Location ID Separation Protocol. Gregory Johnson -
|
|
- Clifton Chad McCarthy
- 5 years ago
- Views:
Transcription
1 Location ID Separation Protocol Gregory Johnson - grjohnso@cisco.com
2 LISP - Agenda LISP Overview LISP Operations LISP Use Cases LISP Status (Standards and in the Community) Summary 2
3 LISP Overview 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
4 LISP Overview What do we mean by location and identity? x.y.z.1 Device IPv4 or IPv6 address represents identityand location Internet Today s Internet Behavior Loc/ID overloaded semantic w.z.y.9 When the device moves, it gets a new IPv4 or IPv6 address for its new identityand location x.y.z.1 Device IPv4 or IPv6 address represents identity only. a.b.c.1 Internet e.f.g.7 LISP Behavior Loc/ID split x.y.z.1 When the device moves, keeps its IPv4 or IPv6 address. It has the same identity Its location is here! Only the location changes Overview 4
5 LISP Overview LISP Mapping Resolution DNS analog LISP Map Lookup is analogous to a DNS lookup DNS resolves IP addresses for URLs host [ who is ]? [ ] DNS Server DNS URL Resolution LISP resolves locators for queried identities LISP router [ where is x.y.z.1 ]? [ location is a.b.c.1 ] LISP Mapping System LISP Identity-to-location Map Resolution 5
6 LISP Overview A level of indirection - (RFC 6830) LISP creates a Level of indirec4on with two namespaces: EID and EID (Endpoint Iden1fier) is the IP address of a host just as it is today (Rou1ng Locator) is the IP address of the LISP router for the host Non- LISP EID Space Prefix Next- hop w.x.y.1e.f.g.h x.y.w.2e.f.g.h z.q.r.5e.f.g.h z.q.r.5e.f.g.h xtr MS/MR EID a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5 EID a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5 EID- to- mapping EID a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5 EID- to- mapping is the distributed architecture that maps EIDs to s PxTR xtr xtr Space EID Space Overview 6
7 LISP Operations 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
8 LISP Data Header Format IPv4 EID/IPv4 Example draft-ietf-lisp-12 IPv4 Outer Header: Router supplies s UDP LISP header IPv4 Inner Header: Host supplies EIDs Operations 8
9 LISP Data Header Format IPv6 EID/IPv4 Example draft-ietf-lisp-09 IPv4 Outer Header supplies s UDP LISP header IPv4 Inner Header: Host supplies IPv6 Inner EIDs Header: Host supplies EIDs Operations 9
10 LISP Data Plane Ingress/Egress Tunnel Router (xtr) S1 Provider A /8 Provider X /8 D1 S packet flow S2 Provider B /8 Provider Y /8 packet flow D2 D Ingress Tunnel Router Receives packets from site-facing interfaces Encapsulates to remote LISP site (or natively forwards to non-lisp site) Egress Tunnel Router Receives packets from core-facing interfaces De-caps and delivers packets to local EIDs at the site Operations 10
11 LISP Data Plane Unicast Packet Forwarding PI EID-prefix /24 PI EID-prefix /24 S 2 S1 S > Provider A /8 Provider B / Provider X /8 Provider Y / D1 D2 8 D 1 DNS entry: D.abc.com A > > > > > Legend: EIDs -> Green Locators -> Red Physical link Mapping Entry EID-prefix: /24 Locator-set: , priority: 1, weight: 50 (D1) , priority: 1, weight: 50 (D2) This policy controlled by destination site Operations 11
12 LISP Control Plane Control Plane Messages Control Plane EID Registration Map-Register messages Sent by to Map-Server to register its associated EID prefixes Specifies the (s) to be used by the Map-Server when forwarding Map-Requests to the Control Plane Data-triggered mapping service Map-Request messages Sent by an when it needs an EID/ mapping, to test an for reachability, or to refresh a mapping before TTL expiration Map-Reply messages Sent by an in response to a valid map-request to provide the EID/ mapping and site ingress Policy for the requested EID Operations 12
13 LISP Control Plane Map-Server/Map-Resolver (MS/MR) = Mapping Database System S1 MR Provider A /8 MS Provider X /8 D1 S S2 Provider B /8 Provider Y /8 D2 D MR Map-Resolver ReceivesMap-Requestfrom. Forwards Map-Request onto the topology. Sends Negative Map-Replies in response to Map-Requests for non-lisp sites. DDT = Delegated Database Tree is Replacing LISP ALT MS Map-Server LISP site s Register their EID prefixes here; requires configured lisp site policy, authentication key. Injects routes for registered site EID prefixes into BGP topology. Receives Map-Requests via and forwards them to registered s. Operations 13
