Академический Документы
Профессиональный Документы
Культура Документы
Version 3
2 July 2010
Send document comments to lisp‐support@external.cisco.com
Cisco LISP Configuration Guide
July 2, 2010
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134‐1706
USA
http://www.cisco.com
Tel: 408 526‐4000
800 553‐NETS (6387)
Fax: 408 527‐0883
Note This Cisco LISP Configuration Guide is subject to change. The commands and their usage,
configuration examples, and detailed outputs are provided as the best representation available at
the time of this writing. This document will eventually be replaced with the formal version
formatted and published in the same way as all other Cisco IOS and Cisco IOS XE configuration
guides and documentation.
Table of Contents
CONFIGURING LOCATOR/ID SEPARATION PROTOCOL ...................................................................................................... 3
FINDING FEATURE INFORMATION ................................................................................................................................ 3
CONTENTS .............................................................................................................................................................. 3
PREREQUISITES FOR CONFIGURING LOCATOR/ID SEPARATION PROTOCOL .......................................................................... 3
RESTRICTIONS FOR CONFIGURING LOCATOR/ID SEPARATION PROTOCOL ............................................................................ 4
INFORMATION ABOUT CONFIGURING LOCATOR/ID SEPARATION PROTOCOL ....................................................................... 4
LISP Functionality Overview ........................................................................................................................... 4
LISP Devices Overview .................................................................................................................................... 5
LISP Operations Overview .............................................................................................................................. 6
CONFIGURING LISP ITR/ETR (XTR) FUNCTIONALITY...................................................................................................... 8
Configuring Required LISP ITR/ETR (xTR) Functionality .................................................................................. 8
Configuring Optional LISP ITR/ETR (xTR) Functionality ................................................................................ 10
CONFIGURING LISP MAP‐RESOLVER FUNCTIONALITY ................................................................................................... 12
Configuring Required LISP Map‐Resolver Functionality ............................................................................... 12
Configuring Optional LISP Map‐Resolver Functionality ............................................................................... 13
CONFIGURING LISP MAP‐SERVER FUNCTIONALITY ....................................................................................................... 13
Configuring Required LISP Map‐Server Functionality ................................................................................... 13
Configuring Optional LISP Map‐Server Functionality ................................................................................... 14
CONFIGURING LISP PROXY‐ITR FUNCTIONALITY .......................................................................................................... 15
Configuring Required LISP Proxy‐ITR Functionality ...................................................................................... 15
Configuring Optional LISP Proxy‐ITR Functionality ...................................................................................... 16
CONFIGURING LISP PROXY‐ETR FUNCTIONALITY ......................................................................................................... 16
Configuring Required LISP Proxy‐ETR Functionality ..................................................................................... 16
Configuring Optional LISP Proxy‐ETR Functionality ...................................................................................... 17
CONFIGURING LISP ALT FUNCTIONALITY ................................................................................................................... 17
Configuring Required LISP ALT Functionality ............................................................................................... 17
Configuring Optional LISP‐ALT Functionality................................................................................................ 18
CONFIGURING LISP: EXAMPLE ................................................................................................................................. 18
VERIFYING LISP: EXAMPLE ...................................................................................................................................... 22
ADDITIONAL REFERENCES ........................................................................................................................................ 23
Related Documents ...................................................................................................................................... 23
Standards ..................................................................................................................................................... 24
MIBs ............................................................................................................................................................. 24
RFCs .............................................................................................................................................................. 24
Technical Assistance..................................................................................................................................... 24
FEATURE INFORMATION FOR LOCATOR/ID SEPARATION PROTOCOL ................................................................................ 25
LISP-2
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Configuring Locator/ID Separation Protocol
First Published: December 24, 2009
Last Updated: July 2, 2010
This guide describes how to configure basic Locator/ID Separation Protocol (LISP) functionality on all LISP‐
related devices, including the Ingress Tunnel Router (ITR), Egress Tunnel Router, Proxy ITR (PITR), Proxy ETR
(PETR), Map Resolver (MR), Map Server (MS), and LISP‐ALT device.
LISP is a network architecture and protocol that implements a new semantic for IP addressing by creating two
new namespaces: Endpoint Identifiers (EIDs), which are assigned to end‐hosts, and Routing Locators (RLOCs),
which are assigned to devices (primarily routers) that make up the global routing system. Splitting EID and RLOC
functions yields several advantages including: improved routing system scalability, and improved multi‐homing
efficiency and ingress traffic engineering. LISP end site support is configured on devices such as Cisco routers.
Finding Feature Information
Your software release may not support all the features documented in this guide. For the latest feature
information and caveats, see the release notes for your platform and software release. To find information
about the features documented in this module, and to see a list of the releases in which each feature is
supported, see the Feature Information for Locator/ID Separation Protocol section below.
Contents
Prerequisites for Configuring Locator/ID Separation Protocol
Restrictions for Configuring Locator/ID Separation Protocol
Information About Configuring Locator/ID Separation Protocol
Configuring LISP
Configuring LISP: Example
Verifying LISP: Example
Additional References
Feature Information for Locator/ID Separation Protocol
Prerequisites for Configuring Locator/ID Separation Protocol
Before you can configure Locator/ID Separation Protocol (LISP), you will need to determine the type of LISP
deployment being planned. The type of LISP deployment will define the functionality of the LISP devices,
which in turn will indicate which hardware, software, and additional support from LISP Mapping Services that
will be required in order to complete the deployment.
