LISP Update

3,514 views

Published on

Eine Präsentation über LISP, Routing Architektur und Protokoll-Set. Unter anderem geeignet für IPv6 Einführung. Präsentation stammt von Cisco.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,514
On SlideShare
0
From Embeds
0
Number of Embeds
2,266
Actions
Shares
0
Downloads
32
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

LISP Update

  1. 1. LISP – Routing in the Cloud LISP Update – 13 September 2012LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco PublicCisco Public 1
  2. 2. LISP - A Next Generation Routing Architecture  What is LISP?  How Does LISP Work?  How Customers are Using LISP  References LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
  3. 3. What is LISP?
  4. 4. LISP OverviewIdentity and Location :: an Overloaded Concept in Routing Today… DFZ Routing Table Site 1 eBGP   64.1.0.0/17   AS  200   12.0/8   Enterprise 64.1.0.0/16   12.  0/8   64.1.0.0/17   Tier 1 SP 64.1.0.0/16   Site 2 AS  100   12.1.1.2/30   Location64.1.0.0/16   13.1.1.2/30   IPv4  Internet  Identity AS  300   13.0/8   13.  0/8   Site 3 64.1.0.0/16   eBGP   Commodity SP 64.1.128.0/17   64.1.128.0/17   Transit SP 64.1.0.0/16   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
  5. 5. LISP Overview Identity and Location :: an Overloaded Concept in Routing Today…•  What if ID address and LISP DFZ Routing Locator address are in different databases? Mapping Table•  This creates a “level of System indirection” between ID and Site 1 LOCATION in the network! Enterprise AS  200   12.  0/8   Clear Separation at the Network Layer:: Tier 1 SP •  who/what you are looking for Site 2 vs. … AS  100   12.1.1.2/30   •  how to best get there Location 64.1.0.0/16   13.1.1.2/30   IPv4  Internet   Identity ID/Loc Split is common already. There are AS  300   two basic approaches: 13.  0/8   •  Translations (e.g. NAT) Site 3 Commodity SP vs. … •  Tunnels (e.g. GRE, IPsec, MPLS) Transit SP Both approaches are limited to local scope What is needed is Locator/ID Separation on a GLOBAL Scope. LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
  6. 6. LISP Overview Identity and Location :: an Overloaded Concept in Routing Today…•  Let’s scale the ID address LISP DFZ Routing databases to 1010 and allow it to hold any prefix length Mapping Table (even /32’s and /128’s) System a.a.a.a/27   x.x.x.x/25  •  Let’s provide a mechanism to Site 1 provide on-the-fly resolution of ID and locator (like DNS) AS  200  •  High Enterprise and ability scale design, 12.  0/8   to change locator for fixed ID enables Mobility! Tier 1 SP Site 2 AS  100   12.1.1.2/30   Location 64.1.0.0/16   13.1.1.2/30   IPv4  Internet   Identity AS  300   13.  0/8   Site 3 Commodity SP Transit SP LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
  7. 7. LISP OverviewLISP – A Routing Architecture, Not a Feature…LISP  changes  the  rou3ng  architecture  to  implement  a  level  of  indirec;on  between  a  hosts  IDENTITY  and  its  LOCATION  in  the  network     LISP  radical  changes  the  current  ROUTING  Architecture   •  Radical  changes  lead  to  DISRUPTION  opportuni3es   •  LISP  allows  both  SPs  and  Enterprises  to  do  remarkably  different   things  than  tradi3onal  approaches  allow   •  LISP  enables  NEW  services  (VPNs,  IPv6,  Mobility,  “cloud”)  in  one,   common,  simple  architecture     LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
  8. 8. How Does LISP Work?
