Upload
duncan-ferris
View
215
Download
1
Tags:
Embed Size (px)
Citation preview
1© 2011 Cisco and/or its affiliates. All rights reserved.
Locator/ID Separation ProtocolOverview
Roque Gagliano
SWINOG – November 2011
© 2011 Cisco and/or its affiliates. All rights reserved. 2
LISP Overview
LISP Core Use Cases
LISP Developments
LISP Summary
LISP References
© 2011 Cisco and/or its affiliates. All rights reserved. 3
IP addressing overloads location and identity – leading to Internet scaling issues
Why current IP semantics cause scaling issues?
−Overloaded IP address semantic makes efficient routing impossible
− Today, “addressing follows topology,” which limits route aggregation compactness
− IPv6 does not fix this
Why are route scaling issues bad?
−Routers require expensive memory to hold Internet Routing Table in forwarding plane
− It’s expensive for network builders/operators
−Replacing equipment for the wrong reason (to hold the routing table); replacement should be to implement new features
“… routing scalability is the most important problem facing the Internet today and must be solved … ”
Internet Architecture Board (IAB)October 2006 Workshop (written as RFC 4984)
“… routing scalability is the most important problem facing the Internet today and must be solved … ”
Internet Architecture Board (IAB)October 2006 Workshop (written as RFC 4984)
© 2011 Cisco and/or its affiliates. All rights reserved. 4
Today’s Internet BehaviorLocator/ID “overload”
LISP BehaviorLocator/ID “split”
In this model, everything goes in the “Default Free Zone” (DFZ)
In this model, only RLOCs go in the DFZ;EIDs go in the LISP Mapping System!
Internet
Internet
DFZ
DFZMap System
LISPMapping System
© 2011 Cisco and/or its affiliates. All rights reserved. 5
LISP creates a Level of indirection with two namespaces: EID and RLOCLISP creates a Level of indirection with two namespaces: EID and RLOC
EID (Endpoint Identifier) is the IP address of a host – just as it is today
RLOC (Routing Locator) is the IP address of the LISP router for the host
EID-to-RLOC mapping is the distributed architecture that maps EIDs to RLOCs
Non-LISP
RLOC SpaceRLOC Space
EID-to-RLOC
mapping
EID-to-RLOC
mapping
xTR
EID SpaceEID SpacexTR
EID RLOCa.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
MS/MR
PxTR
xTR
EID RLOCa.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
EID RLOCa.a.a.0/24 w.x.y.1 b.b.b.0/24 x.y.w.2 c.c.c.0/24 z.q.r.5 d.d.0.0/16 z.q.r.5
EID SpaceEID Space
© 2011 Cisco and/or its affiliates. All rights reserved. 6
IP encapsulation scheme
Decouples host IDENTITY and LOCATION
Dynamic IDENTITY-to-LOCATION mapping resolution
Address Family agnostic day-one
Minimal Deployment Impact
No changes to end systems or core
Minimal changes to edge devices
Incrementally deployable
LISP/LISP and non-LISP/LISP considered day-one
v4 RLOCv4 EID v4 EID
v6 RLOCv4 EID v4 EID
v4 RLOCv6 EID v6 EID
v6 RLOCv6 EID v6 EID
© 2011 Cisco and/or its affiliates. All rights reserved. 7
LISP Map Lookup is analogous to a DNS lookup DNS resolves IP addresses for URLs
LISP resolves locators for queried identities
DNS URL Resolution
LISPIdentity-to-location Map Resolution
host
[ who is lisp.cisco.com] ?
LISP router
DNSServer
LISP Mapping System
[153.16.5.29, 2610:D0:110C:1::3 ]
[ where is 2610:D0:110C:1::3] ?
[ location is 128.107.81.169 ]
© 2011 Cisco and/or its affiliates. All rights reserved. 8
IPv4 Outer Header: Router supplies
RLOCs
IPv4 Inner Header:Host supplies
EIDs
LISP Header:
UDP:
© 2011 Cisco and/or its affiliates. All rights reserved. 9
InternetS LISP
router
D
x.y.z.1
a.b.c.1LISP
router
r.s.t.7
e.f.g.9
LISPLISP
© 2011 Cisco and/or its affiliates. All rights reserved. 10
• Messages:- Map-Request: An ITR requesting RLOC for an EID- Map-Reply: Response to a Map-Request- Map-Register: An ETR registration of EID/RLOCs to Map-Server- Map-Notify: Confirmation from Map-Server to ETR that registration was successful.