If LISP is being deployed in a lab environment for the purposes of becoming familiar with the basics of
LISP, then it is possible to accomplish this solely with Cisco IOS/IOS‐XE and a small set of routers. This
type of deployment is described in detail in the Cisco IOS LISP Laboratory Testing Application Note
available at http://lisp4.cisco.com or http://lisp6.cisco.com. (With additional equipment and both Cisco
IOS/IOS‐XE and Cisco NX‐OS implementations, the full LISP environment may be tested and this guide
can server as a reference for building and test this environment.)
If LISP is being deployed to support a private, production application which requires the full LISP
environment, then components from both Cisco IOS/IOS‐XE and Cisco NX‐OS implementations will be
required to complete the deployment. This guide can server as a reference for building and test this
LISP-3
© 1992-2010 Cisco Systems, Inc. All rights reserved.
environment. See the list of supported hardware and software listed in the Feature Information for
Locator/ID Separation Protocol section below for further details.
If LISP is being deployed in a public, production environment which requires the full LISP environment,
including Internet interworking, then additional support is required from a LISP Mapping Service
Provider. Information on LISP Mapping Services support can be found available at http://lisp4.cisco.com
or http://lisp6.cisco.com. Components from both Cisco IOS/IOS‐XE and Cisco NX‐OS implementations
may be required to complete the deployment. This guide can server as a reference for building and test
this environment. See the list of supported hardware and software listed in the Feature Information for
Locator/ID Separation Protocol section below for further details.
Restrictions for Configuring Locator/ID Separation Protocol
Cisco IOS Release 15.1(1)XB1 and Cisco IOS XE Release 2.5.1xa only provide LISP support for: Ingress
Tunnel Router (ITR), Egress Tunnel Router (ETR), Proxy ITR, Proxy ETR, and LISP‐ALT functionality.
Cisco IOS Release 15.1(1)XB2, Cisco IOS XE Release 2.5.1xb, and Cisco NX‐OS Engineering Build based on
NX‐OS Release 5 provide full LISP support for: ITR, ETR, PITR, PETR, Map‐Resolver (MR), Map‐Server
(MS), and ALT functionality.
LISP support is provided for both IPv4 and IPv6 address families.
To fully implement LISP with Internet‐scale and interoperability between LISP and non‐LISP sites, site
registration with a LISP Mapping Service Provider is required. Information on LISP Mapping Services
support can be found available at http://lisp4.cisco.com or http://lisp6.cisco.com.
Information about Configuring Locator/ID Separation Protocol
Before configuring LISP, you should understand the following concepts:
LISP Functionality Overview
LISP Devices Overview
LISP Operations Overview
LISP Functionality Overview
LISP is a network architecture and protocol that implements a new semantic for IP addressing. In the current
Internet routing and addressing architecture, the IP address is used as a single namespace that
simultaneously expresses two functions about a device: its identity and how it is attached to the network.
One very visible and detrimental result of this single namespace is manifested in the rapid growth of the
Internet's DFZ (default‐free zone) as a consequence of multi‐homing, traffic engineering (TE), non‐
aggregatable address allocations, and business events such as mergers and acquisitions.
LISP changes current IP address semantics by creating two new namespaces: Endpoint Identifiers (EIDs),
assigned to end‐hosts, and Routing Locators (RLOCs), assigned to devices (primarily routers) that make up the
global routing system. Performing this separation offers several advantages, including:
Improved routing system scalability by using topologically‐aggregated RLOCs
Provider‐independence for devices numbered out of the EID space
Low‐OPEX multi‐homing of end‐sites with improved traffic engineering
IPv6 transition functionality
LISP-4
© 1992-2010 Cisco Systems, Inc. All rights reserved.
LISP is a simple, incremental, network‐based implementation that is deployed primarily in network edge
devices. It requires no changes to host stacks, DNS, or local network infrastructure, and little to no major
changes to existing network infrastructures.
From the outset, Cisco’s philosophy for the development of LISP has been to minimize end‐customer changes
and deployment complexities. Figure 1 provides a general overview illustration of the LISP deployment
environment. As illustrated in Figure 1, three essential environments exist in a LISP environment: LISP sites (EID
namespace), non‐LISP sites (RLOC namespace), and LISP Mapping Service (Infrastructure).
Figure 1 Cisco IOS LISP Deployment Environment.
As illustrated in Figure 1, the LISP EID namespace represents customer end‐sites in exactly the same way that
end‐sites are defined today. The only difference is that the IP addresses used within these LISP sites are not
advertised within the non‐LISP, Internet (RLOC namespace). Here, end‐customer LISP functionality is deployed
exclusively on CE routers which function in the LISP roles of Ingress Tunnel Router (ITR) and Egress Tunnel
Router (ETR) device – abbreviated as xTR in Figure 1.
In order to fully implement LISP with support for Mapping Services and Internet interworking, additional LISP
Infrastructure components may be required to be deployed as well. As illustrated in Figure 1, these additional
LISP infrastructure components include devices that support the LISP roles of: Map‐Server (MS), Map‐Resolver
(MR), Proxy Ingress Tunnel Router (PITR), Proxy Egress Tunnel Router (PETR), and ALT.
