Cisco IOS LISP Application Note Series: Access Control Lists
|
|
- Ronald Cobb
- 5 years ago
- Views:
Transcription
1 Cisco IOS LISP Application Note Series: Access Control Lists Version 1.1 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration and configuration of relevant Cisco IOS features in conjunction with the deployment of LISP. LISP (Locator/ID Separation Protocol) is not a feature, but rather a next- generation routing architecture which implements a new semantic for IP addressing that creates two namespaces: Endpoint Identifiers (EIDs), which are assigned to end- hosts, and Routing Locators (RLOCs), which are assigned to devices (primarily routers) that make up the global routing system. Creating separate namespaces for EIDs and RLOCs creates a level of indirection that yields many advantages over a single namespace (i.e. the current IP address concept) including: improved scalability of the routing system through greater aggregation of RLOCs, improved multi- homing efficiency, ingress traffic engineering, and the ability to move EIDs without breaking sessions (mobility). LISP also was designed at the outset to be Address Family agnostic, and thus handles multiple AF s seamlessly making its use ideal in IPv6 transition solutions. This and other LISP Application Notes in this series assume a working knowledge of LISP and are not intended to provide basic information on its use- cases, or guidelines on configuration and deployment. These details can be found in the Cisco LISP Command Reference Guide, Cisco LISP Configuration Guide, (References [1]) and other information available at Application Note Organization Like all Application Notes in the LISP series, this application note is organized into three main sections. 1. Concept Overview This section provides a brief description of the feature or technology being addressed in this Application Note in the context of a LISP implementation. 2. Concept Details This section provides a detailed description of the feature or technology and its interaction with LISP, and a description of its (typical) usage in deployment. 3. Concept Examples This section provides detailed testing of the feature or technology. This provides verification of the detailed descriptions, and also allows network administrators to set up a similar LISP environment and repeat the feature test. Comments and corrections are welcome. Please direct all queries to: lisp- support@cisco.com Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 1
2 Concept Overview: Cisco IOS Access Control Lists and LISP The Access Control List (ACL) is perhaps one of the most fundamental features of Cisco IOS and its use is familiar to network administrators for many applications including: restricting traffic flows, classifying and identifying interesting traffic for other functions such as Network Address Translation (NAT), Quality of Service (QoS), and IP Security (IPSec), and for filtering routing updates and many others. This application note describes the use of ACLs for restricting traffic within LISP implementations. When considering the deployment of ACLs with LISP, the following aspects are important. 1. LISP encapsulation utilizes a UDP header just prior to the LISP header for all packets to distinguish between two distinct packet groups: LISP control plane packets, which utilize a UDP destination port of 4342, and LISP data plane packets, which utilize a UDP destination port of ACLs may need to consider this distinction between these two groups of packets. 2. LISP is an encapsulation protocol and, because ACLs only filter based on Layer 3 and Layer 4 header information, ACLs may need to be applied at a specific point or at several different points within the packet forwarding and LISP encapsulation process in order to implement a site security policy. The application point and direction of the ACL will dictate whether EID namespace or RLOC namespace is used within the ACL itself. Packets can be filtered using EID namespace just prior to LISP encapsulation or just after LISP decapsulation; packets can be filtered using RLOC namespace just after LISP encapsulation or just prior to LISP decapsulation. This application note covers both of the above topics in detail. Concept Details: Cisco IOS Access Control Lists and LISP LISP Packets For the purposes of this application note, LISP packets can be separated into two groups, as follows: LISP control plane packets LISP- enabled devices create control plane packets to register EID- prefixes with Map- Servers, to conduct EID- to- RLOC mapping resolutions, and for various other protocol operations purposes. The UDP destination port 4342 in the LISP packet header indicates that it contains a LISP control plane packet. LISP control plane packets are handled directly by the LISP device itself (i.e. the device route processor). As with other types of control plane traffic, protecting the control plane from abuse is beneficial to network health (see Reference [5]). LISP control plane message types are described in Reference [2]. LISP data plane packets LISP- enabled devices encapsulate data plane packets to forward user traffic between LISP sites. The UDP destination port 4341 in the LISP packet header indicates that it contains a LISP data plane packet. LISP data plane packets are handled in the fast path (hardware/cef processing) of the LISP device. The LISP device is only responsible for encapsulating and forwarding, or decapsulating and forwarding these packets. LISP data plane packet encapsulation consists of an outer IPv4 or IPv6 header utilizing RLOC namespace addresses, and a UDP header and LISP header, all being added to the original packet. Figure 1 below shows a typical LISP data plane packet encapsulation with an IPv4 EID and IPv4 RLOC. ACLs can be applied at several different configuration points, giving them the ability to operate on packets either before or after LISP encapsulation (or both), as desired, to meet the site security requirements. Since ACLs only operate on the Layer 3 and Layer 4 headers of a packet, ACLs that are applied to packets after LISP encapsulation will only be able to operate on the outer header illustrated in Figure 1. In this case the ACL would see only the RLOC namespace addresses and the LISP UDP header. ACLs that are applied to packets 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 2