• Advance Features (no time to go into details):- Traffic engineering using Priority and Weight- LISP Multicast- Dynamic RLOC configuration- RLOC Reach-ability Algorithms- Negative-Map-Replies- Solicited-Map-Request
© 2011 Cisco and/or its affiliates. All rights reserved. 11
Cisco-operated ~ 4 years operational > 130+ sites, 25 countries
Nine implementations Deployed today…
Cisco: IOS, IOS-XE, NX-OS FreeBSD: OpenLISP Linux/OpenWrt Android (Gingerbread) Two other router vendor http://www.lisp4.net
http://lisp.cisco.com
http://www.lisp6.facebook.com
http://www6.eudora.comhttp://myvpn6.qualcomm.com
http://www.lisp.intouch.eu/
http:/lisp.isarnet.net/
and more…
© 2011 Cisco and/or its affiliates. All rights reserved. 12
1. Efficient Multi-Homing
2. IPv6 Transition Support
3. Efficient Virtualization/Multi-Tenancy
4. Data Center/VM Mobility
5. LISP Mobile-Node
© 2011 Cisco and/or its affiliates. All rights reserved. 13
Needs: Site connectivity to multiple
providers
Low OpEx/CapEx
LISP Solution: LISP provides a streamlined solution
for handling multi-provider connectivity and policy without BGP complexity
Benefits: OpEx-friendly multi-homing across
different providers
Simple Policy Management
Ingress Traffic Engineering
Egress Traffic Engineering
LISProuters
LISPSite
Internet
Applicability: Branch sites where multihoming is
typically too expensive
Useful in all other LISP Use Cases
© 2011 Cisco and/or its affiliates. All rights reserved. 14
Needs: Rapid IPv6 Deployment
Minimal Infrastructure disruption
LISP Solution: LISP encapsulation is Address Family
agnostic
IPv6 interconnected over IPv4 core
IPv4 interconnected over IPv6 core
Benefits: Accelerated IPv6 adoption
Minimal added configurations
No core network changes
Can be used as a transitional or permanent solution
IPv4 Internet
IPv6 Internet
v6
v6v4PxTR
IPv4 Core
v6
xTRv6 service
IPv4 Internet IPv4
Enterprise Core
v6v4
v6
v6islandIPv4 Enterprise
Core
v6
xTRv6island
xTR
IPv6 Internet
IPv4access & Internet
PxTRv6
v6 homeNetwork
.
v6 homeNetwork
v6 homeNetwork
xTR
xTR
xTR
PxTR
PxTR
v6
.v6 site
v6v4
Connecting IPv6 Islands
IPv6 Services Support
IPv6 Access Support
© 2011 Cisco and/or its affiliates. All rights reserved. 15
Needs: Integrated Segmentation
Minimal Infrastructure disruption
Global scale and interoperability
LISP Solution: 24-bit LISP instance-ID segments
control plane and data plane mappings
VRF mappings to instance-id
Benefits: Very high scale tenant segmentation
Global mobility + high scale segmentation integrated in single IP solution
IP based solution, transport independent
No Inter-AS complexity
Overlay solution transparent to the core
Applicability: Multi-provider Core
Encryption can be added
IP Network
WestDC
LISP Site
Legacy Site
Legacy Site
Legacy Site
East DC
PxTR
MappingDB
© 2011 Cisco and/or its affiliates. All rights reserved. 16
Applicability: VM OS agnostic
Services Creation (disaster recovery, cloud burst, etc.)