LISP Devices Overview
The following devices are found in a full LISP deployment:
LISP Site Devices:
ITR – Ingress Tunnel Router is deployed as a LISP Site edge device. It receives packets from site‐facing
interfaces (i.e. from internal hosts) and either LISP encapsulates packets to remote LISP sites, or
natively forward packets to non‐LISP sites.
ETR – Egress Tunnel Router is deployed as a LISP Site edge device. It receives packets from core‐facing
interfaces (i.e. from the Internet) and either decapsulates LISP packets and delivers them to local EIDs
at the site.
It is common for CE devices to implement both ITR and ETR functions. When this is the case, the device is
referred to as an “xTR.” The LISP specification does not require that a device perform both ITR and ETR
functions, however.
LISP-5
© 1992-2010 Cisco Systems, Inc. All rights reserved.
For both devices, EID namespace is used inside the sites for end‐site addresses for hosts and routers. EIDs
go in DNS records, just as they do today. Generally speaking, EID namespace is not globally routed in the
underlying Internet. RLOC namespace on the other hand is used in the (Internet) core. RLOCs are used as
infrastructure addresses for LISP routers and ISP routers, and are globally routed in the underlying
infrastructure, just like today. Hosts do not know about RLOCs, and RLOCs do not know about hosts.
LISP Infrastructure Devices:
MS – The Map‐Server is deployed as a LISP Infrastructure component. It must be configured to permit
a LISP site to register to it by specifying for each LISP site the EID prefixes for which registering ETRs
are authoritative, and an authentication key which must match the one also configured on the ETR. An
MS receives Map‐Register control packets from ETRs. When the MS is configured with a service
interface to the LISP ALT, it injects aggregates for the EID prefixes for registered ETRs into the ALT. The
MS also receives Map‐Request control packets from the ALT, which it then encapsulates to the
registered ETR that is authoritative for the EID prefix being queried.
MR – The Map‐Resolver is deployed as a LISP Infrastructure device. It receives Map‐Requests
encapsulated to it from ITRs, and when configured with a service interface to the LISP ALT, forwards
Map‐Requests to the ALT. An MR also sends Negative Map‐Replies to ITRs in response to queries for
non‐LISP addresses.
ALT – An Alternative Topology device is deployed as part of the LISP Infrastructure to provide scalable
EID prefix aggregation. Because the ALT is deployed as dual‐stack (IPv4 and IPv6) BGP over GRE
tunnels, ALT‐only devices can be implemented using basic router hardware or other off‐the‐shelf
devices capable of supporting BGP and GRE.
LISP Interworking Devices:
PITR – A Proxy ITR is a LISP Infrastructure device that provides connectivity between non‐LISP sites and
LISP sites. A PITR does this by advertising coarse‐aggregate prefixes for LISP EID namespace into the
Internet, thus attracting non‐LISP traffic destined to LISP sites. The PITR then encapsulates and
forwards this traffic to LISP sites. This not only facilitates LISP/non‐LISP interworking, but also allows
LISP sites to see LISP ingress traffic engineering benefits from non‐LISP traffic.
PETR – A Proxy ETR is a LISP Infrastructure device that allows IPv6 LISP sites without native IPv6 RLOC
connectivity to reach LISP sites that only have IPv6 RLOC connectivity. In addition, the PETR can also be
used to allow LISP sites with uRPF restrictions to reach non‐LISP sites.
At this time, the Cisco IOS/IOS‐XE LISP implementation provides support for: Ingress Tunnel Router (ITR), Egress
Tunnel Router (ETR), Proxy ITR, Proxy ETR, and LISP‐ALT functionality. The Cisco NX‐OS LISP implementation
provides support for: ITR, ETR, PITR, PETR, MR, MS, and ALT functionality. LISP support is provided for both IPv4
and IPv6 address families in Cisco IOS/IOS‐XE and Cisco NX‐OS implementations.
LISP Operations Overview
The following LISP operations are found in a full LISP deployment, from the perspective of data plane and
control plane operations.
LISP Data Plane
The LISP data plane involves encapsulating and decapsulating user‐traffic in both LISP/LISP and LISP/non‐
LISP applications. Devices involved in LISP data plane activities include the ITR, ETR, PITR, and PETR. Data
plane activities for each of these devices are summarized here.
LISP-6
© 1992-2010 Cisco Systems, Inc. All rights reserved.
ITR – From a data plane perspective, a LISP ITR encapsulates packets to LISP destinations, and natively
forward packets to non‐lisp destinations. When an ITR receives a packet it does a lookup, as normal, in
the forwarding information base (FIB). This lookup can have two outcomes: it may return a non‐
default destination, in which case the ITR forwards the packet to that destination natively, or it may
return a match against the default route. In this case the packet becomes a candidate for LISP
processing. In this case, the ITR will do a lookup in the LISP map‐cache and forward the packet
according to information contained there. If there is no match in the LISP map‐cache, the ITR will
exercise the LISP control plane.
ETR – From a data plane perspective, a LISP ETR decapsulates packets arriving from LISP sources and
delivers them to local EIDs.
