version 0.2 22 march 2012 - cisco › c › dam › global › hr_hr › assets › ...© 2012 cisco...
TRANSCRIPT
-
Cisco Public © 2012 Cisco and/or its affiliates. All rights reserved. 2
LISP - innovative mobility w/ Cisco Architectures Gerd Pflueger – Consulting Systems Engineer – Central Europe [email protected]
Version 0.2 22 March 2012
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Cisco is developing a new, innnovative routing architecture, which helps w/ the separation of the host addressing from the actual location. Within multiple RFCs the new architecture of LISP (Locator/ID Separation Protocol) was documented and discussed in the IEFT. Beside of countless other functions, like IP address portability, VM mobility or large scale VPN, LISP will allow the following functionality for mobile communication: - simultaneous load balancing and multihoming for ingress and egress communication w/ different media (WLAN, Edge, UMTS, LTE) and - IPv6 mobility - keep IPv6 address even w/ roaming and connecting over IPv4 networks. The presentation will explain the basics on LISP and will discuss the opportunities of LISP with mobile communication. The presenter will show to of the latest use cases from airline industries and automotive communication. He will also demonstrate the actual LISP implementation on an Android mobile.
-
Cisco Public 4 © 2011 Cisco and/or its affiliates. All rights reserved.
• What is LISP?
• Usecases incl. IPv6-Solutions
• Example - LHSys
• Example - Car-Communication
• Example - Android Phone
• Q&A
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Without LISP
§ LISP originally conceived to address Internet Scaling
Many customers have been reques2ng Cisco to look into this issue “…. rou'ng scalability is the most important problem facing the Internet today and must be solved….” A;endees of IAB workshop in October 2006 (wri;en in RFC4984)
LISP – A Solu2on to Real World Problems
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
• LISP is completely open Started in the IRTF Currently has an IETF working group No known IPR
• 100s of Researchers and Operators Contributed to Design
• Multiple Vendors Interested
• Pilot Network up for nearly 4 years 121 nodes in 25 countries
• Building a LISP-MN Pilot Network Testing server capabilities on Android phones Experimenting new mapping database systems and security mechanisms
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Locator/ID split enables other (more important) benefits…
Internet
Device IPv4 or IPv6 address represents identity and
location
x.y.z.1
When the device moves, it gets a new IPv4 or IPv6 address for its new identity
and location w.z.y.9
Device IPv4 or IPv6 address represents
identity only
When the device moves, keeps its IPv4 or IPv6 address.
It has the same identity
Internet
a.b.c.1 e.f.g.7
Only the location changes
x.y.z.1
x.y.z.1
§ Today’s Internet Behavior
§ LISP Behavior
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Prefix Next-hop w.x.y.1 e.f.g.h x.y.w.2 e.f.g.h z.q.r.5 e.f.g.h z.q.r.5 e.f.g.h
MS
ITR
PTR
ETR
ETR
Non-LISP
EID Space
EID Space
RLOC Space
EID RLOC a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
EID RLOC a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
EID RLOC a.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
Map DB
§ EID (Endpoint Identifier) is the host IP address