  9. 9. LISP Operations LISP :: Main Attributes of LISP…  LISP Loc/ID Split namespaces EID a.a.a.0/24  RLOC   w.x.y.1 b.b.b.0/24 x.y.w.2 ‒  EID  (Endpoint  Iden;fier)  is  the  IP  address  of  a   c.c.c.0/24 z.q.r.5 MS/MR   d.d.0.0/16 z.q.r.5 EID  Space   host  –  just  as  it  is  today   EID  RLOC   a.a.a.0/24 w.x.y.1 ‒  RLOC  (Rou;ng  Locator)  is  the  IP  address  of   b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 xTR   d.d.0.0/16 z.q.r.5 Non-­‐LISP   the  LISP  router  for  the  host   Prefix        Next-­‐hop   EID-­‐to-­‐RLOC   ‒  EID-­‐to-­‐RLOC  mapping  is  the  distributed   w.x.y.1 x.y.w.2 z.q.r.5  e.f.g.h    e.f.g.h    e.f.g.h   mapping   architecture  that  maps  EIDs  to  RLOCs   z.q.r.5  e.f.g.h   PxTR   RLOC  Space    Network-­‐based  solu3on     Address  Family  agnos3c   xTR   EID  Space   xTR    No  host  changes     Incrementally  deployable    Minimal  configura3on   (support  LISP  and  non-­‐LISP)    No  DNS  changes     Support  for  mobility   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
  10. 10. LISP OperationsLISP :: Mapping Resolution “Level of Indirection” DNS analog…  LISP “Level of Indirection” is analogous to a DNS lookup ‒  DNS resolves IP addresses for URL Answering the “WHO IS” question   [ who is lisp.cisco.com ] ? DNS DNS host Server Name-to-IP URL Resolution [153.16.5.29,  2610:D0:110C:1::3  ] ‒  LISP resolves locators for queried identities Answering the “WHERE IS” question   [ where is 2610:D0:110C:1::3  ] ? LISP LISP LISP Identity-to-locator Mapping router Mapping Resolution System [ locator is 128.107.81.169 ] LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
  11. 11. LISP OperationsLISP Data Plane :: Ingress/Egress Tunnel Router (xTR)… ITR  –  Ingress  Tunnel  Router   ‒  Receives  packets  from  site-­‐facing   interfaces   ‒  Encap  to  remote  LISP  sites,  or   na3ve-­‐fwd  to  non-­‐LISP  sites   ETR Provider  A   10.0.0.0/8   Provider  C   12.0.0.0/8   ETR ETR  –  Egress  Tunnel  Router   ITR ITR PI  EID-­‐prefix     xTR-1 xTR-3 PI  EID-­‐prefix     ‒  Receives  packets  from  core-­‐facing   2001:db8:1::/48   2001:db8:2::/48   packet  flow   packet  flow   interfaces   ETR ETR Provider  B   Provider  D   ITR 11.0.0.0/8   13.0.0.0/8   ITR ‒  De-­‐cap  and  deliver  packets  to  local  S   xTR-2 xTR-4 D   EIDs  at  site   LISP Site 1 LISP Site 2 LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
  12. 12. LISP Operations LISP Data Plane :: Unicast Packet Flow… Notes: Map-­‐Cache  Entry   EID-­‐prefix:    2001:db8:2::/48   ‒  The destination site controls its Locator-­‐set:     ingress policy (active/active in    12.0.0.2,  priority:  1,  weight:  50  (D1)   This policy controlled this case)    13.0.0.2,  priority:  1,  weight:  50  (D2)   by the destination site ‒  5-tuple hash per-flow selects 3   7   2001:db8:1::1  -­‐>  2001:db8:2::1   RLOC for encapsulation ETR Provider  A   Provider  C   ETR ITR 10.0.0.0/8   12.0.0.0/8   ITR 10.0.0.2   12.0.0.2   xTR-1 11.0.0.2  -­‐>  12.0.0.2   xTR-3 PI  EID-­‐prefix     5   PI  EID-­‐prefix     2001:db8:1::/48   2001:db8:1::1  packet  flow     2001:db8:2::/48   packet  flow   -­‐>  2001:db8:2::1 6   ETR 11.0.0.2   13.0.0.2   ETR Provider  B   Provider  D   ITR 11.0.0.0/8   13.0.0.0/8   ITR S   xTR-2 2001:db8:1::1  -­‐>  2001:db8:2::1   xTR-4 D   LISP Site 1 LISP Site 2 2   11.0.0.2  -­‐>  12.0.0.2   2001:db8:1::1  -­‐>  2001:db8:2::1  1   DNS entry: 4   D.abc.com AAAA 2001:db8:2::1 LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