3 before LISP encapsulation or after LISP decapsulation will operate on the original, host- generated packets. These are the addresses that become the inner header illustrated in Figure 1. Figure 1. LISP data plane packet format (draft- 09 header) LISP Processing and ACLs In Cisco IOS, ACLs are applied to interfaces, and from a LISP perspective, three interfaces are relevant to ACL discussions: the LISP Site- facing interface, the Core- facing interface, and the LISP0 interface, as illustrated in Figure 2. At each of these different application points, ACLs can be applied in the in (ingress) and out (egress) direction, leading to the possibility of six unique ACLs per address family (IPv4 and IPv6). This gives them the ability to operate on packets either before or after LISP encapsulation (or both), as desired, to meet the site security requirements. Figure 2. Conceptual interfaces and ACL application points with LISP 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 3
4 The LISP process in IOS creates the LISP0 virtual interface, as illustrated in Figure 2, as a reference point for encapsulation and decapsulation operations. This LISP0 virtual interface, described in detail in the Application Note available at Reference [1], serves as the natural boundary between the EID and RLOC namespaces for the Ingress Tunnel Router (ITR) or Egress Tunnel Router (ETR) commonly referred to as an xtr when both LISP functions are deployed. Egress features are applied to packets that are leaving the router via LISP, just prior to LISP encapsulation. Similarly, ingress features are applied to packets that are arriving from LISP, just after LISP decapsulation. Note that in both cases, the LISP0 ingress and egress feature application points are in the EID namespace. It is important to understand that these three application points do not offer the same filtering options, due to the LISP encapsulation process. Referring to Figure 2, the following observations can be made about the point of application and functionality of ACLs used within a LISP deployment: ACLs can be applied in the in (ingress) direction and the out (egress) direction on the LISP site- facing interface, shown as E1/0 in the figure. When ACLs are applied here, filtering will be applied to user- packets in the EID namespace either before (potential) LISP encapsulation (when applied in the in direction), or after LISP decapsulation (when applied in the out direction). ACLs can be applied in the in (ingress) direction and the out (egress) direction on the SP Core/Internet- facing interface, shown as E0/0 in the figure. When ACLs are applied here, filtering will be applied to packets in the RLOC namespace either before LISP decapsulation (when applied in the in direction), or after LISP encapsulation (when applied in the out direction). ACLs can be applied in the in (ingress) direction and the out (egress) direction on the LISP0 interface. The LISP0 interface is logical and simply provides a reference point for the application of CEF features, like ACLs. ACLs applied here always refer to user- packets in the EID namespace (i.e. not LISP encapsulated). An ACL applied in the in direction refers to user- packets that have just been decapsulated and are being forwarded toward the LISP site, and an ACL applied in the out direction refers to user- packets being sent to LISP to be encapsulated and then forwarded toward the SP Core/Internet. No preferential manner for applying ACLs is implied or intended. The selected interface(s) and direction(s) should be based on site needs in terms of security requirements and management support. For example, sites may find that that existing ACLs can be reapplied without modification to the LISP0 interface. This document is not intended to provide guidance on specific site security policies. A thorough review of existing policies, combined with an understanding of the use of ACLs with LISP, and adequate validation testing should be completed prior to any production deployments of any technology. Caveats and Notes Related to ACLs The following caveats and notes are applicable to ACLs for use with LISP: 1. As is always the case with ACLs and Cisco IOS devices, the use of the log keyword can be used to provide additional detail about source and destinations for a given protocol. Although this keyword provides valuable insight into the details of ACL hits, using the log keyword results in packets matching the access- list statement being handled by process switching (slow path) instead of CEF switching, resulting in platform- dependent performance impacts. 2. In Cisco IOS devices, there should be no performance difference between using an ACL on a physical (or logical) interface, and using an ACL on the LISP 0 interface. In both cases, assuming the log keyword is not used, packets are CEF- switched and should experience that same forwarding performance through the router. Therefore, the primary consideration should be to develop and apply ACLs that best meet the security requirements of the site Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 4
5 In general, normal Cisco IOS ACL rules are applicable, and normal procedures for the construction of ACLs should be followed. Concept Examples: Cisco IOS Access Control Lists and LISP The following example demonstrates the use of ACLs within a LISP deployment. This example is provided only as validation for the above ACL discussions, and not as an indication of appropriate ACL deployments for meeting site security requirements. Initial LISP Configuration The test network topology for this example is illustrated in Figure 3. In this test network, the following elements are defined: LISP Site A, which includes the LISP IPv4 EID- prefix /24. The Cisco IOS router xtr- A is the LISP xtr, and it registers with the Map- Server located at The router Site- A provides a convenient host for traffic source/destination during the ACL validation testing. The ACLs will all be applied only to xtr- A. LISP Site B, which includes the LISP IPv4 EID- prefix /24. The Cisco IOS router xtr- B is the LISP xtr, and it registers with the Map- Server located at The router Site- B provides a convenient host for traffic source/destination during the ACL validation testing. SP Core/Internet, which includes the router Core, represents the public (RLOC- space) through which the LISP sites communicate. This core network is IPv4- only in this example. Map- Server/Map- Resolver, which provides mapping- resolution services for the LISP sites. The Cisco ISO router MS/MR is deployed as a LISP Map- Server/Map- Resolver. The xtrs from LISP Site A and LISP Site B register to this device, and use it for EID- to- RLOC mapping resolution. This is a fairly basic network topology, but it is quite adequate for demonstrating the use of ACLs within a LISP deployment. Full configurations for each device are included in the Appendix of this application note. Figure 3. Cisco IOS ACL use with LISP example test network topology Cisco IOS ACL Examination The ACL examination testing documented here applies a unique ACL to each possible location and direction that is relevant to the LISP deployment using router xtr- A as the device under test (DUT). Thus, six separate ACLs in total are applied: two (in, out) to the site- facing interface E0/1, two (in, out) to the Internet- facing interface E0/0, and two (in, out) to the LISP0 interface. The location and direction of these six ACLs is illustrated in Figure Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 5
