Implement flexible, efficient LISP-based overlays for cloud, data center, and enterprise
The LISP overlay network helps organizations provide seamless connectivity to devices and workloads wherever they move, enabling open and highly scalable networks with unprecedented flexibility and agility.
LISP Network Deployment and Troubleshooting is the definitive resource for all network engineers who want to understand, configure, and troubleshoot LISP on Cisco IOS-XE, IOS-XR and NX-OS platforms. It brings together comprehensive coverage of how LISP works, how it integrates with leading Cisco platforms, how to configure it for maximum efficiency, and how to address key issues such as scalability and convergence.
Focusing on design and deployment in real production environments, three leading Cisco LISP engineers present authoritative coverage of deploying LISP, verifying its operation, and optimizing its performance in widely diverse environments. Drawing on their unsurpassed experience supporting LISP deployments, they share detailed configuration examples, templates, and best practices designed to help you succeed with LISP no matter how you intend to use it.
This book is the Cisco authoritative guide to LISP protocol and is intended for network architects, engineers, and consultants responsible for implementing and troubleshooting LISP network infrastructures. It includes extensive configuration examples with troubleshooting tips for network engineers who want to improve optimization, performance, reliability, and scalability.
This book covers all applications of LISP across various environments including DC, Enterprise, and SP.
- Review the problems LISP solves, its current use cases, and powerful emerging applications
- Gain in-depth knowledge of LISP’s core architecture and components, including xTRs, PxTRs, MR/MS, ALT, and control plane message exchange
- Understand LISP software architecture on Cisco platforms
- Master LISP IPv4 unicast routing, LISP IPv6 routing, and the fundamentals of LISP multicast routing
- Implement LISP mobility in traditional data center fabrics, and LISP IP mobility in modern data center fabrics
- Plan for and deliver LISP network virtualization and support multitenancy
- Explore LISP in the Enterprise multihome Internet/WAN edge solutions
- Systematically secure LISP environments
- Troubleshoot LISP performance, reliability, and scalability
Table of Contents:
Introduction xvii
Chapter 1 LISP Introduction 1
LISP and the Internet 1
Use Cases for LISP 6
Standards of LISP 9
Summary 10
References 10
Chapter 2 LISP Architecture 13
LISP Architecture 13
LISP Canonical Address Format (LCAF) 20
LISP Packet Headers 24
LISP Control Plane Messages 27
LISP Database Architecture: LISP-DDT 32
LISP Architecture on Cisco Platforms 36
Summary 40
References 40
Chapter 3 LISP IPv4 Unicast Routing 41
LISP IPv4 Unicast Routing Concepts 41
LISP IPv4 Unicast Routing Configuration 51
LISP IPv4 Unicast Routing Control Plane Verification 66
LISP IPv4 Unicast Routing Data Plane Verification 80
Internetworking LISP and Non-LISP Sites 91
Summary 123
References 124
Chapter 4 LISP IPv6 Unicast Routing 125
Address Family Versatility 125
IPv6 Transition Methods 130
Configuring LISP IPv6 Unicast Routing 135
LISP IPv6 Unicast Routing Control Plane Verification 152
LISP IPv6 Unicast Routing Data Plane Verification 174
Summary 181
References 182
Chapter 5 LISP Multicast Routing Fundamentals 183
LISP Multicast Routing Concepts 183
Summary 239
References 239
Chapter 6 LISP IP Mobility in Traditional Data Center Network 241
Design Considerations Related to Interconnecting Data Centers 242
Network Extension Solutions for Interconnecting Data Centers 245
Interconnecting Traditional Data Center Networks 248
Deployment Considerations for Legacy Layer 2 DCI Solutions 253
Interconnecting Multiple VXLAN EVPN Fabrics: A Chronological Evolution 258
Interconnecting ACI Fabrics 266
Workload Mobility Types 276
Traditional IP Mobility Solutions 283
LISP IP Mobility 285
Traditional IPv4 and IPv6 Address Schemas 285
LISP IP Mobility Overview 286
LISP Feature Support by Operating System 337
IP Mobility Using LISP IGP Assist 338
Summary 358