14 LISP Control Plane Mapping Database (), Map-Cache () Mapping-Database EID-to- mappings in all s for local LISP site MR MS is authoritative for its EIDs, sends Map-Replies to s Provider A Provider X s can tailor policy based on Map-Request source / /8 Decentralization S1 increases attack resiliency = Mapping Database System D1 S S2 Provider B /8 Provider Y /8 D2 D LISP Map Cache Lives on s and only stores mappings for sites to which is currently sending packets. Map-Cache populated by sending Map-Requests through and receiving Map-Replies from s s must respect Map-Reply policy, including TTLs, up/down status, priorities/weights Operations 14
15 LISP Control Plane Map-Registration example = Mapping Database System Other 3/8 sites PI EID-prefix /24 S MR Provider A / MS Provider X / D1 PI EID-prefix /24 S S Provider B /8 Provider Y / D2 D Legend: EIDs -> Green Locators -> Red BGP-over-GRE Physical link /8 propagation includes the Map-Resolver [3] /8 MS advertises into BGP over GRE [2] > LISP Map-Register (udp 4342) SHA / , [1] Operations 15
16 LISP Control Plane Map-Request example = Mapping Database System PI EID-prefix /24 S MR Provider A / MS Provider X / D1 PI EID-prefix /24 S S > DNS entry: D.abc.com A Legend: EIDs -> Green Locators -> Red BGP-over-GRE Physical link How do I get to ? [1] Provider B / > LISP ECM (udp 4342) > Map-Request (udp 4342) nonce Provider Y /8 [2] [3] [4] > Map-Request (udp 4342) D > nonce > Map-Request (udp 4342) nonce D LISP ECM (udp 4342) [5] Operations 16
17 LISP Control/Data Plane over IP Encryptors Map-Server/Map-Resolver (MS/MR), xtr MR MS S S1 S2 Provider A /8 Provider B /8 BLACK IP Transport Provider X /8 Provider Y /8 D1 D2 D next-hops point to the KG, single IP address represents all EID s BLACK transport can be any available today in the DoD/IC LISP Leverages native IP encapsulation (IP/UDP), so no manual tunnels Offers multi-homing, v6 over v4, v6 over v6, etc Mobility, VPN 17
18 LISP Interworking Proxy Ingress/Egress Tunnel Routers (P/P) = Mapping Database System S1 MR Provider A /8 P MS Provider X /8 P D1 S S2 Provider B /8 Provider Y /8 D2 D P Proxy Receives traffic from non-lispsites; encapsulates traffic to LISP sites Advertises coarse-aggregate EID prefixes LISP sites see ingress TE day-one P Proxy Allows IPv6 LISPsites with IPv4 s to reach IPv6 LISPsites that only have IPv6 s Allows LISPsites with urpf restrictions to reach non-lispsites Operations 18
19 LISP Interworking Proxy Ingress Tunnel Router example PI EID-prefix /24 S MR Provider A / P MS Provider X /8 P [2] > > D1 [3] > PI EID-prefix /24 S S Provider B / /8 Provider Y / D2 D > [1] Non-LISP Site > [5] > [4] Non-LISP Site /16 Operations 19
20 LISP and Security LISP-Sec Security LISP-SEC is a set of security mechanisms that provide origin authentication, integrity and anti-replay protection to LISP's EID-to- mapping data conveyed via mapping lookup process. LISP-SEC also enables verification of authorization on EID- prefix claims in Map-Reply messages, ensuring that the sender of a Map-Reply that provides the location for a given EID-prefix is entitled to do so according to the EID prefix registered in the associated Map Server. 20
21 LISP Use Cases 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
22 LISP Use Cases Overview Efficient Multi-Homing LISP Site LISP routers Internet IPv6 Transition Support v6 services LISP router v6 IPv4 Internet v4 v6 LISP router v6 IPv6 Internet IP Portability Ingress Traffic Engineering without BGP Network Virtualization - VPN v6-over-v4, v6-over-v6 v4-over-v6, v4-over-v4 VM-Mobility Data Center HQ LISP Site Internet User Network Data Center 1 LISP routers Internet VM move Data Center 2 LISP routers Remote Remote.. 10k.. Remote Remote VM a.b.c.1 VM a.b.c.1 Reduced CapEx/OpEx Segmentation Cloud / Layer 3 VM moves Segmentation 22
23 LiSP Network Virtualization Layer 3 Virtualization Options VRF Lite VRF Lite over IP (GRE) VRF Lite over DMVPN/GET-VPN MPLS VPN MPLS VPN over IP (P2P GRE) MPLS VPN over DMVPN * MPLS VPN over Multipoint GRE (mgre) * Virtualization with LISP * Leverage GET VPN on any mgre Solutions 23
24 LISP Data Format Example IPv4 EID/IPv4 Example draft-ietf-lisp-15 IPv4 Outer Header: Router supplies s UDP LISP header IPv4 Inner Header: Host supplies EIDs Instance ID Maps Aligns with VRF Definition 24
25 LISP Use Case Multi-Tenancy Network Virtualization Over the Top PI EID-prefix /24 S MR Provider A /8 ALT ALT ALT ALT MS Provider X / D1 PI EID-prefix /24 S S Provider B /8 Provider Y / D2 D VRFs Legend: EIDs -> Green Locators -> Red BGP-over-GRE Physical link Allows network segmentation on xtr (CE to SP) PE routers require minimal routes ( address only) VRF Segmentation is applied to CE/xTR SP PE has minimal customer routes (ideal if Enterprise PE) CE/xTR can add additional customer (per VRF), and routes are hidden from SP network. Can add GET VPN for additional data security (IPSec) 25