Needs: VM-Mobility across subnets
Move detection, dynamic EID-to-RLOC mappings, traffic redirection
LISP Solution: OTV + LISP to extend subnets
LISP for VM-moves across subnets
Benefits: Integrated Mobility
Direct Path (no triangulation)
Connections maintained across moves
No routing re-convergence
No DNS updates required
Global Scalability (cloud bursting)
IPv4/IPv6 Support
ARP elimination
Data Center 1
Data Center 2
a.b.c.1VM
a.b.c.1VM
VM move
LISProuters
LISProuters
Internet
© 2011 Cisco and/or its affiliates. All rights reserved. 17
Applicability: IPv4 and IPv6
Android and Linux
Open
Needs: Mobile devices roaming across any access
media without connection reset
Mobile device keeps the same IP address forever
LISP Solution: LISP level or indirection separates endpoints
and locators
Network-based; no host changes, minimal network changes
Scalable, host-level registration (1010)
Benefits: MNs can roam and stay connected
MNs can be servers
MNs roam without DNS changes
MNs use multiple interfaces
Packets have “stretch-1” reducing latency
Static EID: 2610:00d0:xxxx::1/128
Dynamic RLOC
dino.cisco.com
Any 3G/4G Network
Any WiFi Network
Dynamic RLOC
© 2011 Cisco and/or its affiliates. All rights reserved. 18
IETF LISP WG: http://tools.ietf.org/wg/lisp/ LISP IETF Standardization IETF LISP Working Group progressing standards
− now in “last call”
LISP Beta Network:
LISP Implementations at Cisco IOS since Dec ‘09… ISR, ISRG2, 7200
IOS-XE since Mar ‘10…. ASR1K
NX-OS since Dec 09… N7K, UCS C200
Coming… Cat6K, IOS XR for CRS-3, ASR9K, and others…
Other LISP Implementations OpenWrt (Cisco posting shortly…)
FreeBSD/OpenLISP (several open source implementations)
Android for LISP-MN
Furukawa Network Solution Corporation
LISP Code: http://lisp.cisco.com
LISP Beta Network: http://lisp4.net & http://lisp6.net
LISPMob: http://lispmob.org
© 2011 Cisco and/or its affiliates. All rights reserved. 19
Enables IP Number Portability With session survivability
Never change host IP addressesNo renumbering costs
No DNS “name -> EID” binding change
Uses pull vs. push routing OSPF and BGP are push models;
routing stored in the forwarding plane
LISP is a pull model; Analogous to DNS; massively scalable
An over-the-top technology Address Family agnostic
Incrementally deployable
No changes in end systems
Creates a Level of Indirection Separates End-Host and Site addresses
Deployment simplicity No host changes
Minimal CPE changes
Some new core infrastructure components
Enables other interesting features Simplified multi-homing with Ingress traffic
engineering – without the need for BGP
End-host mobility without renumbering
Address Family agnostic support
An Open Standard No Cisco Intellectual Property Rights
© 2011 Cisco and/or its affiliates. All rights reserved. 20
LISP Information• IETF LISP WG http://tools.ietf.org/wg/lisp/
• LISP Beta Network http://www.lisp4.net http://www.lisp6.net
• LISP Mobile Node: http://lispmob.org
• Cisco LISP Site http://lisp.cisco.com
• Cisco LISP Marketing (EXTERNAL) http://www.cisco.com/go/lisp
Mailing Lists• IETF LISP WG [email protected]
• LISP Interest [email protected]
• Cisco LISP Questions [email protected]
© 2011 Cisco and/or its affiliates. All rights reserved. 22
Applicability: Low CapEx, Quick, IPv6 Web
Presence
Useful in all other LISP Use Cases (Multi-homing, VM-mobility, Virtualization…)
http://honeysuckle.noc.ucla.edu/cgi-bin/smokeping.cgi?target=LISPhttp://honeysuckle.noc.ucla.edu/cgi-bin/smokeping.cgi?target=LISP
Ciscolisp.cisco.com (AAAA: 2610:d0:110c:1::3, ::4)
Facebookwww.lisp6.facebook.com (AAAA: 2610:D0:FACE::9)
Qualcommwww.ipv6.eudora.com (AAAA: 2610:d0:120d::10)
Deutsche Bankwww.ipv6-db.com (AAAA: 2610:d0:2113:3::3)
Isarnetlisp.isarnet.net (AAAA: 2610:d0:211f:fffe::101)
InTouchwww.lisp.intouch.eu (AAAA: 2610:d0:210f:100::101)
Ciscolisp.cisco.com (AAAA: 2610:d0:110c:1::3, ::4)
Facebookwww.lisp6.facebook.com (AAAA: 2610:D0:FACE::9)
Qualcommwww.ipv6.eudora.com (AAAA: 2610:d0:120d::10)
Deutsche Bankwww.ipv6-db.com (AAAA: 2610:d0:2113:3::3)
Isarnetlisp.isarnet.net (AAAA: 2610:d0:211f:fffe::101)
InTouchwww.lisp.intouch.eu (AAAA: 2610:d0:210f:100::101)
World IPv6 Day Sites using LISP
World IPv6 Day Sites Statistics (and current)
http://nanog.org/meetings/nanog50/presentations/Tuesday/NANOG50.Talk9.lee_nanog50_atlanta_oct2010_007_publish.pdfhttp://nanog.org/meetings/nanog50/presentations/Tuesday/NANOG50.Talk9.lee_nanog50_atlanta_oct2010_007_publish.pdf
Facebook IPv6 Experience with LISP