References 359
Chapter 7 LISP IP Mobility in Modern Data Center Fabrics 361
LISP IP Mobility Deployment with Modern Fabrics 361
VXLAN EVPN Multi-Site with LISP IP Mobility 362
ACI Multi-Pod with LISP IP Mobility 380
Summary 431
References 433
Chapter 8 LISP Network Virtualization/Multi-Tenancy 435
Multi-tenancy in the Network 435
LISP Instance ID 438
LISP Virtualization Models 440
LISP Shared Model Virtualization Configuration 444
LISP Parallel Model Virtualization Configuration 455
LISP Virtualization Troubleshooting 482
Summary 494
References 494
Chapter 9 LISP in the Enterprise Multihome Internet/WAN Edge 495
LISP at the Enterprise Edge 495
Configuring LISP at the Enterprise Edge 499
Troubleshooting LISP at the Enterprise Edge 506
LISP Disjoint RLOC Domains 518
Summary 520
References 520
Chapter 10 LISP Security 521
Securing the LISP Control Plane Using LISP-SEC 521
Securing the LISP Data Plane 530
Summary 559
References 559
TOC, 9781587145063, 10/3/19
About the Author :
Tarique Shakil, CCIE No. 37319 (Service Provider, Data Center, and Security), CCSI #32545, CISSP (ISC2), CCSP (ISC2), VCP-DCV, is an Architect with the Cisco Customer Experience (CX) Data Center New Product Management team, specializing in softwaredefined networking (SDN) and cloud technologies. His previous experience with Cisco includes working as a high touch technical support engineer supporting Cisco premium customers for enterprise routing and service provider technologies. In his current role, Tarique leads the incubation of the latest SDN and cloud solutions, which includes working closely with engineering. Tarique has been involved in products such as Application Centric Infrastructure (ACI), Data Center Network Manager, and Virtual Topology Systems (VTS). He was also part of a startup, Candid Systems, that brought the Network Assurance Engine (NAE) to market. His areas of interest and expertise include data center virtualization, programmable fabric, network assurance, cloud data center security, and SDN. He holds a bachelor’s degree in telecommunications engineering. Tarique can be found on LinkedIn at www.linkedin.com/in/tarique-shakil-cisco.
Vinit Jain, CCIE No. 22854 (R&S, Service Provider, Security, and Data Center), is a technical leader with the Cisco Customer Experience (CX), supporting customers and TAC teams around the world. For the past 10 years, Vinit has worked for the Cisco TAC and High Touch Technical Support (HTTS) organizations, supporting several customers in enterprise, service provider, and data center environments. Vinit has been a speaker at various global networking forums, including Cisco Live events. Vinit has also authored other Cisco Press books, including Troubleshooting BGP and Troubleshooting Cisco Nexus Switches and NX-OS, and he has worked on the NX-OS and BGP Troubleshooting Live Lesson series. Prior to Joining Cisco, Vinit worked as a CCIE trainer and as a network consultant. In addition to his CCIEs, Vinit holds multiple certifications related to programming and databases. Vinit studied mathematics at Delhi University and received a master’s in information technology from Kuvempu University in India. Vinit can be found on Twitter at @VinuGenie.
Yves Louis attended the Control Data Institute in Paris (Diplôme d’Ingénieur), where he majored in computing. Yves is a pre-sales engineer covering data center networking as a technical solution architect at Cisco Systems. Yves focuses on fabric design and the architecture of modern data center network–based VXLAN EVPN transport and the Application Centric Infrastructure (ACI) technology. Yves also supports the Data Center Network Manager (DCNM) software framework for the next generation of data centers that rely on VXLAN EVPN for visibility, control, and fabric automation, including VXLAN EVPN Multi-site infrastructures. He also works with the Network Assurance Engine (NAE) solution, deployed in conjunction with the ACI architecture. Yves is an expert on data center interconnection solutions and has written several public technical articles at Cisco and in his personal blog related to business continuity which you can find at, http://yves-louis.com/DCI/.