6 Figure 4. Cisco IOS ACL use with LISP example ACL deployment locations Source- pings from Site- A ( ) to Site- B ( ) are used as traffic generators for this ACL testing. All six uniquely identified ACLs have identical elements. In this way, the counters displayed for each ACL indicate the directionality and specific Layer 3 header information at each test point. Therefore, all ACLs are constructed with the following entries: permit icmp host host echo Step 1. Preparations for testing ACLs First, clear the access- list counters on xtr- A in order to minimize ambiguity during testing. xtr-a#clear access-list counters Step 2. Test the ACLs with a source- ping. Source- ping Site B EID ( ) with a source of the Site A EID ( ), using a repeat value of 100. All packets should succeed. SiteA#ping so repeat 100 Type escape sequence to abort. Sending 100, 100-byte ICMP Echos to , timeout is 2 seconds: 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 6
7 Packet sent with a source address of Success rate is 100 percent (100/100), round-trip min/avg/max = 1/1/8 ms All 100 echo/echo- reply packets succeeded. This is also reflected in the value of the counters in the ACLs. Step 3. Review the ACL counters. Show each ACL and observer which counters have incremented by 100. xtr-a#sh ip access-lists lisp0-out Extended IP access list lisp0-out 10 permit icmp host host echo (100 matches) xtr-a#sh ip access-lists site-in Extended IP access list site-in 10 permit icmp host host echo (100 matches) xtr-a#show ip access-lists lisp0-in Extended IP access list lisp0-in 10 permit icmp host host echo 20 (100 matches) xtr-a#sh ip access-lists site-out Extended IP access list site-out 10 permit icmp host host echo 20 (100 matches) xtr-a#sh ip access-lists rloc-out Extended IP access list rloc-out 10 permit icmp host host echo (100 matches) xtr-a#sh ip access-lists rloc-in Extended IP access list rloc-in 10 permit icmp host host echo (100 matches) Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 7
8 Several observations can be made based on the above show command output. 1. As expected, the ACLs applied to the LISP0 interface and the site- facing interface (E0/1 in this case) show the same results, but in the opposite directions. That is, lisp0- out and site- in show the same results, and lisp0- in and site- out show the same results. This reflects the directional behavior of the ACLs on the respective interface. The ACLs lisp0- out and site- in both see the echo packets with source and destination , while the ACLs lisp0- in and site- out both see the echo- reply packets with source and destination When developing and applying ACLs to meet a site security requirement, it may be useful to consider that an ACL only needs to be applied to the LISP0 interface (one place) as opposed to potentially numerous site- facing interfaces when filtering using EID addresses. 2. ACLs rloc- in and rloc- out are the only ACLs that see the LISP- encapsulated (outer header) addresses. When developing and applying ACLs to meet a site security requirement, consider that an ACL can only be applied to core- facing interfaces in order to filter on RLOC addresses. Based on these observations, it is clear that LISP data plane packets can be filtered by ACLs applied to site- facing interfaces or the LISP0 interface, using the EID addresses. When applied to Core- facing interfaces, ACLs can only filter LISP data plane packets based on the UDP destination port 4341 and RLOC addresses. It is also clear that LISP control plane packets can only be filtered by ACLs applied to Core- facing interfaces, and then only based on the UDP destination port 4342 and RLOC addresses. IPv6 Considerations The mixed address family capabilities of LISP allow for both IPv4 and IPv6 packets to be used as EIDs and as RLOCs, with the following combinations being possible (lisp site address- family, rloc address- family): (IPv4, IPv4), (IPv4, IPv6), (IPv6, IPv4), and (IPv6, IPv6). It is possible then that both IPv4 and IPv6 ACLs may be required to satisfy site security needs. Only IPv4 ACLs were used in this example test case; IPv6 packets and ACLs were not illustrated. However, the use and application of IPv6 ACLs is exactly the same as the use and application of IPv4 ACLs in terms of interactions (interfaces and directions) with LISP. Whether IPv4 and/or IPv6 ACLs are required is dictated by the site security needs. As an example, note that the both LISP sites shown in Figure 3 have both IPv4 and IPv6 EIDs (Site- A: /24, 2001:db8:a::/48, and Site- B: /24, 2001:db8:b::/48). Only the IPv4 EIDs were used in the example tests above. Note also that the Core network and both sites only use IPv4 addresses. It is quite simple with LISP to connect these two IPv6 islands over the IPv4 infrastructure. In this case, IPv6 ACLs would be required on the site- facing interfaces and the LISP0 interface, and IPv4 ACLs would be required on the core- facing interface since the original packets would be IPv6 and the LISP0- encapsulted packets would use IPv4 RLOCs (outer header). Conclusions This application note described the use of ACLs with LISP implementations. ACLs are one of the most fundamental tools available to network administrators for restricting traffic flows and implementing site security policies. The interactions of ACLs with LISP operations were described, and an example using IPv4 EIDs and RLOCs was used to illustrate these concepts. The LISP0 interface is logical and simply provides a reference point for the application of CEF features, like ACLs. Applying ACLs to LISP0 only affects packets in EID namespace and can be a helpful for consolidating ACLs when there are numerous site- facing interfaces. In general, the selected interface(s) and direction(s) should be based on site needs in terms of security requirements and management support. Finally, the mixed address family capabilities of LISP were highlighted, and the potential impact of this on the selection of appropriate ACLs was described Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 8 of 8