  13. 13. LISP OperationsLISP Control Plane :: Introduction…  LISP Control Plane Provides On-Demand Mappings ‒  Control  Plane  is  separate  from  data  plane   ‒  Map-­‐Resolver  and  Map-­‐Server  (similar  to  DNS  Resolver  and  DNS  Server)   ‒  LISP  Control  Plane  Messages  for  EID-­‐to-­‐RLOC  resolu3on   ‒  Distributed databases and map-caches hold mappings   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
  14. 14. LISP OperationsLISP Control Plane :: Map-Server/Map-Resolver (MS/MR)… NOTE: An MR/MS need not be deployed as a MS  –  Map-­‐Server   router. Cisco is exploring implementing the LISP control plane on a VM. Mapping System   ‒  LISP  site  ETRs  register  their  EID   MR MS prefixes  here;  requires  configured   “lisp  site”  policy,  authen3ca3on  key   ‒  Receives  Map-­‐Requests  via   Mapping  System,  forwards  them  to   ETR ITR Provider  A   10.0.0.0/8   Provider  C   12.0.0.0/8   ETR ITR registered  ETRs   xTR-1 xTR-3 PI  EID-­‐prefix     PI  EID-­‐prefix     2001:db8:1::/48   packet  flow   packet  flow   2001:db8:2::/48   MR  –  Map-­‐Resolver   ETR ETR ITR Provider  B   11.0.0.0/8   Provider  D   13.0.0.0/8   ITR ‒  Receives  Map-­‐Request  from  ITR  S   xTR-2 xTR-4 LISP Site 1 LISP Site 2 D   ‒  Forwards  Map-­‐Request  to   Mapping  System   ‒  Sends  Nega3ve  Map-­‐Replies  in   response  to  Map-­‐Requests  for   non-­‐LISP  sites   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
  15. 15. LISP OperationsLISP Control Plane :: Mapping Database (ETR), Map-Cache (ITR)… LISP  Site  Mapping-­‐Database  (ETR)   Mapping System   ‒  EID-­‐to-­‐RLOC  mappings  in  all  ETRs   MR MS for  local  LISP  site   ‒  ETR  is  “authorita3ve”  for  its  EIDs,   sends  Map-­‐Replies  to  ITRs   ETR Provider  A   Provider  C   ETR ‒  ETRs  can  tailor  policy  based  on   ITR 10.0.0.0/8   12.0.0.0/8   ITR Map-­‐Request  source   xTR-1 xTR-3 PI  EID-­‐prefix     PI  EID-­‐prefix     2001:db8:1::/48   packet  flow   packet  flow   2001:db8:2::/48   LISP  Map  Cache  (ITR)   ‒  Only  stores  mappings  for  sites  ITR   ETR ETR Provider  B   Provider  D   ITR 11.0.0.0/8   13.0.0.0/8   ITRS   xTR-2 xTR-4 currently  sending  packets  to   LISP Site 1 LISP Site 2 D   ‒  Populated  by  sending  receiving   Map-­‐Replies  from  ETRs   ‒  ITRs  must  respect  Map-­‐Reply  policy   (TTLs,  RLOC  up/down  status,  RLOC   priori3es/weights   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