PITR – From a data plane perspective, a PITR receives native traffic from the Internet that is destined
to LISP sites, and encapsulates and forwards this traffic to LISP sites. The main difference between an
ITR and a PITR is that a router configured as an ITR performs a check to see if the source of a packet
intended for LISP encapsulation is within the address range of a local EID prefix, whereas a router
configured as a PITR does not perform this check. That is, a PITR only looks at the destination address
of the packet to determine whether to LISP encapsulate the packet or not.
PETR – From a data plane perspective, a PETR receives LISP‐encapsulated packets, decapsulates them,
and natively forwards them to non‐LISP sites (not LISP encapsulated). This is generally done to either
bypass strict unicast reverse path forwarding (uRPF) or anti‐spoofing, or to reach non‐LISP sites when
some portion of the intermediate network does not support the address family of the source and
destination EIDs (for example, such as when an IPv6 site wishes to talk to another IPv6 but only has
IPv4 locators).
LISP Control Plane
The LISP control plane in general includes the creation and management of the LISP mappings related to
the EID‐to‐RLOC relationships. All LISP devices are involved in control plane activities in some manner.
Control plane activities for each device are summarized here.
ITR – From a control plane perspective, when a LISP ITR is configured to use a Map‐Resolver (MR) it
sends an Encapsulated Control Message (ECM) containing a LISP Map‐Request to an MR in order to
obtain an EID‐to‐RLOC mapping. It receives an ECM containing a Map‐Reply that contains the EID‐to‐
RLOC mapping and policy information from the ETR that is authoritative for the queried EID prefix and
caches this information in its map‐cache. An ITR may also receive a Negative Map‐Reply from the MR if
the queried EID is not for a LISP site. The local LISP Map Cache is maintained on each ITR and is
populated dynamically via authoritative Map‐Reply control messages, or statically via the ip lisp map‐
cache command.
ETR – From a control plane perspective, when a LISP ETR is configured to use a Map‐Server (MS), it
registers with the MS by sending a Map‐Register message. An ETR also receives ECMs containing Map‐
Request messages from the MS. In response, an ETR will send a Map‐Reply as an ECM directly back to
the requesting ITR. The local LISP Mapping Database is maintained on each ETR and is populated via
the ip lisp database‐mapping command.
PITR – From a control plane perspective, a PITR behaves similar to an ITR. One difference however, is
that a PITR is directly connected to the ALT and thus can send and receive Map‐Requests and Map‐
Replies directly over the ALT as opposed to requiring ECMs and the use of MR and MS services.
PETR – From a control plane perspective, a PETR doesn’t have any requirements in general. Because it
receives LISP‐encapsulated packets, decapsualtes them, and natively forwards them, there are no LISP
control plane operations strictly associated with the PETR functions.
LISP-7
© 1992-2010 Cisco Systems, Inc. All rights reserved.
MR – From a control plane perspective, an MR receives ECM Map‐Requests from ITRs, decapsulates
them, and forwards them directly over the LISP ALT. An MR also sends Negative Map‐Replies to ITRs in
response to queries for non‐LISP addresses.
MS – From a control plane perspective, an MS receives Map‐Register messages from ETRs. The MS
injects aggregates for the EID prefixes for registered ETRs into the ALT. The MS also receives Map‐
Requests from the ALT, and forwards them as an ECM to the registered ETR that is authoritative for
the EID prefix being queried.
ALT – From a control plane perspective, an ALT‐only device can be implemented using basic router
hardware or other off‐the‐shelf devices capable of supporting dual‐stack (IPv4 and IPv6) BGP over GRE
tunnels.
See http://lisp4.cisco.com or http://lisp6.cisco.com for additional details on the specifics of LISP data plane
and control plane operations.
The remainder of this guide provides configuration tasks for the following LISP roles:
Configuring LISP ITR/ETR (xTR) Functionality
Configuring LISP Map Resolver Functionality
Configuring LISP Map‐Server Functionality
Configuring LISP Proxy ITR Functionality
Configuring LISP Proxy ETR Functionality
Configuring LISP ALT Functionality
Configuring LISP ITR/ETR (xTR) Functionality
Configuring Required LISP ITR/ETR (xTR) Functionality
Perform these tasks to enable and configure LISP ITR/ETR (xTR) functionality when using a LISP Map‐Server and
Map‐Resolver for mapping services for both IPv4 and IPv6 address families.
SUMMARY STEPS
1. configure terminal
2. feature lisp (NX‐OS only)
3. ip|ipv6 lisp itr
4. ip|ipv6 lisp itr map‐resolver map‐resolver‐address
5. ip|ipv6 lisp database‐mapping EID‐prefix/prefix‐length locator priority priority weight weight
6. ip|ipv6 lisp etr
7. ip|ipv6 lisp etr map‐server map‐server‐address key key‐type authentication‐key
8. exit
9. show ip|ipv6 lisp
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
Router(config)#
LISP-8
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Step 2 feature lisp Enable the LISP feature set (if not already configured).
Router(config)# feature lisp Cisco NX‐OS only
LISP-9
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Step 8 exit Exits global configuration mode.
Example :
Router(config)# exit
What to Do Next
After completing the required LISP xTR configurations, proceed to the following section to complete the
optional LISP configuration items as needed.
Configuring Optional LISP ITR/ETR (xTR) Functionality
Perform these tasks to enable and configure optional Cisco IOS LISP supporting functions.