26 LISP Use Cases VM-Mobility Needs: VM-Mobility across subnets Move detection, dynamic EID-to- mappings, traffic redirection LISP Solution: OTV + LISP to extend subnets LISP for VM-moves across subnets Benefits: Integrated Mobility Connections maintained across moves No /32 route injection No DNS updates required IPv4/IPv6 Support ARP elimination Data Center 1 LISP router Applicability: VM a.b.c.1 VM OS agnostic Internet VM move VM a.b.c.1 Data Center 2 LISP router Services Creation (disaster recovery, cloud burst, etc.) Customers/EFTs: Cisco IT Qualcomm More 26
27 LISP Use Cases VM-Mobility Case Study Topology, Initial Map Cache entries EID Host 1: / / / Branch EID Space, /25 CPE - xtr Enterprise Remote Site EID Map Cache Table / EID Map Cache Table / / N7K - xtr MS/MR Enterprise WAN Enterprise Core EID N7K - xtr Map Cache Table / WEST EAST VM2 : VM1 : DC EID Space, Home Subnet /24 DC EID Space, Home Subnet /24 VM3 :
28 LISP Use Cases VM-Mobility Case Study traffic flows before move Before Move Traffic Flows EID Host 1: / / / Branch EID Space, / <-> CPE - xtr Enterprise Remote Site EID Map Cache Table / EID Map Cache Table / / N7K - xtr MS/MR Enterprise WAN <-> <-> Enterprise Core <-> <-> EID N7K - xtr Map Cache Table / <-> <-> <-> WEST EAST <-> VM2 : VM1 : DC EID Space, Home Subnet /24 DC EID Space, Home Subnet /24 VM3 :
29 LISP Use Cases VM-Mobility Case Study map cache updates after move Before Move Traffic Flows 3 Branch EID Space, /25 MS/MR Host 1: CPE - xtr Enterprise WAN Enterprise Core 2 Enterprise Remote Site / N7K - xtr N7K - xtr 4 EID EID Map Cache Table / / / / / / EID Map Cache Table / / EID Map Cache Table / / WEST EAST VM2 : DC EID Space, DC EID Space, VM3 : Home Subnet Home Subnet / /24 VM1 :
30 LISP Use Cases VM-Mobility Case Study traffic flows after move Before Move Traffic Flows EID EID Map Cache Table / / / / / / Branch EID Space, /25 MS/MR / N7K - xtr Host 1: <-> CPE - xtr Enterprise WAN <-> <-> <-> Enterprise Core <-> Enterprise Remote Site EID AWer Move Map Cache Table N7K - xtr / / EID Map Cache Table / / WEST EAST <-> <-> <-> <-> <-> VM2 : DC EID Space, Home Subnet /24 DC EID Space, Home Subnet /24 VM1 : VM3 :
31 LISP Status Cisco s LISP Software Release Strategy Development Strategy Early Deployment (ED) Software Engineering Builds - LISP ED releases available on CCO as hidden posts - Not orderable via the Cisco Global Configuration tool - Intended only for deployment on LISP nodes - Not intended nor recommended for production deployment scenarios - TAC supported (unless deployed in non-lisp environment) - Refer to LISP Early ED Software Release Product Bulletin for details Production LISP Deployment Software Mainline integration - LISP production software images available via CCO download - Orderable via the Cisco Global Configuration tool - Approved for use in all production deployment scenarios Cisco LISP Code: - TAC supported 31
32 LISP References Resources LISP Information IETF LISP WG hbp://tools.iee.org/wg/lisp/ LISP Beta NetworkhBp:// Cisco hbp://lisp.cisco.com (v4 and v6) Cisco LISP MarketinghBp:// Mailing Lists IETF LISP LISP Interest (public)lisp- Cisco LISP Questionslisp- 32
33
LISP Locator/ID Separation Protocol
LISP Locator/ID Separation Protocol Hernán Contreras G. Consulting Systems Engineer hcontrer@cisco.com LISP Next Gen Routing Architecture Locator-ID Separation Protocol (LISP) Elevator Pitch LISP is a
More informationLISP. - innovative mobility w/ Cisco Architectures. Gerd Pflueger Consulting Systems Engineer Central Europe Version 0.
Version 0.2 22 March 2012 LISP - innovative mobility w/ Cisco Architectures Gerd Pflueger Consulting Systems Engineer Central Europe gerd@cisco.com 2012 Cisco and/or its affiliates. All rights reserved.
More informationMobility and Virtualization in the Data Center with LISP and OTV
Cisco Expo 2012 Mobility and Virtualization in the Data Center with LISP and OTV Tech DC2 Martin Diviš Cisco, CSE, mdivis@cisco.com Cisco Expo 2012 Cisco and/or its affiliates. All rights reserved. 1 Twitter
More informationMobility and Virtualization in the Data Center with LISP and OTV
Mobility and Virtualization in the Data Center with LISP and OTV Agenda Mobility and Virtualization in the Data Center Introduction to LISP LISP Data Center Use Cases LAN Extensions: OTV LISP + OTV Deployment
More informationLocator ID Separation Protocol (LISP) Overview
Locator ID Separation Protocol (LISP) is a network architecture and protocol that implements the use of two namespaces instead of a single IP address: Endpoint identifiers (EIDs) assigned to end hosts.