9 LISP Resources 1. LISP Documentation, including the LISP Command Reference Guide, LISP Configuration Guide, and LISP Lab Test Guide, which can be found here: 2. LISP IETF Draft RFCS can be found here: 3. Cisco Marketing Information about LISP can be found here: 4. LISP Beta Network information can be found here: and 5. Router Security Strategies: Securing IP Network Traffic Planes, Cisco Press. Comments and corrections are welcome. Please direct all queries to: lisp Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 9 of 9
10 Appendix: Test Network Router Configurations xtr- A hostname xtr-a ip cef no ip domain lookup ipv6 unicast-routing ipv6 cef interface Loopback0 no ip address interface LISP0 ip access-group lisp0-in in ip access-group lisp0-out out interface Ethernet0/0 description To Core ip address ip access-group rloc-in in ip access-group rloc-out out interface Ethernet0/1 description To Site ip address ip access-group site-in in ip access-group site-out out ipv6 address 2001:DB8:A:2::2/64 router lisp database-mapping / priority 1 weight 1 database-mapping 2001:DB8:A::/ priority 1 weight 1 ipv4 itr map-resolver ipv4 itr ipv4 etr map-server key site-a-s3cr3t ipv4 etr ipv6 itr map-resolver ipv6 itr ipv6 etr map-server key site-a-s3cr3t ipv6 etr exit router ospf 1 log-adjacency-changes network area 0 default-information originate ip route ip access-list extended lisp0-in permit icmp host host echo ip access-list extended lisp0-out permit icmp host host echo ip access-list extended rloc-in permit icmp host host echo ip access-list extended rloc-out 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 10 of 10
11 permit icmp host host echo ip access-list extended site-in permit icmp host host echo ip access-list extended site-out permit icmp host host echo ipv6 route 2001:DB8:A::1/ :DB8:A:2::1 ipv6 route ::/0 Null0 Site- A hostname SiteA ip cef no ip domain lookup ipv6 unicast-routing ipv6 cef interface Loopback0 ip address ipv6 address 2001:DB8:A::1/128 interface Ethernet0/1 ip address ipv6 address 2001:DB8:A:2::1/64 router ospf 1 log-adjacency-changes passive-interface Loopback0 network area 0 network area 0 ipv6 route ::/0 2001:DB8:A:2::2 xtr- B hostname xtr-b ip cef no ip domain lookup ipv6 unicast-routing ipv6 cef interface Loopback0 no ip address interface LISP0 interface Ethernet0/0 ip address ipv6 address 2001:DB8:B:2::2/64 interface Ethernet0/1 description To Core ip address router lisp 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 11 of 11
12 database-mapping / priority 1 weight 1 database-mapping 2001:DB8:B::/ priority 1 weight 1 ipv4 itr map-resolver ipv4 itr ipv4 etr map-server key site-b-s3cr3t ipv4 etr ipv6 itr map-resolver ipv6 itr ipv6 etr map-server key site-b-s3cr3t ipv6 etr exit router ospf 1 log-adjacency-changes network area 0 default-information originate ip route ipv6 route 2001:DB8:B::1/ :DB8:B:2::1 ipv6 route ::/0 Null0 Site- B hostname SiteB ip cef no ip domain lookup ipv6 unicast-routing ipv6 cef interface Loopback0 ip address ipv6 address 2001:DB8:B::1/128 interface Ethernet0/0 ip address ipv6 address 2001:DB8:B:2::1/64 router ospf 1 log-adjacency-changes passive-interface Loopback0 network area 0 network area 0 ipv6 route ::/0 2001:DB8:2::2 MS- MR hostname MS-MR vrf definition lisp rd 1:1 address-family ipv4 exit-address-family address-family ipv6 exit-address-family ip cef no ip domain lookup ipv6 unicast-routing ipv6 cef router lisp site Site-A description LISP Site A authentication-key site-a-s3cr3t 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 12 of 12
13 eid-prefix /24 eid-prefix 2001:DB8:A::/48 exit site Site-B description LISP Site B authentication-key site-b-s3cr3t eid-prefix /24 eid-prefix 2001:DB8:B::/48 exit ipv4 map-server ipv4 map-resolver ipv4 alt-vrf lisp ipv6 map-server ipv6 map-resolver ipv6 alt-vrf lisp exit interface LISP0 interface Ethernet0/0 description To Core ip address ip route Core hostname Core ip cef no ip domain lookup no ipv6 cef interface Loopback0 ip address interface Ethernet0/0 description To xtr-a ip address interface Ethernet0/1 description To xtr-b ip address interface Ethernet0/2 description To MS-MR ip address Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 13 of 13
Cisco IOS LISP Application Note Series: Lab Testing Guide
Cisco IOS LISP Application Note Series: Lab Testing Guide Version 3.0 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration configuration
More informationTTL Propagate Disable and Site-ID Qualification
The TTL Propagate Disable feature supports disabling of the TTL (Time-To-Live) propagation for implementing the traceroute tool in a LISP network when RLOC and EID belong to different address-family. The
More informationLISP Router IPv6 Configuration Commands
ipv6 alt-vrf, page 2 ipv6 etr, page 4 ipv6 etr accept-map-request-mapping, page 6 ipv6 etr map-cache-ttl, page 8 ipv6 etr map-server, page 10 ipv6 itr, page 13 ipv6 itr map-resolver, page 15 ipv6 map-cache-limit,
More informationGETVPN+LISP Lab Guide
GETVPN+LISP Lab Guide Developers and Lab Proctors This lab was created by: Gregg Schudel, TME LISP Development Team Version 1.0: Created by Gregg Schudel Lab proctor: Gregg Schudel (gschudel@cisco.com)
More informationLocator ID Separation Protocol (LISP) Overview
Locator ID Separation Protocol (LISP) is a network architecture and protocol that implements the use of two namespaces instead of a single IP address: Endpoint identifiers (EIDs) assigned to end hosts.
More informationLISP Parallel Model Virtualization
Finding Feature Information, page 1 Information About, page 1 How to Configure, page 6 Configuration Examples for, page 24 Additional References, page 25 Feature Information for, page 26 Finding Feature
More informationIP Routing: LISP Configuration Guide, Cisco IOS Release 15M&T
First Published: 2012-07-27 Last Modified: 2013-03-29 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationEnterprise IPv6 Transition Strategy
Abstract Government mandates, e-business and Internet growth requirements, and impending IPv4 address exhaustion concerns are prompting many enterprises to begin implementing an IPv6 transition strategy.
More informationLISP Multicast. Finding Feature Information. Prerequisites for LISP Multicast
The feature introduces support for carrying multicast traffic over a Locator ID Separation Protocol (LISP) overlay. This support currently allows for unicast transport of multicast traffic with head-end
More informationLISP Generalized SMR
The feature enables LISP xtr (ITR and ETR) to update map cache when there is a change in database mapping. Note There is no configuration commands for this feature. This feature is turned on automatically.