  16. 16. LISP OperationsLISP Control Plane :: Control Plane Messages…  Control Plane EID  Registra3on   ‒  Map-­‐Register  message   Sent  by  ETR  to  MS  to  register  its  associated  EID  prefixes   Specifies  the  RLOC(s)  to  be  used  by  the  MS  when  forwarding  Map-­‐Requests  to  the  ETR    Control  Plane  “Data-­‐triggered”  mapping  service ‒  Map-­‐Request  message   Sent  by  an  ITR  when  it  needs  for  EID/RLOC  mapping,  to  test  an  RLOC  for  reachability,  or  to  refresh  a   mapping  before  TTL  expira3on   ‒  Map-­‐Reply  message   Sent  by  an  ETR  in  response  to  a  valid  map-­‐request  to  provide  the  EID/RLOC  mapping  and  site  ingress   policy  for  the  requested  EID   ‒  Map-­‐No;fy  message   Sent  by  Map-­‐Server  to  ETR    to  acknowledge  that  its  requested  EID  prefixes  were  registered  successfully   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
  17. 17. LISP OperationsLISP Control Plane :: Map Registration Example… router lisp 2   Other  2001:db8::/32  sites…   site Site2 description Site 2 Notes: authentication-key S3cr3t 12.0.0.2-­‐>  66.2.2.2   1   eid-prefix 2001:db8:2::/48 System   Mapping LISP  Map-­‐Register   ‒  The ETR registers for EIDs MR MS (udp  4342)   SHA-­‐2   that it is authoritative for 2001:db8:2::/48   12.0.0.2,  13.0.0.2   ‒  The MS is configured for the 66.2.2.2 site EIDs, and must have the same authentication key ETR Provider  A   Provider  C   ETR ITR 10.0.0.0/8   12.0.0.0/8   ITR 10.0.0.2   12.0.0.2   xTR-1 xTR-3 PI  EID-­‐prefix     PI  EID-­‐prefix     2001:db8:1::/48   2001:db8:2::/48   ETR 11.0.0.2   13.0.0.2   ETR Provider  B   Provider  D   ITR 11.0.0.0/8   13.0.0.0/8   ITRS   xTR-2 xTR-4 D   LISP Site 1 LISP Site 2 router lisp database-mapping 2001:db8:2::/48 12.0.0.2 priority 1 weight 50 database-mapping 2001:db8:2::/48 13.0.0.2 priority 1 weight 50 ipv4 itr ipv4 etr ipv4 itr map-resolver 66.2.2.2 ipv4 etr map-server 66.2.2.2 key S3cr3t LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
  18. 18. LISP Operations LISP Control Plane :: Map-Request/Map-Reply Example… 3   11.0.0.2-­‐>  66.2.2.2   Notes: LISP  ECM   4   66.2.2.2-­‐>  12.0.0.2   LISP  ECM   (udp  4342)  Mapping System   (udp  4342)   ‒  The IP address in the Map- 11.0.0.2  -­‐>  2001:db8:2::1   Map-­‐Request   MR MS 11.0.0.2  -­‐>  2001:db8:2::1   Request (2001:db8:2::1 in this Map-­‐Request   (udp  4342)   nonce   (udp  4342)   case) is the host that the ITR is 66.2.2.2 nonce   trying to reach. How  do  I  get  to   2001:db8:2::1?   ‒  The Map-Reply includes the ETR ITR Provider  A   10.0.0.0/8   Provider  C   12.0.0.0/8   ETR ITR entire prefix (2001:db8:2::/48 10.0.0.2   12.0.0.2   PI  EID-­‐prefix     xTR-1 xTR-3 in this case) covering the PI  EID-­‐prefix     2001:db8:1::/48   packet  flow   packet  flow   2001:db8:2::/48   requested host. ETR 11.0.0.2   ETR Provider  B   12.0.0.2  -­‐13.0.0.2   Provider  D   >11.0.0.2   ITR 11.0.0.0/8   13.0.0.0/8   Map-­‐Reply   ITR S   xTR-2 2001:db8:1::1  -­‐>  2001:db8:2::1   (udp  4342)   xTR-4 D   LISP Site 1 nonce   LISP Site 2 2   2001:db8:2::/48   12.0.0.2  [1,  50]  1   6   13.0.0.2  [1,  50]   5   DNS entry: Map-­‐Cache  Entry   D.abc.com AAAA 2001:db8:2::1 EID-­‐prefix:    2001:db8:2::/48   Locator-­‐set:        12.0.0.2,  priority:  1,  weight:  50  (D1)      13.0.0.2,  priority:  1,  weight:  50  (D2)   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