More informationIP Mobility Design Considerations
CHAPTER 4 The Cisco Locator/ID Separation Protocol Technology in extended subnet mode with OTV L2 extension on the Cloud Services Router (CSR1000V) will be utilized in this DRaaS 2.0 System. This provides
More informationIP Routing: LISP Configuration Guide, Cisco IOS Release 15M&T
First Published: 2012-07-27 Last Modified: 2013-03-29 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationLISP. Migration zu IPv6 mit LISP. Gerd Pflueger Version Feb. 2013
Version 0.7 24 Feb. 2013 LISP Migration zu IP mit LISP Gerd Pflueger gerd@cisco.com 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 2011 Cisco and/or its affiliates. All rights reserved.
More informationMobility and Virtualization in the Data Center with LISP and OTV
Mobility and Virtualization in the Data Center with LISP and OTV Victor Moreno, Distinguished Engineer Agenda Mobility and Virtualization in the Data Center Introduction to LISP LISP Data Center Use Cases
More informationDeploying LISP Host Mobility with an Extended Subnet
CHAPTER 4 Deploying LISP Host Mobility with an Extended Subnet Figure 4-1 shows the Enterprise datacenter deployment topology where the 10.17.1.0/24 subnet in VLAN 1301 is extended between the West and
More informationCisco IOS LISP Application Note Series: Lab Testing Guide
Cisco IOS LISP Application Note Series: Lab Testing Guide Version 3.0 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration configuration
More informationCisco IOS LISP Application Note Series: Access Control Lists
Cisco IOS LISP Application Note Series: Access Control Lists Version 1.1 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration and configuration
More informationLISP Router IPv6 Configuration Commands
ipv6 alt-vrf, page 2 ipv6 etr, page 4 ipv6 etr accept-map-request-mapping, page 6 ipv6 etr map-cache-ttl, page 8 ipv6 etr map-server, page 10 ipv6 itr, page 13 ipv6 itr map-resolver, page 15 ipv6 map-cache-limit,
More informationTTL Propagate Disable and Site-ID Qualification
The TTL Propagate Disable feature supports disabling of the TTL (Time-To-Live) propagation for implementing the traceroute tool in a LISP network when RLOC and EID belong to different address-family. The
More informationDNA SA Border Node Support
Digital Network Architecture (DNA) Security Access (SA) is an Enterprise architecture that brings together multiple building blocks needed for a programmable, secure, and highly automated fabric. Secure
More informationINTRODUCTION 2 DOCUMENT USE PREREQUISITES 2
Table of Contents INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 LISP MOBILITY MODES OF OPERATION/CONSUMPTION SCENARIOS 3 LISP SINGLE HOP SCENARIO 3 LISP MULTI- HOP SCENARIO 3 LISP IGP ASSIT MODE 4 LISP INTEGRATION
More informationGETVPN+LISP Lab Guide
GETVPN+LISP Lab Guide Developers and Lab Proctors This lab was created by: Gregg Schudel, TME LISP Development Team Version 1.0: Created by Gregg Schudel Lab proctor: Gregg Schudel (gschudel@cisco.com)
More informationCisco Nexus 7000 Series NX-OS LISP Configuration Guide
First Published: 2011-10-25 Last Modified: 2014-04-25 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationLISP Parallel Model Virtualization
Finding Feature Information, page 1 Information About, page 1 How to Configure, page 6 Configuration Examples for, page 24 Additional References, page 25 Feature Information for, page 26 Finding Feature
More informationEnterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.
2 CHAPTER Cisco's Disaster Recovery as a Service (DRaaS) architecture supports virtual data centers that consist of a collection of geographically-dispersed data center locations. Since data centers are
More informationLISP A Next-Generation Networking Architecture
LISP A Next-Generation Networking Architecture LISP Disjointed RLOC Space Technical Details Version 0.8 30 October 2013 LISP Disjointed RLOC Space Details Agenda LISP Disjointed RLOC Space Technical Details
More informationLISP A Next Generation Networking Architecture
LISP A Next Generation Networking Architecture Victor Moreno Distinguished Engineer #clmel Agenda LISP Overview LISP Operations How setup LISP LISP Deployment Examples LISP Status LISP Summary 3 LISP Overview
More informationLISP: What and Why. RIPE Berlin May, Vince Fuller (for Dino, Dave, Darrel, et al)
LISP: What and Why RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-long.pdf Agenda What is the problem? What is LISP? Why Locator/ID Separation? Data
More informationLISP: Intro and Update
LISP: Intro and Update RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-short.pdf Agenda What is LISP? What problem is LISP solving? www.vaf.net/prezos/rrg-prague.pdf
More informationCisco Nexus 7000 Series NX-OS LISP Configuration Guide
First Published: 2016-12-23 Last Modified: 2018-07-05 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationLocator/ID Separation Protocol (LISP)
Locator/ID Separation Protocol (LISP) Damien Saucez* INRIA Sophia Antipolis FRNOG 18, December 2 th, 2011 * special thanks to Olivier Bonaventure, Luigi Iannone and Dino Farinacci Disclaimer Not a vendor
More informationCisco Nexus 7000 Series NX-OS LISP Command Reference
First Published: 2016-11-24 Last Modified: -- Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax:
More informationFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN Ron Fuller CCIE #5851 (R&S/Storage) Technical Marketing Engineer, Nexus 7000 rfuller@cisco.com Agenda The Evolving Data Centre Fabric
More informationEvolving your Campus Network with. Campus Fabric. Shawn Wargo. Technical Marketing Engineer BRKCRS-3800
Evolving your Campus Network with Campus Fabric Shawn Wargo Technical Marketing Engineer BRKCRS-3800 Campus Fabric Abstract Is your Campus network facing some, or all, of these challenges? Host Mobility
More informationMulti-site Datacenter Network Infrastructures
Multi-site Datacenter Network Infrastructures Petr Grygárek rek 2009 Petr Grygarek, Advanced Computer Networks Technologies 1 Why Multisite Datacenters? Resiliency against large-scale site failures (geodiversity)
More informationLISP in Campus Networks
LISP in Campus Networks Divya Rao CCIE # 25083 Technical Marketing Engineer Enterprise Networking Group Abstract Session ID Title LISP in Campus Networks Abstract This session introduces LISP (Locator/ID
More informationSecure Extension of L3 VPN s over IP-Based Wide Area Networks
White Paper Secure Extension of L3 VPN s over IP-Based Wide Area Networks Abstract Authors This paper examines how recent network-based virtualization Mark Mitch Mitchiner technology innovation can be
More informationFlexible Dynamic Mesh VPN draft-detienne-dmvpn-00
Flexible Dynamic Mesh VPN draft-detienne-dmvpn-00 Fred Detienne, Cisco Systems Manish Kumar, Cisco Systems Mike Sullenberger, Cisco Systems What is Dynamic Mesh VPN? DMVPN is a solution for building VPNs
More informationLISP Mobile-Node. draft-meyer-lisp-mn-05.txt. Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems
LISP Mobile-Node draft-meyer-lisp-mn-05.txt Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems EID: dino@cisco.com RLOC: IRTF MobOpts Quebec City July 28 2011 What if... A mobile device
More informationDMVPN for R&S CCIE Candidates Johnny Bass CCIE #6458
DMVPN for R&S CCIE Candidates Johnny Bass CCIE #6458 BRKCCIE-3003 @CCIE6458 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public About the Presenter Johnny Bass Networking industry since
More informationLISP: A Level of Indirection for Routing
LISP: A Level of Indirection for Routing ESCC/Internet2 Joint Techs Workshop University of Hawaii January 20-24, 2008 David Meyer & A Cast of 1000s (Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim,
More informationLISP Generalized SMR
The feature enables LISP xtr (ITR and ETR) to update map cache when there is a change in database mapping. Note There is no configuration commands for this feature. This feature is turned on automatically.
More informationInternet Engineering Task Force (IETF) Request for Comments: Cisco Systems January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6831 Category: Experimental ISSN: 2070-1721 D. Farinacci D. Meyer J. Zwiebel S. Venaas Cisco Systems January 2013 The Locator/ID Separation
More informationCisco Campus Fabric Introduction. Vedran Hafner Systems engineer Cisco
Cisco Campus Fabric Introduction Vedran Hafner Systems engineer Cisco Campus Fabric Abstract Is your Campus network facing some, or all, of these challenges? Host Mobility (w/o stretching VLANs) Network
More informationEnterprise IPv6 Transition Strategy
Abstract Government mandates, e-business and Internet growth requirements, and impending IPv4 address exhaustion concerns are prompting many enterprises to begin implementing an IPv6 transition strategy.
More informationLISP: A NOVEL APPROACH FOR FUTURE ATN/IPS
LISP: A NOVEL APPROACH FOR FUTURE ATN/IPS Bernhard Haindl, Manfred Lindner, Wolfgang Kampichler ICAO Meeting 07/2014 2014-07-15 HAINDL Bernhard Trends / Requirements For Future Networks Multihoming / Availability
More informationRestrictions for DMVPN Dynamic Tunnels Between Spokes. Behind a NAT Device. Finding Feature Information
DMVPN Dynamic Tunnels Between Spokes Behind a NAT Device The DMVPN: Dynamic Tunnels Between Spokes Behind a NAT Device feature allows Next Hop Resolution Protocol (NHRP) spoke-to-spoke tunnels to be built
More informationMPLS VPN over mgre. Finding Feature Information. Last Updated: November 1, 2012
MPLS VPN over mgre Last Updated: November 1, 2012 The MPLS VPN over mgre feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity
More informationAPT: A Practical Transit-Mapping Service Overview and Comparisons
APT: A Practical Transit-Mapping Service Overview and Comparisons draft-jen-apt Dan Jen, Michael Meisel, Dan Massey, Lan Wang, Beichuan Zhang, and Lixia Zhang The Big Picture APT is similar to LISP at
More informationRequest for Comments: 8112 Category: Informational. I. Kouvelas Arista D. Lewis Cisco Systems May 2017
Independent Submission Request for Comments: 8112 Category: Informational ISSN: 2070-1721 D. Farinacci lispers.net A. Jain Juniper Networks I. Kouvelas Arista D. Lewis Cisco Systems May 2017 Locator/ID
More informationLISP Multicast. Finding Feature Information. Prerequisites for LISP Multicast
The feature introduces support for carrying multicast traffic over a Locator ID Separation Protocol (LISP) overlay. This support currently allows for unicast transport of multicast traffic with head-end
More informationDMVPN for R&S CCIE Candidates
DMVPN for R&S CCIE Candidates Johnny Bass CCIE #6458 BRKCCIE-3003 @CCIE6458 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public About the Presenter Johnny Bass Networking industry since
