Your SlideShare is downloading. ×
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All right...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2InternetDevice IPv4 or IPv6 addressrepresents...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3A LISP Packet WalkHow Does LISP Operate?Non-L...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4LISP Roles• Tunnel Routers - xTRs• Edge devic...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5LISP Mapping DatabaseThe basics – Registratio...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6• The new xTR checks the source of received t...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7• When a host move is detected, updates are t...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8Routing for extended subnetsActive-Active Dat...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9• Layer 2 extensions represent a challenge fo...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10© 2010 Cisco and/or its affiliates. All righ...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11Bullet Slide• Bullet copy• Bullet copy• Bull...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12• Bullet copy• Bullet copy• Bullet copy• Bul...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13© 2010 Cisco and/or its affiliates. All righ...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14• Twitter: @ciscoDC• Facebook.com/CiscoDC• V...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15© 2010 Cisco and/or its affiliates. All righ...
Upcoming SlideShare
Loading in...5
×

Disaster management using lisp

289

Published on

Cisco Theater presentation from Emc World 2013

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
289
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Speaker notes:.Developer notes:.
  • Speaker notes:.Developer notes:.
  • Speaker notes:.Developer notes:.
  • FHRP IsolationThe last capability introduced by OTV is to filter FHRP (HSRP, VRRP, etc.) messages across the logical overlay. This is usually required to allow for the existence of the same default gateway in different locations and optimize the outbound traffic flows (server to client direction). This slide shows the deployment of independent default gateways in each data center site, to optimize and localize routing of outbound traffic flows.The filtering of FHRP messages across the overlay is a critical functionality to be enabled, because it allows applying the same FHRP configuration in different sites: the end result is that the same default gateway is available (i.e. characterized by the same virtual IP and virtual MAC addresses) in each data center. The main advantage is that if a host is moved between sites (for example as a consequence of vMotion), the outbound communication from the device can be established right away without requiring a refresh of the host ARP table information. Note that this mechanism control and improve the return traffic from the server to outside the world. The ingress traffic keeps going via the original DC.This assumes there is no statefull device concerned by the session.Note: OTV will provide a single command to enable the HSRP filtering functionality discussed above. However, this is not available in the first OTV software release; an alternative configuration (leveraging MAC access-control lists) can be implemented in the interim to achieve the same result
  • Transcript of "Disaster management using lisp"