SUMMARY STEPS
1. configure terminal
2. ip|ipv6 lisp etr accept‐map‐request‐mapping [verify]
3. ip|ipv6 lisp ip lisp etr map‐cache‐ttl time‐to‐live
4. lisp loc‐reach‐algorithm {rloc‐probing}
5. ip|ipv6 lisp map‐cache‐limit cache‐limit [reserve‐list list]
6. ip|ipv6 lisp path‐mtu‐discovery {min lower‐bound | max upper‐bound }
7. ip|ipv6 lisp map‐request‐source source‐address
8. exit
9. show ip|ipv6 lisp
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
LISP-10
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Step 3 ip lisp etr map‐cache‐ttl time‐to‐live (Optional) Configures the TTL value, in minutes, inserted into
LISP Map‐Reply messages sent by this ETR.
ip lisp etr map‐cache‐ttl time‐to‐live (Optional) Configures the TTL value, in minutes, inserted into
LISP Map‐Reply messages sent by this ETR.
Example:
Router(config)# ip lisp etr map‐cache‐ttl 720 By default, the TTL value inserted into LISP Map‐Reply messages
Router(config)# ipv6 lisp etr map‐cache‐ttl 720 is 1440 minutes. (24 hours)
Step 4 Cisco IOS/IOS‐XE
[no] lisp loc‐reach‐algorithm {rloc‐probing} (Optional) Enables or disables the use of a LISP locator
reachability algorithm.
Cisco NX‐OS:
[no] lisp loc‐reach‐algorithm {tcp‐count|echo‐ Note The Cisco IOS/IOS‐XE LISP only supports the rloc‐probing
nonce|rloc‐probing} algorithm. The NX‐OS LISP implementation supports two
additional algorithms: tcp‐count and echo‐nonce.
Example: Locator reachability algorithms are address‐family independent.
Router(config)# lisp loc‐reach‐algorithm rloc‐ By default, all locator reachability algorithms are disabled.
probing
LISP-11
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Configuring LISP Map‐Resolver Functionality
Configuring Required LISP Map‐Resolver Functionality
Perform these tasks to enable and configure LISP Map‐Resolver (MR) functionality for both IPv4 and IPv6
address families.
SUMMARY STEPS
Only Cisco NX‐OS supports LISP Map‐Resolver functionality.
Before configuring the router to provide LISP Map‐Resolver functionality, first configure LISP‐ALT
capabilities, as described in the LISP‐ALT section below.
1. configure terminal
2. feature lisp (NX‐OS only)
3. ip|ipv6 lisp map‐resolver
4. exit
5. show ip|ipv6 lisp
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
LISP-12
© 1992-2010 Cisco Systems, Inc. All rights reserved.
What to Do Next
After completing the required LISP Map‐Resolver configurations, proceed to the following section to complete
the optional LISP configuration items as needed.
Configuring Optional LISP Map‐Resolver Functionality
There are no optional LISP Map‐Resolver configuration requirements.
Configuring LISP Map‐Server Functionality
Configuring Required LISP Map‐Server Functionality
Perform these tasks to enable and configure LISP Map‐Server (MS) functionality for both IPv4 and IPv6 address
families.
SUMMARY STEPS
Only Cisco NX‐OS supports LISP Map‐Server functionality.
Before configuring the router to provide LISP Map‐Server functionality, first configure LISP‐ALT
capabilities, as described in the LISP‐ALT section below.
1. configure terminal
2. feature lisp (NX‐OS only)
3. ip|ipv6 lisp map‐server
4. lisp site site‐name
5. description description
6. authentication‐key key‐type password
7. eid‐prefix {EID‐prefix [route‐tag tag]}
8. end
9. show lisp site
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
LISP-13
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Step 4 lisp site site‐name Creates the indicated LISP site and enters LISP Site configuration
mode.
Example:
Router(config)# lisp site Customer‐1
What to Do Next
Repeat Steps 4 through 7 as required in order to configure LISP Site parameters for each LISP site that registers
with this Map‐Server. After completing the required LISP Map‐Server configurations, proceed to the following
section to complete the optional LISP configuration items as needed.
Configuring Optional LISP Map‐Server Functionality
Perform these tasks to enable and configure optional Cisco IOS LISP supporting functions, as appropriate to the
LISP site needs.
SUMMARY STEPS
1. configure terminal
2. lisp site site‐name
3. allowed‐locators {rloc1 [rloc2 [rloc3 [rloc4]]] }
4. end
5. show lisp site
LISP-14
© 1992-2010 Cisco Systems, Inc. All rights reserved.
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
Configuring LISP Proxy‐ITR Functionality
Configuring Required LISP Proxy‐ITR Functionality
Perform these tasks to enable and configure LISP Proxy‐ITR (PITR) functionality for both IPv4 and IPv6 address
families.
SUMMARY STEPS
Before configuring the router to provide LISP Proxy‐ITR functionality, first configure LISP‐ALT
capabilities, as described in the LISP‐ALT section below.
1. configure terminal
2. ip|ipv6 lisp proxy‐itr locator [other address‐family‐locator]
3. exit
4. show ip|ipv6 lisp
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
LISP-15
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Step 2 ip lisp proxy‐itr ipv4‐locator [ipv6‐locator] Configures LISP proxy‐ITR functionality on the router for the
IPv4 address family.
ipv6 lisp proxy‐itr ipv6‐locator [ipv4‐locator] Configures LISP proxy‐ITR functionality on the router for the
IPv6 address family.