More informationCampus Fabric. How To Integrate With Your Existing Networks. Kedar Karmarkar - Technical Leader BRKCRS-2801
Campus Fabric How To Integrate With Your Existing Networks Kedar Karmarkar - Technical Leader Campus Fabric Abstract Is your Campus network facing some, or all, of these challenges? Host Mobility (w/o
More informationCisco Group Encrypted Transport VPN
Cisco Group Encrypted Transport VPN Q. What is Cisco Group Encrypted Transport VPN? A. Cisco Group Encrypted Transport is a next-generation WAN VPN solution that defines a new category of VPN, one that
More informationInternet Engineering Task Force (IETF) Category: Experimental ISSN: D. Meyer D. Lewis. Cisco Systems. January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6830 Category: Experimental ISSN: 2070-1721 D. Farinacci Cisco Systems V. Fuller D. Meyer D. Lewis Cisco Systems January 2013 The Locator/ID
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-997 Title : Implementing Cisco Data Center Unified Fabric (DCUFI) Vendor : Cisco
More informationVirtual Private Networks Advanced Technologies
Virtual Private Networks Advanced Technologies Petr Grygárek rek Agenda: Supporting Technologies (GRE, NHRP) Dynamic Multipoint VPNs (DMVPN) Group Encrypted Transport VPNs (GET VPN) Multicast VPNs (mvpn)
More informationImplementing IP in IP Tunnel
This chapter module provides conceptual and configuration information for IP in IP tunnels on Cisco ASR 9000 Series Router. Note For a complete description of the IP in IP tunnel commands listed in this
More informationLocator/ID Separation Protocol (LISP) Virtual Machine Mobility Solution
White Paper Locator/ID Separation Protocol (LISP) Virtual Machine Mobility Solution White Paper 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1
More informationLARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF
LARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF MODULE 07 - MPLS BASED LAYER 2 SERVICES 1 by Xantaro MPLS BASED LAYER 2 VPNS USING MPLS FOR POINT-TO-POINT LAYER 2 SERVICES 2 by Xantaro Why are Layer-2
More informationFlexVPN HA Dual Hub Configuration Example
FlexVPN HA Dual Hub Configuration Example Document ID: 118888 Contributed by Piotr Kupisiewicz, Wen Zhang, and Frederic Detienne, Cisco TAC Engineers. Apr 08, 2015 Contents Introduction Prerequisites Requirements
More informationCharles Perkins Nokia Research Center 2 July Mobility Support in IPv6 <draft-ietf-mobileip-ipv6-14.txt> Status of This Memo
IETF Mobile IP Working Group INTERNET-DRAFT David B. Johnson Rice University Charles Perkins Nokia Research Center 2 July 2000 Mobility Support in IPv6 Status of This
More informationMPLS Segment Routing in IP Networks
MPLS Segment Routing in IP Networks draft-bryant-mpls-unified-ip-sr Stewart Bryant Adrian Farrel John Drake Jeff Tantsura
More informationLecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 7 Advanced Networking Virtual LAN Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Advanced Networking Scenario: Data Center Network Single Multiple, interconnected via Internet
More informationMigrating from Dynamic Multipoint VPN Phase 2 to Phase 3: Why and How to Migrate to the Next Phase
Migration Guide Migrating from Dynamic Multipoint VPN Phase 2 to Phase 3: Why and How to Migrate to the Next Phase This guide shows how a Dynamic Multipoint VPN (DMVPN) deployment can be migrated to make
More informationSecurizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN
Platformă de e-learning și curriculă e-content pentru învățământul superior tehnic Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN MPLS VPN 5-ian-2010 What this lecture is about: IP
More informationMPLS Egress Protection Framework draft-shen-mpls-egress-protectionframework-02
MPLS Egress Protection Framework draft-shen-mpls-egress-protectionframework-02 Yimin Shen (yshen@juniper.net) Minto Jeyananth (minto@juniper.net) Bruno Decraene (bruno.decraene@orange.com) Updates New
More informationCisco IOS IPv6. Cisco IOS IPv6 IPv6 IPv6 service provider IPv6. IPv6. data link IPv6 Cisco IOS IPv6. IPv6
IP6FD v6 Fundamentals, Design, and Deployment v3.0 Cisco IOS IPv6 Cisco IOS IPv6 IPv6 IPv6 service provider IPv6 IP IPv6 IPv6 data link IPv6 Cisco IOS IPv6 IPv6 IPv6 DHCP DNS DHCP DNS IPv6 IPv4 IPv6 multicast
More informationEthernet VPN (EVPN) and Provider Backbone Bridging-EVPN: Next Generation Solutions for MPLS-based Ethernet Services. Introduction and Application Note
White Paper Ethernet VPN (EVPN) and Provider Backbone Bridging-EVPN: Next Generation Solutions for MPLS-based Ethernet Services Introduction and Application Note Last Updated: 5/2014 Ethernet VPN (EVPN)
More informationInternet Engineering Task Force (IETF) Request for Comments: D. Lewis Cisco Systems January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6836 Category: Experimental ISSN: 2070-1721 V. Fuller D. Farinacci D. Meyer D. Lewis Cisco Systems January 2013 Locator/ID Separation Protocol
More informationVers un renforcement de l architecture Internet : le protocole LISP ( Locator/ID Separation Protocol )
Vers un renforcement de l architecture Internet : le protocole LISP ( Locator/ID Separation Protocol ) JCSA 2013" " " Luigi Iannone! 1 Institut Mines-Télécom Road Map" - Why LISP???! - LISP Data Plane!