§ Creates a “Level of indirection” by using two namespaces – EID and RLOC
§ RLOC (Routing Locator) is the infrastructure IP address of the LISP router
§ Mapping Database (M-DB) is the distributed database and policy repository
§ Network-‐based solu
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
LISP IPv4 EID/IPv4 RLOC Header Example
IPv4 Outer Header: Router supplies RLOCs
IPv4 Inner Header: Host supplies EIDs
LISP header
UDP
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
LISP Encapsulation Combinations – IPv4 and IPv6 Supported
IPv4/IPv4
IPv4 Outer
Header
IPv4 Inner
Header
UDP LISP
IPv4/IPv6
IPv4 Outer
Header
IPv6 Inner
Header
UDP LISP
IPv6/IPv4
IPv6 Outer
Header
IPv4 Inner
Header
UDP LISP
IPv6/IPv6
IPv6 Outer
Header
IPv6 Inner
Header
UDP LISP
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
RC 172.16.10.0/24
172.16.20.0/24
10.1.1.0/30 10.2.1.0/30
10.0.0.0/30 .3
.2 .2 .1
.2 .2
Lo0 153.16.1.1/32
RA3
Lo0 153.16.2.1/32
RB3 RA1-xTR
RB1-xTR
.1
.1 RLOC
.1
RLOC
2.0.0.1/8 Lo0
4.0.0.1/8 Lo0 3.0.0.1/8
Lo0
193.159.224.1/24 Lo0
.1 RI-MS/MR
LISP A LISP B
RA2-xTR 10.1.2.0/30
1.0.0.1/8 Lo0
.1
RLOC
.2 10.2.2.0/30 .2 .1
EID-prefixes LISP Site A
172.16.10.0/24 153.16.1.1/32 153.16.1.2/32
EID-prefixes LISP Site B
172.16.20.0/24 153.16.2.1/32
EID (S)
EID (D)
MR - MS
Mapping Database (ETR) and Map Cache (ITR)
10.2.1.1 -> 10.0.0.1 1 LISP Map-Register
153.16.2.1/32
2 MS and MR
on a single router. No ALT advertisement
1
ETR – Registration
153.16.1.1 -> 153.16.2.1 3
How do I get to 153.16.2.1? 4
Map Request
55
10.1.2.1 -> 10.0.0.1 5 LISP ECM to MR
10.1.2.1 -> 153.16.2.1 5 Map-Request to ETR
10.0.0.1 -> 10.2.1.1 6 LISP ECM to ETR
10.1.2.1 -> 153.16.2.1 6 Map-Request to ETR
6
10.2.1.1 -> 10.1.2.1 Map-Reply to iTR
153.16.2.1/32 10.2.1.1 [1,50] 10.2.2.1 [10,50]
7
7
3
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
RC 172.16.10.0/24
172.16.20.0/24
10.1.1.0/30 10.2.1.0/30
10.0.0.0/30 .3
.2 .2 .1
.2 .2
Lo0 153.16.1.1/32
RA3
Lo0 153.16.2.1/32
RB3 RA1-xTR
RB1-xTR
.1
.1 RLOC
.1
RLOC
2.0.0.1/8 Lo0
4.0.0.1/8 Lo0 3.0.0.1/8
Lo0
193.159.224.1/24 Lo0
.1 RI-MS/MR
LISP A LISP B
RA2-xTR 10.1.2.0/30
1.0.0.1/8 Lo0
.1
RLOC
.2 10.2.2.0/30 .2 .1
EID-prefixes LISP Site A
172.16.10.0/24 153.16.1.1/32 153.16.1.2/32
EID-prefixes LISP Site B
172.16.20.0/24 153.16.2.1/32
EID (S)
EID (D)
MR - MS
RC
Unicast Packet Forwarding
This policy controlled by destination site
EID-prefix: 153.16.2.1/32 Locator-set: 10.2.1.1, priority: 1, weight: 50 (D1) 10.2.2.1, priority: 10, weight: 50 (D2)
Mapping Entry
153.16.1.1 -> 153.16.2.1 4
2 3
1
153.16.1.1 -> 153.16.2.1 2
10.1.2.1 -> 10.2.1.1
4
153.16.1.1 -> 153.16.2.1 1 153.16.1.1 -> 153.16.2.1 3
10.1.2.1 -> 10.2.1.1
-
Cisco Public 13 © 2011 Cisco and/or its affiliates. All rights reserved.
• What is LISP?
• Usecases incl. IPv6-Solutions
• Example - LHSys
• Example - Car-Communication
• Example - Android Phone
• Q&A
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
IPv6 Transition Support
§ v6-over-v4, v6-over-v6 § v4-over-v6, v4-over-v4
IPv4 Internet IPv6 Internet
v6
v6 v4 v6
LISP router LISP
router v6 services
VM-Mobility
§ Cloud / Layer 3 VM moves § Segmentation
Data Center 1
Data Center 2
a.b.c.1 VM
a.b.c.1 VM
VM move
LISP router
LISP router
Internet
VPNs and Segmentation
§ Over-the-Top § Multi-tenency
HQ LISP Site
Internet
Data Center
User Network
Remote LISP Site
Remote LISP Site Remote
LISP Site Remote
LISP Site . . 10k . .