Example:
Router(config)# ip lisp proxy‐itr 172.16.8.1 The ipv4‐locator or ipv6‐locator addresses are used as a source
Router(config)# ipv6 lisp proxy‐itr address for encapsulating data packets or Map‐Request
2001:db8:aa::1 messages.
What to Do Next
After completing the required LISP Proxy‐ITR (PITR) functionality, proceed to the following section to complete
the optional LISP configuration items as needed.
Configuring Optional LISP Proxy‐ITR Functionality
There are no optional LISP Proxy‐ITR configuration requirements.
Configuring LISP Proxy‐ETR Functionality
Configuring Required LISP Proxy‐ETR Functionality
Perform these tasks to enable and configure LISP Proxy‐ETR (PETR) functionality for both IPv4 and IPv6 address
families.
SUMMARY STEPS
1. configure terminal
2. ip|ipv6 lisp proxy‐etr
3. exit
4. show ip|ipv6 lisp
DETAILED STEPS
Command or Action Purpose
Step 1 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
LISP-16
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Step 2 ip lisp proxy‐etr Configures LISP proxy‐ETR functionality on the router for the
IPv4 address family.
ipv6 lisp proxy‐etr Configures LISP proxy‐ETR functionality on the router for the
IPv6 address family.
Example:
Router(config)# ip lisp proxy‐etr
Router(config)# ipv6 lisp proxy‐etr
What to Do Next
After completing the required LISP Proxy‐ETR (PETR) functionality, proceed to the following section to complete
the optional LISP configuration items as needed.
Configuring Optional LISP Proxy‐ETR Functionality
There are no optional LISP Proxy‐ETR configuration requirements.
Configuring LISP ALT Functionality
Configuring Required LISP ALT Functionality
Perform these tasks to enable and configure LISP‐ALT (ALT) functionality for both IPv4 and IPv6 address
families.
SUMMARY STEPS
Before configuring the router to use LISP‐ALT functionality, the following steps must first be
completed outside the LISP configuration process.
1. Configure the Virtual Routing and Forwarding (VRF) instance to be used by LISP‐ALT on this device.
The commands for Cisco IOS/IOS‐XE and Cisco NX‐OS differ for this configuration process. Refer to
the respective configuration guides to complete this step.
2. Configure the GRE Tunnels to peer LISP‐ALT routers using the VRF defined in Step 1. Refer to the
respective configuration guides to complete this step.
3. Configure BGP to use the VRF defined in Step 1 for use by the LISP‐ALT. Refer to the respective
configuration guides to complete this step.
After configuring the required VRF, GRE, and BGP configurations listed above, complete the router
configuration to use LISP‐ALT functionality.
LISP-17
© 1992-2010 Cisco Systems, Inc. All rights reserved.
4. configure terminal
5. ip|ipv6 lisp alt‐vrf vrf‐name
6. exit
7. show ip|ipv6 lisp
DETAILED STEPS
Command or Action Purpose
Step 4 configure terminal Enters global configuration mode.
Example :
Router# configure terminal
What to Do Next
After completing the required LISP‐ALT configuration steps, proceed to the following section to complete the
optional LISP configuration items as needed.
Configuring Optional LISP‐ALT Functionality
Perform these tasks to enable and configure optional LISP‐ALT supporting functions, as appropriate to the LISP
site needs.
Optional LISP‐ALT supporting functions mainly involve the configuration of best practices that harden
the implementation of the BGP process supporting the LISP‐ALT. These best practices typical include
configuring options such as: BGP neighbor authentication and/or Time to Live security check, BGP
prefix filtering, and maximum prefix settings.
Configuring LISP: Example
The following example shows a multi‐homed LISP site configuration using Cisco IOS LISP. The topology is
illustrated in Figure 2, and the following information is relevant to the LISP design:
LISP-18
© 1992-2010 Cisco Systems, Inc. All rights reserved.
The LISP site is multi‐homed using two Cisco ISO routers as LISP site edge devices (xTRs). Each LISP xTR
has a single locator (RLOC) to a different Service Provider (SP). The RLOCs in this case are 10.1.1.1 and
10.2.1.1 for xTR1 and xTR2 respectively.
The EID prefix assigned to the LISP site is 192.168.1.0/24 in this example. Each xTR advertises this EID
prefix with its own RLOC, as well as the RLOC associated with the opposite xTR. That is, each xTR is
configured with two ip lisp database‐mapping commands. OSPF is used as the IGP in the LISP site to
maintain internal reachability. The EID prefix is not advertised outside the LISP Site (i.e. within the
RLOC (SP) namespace).
Each xTR is configured to register with the Map‐Server located at 10.30.1.2, using a key of s3cr3t. Note
that this Map‐Server must have a matching configuration in order for the xTRs to register. The
configuration of the Map‐Server is not part of this configuration guide.
Each xTR is configured to send Map‐Request messages to the Map‐Resolver located at 10.30.1.1. The
configuration of the Map‐Resolver is not part of this configuration guide.
Each xTR is configured with a default route toward the upstream SPs.