More informationLISP Locator/ID Separation Protocol
LISP Locator/ID Separation Protocol Hernán Contreras G. Consulting Systems Engineer hcontrer@cisco.com LISP Next Gen Routing Architecture Locator-ID Separation Protocol (LISP) Elevator Pitch LISP is a
More informationLocation ID Separation Protocol. Gregory Johnson -
Location ID Separation Protocol Gregory Johnson - grjohnso@cisco.com LISP - Agenda LISP Overview LISP Operations LISP Use Cases LISP Status (Standards and in the Community) Summary 2 LISP Overview 2010
More informationIP Mobility Design Considerations
CHAPTER 4 The Cisco Locator/ID Separation Protocol Technology in extended subnet mode with OTV L2 extension on the Cloud Services Router (CSR1000V) will be utilized in this DRaaS 2.0 System. This provides
More informationDNA SA Border Node Support
Digital Network Architecture (DNA) Security Access (SA) is an Enterprise architecture that brings together multiple building blocks needed for a programmable, secure, and highly automated fabric. Secure
More informationDeploying LISP Host Mobility with an Extended Subnet
CHAPTER 4 Deploying LISP Host Mobility with an Extended Subnet Figure 4-1 shows the Enterprise datacenter deployment topology where the 10.17.1.0/24 subnet in VLAN 1301 is extended between the West and
More informationLISP. - innovative mobility w/ Cisco Architectures. Gerd Pflueger Consulting Systems Engineer Central Europe Version 0.
Version 0.2 22 March 2012 LISP - innovative mobility w/ Cisco Architectures Gerd Pflueger Consulting Systems Engineer Central Europe gerd@cisco.com 2012 Cisco and/or its affiliates. All rights reserved.
More informationLISP: Intro and Update
LISP: Intro and Update RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-short.pdf Agenda What is LISP? What problem is LISP solving? www.vaf.net/prezos/rrg-prague.pdf
More informationLISP: What and Why. RIPE Berlin May, Vince Fuller (for Dino, Dave, Darrel, et al)
LISP: What and Why RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-long.pdf Agenda What is the problem? What is LISP? Why Locator/ID Separation? Data
More informationLISP in Campus Networks
LISP in Campus Networks Divya Rao CCIE # 25083 Technical Marketing Engineer Enterprise Networking Group Abstract Session ID Title LISP in Campus Networks Abstract This session introduces LISP (Locator/ID
More informationGRE Tunnel with VRF Configuration Example
GRE Tunnel with VRF Configuration Example Document ID: 46252 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify Troubleshoot Caveats
More informationCisco Nexus 7000 Series NX-OS LISP Command Reference
First Published: 2016-11-24 Last Modified: -- Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax:
More informationCisco Nexus 7000 Series NX-OS LISP Configuration Guide
First Published: 2011-10-25 Last Modified: 2014-04-25 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationCisco Nexus 7000 Series NX-OS LISP Configuration Guide
First Published: 2016-12-23 Last Modified: 2018-07-05 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationManually Configured IPv6 over IPv4 Tunnels
This feature provides support for manually configured IPv6 over IPv4 tunnels. A manually configured tunnel is equivalent to a permanent link between two IPv6 domains over an IPv4 backbone. Finding Feature
More informationLISP Mobile-Node. draft-meyer-lisp-mn-05.txt. Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems
LISP Mobile-Node draft-meyer-lisp-mn-05.txt Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems EID: dino@cisco.com RLOC: IRTF MobOpts Quebec City July 28 2011 What if... A mobile device
More informationInternet Engineering Task Force (IETF) Request for Comments: Cisco Systems January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6831 Category: Experimental ISSN: 2070-1721 D. Farinacci D. Meyer J. Zwiebel S. Venaas Cisco Systems January 2013 The Locator/ID Separation
More informationImplement Static Routes for IPv6 Configuration Example
Implement Static Routes for IPv6 Configuration Example Document ID: 113361 Contents Introduction Prerequisites Components Used Conventions Configure Network Diagram Configurations Verify Related Information
More informationLISP. Migration zu IPv6 mit LISP. Gerd Pflueger Version Feb. 2013
Version 0.7 24 Feb. 2013 LISP Migration zu IP mit LISP Gerd Pflueger gerd@cisco.com 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 2011 Cisco and/or its affiliates. All rights reserved.