    1. 1. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1Disaster Management Using LISPBrian FarnhamCo-Sponsoredby Intel®
    2. 2. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2InternetDevice IPv4 or IPv6 addressrepresents identity andlocationToday’s Internet BehaviorLoc/ID “overloaded” semanticx.y.z.1 When the device moves, it gets a new IPv4or IPv6 address for its new identity andlocationw.z.y.9Device IPv4 or IPv6address representsidentity only.When the device moves, keeps its IPv4 orIPv6 address.It has the same identityLISP BehaviorLoc/ID “split”Interneta.b.c.1e.f.g.7Only the location changesx.y.z.1x.y.z.1Its location is here!Location Identity Separation ProtocolWhat do we mean by “location” and “identity”?
    3. 3. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3A LISP Packet WalkHow Does LISP Operate?Non-LISP siteEast-DCLISP siteIP NetworkETREID-to-RLOCmapping172.16.1.1 172.16.2.11.1.1.13.3.3.3172.16.10.12.2.2.210.2.0.0/24172.16.3.1 172.16.4.110.1.0.0/24West-DCPiTR4.4.4.410.3.0.0/24Non-LISP siteITRSDDNS entry:D.abc.com A 10.1.0.1110.3.0.1 -> 10.1.0.12EID-prefix: 10.1.0.0/24Locator-set:172.16.1.1, priority: 1, weight: 50 (D1)172.16.2.1, priority: 1, weight: 50 (D2)MappingEntry3This policy controlledby destination site10.3.0.1 -> 10.1.0.1172.16.10.1 -> 172.16.1.1410.3.0.1 -> 10.1.0.15
    4. 4. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4LISP Roles• Tunnel Routers - xTRs• Edge devices in charge ofencap/decap• Ingress/Egress Tunnel Routers(ITR/ETR)• EID to RLOC Mapping DB• Contains RLOC to EID mappings• Distributed across multiple MapServers (MS)• MS may connect over an ALTnetwork• Proxy Tunnel Routers - PxTR• Coexistence between LISP and non-LISP sites• Ingress/Egress: PiTR, PeTRAddress Spaces• EID = End-point Identifier• Host IP or prefix• RLOC = Routing Locator• IP address of routers in the backbonePrefix Next-hopw.x.y.1 e.f.g.hx.y.w.2 e.f.g.hz.q.r.5 e.f.g.hz.q.r.5 e.f.g.hMapping DBITRETRNon-LISPEID SpaceEID SpaceRLOC SpaceEID RLOCa.a.a.0/24 w.x.y.1b.b.b.0/24 x.y.w.2c.c.c.0/24 z.q.r.5d.d.0.0/16 z.q.r.5EID RLOCa.a.a.0/24 w.x.y.1b.b.b.0/24 x.y.w.2c.c.c.0/24 z.q.r.5d.d.0.0/16 z.q.r.5EID RLOCa.a.a.0/24 w.x.y.1b.b.b.0/24 x.y.w.2c.c.c.0/24 z.q.r.5d.d.0.0/16 z.q.r.5ALTPxTRLISP Roles and Address SpacesWhat are the Different Components Involved?
    5. 5. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5LISP Mapping DatabaseThe basics – Registration and ResolutionWest-DC East-DCX ZYY10.1.0.210.1.0.0 /16 10.2.0.0/16Map Server / Resolver:1.1.1.1A B C DLISP siteiTR10.1.0.0/16 -> (A, B)Database Mapping Entry (on ETR):10.2.0.0/16 -> (C, D)Database Mapping Entry (on ETR):eTReTR eTReTRMap-Reply10.1.0.0/16 -> (A, B)10.1.0.0/16-> (A, B)Mapping Cache Entry (on ITR):
    6. 6. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6• The new xTR checks the source of received traffic• Configured dynamic-EIDs define which prefixes may roamWest-DC East-DCLISP-VM (xTR)X ZYYMapping DB10.1.0.210.1.0.0 /16 10.2.0.0/161.1.1.1 2.2.2.2lisp dynamic-eid roamerdatabase-mapping 10.1.0.0/24 <RLOC-C> …database-mapping 10.1.0.0/24 <RLOC-D>map-server 1.1.1.1 key abcdinterface vlan 100lisp mobility roamerA B C DReceived a packet …… it’s from a “new” host… it’s in the dynamic-EID allowed range…It’s a move!Register the /32 with LISPLISP VM-Mobility – Move DetectionMonitor the Source of Received Traffic
    7. 7. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7• When a host move is detected, updates are triggered:The host-to-location mapping in the Database is updated to reflect the new locationThe old eTR is notified of the moveiTRs are notified to update their Map-caches• Ingress routers (iTRs or PiTRs) now send traffic to the new location• Transparent to the underlying routing and to the hostWest-DC East-DCLISP-VM (xTR)X ZYYMapping DB10.1.0.210.1.0.0 /16 10.2.0.0 /16A B C DLISP sitexTR10.1.0.0/16 – RLOC A, B10.1.0.2/32 – RLOC C, DLISP VM-Mobility – Traffic RedirectionUpdate location mappings for the host system wide
    8. 8. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8Routing for extended subnetsActive-Active Data CentersDistributed ClustersIP mobility across subnetsDisaster RecoveryCloud BurstingLive moves with LAN Extension Cold moves without LAN ExtensionWest-DC East-DCNon-LISPsiteIP NetworkMapping DBLISP-VM (xTR)LAN ExtensionLISP sitexTRWest-DC East-DCLISP siteInternet or SharedWANxTRMapping DBDR Location or CloudProvider DCLISP-VM (xTR)Application Members DistributedLive movesApplication Members in one locationCold movesLAN ExtensionVM-Mobility ScenariosWhich technologies, when?
    9. 9. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9• Layer 2 extensions represent a challenge for optimal routing• Challenging placement of gateway and advertisement of routing prefix/subnetWANPath OptimizationOptimal Routing Challenges9HSRPActiveHSRPStandbyHSRP FilterHSRPActiveHSRPStandbyEast-West /Server-ServerEgress:South-North /Server-ClientEgress:South-North /Server-ClientIngress:North-South /Client-ServerIngress:North-South /Client-Server
    10. 10. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialLocation ID/Separation Protocol(LISP)Next Generation Networking ArchitectureUse-cases DCI route optimization/mobility Workload Portability to Cloud Secure Multi-tenancy across organizations Rapid IPv6 Deployment Route scaling Single network architecture delivers: VM Mobility (topology independent addressing) Security: VPNs/Multi-tenancy Route Scalability (on demand routing) IPv6 enablement, Routing Policy simplificationBenefits Services integrated in a single architecture Services can be offered across organizational boundaries(multiple providers) Very large scale Open model to integrate with cloud orchestrators
    11. 11. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11Bullet Slide• Bullet copy• Bullet copy• Bullet copy
    12. 12. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12• Bullet copy• Bullet copy• Bullet copy• Bullet copy• Bullet copy• Bullet copy• Bullet copyHeavy Bullet Slide
    13. 13. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13Segue Slide
    14. 14. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14• Twitter: @ciscoDC• Facebook.com/CiscoDC• Video: http://www.youtubecisco.com/datacenter• Cisco blog: http://blogs.cisco.com/datacenter• Slideshare: http://slideshare.com/CiscoDataCenterIn Collaboration with Intel®Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
    15. 15. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15

    ×