The topology in Figure 2 also includes an additional LISP site – LISP site B. This site is used to demonstrate
additional functions and aspects of LISP, as well as various results of the configurations of the primary site.
Figure 2 Multi‐Homing LISP Example
LISP configurations are shown for the LISP Site A xTR routers, and the LISP Infrastructure Map‐Server and Map‐
Resolver. (Only the relevant LISP configurations elements are shown.)
LISP-19
© 1992-2010 Cisco Systems, Inc. All rights reserved.
xTR1
hostname xTR1
!
ip cef
lisp loc-reach-algorithm rloc-probing
!
interface LISP0
!
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.252
!
interface Ethernet1/0
ip address 172.16.3.1 255.255.255.252
!
interface Ethernet2/0
ip address 172.16.1.1 255.255.255.252
!
router ospf 1
log-adjacency-changes
passive-interface Ethernet0/0
network 10.1.1.1 0.0.0.0 area 0
network 172.16.1.1 0.0.0.0 area 0
network 172.16.3.1 0.0.0.0 area 0
!
ip lisp database-mapping 192.168.1.0/24 10.1.1.1 priority 1 weight 50
ip lisp database-mapping 192.168.1.0/24 10.2.1.1 priority 1 weight 50
ip lisp itr map-resolver 10.30.1.1
ip lisp itr
ip lisp etr map-server 10.30.1.2 key s3cr3t
ip lisp etr accept-map-request-mapping
ip lisp etr
!
ip route 0.0.0.0 0.0.0.0 10.1.1.2
!
xTR2
hostname xTR2
!
ip cef
lisp loc-reach-algorithm rloc-probing
!
interface LISP0
!
interface Ethernet0/0
ip address 10.2.1.1 255.255.255.252
!
interface Ethernet1/0
ip address 172.16.4.1 255.255.255.252
!
interface Ethernet2/0
ip address 172.16.2.1 255.255.255.252
!
router ospf 1
log-adjacency-changes
passive-interface Ethernet0/0
network 10.2.1.1 0.0.0.0 area 0
network 172.16.2.1 0.0.0.0 area 0
network 172.16.4.1 0.0.0.0 area 0
LISP-20
© 1992-2010 Cisco Systems, Inc. All rights reserved.
!
ip lisp database-mapping 192.168.1.0/24 10.1.1.1 priority 1 weight 50
ip lisp database-mapping 192.168.1.0/24 10.2.1.1 priority 1 weight 50
ip lisp itr map-resolver 10.30.1.1
ip lisp itr
ip lisp etr map-server 10.30.1.2 key s3cr3t
ip lisp etr
!
ip route 0.0.0.0 0.0.0.0 10.2.1.2
!
Map‐Server
hostname MS
!
feature lisp
!
interface Ethernet0/0
ip address 10.30.1.2 255.255.255.248
!
ipv6 lisp map-server
ip lisp map-server
ipv6 lisp alt-vrf lisp
ip lisp alt-vrf lisp
!
lisp site Customer-1
eid-prefix 192.168.1.0/24 route-tag 1234567890
authentication-key 3 76c623b6da0b120e3289d3961c381210
description "Customer-1 LISP Site"
!
Map‐Resolver
hostname MR
!
feature lisp
!
interface Ethernet0/0
ip address 10.30.1.1 255.255.255.248
!
ipv6 lisp map-resolver
ip lisp map-resolver
ipv6 lisp alt-vrf lisp
ip lisp alt-vrf lisp
ip lisp map-request-source 10.30.1.1
ipv6 lisp send-ip-map-reply
!
LISP-21
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Verifying LISP: Example
In order to demonstrate various aspects of LISP, it is most useful to look at the information about LISP Site A
that is received by remote LISP sites. The following output of various show commands illustrates various
aspects of the LISP Site A design, from the perspective of LISP Site A devices:
xTR1
xTR1# show ip lisp
Ingress Tunnel Router (ITR): enabled
Egress Tunnel Router (ETR): enabled
ITR Map-Resolver: 10.30.1.1
ETR Map-Server(s): 10.30.1.2 (00:00:15)
ETR accept mapping data: enabled, verify disabled
ETR map-cache TTL: 24 hours
Locator Status Algorithms:
RLOC-probe algorithm: enabled
Static mappings configured: 0
Map-cache size/limit: 2/1000
Map-cache activity check period: 60 secs
xTR1#
xTR2
xTR2# show ip lisp
Ingress Tunnel Router (ITR): enabled
Egress Tunnel Router (ETR): enabled
ITR Map-Resolver: 10.30.1.1
ETR Map-Server(s): 10.30.1.2 (00:00:57)
ETR accept mapping data: disabled, verify disabled
ETR map-cache TTL: 24 hours
Locator Status Algorithms:
RLOC-probe algorithm: enabled
Static mappings configured: 0
Map-cache size/limit: 1/1000
Map-cache activity check period: 60 secs
xTR2#
The following output of shows the Map‐Server information related to LISP Site A after registration.