More informationINTRODUCTION 2 DOCUMENT USE PREREQUISITES 2
Table of Contents INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 LISP MOBILITY MODES OF OPERATION/CONSUMPTION SCENARIOS 3 LISP SINGLE HOP SCENARIO 3 LISP MULTI- HOP SCENARIO 3 LISP IGP ASSIT MODE 4 LISP INTEGRATION
More informationMultiprotocol Label Switching Virtual Private Network
Anas Al-Selwi Multiprotocol Label Switching Virtual Private Network Helsinki Metropolia University of Applied Sciences Bachelor of Engineering Information Technology Thesis 08 May 2013 Abstract Author(s)
More informationLocator/ID Separation Protocol (LISP)
Locator/ID Separation Protocol (LISP) Damien Saucez* INRIA Sophia Antipolis FRNOG 18, December 2 th, 2011 * special thanks to Olivier Bonaventure, Luigi Iannone and Dino Farinacci Disclaimer Not a vendor
More informationLISP: A NOVEL APPROACH FOR FUTURE ATN/IPS
LISP: A NOVEL APPROACH FOR FUTURE ATN/IPS Bernhard Haindl, Manfred Lindner, Wolfgang Kampichler ICAO Meeting 07/2014 2014-07-15 HAINDL Bernhard Trends / Requirements For Future Networks Multihoming / Availability
More informationBGP-MVPN SAFI 129 IPv6
Subsequent Address Family Identifier (SAFI) 129, known as VPN Multicast SAFI, provides the capability to support multicast routing in the service provider's core IPv6 network. Border Gateway Protocol (BGP)
More informationMPLS VPN--Inter-AS Option AB
The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service provider
More informationContents. Introduction. Prerequisites. Background Information
Contents Introduction Prerequisites Background Information Limitation Configure Network Diagram Initial configuration R2 R3 IPSec configuration R2 EzPM configuration Workaround Verify Troubleshooting Related
More informationLISP A Next-Generation Networking Architecture
LISP A Next-Generation Networking Architecture LISP Disjointed RLOC Space Technical Details Version 0.8 30 October 2013 LISP Disjointed RLOC Space Details Agenda LISP Disjointed RLOC Space Technical Details
More informationMPLS VPN Inter-AS Option AB
First Published: December 17, 2007 Last Updated: September 21, 2011 The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol
More informationLISP: A Level of Indirection for Routing
LISP: A Level of Indirection for Routing ESCC/Internet2 Joint Techs Workshop University of Hawaii January 20-24, 2008 David Meyer & A Cast of 1000s (Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim,
More informationICN IDENTIFIER / LOCATOR. Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016)
ICN IDENTIFIER / LOCATOR Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016) 1 A brief review of ID/Locators in IETF It s long, and we ll skim over it Then we discuss the CCNx & NDN
More informationBasic Router Configuration
This section includes information about some basic router configuration, and contains the following sections: Default Configuration, on page 1 Configuring Global Parameters, on page 2 Configuring Gigabit
More informationIPv6 Switching: Provider Edge Router over MPLS
Multiprotocol Label Switching (MPLS) is deployed by many service providers in their IPv4 networks. Service providers want to introduce IPv6 services to their customers, but changes to their existing IPv4
More informationConfiguration and Operation of FTD Prefilter
Configuration and Operation of FTD Prefilter Policies Contents Introduction Prerequisites Requirements Components Used Background Information Configure Pre-filter Policy Use Case 1 Pre-filter Policy Use
More informationChapter 7 Lab 7-1, Configuring BGP with Default Routing
Chapter 7 Topology Objectives Configure BGP to exchange routing information with two ISPs. Background The International Travel Agency (ITA) relies extensively on the Internet for sales. For this reason,
More informationRequest for Comments: 8112 Category: Informational. I. Kouvelas Arista D. Lewis Cisco Systems May 2017
Independent Submission Request for Comments: 8112 Category: Informational ISSN: 2070-1721 D. Farinacci lispers.net A. Jain Juniper Networks I. Kouvelas Arista D. Lewis Cisco Systems May 2017 Locator/ID
More informationCisco Campus Fabric Introduction. Vedran Hafner Systems engineer Cisco
Cisco Campus Fabric Introduction Vedran Hafner Systems engineer Cisco Campus Fabric Abstract Is your Campus network facing some, or all, of these challenges? Host Mobility (w/o stretching VLANs) Network
More informationMembership test for Mapping Information optimization draft-flinck-lisp-membertest-00
Membership test for Mapping Information optimization draft-flinck-lisp-membertest-00 1 Nokia Siemens Networks HFl / 18.3.2010 The problem we are addressing If an Ingress Tunnel Router acting as a gateway
More informationInterchassis Asymmetric Routing Support for Zone-Based Firewall and NAT
Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT The Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT feature supports the forwarding of packets from a standby
More informationMobility and Virtualization in the Data Center with LISP and OTV
Cisco Expo 2012 Mobility and Virtualization in the Data Center with LISP and OTV Tech DC2 Martin Diviš Cisco, CSE, mdivis@cisco.com Cisco Expo 2012 Cisco and/or its affiliates. All rights reserved. 1 Twitter
More informationIPv6 over IPv4 GRE Tunnels
GRE tunnels are links between two points, with a separate tunnel for each link. The tunnels are not tied to a specific passenger or transport protocol, but in this case carry IPv6 as the passenger protocol
More informationConfiguring MPLS and EoMPLS
37 CHAPTER This chapter describes how to configure multiprotocol label switching (MPLS) and Ethernet over MPLS (EoMPLS) on the Catalyst 3750 Metro switch. MPLS is a packet-switching technology that integrates
More informationIPv6 Switching: Provider Edge Router over MPLS
Multiprotocol Label Switching (MPLS) is deployed by many service providers in their IPv4 networks. Service providers want to introduce IPv6 services to their customers, but changes to their existing IPv4
More informationChapter 8 Lab 8-3, Configuring 6to4 Tunnels
Chapter 8 Lab 8-3, Configuring 6to4 Tunnels Topology Objectives Configure EIGRP for IPv4. Create a 6to4 tunnel. Configure static IPv6 routes. Background In this lab, you configure EIGRP for full connectivity
More informationEIGRP on SVTI, DVTI, and IKEv2 FlexVPN with the "IP[v6] Unnumbered" Command Configuration Example
EIGRP on SVTI, DVTI, and IKEv2 FlexVPN with the "IP[v6] Unnumbered" Command Configuration Example Document ID: 116346 Contributed by Michal Garcarz and Olivier Pelerin, Cisco TAC Engineers. Sep 18, 2013
More informationThe information in this document is based on Cisco IOS Software Release 15.4 version.