More informationHIP Host Identity Protocol. October 2007 Patrik Salmela Ericsson
HIP Host Identity Protocol October 2007 Patrik Salmela Ericsson Agenda What is the Host Identity Protocol (HIP) What does HIP try to solve HIP basics Architecture The HIP base exchange HIP basic features
More informationIPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA
Rapid Deployment () in broadband networks Allen Huotari Technical Leader ahuotari@cisco.com June 14, 2010 NANOG49 San Francisco, CA 1 Why IP Tunneling? IPv4 Tunnel Tunnel IPv4 IPv4 Retains end-end IP semantics
More informationVXLAN Overview: Cisco Nexus 9000 Series Switches
White Paper VXLAN Overview: Cisco Nexus 9000 Series Switches What You Will Learn Traditional network segmentation has been provided by VLANs that are standardized under the IEEE 802.1Q group. VLANs provide
More informationOverview. Overview. OTV Fundamentals. OTV Terms. This chapter provides an overview for Overlay Transport Virtualization (OTV) on Cisco NX-OS devices.
This chapter provides an overview for Overlay Transport Virtualization (OTV) on Cisco NX-OS devices., page 1 Sample Topologies, page 6 OTV is a MAC-in-IP method that extends Layer 2 connectivity across
More informationLISP-MN. Mobile Networking through LISP. Noname manuscript No. (will be inserted by the editor)
Noname manuscript No. (will be inserted by the editor) LIP-MN Mobile Networking through LIP Alberto Rodríguez Natal Loránd Jakab Marc Portolés Vina Ermagan Preethi Natarajan Fabio Maino David Meyer Albert
More informationIPv6 over DMVPN. Finding Feature Information
This document describes how to implement the Dynamic Multipoint VPN for IPv6 feature, which allows users to better scale large and small IPsec Virtual Private Networks (VPNs) by combining generic routing
More informationImplementing MPLS Forwarding
All Multiprotocol Label Switching (MPLS) features require a core set of MPLS label management and forwarding services; the MPLS Forwarding Infrastructure (MFI) supplies these services. Feature History
More informationVirtual Subnet (VS): A Scalable Data Center Interconnection Solution
Virtual Subnet (VS): A Scalable Data Center Interconnection Solution draft-xu-virtual-subnet-05 Xiaohu Xu (xuxh@huawei.com) NANOG52, Denver Requirements for Data Center Interconnection To interconnect
More informationIntelligent WAN Multiple VRFs Deployment Guide
Cisco Validated design Intelligent WAN Multiple VRFs Deployment Guide September 2017 Table of Contents Table of Contents Deploying the Cisco Intelligent WAN... 1 Deploying the Cisco IWAN Multiple VRFs...
More informationGRE and DM VPNs. Understanding the GRE Modes Page CHAPTER
CHAPTER 23 You can configure Generic Routing Encapsulation (GRE) and Dynamic Multipoint (DM) VPNs that include GRE mode configurations. You can configure IPsec GRE VPNs for hub-and-spoke, point-to-point,
More informationVirtual Private Networks Advanced Technologies
Virtual Private Networks Advanced Technologies Petr Grygárek rek Agenda: Supporting Technologies (GRE, NHRP) Dynamic Multipoint VPNs (DMVPN) Group Encrypted Transport VPNs (GET VPN) Multicast VPNs (mvpn)
More informationIntended status: Informational. C. White Logical Elegance, LLC. October 24, 2011
Network Working Group Internet-Draft Intended status: Informational Expires: April 26, 2012 D. Farinacci D. Lewis D. Meyer cisco Systems C. White Logical Elegance, LLC. October 24, 2011 LISP Mobile Node
More informationIPv6 Switching: Provider Edge Router over MPLS
Multiprotocol Label Switching (MPLS) is deployed by many service providers in their IPv4 networks. Service providers want to introduce IPv6 services to their customers, but changes to their existing IPv4
More informationIP Fabric Reference Architecture
IP Fabric Reference Architecture Technical Deep Dive jammon@brocade.com Feng Shui of Data Center Design 1. Follow KISS Principle Keep It Simple 2. Minimal features 3. Minimal configuration 4. Configuration
More informationNext Generation MULTICAST In-band Signaling (VRF MLDP: Profile 6)
Next Generation MULTICAST In-band Signaling (VRF MLDP: Profile 6) Contents Introduction Background Information MLDP Signaling In-Band Signaling Overlay or Out-Of-Band Signaling Label Distribution Protocol
More informationConfiguring FlexVPN Spoke to Spoke
Last Published Date: March 28, 2014 The FlexVPN Spoke to Spoke feature enables a FlexVPN client to establish a direct crypto tunnel with another FlexVPN client leveraging virtual tunnel interfaces (VTI),
More informationCisco. Maintaining Cisco Service Provider VPNs and MPLS Networks (MSPVM)