MS
MS# show lisp site Customer-1
LISP Site Registration Information for VRF "default"
* = truncated IPv6 address
LISP-22
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Registered locators:
10.1.1.1 (up)
10.2.1.1 (up)
EID-prefix: 153.16.8.0/24
Currently registered: yes
First registered: 06:28:30
Last registered: 00:00:30
Who last registered: 10.1.1.1
Routing table tag: 0x499602d2
Registered locators:
10.1.1.1 (up)
10.2.1.1 (up)
MS#
The following output of various show commands illustrates various aspects of the LISP Site A design, from the
perspective of LISP Site B:
LISP Site B
LISP-B# lig 192.168.1.1
Mapping information for EID 192.168.1.1 from 10.1.1.1 with RTT 4 msecs
192.168.1.0/24, uptime: 00:00:00, expires: 23:59:57, via map-reply, complete
Locator Uptime State Pri/Wgt
10.1.1.1 01:07:37 up 1/50
10.2.1.1 01:07:37 up 1/50
LISP-B# show ip lisp map-cache
LISP Ipv4 Mapping Cache, 2 entries
192.168.1.0/24, uptime : 00 :00 :07, expires : 23 :59 :50, via map-reply, complete
Locator Uptime State Pri/Wgt
10.1.1.1 01:07:43 up 1/50
10.2.1.1 01:07:43 up 1/50
LISP-B#
Additional References
The following sections provide references related to Locator/ID Separation Protocol.
Related Documents
Related Topic Document Title
Cisco IOS LISP Lab Test Configuration Application Note http://lisp4.cisco.com/lisp_tech.html
Cisco IOS LISP Command Reference Guide http://lisp4.cisco.com/lisp_tech.html
Cross‐Platform Release Notes for Cisco IOS Release 15.1XB1 http://lisp4.cisco.com/lisp_down.html
Cross‐Platform Release Notes for Cisco IOS‐XE Release 2.5.1xa http://lisp4.cisco.com/lisp_down.html
Cross‐Platform Release Notes for Cisco NX‐OS Engineering http://lisp4.cisco.com/lisp_down.html
Release based on 5.0
LISP-23
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Standards
Standard Title
No new or modified standards are supported by this release.
MIBs
MIB MIBs Link
None To locate and download MIBs for selected platforms, Cisco IOS software releases, and
feature sets, use Cisco MIB Locator found at the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
draft‐ietf‐lisp‐07 Locator/ID Separation Protocol (LISP)
http://tools.ietf.org/html/draft‐ietf‐lisp‐07
draft‐ietf‐lisp‐alt‐04 LISP Alternative Topology (LISP+ALT)
http://tools.ietf.org/html/draft‐ietf‐lisp‐alt‐04
draft‐ietf‐lisp‐interworking‐01 Interworking LISP with IPv4 and IPv6
http://tools.ietf.org/html/draft‐ietf‐lisp‐interworking‐01
draft‐ietf‐lisp‐lig‐00 LISP Internet Groper (LIG)
http://tools.ietf.org/html/draft‐ietf‐lisp‐lig‐00
draft‐ietf‐lisp‐ms‐05 LISP Map Server
http://tools.ietf.org/html/draft‐ietf‐lisp‐ms‐05
Technical Assistance
Description Link
The Cisco Support website provides extensive online resources, http://www.cisco.com/techsupport
including documentation and tools for troubleshooting and resolving
technical issues with Cisco products and technologies.
To receive security and technical information about your products, you
can subscribe to various services, such as the Product Alert Tool
(accessed from Field Notices), the Cisco Technical Services Newsletter,
and Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website requires a
Cisco.com user ID and password.
LISP-24
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Feature Information for Locator/ID Separation Protocol
Table 1 lists the release history for this feature.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco
Feature Navigator enables you to determine which Cisco IOS software images support a specific software
release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An
account on Cisco.com is not required.
Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given
Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS
software release train also support that feature.
Table 1 Feature Information for Locator/ID Separation Protocol
Feature Name Release Feature Configuration Information
LISP Cisco IOS Release 15.1(1)XB Introduces LISP functionality to IOS for ITR, ETR only.
LISP Cisco IOS Release 15.1(1)XB1 Adds PITR and PETR functionality to IOS
LISP Cisco IOS Release 15.1(1)XB1 Adds IPv6 address family support to LISP for IOS.
LISP Cisco IOS Release 15.1(1)XB2 Adds MR and MS functionality to IOS.
LISP Cisco IOS‐XE Release 2.5.1xa Introduces LISP functionality to IOS‐XE for ITR, ETR, PITR,
and PETR support for IPv4 and IPv6 address families.
LISP Cisco IOS‐XE Release 2.5.1xb Adds MR and MS functionality to IOS XE.
LISP Cisco NX‐OS Engineering Introduces full LISP functionality to NX‐OS (ITR, ETR, PITR,
Release based on 5.0 PETR, MS, MR, LISP‐ALT).
LISP-25
© 1992-2010 Cisco Systems, Inc. All rights reserved.
Send document comments to lisp‐support@external.cisco.com
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED
WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY
PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET
THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE
SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley
(UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the
University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS
IS” WITH ALL FAULTS. CISCO AND THE ABOVE‐NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING,
WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING
FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES,
INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS
MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's
trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective
owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display
output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative
content is unintentional and coincidental.
Cisco LISP Configuration Guide.
© 2010 Cisco Systems, Inc. All rights reserved.
LISP-26
© 1992-2010 Cisco Systems, Inc. All rights reserved.