Contents Introduction Prerequisites Requirements Components Used Background Information Configure Network Diagram Relevant Configuration Verify Test case 1 Test case 2 Test case 3 Troubleshoot Introduction
More informationAPT: A Practical Transit-Mapping Service Overview and Comparisons
APT: A Practical Transit-Mapping Service Overview and Comparisons draft-jen-apt Dan Jen, Michael Meisel, Dan Massey, Lan Wang, Beichuan Zhang, and Lixia Zhang The Big Picture APT is similar to LISP at
More informationLecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 7 Advanced Networking Virtual LAN Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Advanced Networking Scenario: Data Center Network Single Multiple, interconnected via Internet
More informationIntended status: Informational. C. White Logical Elegance, LLC. October 24, 2011
Network Working Group Internet-Draft Intended status: Informational Expires: April 26, 2012 D. Farinacci D. Lewis D. Meyer cisco Systems C. White Logical Elegance, LLC. October 24, 2011 LISP Mobile Node
More informationConfiguring FlexVPN Spoke to Spoke
Last Published Date: March 28, 2014 The FlexVPN Spoke to Spoke feature enables a FlexVPN client to establish a direct crypto tunnel with another FlexVPN client leveraging virtual tunnel interfaces (VTI),
More informationEasy Virtual Network Configuration Example
Easy Virtual Network Configuration Example Document ID: 117974 Contributed by Fabrice Ducomble, Cisco TAC Engineer. Aug 04, 2014 Contents Introduction Prerequisites Requirements Components Used Background
More informationOSPF Filtering (Part I)
OSPF Filtering (Part I) Initial Configurations: R1: hostname R1 ip ospf network point-to-point ip address 1.1.1.1 255.255.255.255 ip address 192.168.123.1 255.255.255.0.1 encapsulation dot1q 11 ip address
More informationIPv6 Tunnel through an IPv4 Network
IPv6 Tunnel through an IPv4 Network Document ID: 25156 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations (Manual IPv6 Mode) Configurations
More informationChapter 8 Lab 8-2, Using Manual IPv6 Tunnels with EIGRP for IPv6
Chapter 8 Lab 8-2, Using Manual IPv6 Tunnels with EIGRP for IPv6 Topology Objectives Configure EIGRP for IPv4. Create a manual IPv6 tunnel. Configure EIGRP for IPv6 across the tunnel. Background In this
More informationA NOVICE APPROACH ON TRANSITION FROM IPV4-IPV6 USING TUNNELING AND PROTOCOLS OF TUNNELING
A NOVICE APPROACH ON TRANSITION FROM IPV4-IPV6 USING TUNNELING AND PROTOCOLS OF TUNNELING Harjeet Singh Mehta 1, Dilip Kumar 2, Hemant Singhtth Rawat 3 1,2,3 Computer Science and Engineering Department,
More informationIPv6 Module 6 ibgp and Basic ebgp
ISP Workshop Lab IPv6 Module 6 ibgp and Basic ebgp Objective: Using IPv6, simulate four different interconnected ISP backbones using a combination of ISIS, internal BGP, and external BGP. Prerequisites:
More informationStep 2. Manual configuration of global unicast and link-local addresses
Lab: ICMPv6 and ICMPv6 Neighbor Discovery CIS 116 IPv6 Fundamentals Enter your answers to the questions in this lab using Canvas Quiz DHCPv6 Lab. Part 1: Setup Step 1. Basics a. Log into NetLab: ccnp.bayict.cabrillo.edu
More informationIPv6 Module 6x ibgp and Basic ebgp
IPv6 Module 6x ibgp and Basic ebgp Objective: Using IPv6, simulate four different interconnected ISP backbones using a combination of IS-IS, internal BGP, and external BGP. Topology : Figure 1 BGP AS Numbers
More informationAccess Rules. Controlling Network Access
This chapter describes how to control network access through or to the ASA using access rules. You use access rules to control network access in both routed and transparent firewall modes. In transparent
More informationThe term "router" in this document refers to both routers and Layer 3 switches. Step Command Remarks. ipv6 host hostname ipv6-address
Contents Configuring IPv6 DNS 1 Overview 1 Configuring the IPv6 DNS client 1 Configuring static domain name resolution 1 Configuring dynamic domain name resolution 1 Displaying and maintaining IPv6 DNS
More informationMPLS VPN over mgre. Finding Feature Information. Last Updated: November 1, 2012
MPLS VPN over mgre Last Updated: November 1, 2012 The MPLS VPN over mgre feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity
More informationInternet Engineering Task Force (IETF) Category: Experimental ISSN: D. Meyer D. Lewis. Cisco Systems. January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6830 Category: Experimental ISSN: 2070-1721 D. Farinacci Cisco Systems V. Fuller D. Meyer D. Lewis Cisco Systems January 2013 The Locator/ID
More informationIPv6 over IPv4 GRE Tunnels
GRE tunnels are links between two points, with a separate tunnel for each link. The tunnels are not tied to a specific passenger or transport protocol, but in this case carry IPv6 as the passenger protocol
More informationIPv6 over IPv4 GRE Tunnels
GRE tunnels are links between two points, with a separate tunnel for each link. The tunnels are not tied to a specific passenger or transport protocol, but in this case carry IPv6 as the passenger protocol
More informationImplementing MPLS VPNs over IP Tunnels
The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Network (L3VPN) services, over an IP core network, using L2TPv3 multipoint tunneling instead of MPLS. This allows L2TPv3 tunnels
More informationBuilding the Routing Table. Introducing the Routing Table Directly Connected Networks Static Routing Dynamic Routing Routing Table Principles
Building the Routing Table Introducing the Routing Table Directly Connected Networks Static Routing Dynamic Routing Routing Table Principles Introducing the Routing Table R1# show ip route Codes: C - connected,
More informationConfiguring MLPPP. Finding Feature Information
The Multilink Point-to-Point (MLPPP) feature provides load balancing functionality over multiple WAN links, while providing multivendor interoperability, packet fragmentation and proper sequencing, and
More informationConfiguring IPv6 DNS. Introduction to IPv6 DNS. Configuring the IPv6 DNS client. Configuring static domain name resolution
Contents Configuring IPv6 DNS 2 Introduction to IPv6 DNS 2 Configuring the IPv6 DNS client 2 Configuring static domain name resolution 2 Configuring dynamic domain name resolution 2 Displaying and maintaining