Cisco 642-780 Maintaining Cisco Service Provider VPNs and MPLS Networks (MSPVM) Download Full Version : http://killexams.com/pass4sure/exam-detail/642-780 QUESTION: 56 Which command should be used to verify
More informationBESS work on control planes for DC overlay networks A short overview
BESS work on control planes for DC overlay networks A short overview Jorge Rabadan IETF99, July 2017 Prague 1 Agenda EVPN in a nutshell BESS work on EVPN for NVO3 networks EVPN in the industry today Future
More informationCore of Multicast VPNs: Rationale for Using mldp in the MVPN Core
Core of Multicast VPNs: Rationale for Using mldp in the MVPN Core Exploring Suitability of Using mldp Versus P2MP RSVP-TE in the MVPN Core Multicast Virtual Private Network (MVPN) is a popular technology
More informationForeword xxiii Preface xxvii IPv6 Rationale and Features
Contents Foreword Preface xxiii xxvii 1 IPv6 Rationale and Features 1 1.1 Internet Growth 1 1.1.1 IPv4 Addressing 1 1.1.2 IPv4 Address Space Utilization 3 1.1.3 Network Address Translation 5 1.1.4 HTTP
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationMPLS VPN. 5 ian 2010
MPLS VPN 5 ian 2010 What this lecture is about: IP CEF MPLS architecture What is MPLS? MPLS labels Packet forwarding in MPLS MPLS VPNs 3 IP CEF & MPLS Overview How does a router forward packets? Process
More informationFlexible Netflow Configuration Guide, Cisco IOS Release 15S
Flexible Netflow Configuration Guide, Cisco IOS Release 15S Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS
More informationAN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS
Proceedings of IC-NIDC2012 AN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS Dung Phung Chi (1,2), Stefano Secci (2), Guy Pujolle (2), Patrick Raad (3), Pascal Gallard (3) (1) VNU, Hanoi, Vietnam,
More informationMPLS over GRE. Finding Feature Information. Prerequisites for MPLS VPN L3VPN over GRE
The feature provides a mechanism for tunneling Multiprotocol Label Switching (MPLS) packets over a non-mpls network. This feature utilizes MPLS over generic routing encapsulation (MPLSoGRE) to encapsulate
More informationMonitoring MPLS Services
CHAPTER 17 The following topics describe how to view and manage aspects of Multiprotocol Label Switching (MPLS) services using Cisco Prime Network Vision (Prime Network Vision), including the MPLS service
More informationHPE FlexFabric 5940 Switch Series
HPE FlexFabric 5940 Switch Series EVPN Configuration Guide Part number: 5200-2002b Software version: Release 25xx Document version: 6W102-20170830 Copyright 2017 Hewlett Packard Enterprise Development
More informationIPv6 Switching: Provider Edge Router over MPLS
Multiprotocol Label Switching (MPLS) is deployed by many service providers in their IPv4 networks. Service providers want to introduce IPv6 services to their customers, but changes to their existing IPv4
More informationCisco IOS Software Release 15M&T Q&A
Cisco IOS Software Release 15M&T Q&A Last updated: July, 2010 General Q. What is Cisco IOS Software Release 15M&T? A. Developed for wide deployment in the world's most demanding Enterprise, Access, and
More informationIntroduction to External Connectivity
Before you begin Ensure you know about Programmable Fabric. Conceptual information is covered in the Introduction to Cisco Programmable Fabric and Introducing Cisco Programmable Fabric (VXLAN/EVPN) chapters.
More informationMPLS etc.. MPLS is not alone TEST. 26 April 2016 AN. Multi-Protocol Label Switching MPLS-TP FEC PBB-TE VPLS ISIS-TE MPƛS GMPLS SR RSVP-TE OSPF-TE PCEP
Multi-Protocol Label Switching MPLS-TP FEC VPLS PBB-TE MPLS etc.. MPLS is not alone LDP MPLS-TE LABEL MP-BGP LSP TAG H-VPLS 26 April 2016 AN TEST GMPLS SR T-MPLS ISIS-TE MPƛS OSPF-TE PCEP Multi-Protocol
More informationConfiguring IPv6 VPN Provider Edge over MPLS (6VPE)
Configuring IPv6 VPN Provider Edge over MPLS (6VPE) Finding Feature Information, page 1 Configuring 6VPE, page 1 Finding Feature Information Your software release may not support all the features documented
More informationRouteviews Update + What Is LISP? Regional Interconnection Forum/NAPLA LACNIC XII May 2009 Panama City, Panama David Meyer
Routeviews Update + What Is LISP? Regional Interconnection Forum/NAPLA LACNIC XII May 2009 Panama City, Panama David Meyer dmm@1-4-5.net Agenda A Quick Bit About Routeviews History, Current Events & Futures
More informationBGP-MVPN SAFI 129 IPv6
Subsequent Address Family Identifier (SAFI) 129, known as VPN Multicast SAFI, provides the capability to support multicast routing in the service provider's core IPv6 network. Border Gateway Protocol (BGP)
More information