  19. 19. LISP OperationsLISP Control Plane :: Proxy Map-Reply Example… 2   11.0.0.2  -­‐>  66.2.2.2   Notes: LISP  ECM   12.0.0.2-­‐>  66.2.2.2   (udp  4342)  Mapping System   LISP  Map-­‐Register   1   ‒  The ETR can register with the 11.0.0.2  -­‐>  2001:db8:2::1   Map-­‐Request   MR MS (udp  4342)   SHA-­‐2   “proxy bit” set. (udp  4342)   Proxy  Bit  set   nonce   2001:db8:2::/48   ‒  The Map-Server creates and 66.2.2.2 12.0.0.2,  13.0.0.2   sends the Map-Rely on behalf of the ETR in this case. ETR Provider  A   Provider  C   ETR ITR 10.0.0.2   10.0.0.0/8   12.0.0.0/8   12.0.0.2   ITR ‒  This is useful for LISP-MN PI  EID-­‐prefix     xTR-1 xTR-3 PI  EID-­‐prefix     cases to reduce control plane 2001:db8:1::/48   2001:db8:2::/48   packet  flow   packet  flow   messaging (and increase ETR 11.0.0.2   Provider  B     Provider  D   -­‐>  113.0.0.2   66.2.2.2   1.0.0.2 ETR battery life). ITR 11.0.0.0/8   13.0.0.0/8   Map-­‐Reply   ITRS   xTR-2 (udp  4342)   xTR-4 D   LISP Site 1 nonce   LISP Site 2 2001:db8:2::/48   12.0.0.2  [1,  50]   4   13.0.0.2  [1,  50]   3   Map-­‐Cache  Entry   EID-­‐prefix:    2001:db8:2::/48   Locator-­‐set:        12.0.0.2,  priority:  1,  weight:  50  (D1)      13.0.0.2,  priority:  1,  weight:  50  (D2)   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
  20. 20. LISP OperationsLISP Control Plane :: Negative Map-Reply Example… 2   11.0.0.2-­‐>  66.2.2.2   Notes: LISP  ECM   (udp  4342)  Mapping System   ‒  When an ITR queries for a 11.0.0.2  -­‐>  2001:db7:1::1   Map-­‐Request   MR MS destination that is not in the (udp  4342)   nonce   Mapping System, the Map- 66.2.2.2 Resolver returns an NMR. How  do  I  get  to   2001:db7:1::1?   ETR Provider  A   Provider  C   ETR ITR 10.0.0.0/8   12.0.0.0/8   ITR 10.0.0.2   12.0.0.2   xTR-1 xTR-3 PI  EID-­‐prefix     PI  EID-­‐prefix     2001:db8:1::/48   2001:db8:2::/48   packet  flow   packet  flow   ETR 11.0.0.2   Provider  B     Provider  D   -­‐>  113.0.0.2   66.2.2.2   1.0.0.2 ETR ITR 11.0.0.0/8   13.0.0.0/8   Nega;ve-­‐Map-­‐Reply   ITRS   xTR-2 (udp  4342)   xTR-4 D   LISP Site 1 2001:db8:1::1  -­‐>  2001:db7:1::1   3   nonce   LISP Site 2 1   2001:8000::/21   NOTE: 4   The actual “covering prefix” returned in an NMR Map-­‐Cache  Entry   depends on the number and distribution of EID EID-­‐prefix:    2001:8000::/21   prefixes in the Mapping System. The NMR prefix    forward-­‐na;ve   will cover the shortest prefix that doesn’t cover any LISP Sites in the Mapping System LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