More informationLab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationCampus Fabric Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9300 Switches)
Campus Fabric Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9300 Switches) First Published: 2017-07-31 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706
More informationIP Tunneling. GRE Tunnel IP Source and Destination VRF Membership. Tunnel VRF CHAPTER
CHAPTER 27 This chapter describes IP tunneling features implemented on the Cisco 10000 series routers and includes the following topics: GRE Tunnel IP Source and Destination VRF Membership, page 27-1 Restrictions
More informationConfigure Virtual LANs in Layer 2 VPNs
The Layer 2 Virtual Private Network (L2VPN) feature enables Service Providers (SPs) to provide L2 services to geographically disparate customer sites. A virtual local area network (VLAN) is a group of
More informationCampus Fabric Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 3650 Switches)
Campus Fabric Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 3650 Switches) First Published: 2017-07-31 Last Modified: 2017-11-03 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive
More informationMPLS VPN. 5 ian 2010
MPLS VPN 5 ian 2010 What this lecture is about: IP CEF MPLS architecture What is MPLS? MPLS labels Packet forwarding in MPLS MPLS VPNs 3 IP CEF & MPLS Overview How does a router forward packets? Process
More informationUsing NAT in Overlapping Networks
Using NAT in Overlapping Networks Document ID: 13774 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify Troubleshoot Related Information
More informationImplementing Tunneling for IPv6
Implementing Tunneling for IPv6 Last Updated: July 31, 2012 This module describes how to configure overlay tunneling techniques used by the Cisco IOS software to support the transition from IPv4-only networks
More informationLab Using Wireshark to Examine Ethernet Frames
Topology Objectives Part 1: Examine the Header Fields in an Ethernet II Frame Part 2: Use Wireshark to Capture and Analyze Ethernet Frames Background / Scenario When upper layer protocols communicate with
More informationSecurizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN
Platformă de e-learning și curriculă e-content pentru învățământul superior tehnic Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN MPLS VPN 5-ian-2010 What this lecture is about: IP
More informationCCIE R&S Techtorial MPLS
CCIE R&S Techtorial MPLS Ing. Tomáš Kelemen Partner Systems Engineer CCIE #24395 Ing. Peter Mesjar Systems Engineer CCIE #17428 2011 Cisco Systems, Inc. All rights reserved. 1 Agenda Introduction to MPLS
More informationInternet Engineering Task Force (IETF) Request for Comments: D. Lewis Cisco Systems January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6836 Category: Experimental ISSN: 2070-1721 V. Fuller D. Farinacci D. Meyer D. Lewis Cisco Systems January 2013 Locator/ID Separation Protocol
More informationAdvanced IPv6 Training Course. Lab Manual. v1.3 Page 1
Advanced IPv6 Training Course Lab Manual v1.3 Page 1 Network Diagram AS66 AS99 10.X.0.1/30 2001:ffXX:0:01::a/127 E0/0 R 1 E1/0 172.X.255.1 2001:ffXX::1/128 172.16.0.X/24 2001:ff69::X/64 E0/1 10.X.0.5/30
More informationBGP mvpn BGP safi IPv4
The BGP mvpn BGP safi 129 IPv4 feature provides the capability to support multicast routing in the service provider s core IPv4 network This feature is needed to support BGP-based MVPNs BGP MVPN provides
More informationFuture Routing and Addressing Models
Future Routing and Addressing Models Rob Evans JANET(UK) The JNT Association 2008 Networkshop 36 1 If it ain't broke... BGP is the inter-domain protocol of choice. Not that there's much choice. Carries
More informationMPLS Ping and Traceroute for BGP and IGP Prefix-SID
MPLS Ping and Traceroute for BGP and IGP Prefix-SID MPLS Ping and Traceroute operations for Prefix SID are supported for various BGP and IGP scenarios, for example: Within an IS-IS level or OSPF area Across
More informationMPLS VPN C H A P T E R S U P P L E M E N T. BGP Advertising IPv4 Prefixes with a Label
7 C H A P T E R S U P P L E M E N T This online supplement of Chapter 7 focuses on two important developments. The first one is Inter-Autonomous. Inter-Autonomous is a concept whereby two service provider
More informationLISP A Next Generation Networking Architecture
LISP A Next Generation Networking Architecture Victor Moreno Distinguished Engineer #clmel Agenda LISP Overview LISP Operations How setup LISP LISP Deployment Examples LISP Status LISP Summary 3 LISP Overview
More informationL2TP IPsec Support for NAT and PAT Windows Clients
L2TP IPsec Support for NAT and PAT Windows Clients The L2TP IPsec Support for NAT and PAT Windows Clients feature allows mulitple Windows client to connect to an IPsec-enabled Cisco IOS Layer 2 Tunneling
More informationLab Configuring and Verifying Standard ACLs Topology
Topology 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 9 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.10.1
More informationLab Using Wireshark to Examine Ethernet Frames
Topology Objectives Part 1: Examine the Header Fields in an Ethernet II Frame Part 2: Use Wireshark to Capture and Analyze Ethernet Frames Background / Scenario When upper layer protocols communicate with
More information8K GM Scale Improvement
The feature supports optimization of the Cooperative Protocol (COOP) announcement messages by increasing the number of Group Members (GM) to 8000. Finding Feature Information, page 1 Prerequisites for,
More informationConfiguring the Catena Solution
This chapter describes how to configure Catena on a Cisco NX-OS device. This chapter includes the following sections: About the Catena Solution, page 1 Licensing Requirements for Catena, page 2 Guidelines
More informationInternet Engineering Task Force (IETF) Category: Experimental. O. Bonaventure Universite catholique de Louvain January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6834 Category: Experimental ISSN: 2070-1721 L. Iannone Telecom ParisTech D. Saucez INRIA Sophia Antipolis O. Bonaventure Universite catholique
More information