Efficient Multi-Homing
§ IP Portability § Ingress Traffic Engineering without BGP
LISP routers
LISP Site
Internet
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Needs: − Rapid IPv6 Deployment
− Minimal Infrastructure disruption
LISP Solution: − LISP encapsulation is Address Family agnostic
IPv6 interconnected over IPv4 core
IPv4 interconnected over IPv6 core
Benefits: − Accelerated IPv6 adoption − Minimal added configurations
− No core network changes − Can be used as a transitional or permanent solution
IPv4 Internet
IPv6 Internet
v6
v6 v4 PxTR
IPv4 Core
v6
xTR v6 service
IPv4 Internet IPv4 Enterprise
Core
v6 v4
v6 island IPv4 Enterprise Core
xTR v6 island
xTR
IPv6 Internet
IPv4 access & Internet
PxTR v6
v6 home Network
.
v6 home Network
v6 home Network
xTR
xTR
xTR
PxTR
PxTR
v6
. v6 site
v6 v4
Connecting IPv6 Islands
IPv6 Service Support
IPv6 Access Support
v6
v6
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
RC 172.16.10.0/24
172.16.20.0/24
10.1.1.0/30 10.2.1.0/30
10.0.0.0/30 .3
.2 .2
.1 .2
.2
Lo0 153.16.1.1/32
RA3
Lo0 153.16.2.1/32
RB3 RA1-xTR
RB1-xTR
.1
.1 RLOC
.1
RLOC
2.0.0.1/8 Lo0
4.0.0.1/8 Lo0 3.0.0.1/8
Lo0
193.159.224.1/24 Lo0
.1 RI-MS/MR
LISP A LISP B
RA2-xTR 10.1.2.0/30
1.0.0.1/8 Lo0
.1
RLOC
.2 10.2.2.0/30 .2 .1
EID-prefixes LISP Site A
172.16.10.0/24 153.16.1.1/32 153.16.1.2/32
EID-prefixes LISP Site B
172.16.20.0/24 153.16.2.1/32
EID (S) EID (D)
MR - MS
hostname RI ip lisp map-resolver ip lisp map-server lisp site LISP-A eid-prefix 153.16.1.0/24 eid-prefix 172.16.10.0/24 authentication-key 3 9125d59c18a9b015 description LISP SITE A lisp site LISP-B eid-prefix 153.16.2.0/24 eid-prefix 172.16.20.0/24 authentication-key 3 9125d59c18a9b015 description LISP SITE B
hostname RA2 ip route 0.0.0.0/0 10.1.2.2 ip route 10.1.1.1/32 10.1.2.2 ip route 153.16.1.0/24 172.16.10.3 ip lisp itr-etr ip lisp database-mapping 153.16.1.0/24 10.1.2.1 priority 1 weight 50 ip lisp database-mapping 172.16.10.0/24 10.1.2.1 priority 1 weight 50 ip lisp database-mapping 153.16.1.0/24 10.1.1.1 priority 1 weight 50 ip lisp database-mapping 172.16.10.0/24 10.1.1.1 priority 1 weight 50 ip lisp itr map-resolver 10.0.0.1 ip lisp etr map-server 10.0.0.1 key 3 9125d59c18a9b015
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
RC
2010::/48
10.1.1.0/30 10.2.1.0/30 10.0.0.0/30
2010::3
.2 .2 .2
RA3
2020::/48 EID
RB3 RA1-xTR
RB1-xTR
.1 RLOC
.1
RLOC
193.159.224.1/24 Lo0
.1 RI-MS/MR
LISP A LISP B
RA2-xTR 10.1.2.0/30
.1
RLOC
EID
10.2.2.0/30 .2 .1
2010::1
2010::2
2020::2
2020::1
RA2# sh run lisp ip lisp itr-etr ipv6 lisp itr-etr ipv6 lisp database-mapping 2010::0003/128 10.1.1.1 priority 1 weight 50 ipv6 lisp database-mapping 2010::0003/128 10.1.2.1 priority 1 weight 50 ip lisp ... ipv6 lisp itr map-resolver 10.0.0.1 ip lisp itr map-resolver 10.0.0.1 ipv6 lisp etr map-server 10.0.0.1 key 3 9125d59c18a9b015 ip lisp etr map-server 10.0.0.1 key 3 9125d59c18a9b015 RA2#
RI# sh run lisp ipv6 lisp map-resolver ip lisp map-resolver ipv6 lisp map-server ip lisp map-server lisp loc-reach-algorithm rloc-probing lisp site LISP-A eid-prefix 2010::/48 accept-more-specifics eid-prefix 153.16.1.0/24 eid-prefix 172.16.10.0/24 authentication-key 3 9125d59c18a9b015 description LISP SITE A lisp site LISP-B eid-prefix 2020::/48 accept-more-specifics eid-prefix 153.16.2.0/24 eid-prefix 172.16.20.0/24 authentication-key 3 9125d59c18a9b015 description LISP SITE B RI#
-
Cisco Public 18 © 2011 Cisco and/or its affiliates. All rights reserved.