  21. 21. LISP Operations The LISP Beta Network operates this way today…LISP Control Plane :: Mapping System Scaling… DDT  –  Delegated  Distributed  Tree   ‒  Hierarchy  for  Instance  IDs  and  for   MR MS EID  Prefixes   ‒  DDT  Map-­‐Resolvers  sends  (ECM)   Map-­‐Requests   ‒  DDT  Nodes  Return  Map-­‐Referral   messages   xTRs xTRs PxTRs xTRs ‒  DDT  Resolvers  resolve  the  Map-­‐ xTRs MS/MRs MS/MRs MS/MRs xTRs Server’s  RLOC  itera3vely   xTRs xTRs MS/MRs DHT ALT DHT ALT DDT DHT ALT MS/MRs ‒  Conceptually,  similar  to  DNS  (IN-­‐ DDT DDT PxTRs MS/MRs DHT ALT DDT MS/MRs xTRs ADDR  hierarchy)  but  different  prefix   xTRs xTRs MS/MRs PxTRs encoding,  messages,  etc.   xTRs xTRs xTRs xTRs LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
  22. 22. LISP OperationsLISP Internetworking :: Day-One Incremental Deployment  Early  Recogni3on   ‒  LISP  will  not  be  widely  deployed  day-­‐one   ‒  Up-­‐front  recogni3on  of  an  incremental  deployment  plan    Interworking  for: ‒  LISP-­‐sites  to  non-­‐LISP  sites  (e.g.  the  rest  of  the  Internet)   ‒  non-­‐LISP  sites  to  LISP-­‐sites    Proxy-­‐ITR/Proxy-­‐ETR  are  deployed  today   ‒  Infrastructure  LISP  network  en3ty   ‒  Creates  a  mone3zed  service  opportunity  for  infrastructure  players   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
  23. 23. LISP OperationsLISP Internetworking :: Day-One Incremental Deployment PITR  –  Proxy  ITR   Mapping System   ‒  Receives  traffic  from  non-­‐LISP  sites;   MR MS encapsulates  traffic  to  LISP  sites   ‒  Adver3ses  coarse-­‐aggregate  EID   PITR IPv6 PETR prefixes   Internet ETR Provider  A   Provider  C   ETR ‒  LISP  sites  see  ingress  TE  “day-­‐one”   ITR 10.0.0.0/8   12.0.0.0/8   ITR 10.0.0.2   12.0.0.2   xTR-1 xTR-3 PI  EID-­‐prefix     PI  EID-­‐prefix     2001:db8:1::/48   2001:db8:2::/48   PETR  –  Proxy  ETR   ETR 11.0.0.2   13.0.0.2   ETR ITR Provider  B   11.0.0.0/8   Provider  D   13.0.0.0/8   ITR ‒  Allows  a  LISP  Site  in  one  AF  [IPv4  S   xTR-2 xTR-4 D   or  IPv6]  and  the  opposite  RLOC   LISP Site 1 LISP Site 2 [IPv6  or  IPv4]  to  reach  non-­‐  that  AF   [IPv4  or  IPv6]  (AF-­‐hop-­‐over)     ‒  Allows  LISP  sites  with  uRPF   restric3ons  to  reach  non-­‐LISP  sites   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
  24. 24. LISP OperationsLISP Internetworking :: Day-One Incremental Deployment Notes: 1   Non-­‐LISP   Mapping System   -­‐>  2001:db8:2::1   2001:d:1::1   v6  Site   ‒  PITRs advertise coarse- MR MS 2001:d:1::1   aggregates (2001:db8::/32 in 2001:db8::/32   2001:f:f::1   2001:f:e::1   6   this case) to attract non-LISP 2001:db8:2::1  -­‐>  2001:d:1::1   IPv6 traffic and encapsulate it to 3   PITR Internet PETR 2001:d:1::1  -­‐>  2001:db8:2::1   LISP sites. ETR ITR Provider  A   10.0.0.0/8   Provider  C   12.0.0.0/8   ETR ITR ‒  PETRs provide LISP to non- 10.0.0.2   12.0.0.2   PI  EID-­‐prefix     xTR-1 10.9.1.1  -­‐>  12.0.0.2   xTR-3 LISP AF hop-over (among PI  EID-­‐prefix     2001:db8:1::/48   2001:d:1::1  -­‐>  2001:db8:2::1   2001:db8:2::/48   other services). 2   ETR 11.0.0.2   ETR Provider  B   12.0.0.2  -­‐>  12.9.2.1   13.0.0.2   Provider  D   ITR 11.0.0.0/8   13.0.0.0/8   2001:db8:2::1  -­‐>  2001:d:1::1   ITRS   xTR-2 5   xTR-4 2001:db8:2::1  -­‐>  2001:d:1::1   D   LISP Site 1 LISP Site 2 4   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
  25. 25. How are Customers Using LISP?
