Genie's Tech Blog

Where knowledge has no dimensions

LISP Overview

Hello Friends

Today we are going to discuss about a one of the very hot topics in the network industry i.e. LISP - Locator/ID Separation Protocol. A Cisco proprietary protocol defined in RFC 6830, is a routing and addressing architecture that implements a new semantic of IP Addressing. LISP creates two addresses one for each network node - EID (End-Point Identifiers) which are assigned to end hosts for their identity and RLOCs (Routing Locators) which is used for identifying their location in the network. Each node in the network has one EID but may have multiple and variable RLOCs. LISP thus provides a mapping service between them.

EID Addresses: Consists of IP addresses and prefixes identifying end-points. EID reachability across LISP sites is achieved by resolving EID-to-RLOC mappings

RLOC Addresses: Consists of IP Addresses and prefixes identifying the different routers in the IP network. Reachability achieved within RLOC space though traditional routing methods.

LISP Terminologies

Map-Server (MS): An MS is a LISP infrastructure device that LISP site Edge Tunnel Routers (ETRs) register to with their EID prefixes. The MS advertises aggregates for the registered EID prefixes into the LISP mapping system. All Lisp use the LISP mapping system to resolve EID-to-RLOC mappings.

Map-Resolver (MR): An MR is a LISP infrastructure device to which LISP site Ingress Tunnel Routers (ITRs) send LISP Map-Request queries when resolving EID-to-RLOC mappings.

Ingress Tunnel Router (ITR): An ITR is a LISP Site edge device that receives packets from site-facing interfaces (internal hosts) and encapsulates them to remote LISP sites, or natively forwards them to non-LISP sites.

Egress Tunnel Router (ETR): An ETR is a LISP site edge device that receives packets from core facing interfaces and decapsulates LISP packets and delivers them to local EIDs at the site.


In the above diagram, an xTR router will be configured as ITR and ETR. There is a core router acting as a  MS/MR. Please note that each xTR router must be configured with the MS and MR address.

Lets now have a look at the configuration:

Config on xTR1:
===============
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.1.12.1 255.255.255.252
 duplex full
!
interface FastEthernet1/0
 ip address 192.168.1.2 255.255.255.0
 speed auto
 duplex auto
!
router lisp
 database-mapping 4.4.4.4/32 10.1.12.1 priority 1 weight 100
 database-mapping 192.168.1.0/24 10.1.12.1 priority 1 weight 100
 ipv4 itr map-resolver 2.2.2.2
 ipv4 itr
 ipv4 etr map-server 2.2.2.2 key genie
 ipv4 etr
 exit
!
router ospf 100
 network 192.168.1.2 0.0.0.0 area 0
 default-information originate always
!
ip route 0.0.0.0 0.0.0.0 10.1.12.2
!

Similar Configuration on xTR2

Config on MS_MR:
===============
vrf definition lisp
 rd 1:1
 !
 address-family ipv4
 exit-address-family
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.1.12.2 255.255.255.252
 duplex full
!
interface FastEthernet1/0
 ip address 10.1.23.1 255.255.255.252
 speed auto
 duplex auto
!
router lisp
 site Site-A
  authentication-key genie
  eid-prefix 4.4.4.4/32
  eid-prefix 192.168.1.0/24
  exit
 !
 site Site-B
  authentication-key genie
  eid-prefix 5.5.5.5/32
  eid-prefix 192.168.2.0/24
  exit
 !
 ipv4 map-server
 ipv4 map-resolver
 ipv4 alt-vrf lisp
 exit
!
ip route 1.1.1.1 255.255.255.255 10.1.12.1
ip route 3.3.3.3 255.255.255.255 10.1.23.2
!

Please note that the CE1 and CE2 routers are having regular configuration with OSPF neighborship between CE1 and xTR1 and CE2 and xTR2 respectively. The CE1 and CE2 are having loopback of 4.4.4.4/32 and 5.5.5.5/32 respectively.

Once this configuration is done (MS_MR and xTR routers are configured) , we could see that the xTR routers start registering to the MS_MR:

Output on MS_MR:
================
MS_MR#sh lisp site summary
                     ----------- IPv4 ----------- ----------- IPv6 -----------
Site name            Configured Registered Incons Configured Registered Incons
Site-A                        2          2      0          0          0      0
Site-B                        2          2      0          0          0      0

Number of configured sites:                     2
Number of registered sites:                     2
Sites with inconsistent registrations:          0
IPv4
  Number of configured EID prefixes:            4
  Number of registered EID prefixes:            4
IPv6
  Number of configured EID prefixes:            0
  Number of registered EID prefixes:            0
MR_MS#

Also note that in the "show lisp site" output, the Up column value should be seen as "yes"

Output on MS_MR:
===============
MS_MR#sh lisp site
LISP Site Registration Information

Site Name      Last      Up   Who Last             Inst     EID Prefix
               Register       Registered           ID
Site-A         00:00:15  yes  10.1.12.1                     4.4.4.4/32
               00:00:15  yes  10.1.12.1                     192.168.1.0/24
Site-B         00:00:55  yes  10.1.23.2                     5.5.5.5/32
               00:00:55  yes  10.1.23.2                     192.168.2.0/24
MS_MR#

Now, lets have a look at the RIB and the CEF table:

Output on xTR1:
===============
xTR1#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
  Known via "ospf 100", distance 110, metric 2, type intra area
  Last update from 192.168.1.1 on FastEthernet1/0, 4d17h ago
  Routing Descriptor Blocks:
  * 192.168.1.1, from 4.4.4.4, 4d17h ago, via FastEthernet1/0
      Route metric is 2, traffic share count is 1

xTR1#sh ip route 5.5.5.5
% Network not in table

xTR1#sh ip cef 5.5.5.5 det
5.5.5.5/32, epoch 0, flags subtree context, check lisp eligibility, default route
  SC owned: LISP remote EID - locator status bits 0x00000001
  LISP remote EID: 4 packets 400 bytes fwd action encap
  LISP source path list
    nexthop 10.1.23.2 LISP0
  2 IPL sources [active source]
   Dependent covered prefix type inherit, cover 0.0.0.0/0
  recursive via 0.0.0.0/0
    recursive via 10.1.12.2
      attached to FastEthernet0/0

We can see that though there is no information in the RIB, the FIB has an entry pointing towards the LISP0 interface which means it understands that it needs to encapsulate the packet (the fwd action is encap). Please note that this output will be seen when we first initated the ping from CE1 towards CE2. Before even initiating the ping or by performing "clear ip lisp map-cache *" we will see that it doesn't has the locator ID or information of the locator:

Output on xTR1:
===============
xTR1#sh ip cef 5.5.5.5 det
0.0.0.0/0, epoch 0, flags cover dependents, check lisp eligibility, default route
  LISP remote EID: 0 packets 0 bytes fwd action signal, cfg as EID space
  LISP source path list
    attached to LISP0
  Covered dependent prefixes: 1
    notify cover updated: 1
  1 IPL source [no flags]
  recursive via 10.1.12.2
    attached to FastEthernet0/0
xTR1#

Now, lets enable the debugs on xTR1 (debug lisp adj) and initiate a ping from CE1 towards 5.5.5.5, we see the following:

*Apr 25 17:20:24.175: LISPdata-signal: sending signal for 192.168.1.1->5.5.5.5 on in IPv4:Default
*Apr 25 17:20:24.515: LISPadj: IP adj out of LISP0, addr 10.1.23.2 (incomplete) stack to 10.1.23.2 in IPv4:Default
*Apr 25 17:20:24.527: LISPadj: IP adj out of LISP0, addr 10.1.23.2 (incomplete) output chain picked IP adj out of FastEthernet0/0, addr 10.1.12.2 675C33E0 for via_fib 10.1.23.2/32
*Apr 25 17:20:24.531: LISPadj: IP adj out of LISP0, addr 10.1.23.2 (incomplete) Skip reeval, adj not sourced
*Apr 25 17:20:24.531: LISPadj: IP adj out of LISP0, addr 10.1.23.2 (incomplete) adding LISP source
*Apr 25 17:20:24.535: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 (incomplete) output chain picked IP adj out of FastEthernet0/0, addr 10.1.12.2 675C33E0 for via_fib 10.1.23.2/32
*Apr 25 17:20:24.539: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 (incomplete) Skip reeval, adj not sourced
*Apr 25 17:20:24.543: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 (incomplete) no en
xTR1#cap, state is not initialized, not active
*Apr 25 17:20:24.547: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 (incomplete) found terminal adj IP adj out of FastEthernet0/0, addr 10.1.12.2 MTU 1500 pre adj encap 0
*Apr 25 17:20:24.547: LISPadj: LISP0 IP min MTU 65535 -> 1464
*Apr 25 17:20:24.551: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 (incomplete) pick source RLOC 10.1.12.1 MTU 1464
*Apr 25 17:20:24.555: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 output chain picked IP adj out of FastEthernet0/0, addr 10.1.12.2 675C33E0 for via_fib 10.1.23.2/32
*Apr 25 17:20:24.559: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 found terminal adj IP adj out of FastEthernet0/0, addr 10.1.12.2 MTU 1500 pre adj encap 0
*Apr 25 17:20:24.559: LISPadj: IP midchain out of LISP0, addr 10.1.23.2 pick source RLOC 10.1.12.1 MTU 1464
xTR1#
Thus, the xTR actually reaches out to the map-resolver before sending the packet towards the remote CE router. We can also check the map-cache to see the entries it has:

xTR1#sh ip lisp map-cache
LISP IPv4 Mapping Cache for EID-table default (IID 0), 2 entries

0.0.0.0/0, uptime: 00:05:11, expires: never, via static send map-request
  Negative cache entry, action: send-map-request
5.5.5.5/32, uptime: 00:04:16, expires: 23:55:36, via map-reply, complete
  Locator    Uptime    State      Pri/Wgt
  10.1.23.2  00:04:16  up           1/100
xTR1#
We can see the entry for prefix 5.5.5.5/32. Now if we ping to 192.168.2.2, we shall see another entry

xTR1#sh ip lisp map-cache
LISP IPv4 Mapping Cache for EID-table default (IID 0), 3 entries

0.0.0.0/0, uptime: 00:06:59, expires: never, via static send map-request
  Negative cache entry, action: send-map-request
5.5.5.5/32, uptime: 00:06:05, expires: 23:53:47, via map-reply, complete
  Locator    Uptime    State      Pri/Wgt
  10.1.23.2  00:06:05  up           1/100
192.168.2.0/24, uptime: 00:00:04, expires: 23:59:48, via map-reply, complete
  Locator    Uptime    State      Pri/Wgt
  10.1.23.2  00:00:04  up           1/100
xTR1#
Hope this clarifies the working behavior of LISP.
Feel free to reach out to me in case of any queries.

Cheers...!!!
Genie
Comments are closed