• What is LISP?
• Usecases incl. IPv6-Solutions
• Example - LHSys
• Example - Car-Communication
• Example - Android Phone
• Q&A
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
• Seamless roaming for passenger and LHSys - Internet Access - private VPN tunnel (passenger and LHSys)
• Optimal traffic flow (local breakout, return)
• Same IP-addr. for plane network (192.168.1.0/24)
• Unique IP-addr. for plane D-ABFT = 10.11.35.73/32 à EID à NAT/PAT à WiMax-Link-Addr.
• No additional HW at the plane (!!!)
• 2 x Intel Platform HW: LISP-VM auf ESX or KVM incl. Windows 2008 R2 servers as VM
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
xTR
PTR
xTR xTR
D-ABFT = 10.11.35.73/32
LHSYS Server
www.yahoo.com
LHSYS FW
Plane Net
xTR IR DB
RLOC (IPv4/IPv6) EID (IPv4/IPv6)
EID (IPv4/IPv6)
RLOC RLOC RLOC
RLOC
EID (IPv4/IPv6)
-
Cisco Public 21 © 2011 Cisco and/or its affiliates. All rights reserved.
• What is LISP?
• Usecases incl. IPv6-Solutions
• Example - LHSys
• Example - Car-Communication
• Example - Android Phone
• Q&A
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
• Multiple IPv6 Networks (/48 and /64) in the car (EIDs)
• Secure, scalable connection to HQ and to the Internet - secure = integrated encryption, if needed - scalable = 1-2 mio MN per year w/ lifespan of 5-10 years
• Parallel use of different connections (WiFi, GMS, LTE, …) (RLOCs)
• Prioritizing of connections (due to speed, cost, …)
• Shortest Path (limited proxies)
• Lean client (LISP MN) in the car possible (HW or SW)
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
PTR
Car DB
Car Apps
Car IPv6 Net = EID
xTR DB
xTR
RLOC (WiFi, GSM, LTE, …)
RLOC
RLOC RLOC
EID
RLOC (IPv4/IPv6) EID (IPv6)
EID
-
Cisco Public 24 © 2011 Cisco and/or its affiliates. All rights reserved.
• What is LISP?
• Usecases incl. IPv6-Solutions
• Example - LHSys
• Example - Car-Communication
• Example - Android Phone
• Q&A
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
3G/4G Network WiFi Network
EID: 2610:00d0:xxxx::1/128
64.0.0.1 65.0.0.1
dynamic RLOCs
static EID
dino.cisco.com
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
This phone is a LISP site!
Map-Server: 64.1.1.1
64.0.0.1
65.0.0.1
wifi
3G
(1) 2 MNs can roam and stay connected (2) MNs can be servers (3) MNs roam without changing DNS entries (4) MNs can use multiple interfaces (5) MNs can control ingress packet policy (6) Faster hand-offs (7) Low battery use by MS proxy-replying (8) And most importantly, packets have stretch of 1 so latency is best for delay sensitive applications
LISP-MN can scale to 1 billion hand-sets!
EID-prefix: 2610:00d0:xxxx::1/128
-
Cisco Public 27 © 2011 Cisco and/or its affiliates. All rights reserved.
• What is LISP?
• Usecases incl. IPv6-Solutions
• Example - LHSys
• Example - Car-Communication
• Example - Android Phone
• Q&A
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
• With real implementation experience! • With real deployment experience!
• With real customer engagement!
• http://www.lisp4.net & http://www.lisp6.net
• http://lisp.cisco.com
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
• Platforms to date: ISR, ISRG2, 7200 (IOS) ASR 1K (IOS-XE) Nexus 7K, UCS c200, Titanium PC (NX-OS) NX-OS on VMware and KVM LISP-MN on Nexus 1 and Nexus S phones (Android Gingerbread) LISP-MN on Linux (lispmob.org) – public domain
• Platforms this year: CRS 3 and ASR 9K (IOS-XR) Catalyst 6K (IOS) Linksys (Linux/OpenWrt) – public domain Cius Tablet (Android Froyo)
LISP Platform Products Shipping
-
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
-
Thank you.