN
‒ Minimal Infrastructure disruption xTR
PURPLE
MPLS-‐VPN
LISP Solution: IID
33
IID
44
PE3
IID
33
IID
44
IPv4
PE2
‒ 24-bit LISP Instance-ID segments control IPv4
xTR
xTR
plane and data plane IID
44
IID
44
IID
33
IID
33
Benefits: IID
22
IID
11
IID
11
IID
22
‒ Very high scale tenant segmentation with
Global Scalability Examples:
‒ Transport-independent IP-based “overlay” ‒ InTouch in production
‒ Virtualization of “ID” and “Locator” space ‒ AT&T is conducting PoC testing
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
- 30. LISP Use-Cases :: Data Center/Host Mobility
Overview… Data Center/Host Mobility
Needs: Legacy Site Legacy Site Legacy Site
‒ VM-Mobility extending subnets and
across subnets LISP Site
PxTR
‒ Move detection, dynamic EID-to-RLOC
xTR
mappings, traffic redirection Mapping
DB
LISP Solution: IP
Network
‒ LISP for across subnets moves
‒ Host IP (/32) remains the same VM move
Benefits: West VM East
‒ VM/OS agnostic, seamless, integrated, DC a.b.c.1
VM
DC a.b.c.1
global workload mobility (cloud bursting) Data Data
‒ Direct Path after move (no triangulation) Center 1 Center 2
‒ No IP address changes across move
‒ Connections survive across moves Example:
‒ No routing re-convergence or DNS updates ‒ VXnet is providing Disaster Recovery solutions
‒ ARP elimination for financial institutions
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
- 31. LISP Use-Cases :: LISP Mobile-Node
Overview…
Needs:
‒ Mobile devices roaming across any access media
without connection reset
‒ Mobile device keeps the same IP address forever Any 3G/4G Any WiFi
Network Network
LISP Solution:
Dynamic
Dynamic
‒ LISP “level of indirection” splits endpoints and locators RLOC
RLOC
‒ Scalable, host-level registration (1010)
Benefits: This is a
‒ MNs can roam and stay connected dino.cisco.com
LISP Site!
‒ MNs can be servers
Sta;c
EID:
2610:00d0:xxxx::1/128
‒ MNs roam without DNS changes
‒ MNs can use multiple interfaces
‒ Packet “near-stretch-1” minimizes latency
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
- 33. LISP Status
IETF LISP WG: http://tools.ietf.org/wg/lisp/
LISP Standardization Status…
Main drafts
Completed!
RFC #’s soon!
LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 33