  26. 26. LISP Use-CasesCore LISP Use-Cases…1.  Efficient  Mul3-­‐Homing  2.  IPv6  Transi3on  Support  3.  Efficient  Virtualiza3on/VPN  4.  Data  Center/Host  Mobility  5.  LISP  Mobile-­‐Node   These  ‘core’  Use-­‐Cases  highlight   func3onality  that  is  integrated  in  LISP.     All  use-­‐case  ::  mul3-­‐homing,  v6   transi3on,  virtualiza3on,  and  mobility   work  together  as  well   LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
  27. 27. LISP Use-Cases :: Efficient MultihomingOverview… Efficient Multihoming  Needs: ‒  Site connectivity to multiple providers for SP   resiliency AS  200   ‒  Low OpEx/CapEx solution for Ingress TE Internet   LISP  Site    LISP Solution: SP   ‒  LISP provides a streamlined solution for AS  300   handling multi-provider connectivity and policy without BGP complexities No eBGP  Benefits: ‒  OpEx-friendly multi-homing across different providers   Example: ‒  Simple policy management ‒  NJEdge.NET is providing multihoming services using LISP for 190 educational ‒  Ingress Traffic Engineering that actually institutions in New Jersey “works” LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
  28. 28. LISP Use-Cases :: IPv6 Transition SupportOverview… Address Family independence  Needs: ‒  Rapid IPv6 Deployment IPv6  Network   ‒  Minimal Infrastructure disruption IPv6  Core   xTR    LISP Solution: v6   ‒  LISP encapsulation is Address Family IPv4  Network   xTR   v4   agnostic, allowing for IPv6 over an IPv4  Core   IPv4 core, or IPv4 over an IPv6 core  Benefits: ‒  Accelerated IPv6 adoption   Examples: ‒  Minimal added configurations ‒  No core network changes ‒  Can be transitional or permanent LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
  29. 29. LISP Use-Cases :: Virtualization SupportOverview… Efficient Virtualization IID  11   IID  22    Needs: IID  33   IID  44   IPv4   IPv4   ‒  Integrated Segmentation xTR   IP  Core   PE4   xTR   IID  11   IID  22   ‒  Global scale and interoperability IPv4   PE1   BLUE   MPLS-­‐VPN   ‒  Minimal Infrastructure disruption xTR   PURPLE   MPLS-­‐VPN    LISP Solution: IID  33   IID  44   PE3   IID  33   IID  44   IPv4   PE2   ‒  24-bit LISP Instance-ID segments control IPv4   xTR   xTR   plane and data plane IID  44   IID  44   IID  33   IID  33    Benefits: IID  22   IID  11   IID  11   IID  22   ‒  Very high scale tenant segmentation with Global Scalability   Examples: ‒  Transport-independent IP-based “overlay” ‒  InTouch in production ‒  Virtualization of “ID” and “Locator” space ‒  AT&T is conducting PoC testing LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
  30. 30. LISP Use-Cases :: Data Center/Host MobilityOverview… Data Center/Host Mobility  Needs: Legacy Site Legacy Site Legacy Site ‒  VM-Mobility extending subnets and across subnets LISP Site PxTR ‒  Move detection, dynamic EID-to-RLOC xTR mappings, traffic redirection Mapping DB  LISP Solution: IP  Network   ‒  LISP for across subnets moves ‒  Host IP (/32) remains the same VM move  Benefits: West VM East ‒  VM/OS agnostic, seamless, integrated, DC a.b.c.1 VM DC a.b.c.1 global workload mobility (cloud bursting) Data Data ‒  Direct Path after move (no triangulation) Center 1 Center 2 ‒  No IP address changes across move ‒  Connections survive across moves   Example: ‒  No routing re-convergence or DNS updates ‒  VXnet is providing Disaster Recovery solutions ‒  ARP elimination for financial institutions LISP – Routing in the Cloud © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 30

×