Upload
meira
View
23
Download
0
Tags:
Embed Size (px)
DESCRIPTION
LISP usage for DC migration. Patrice Bellagamba Max Ardica. Enable LISP for Migration. PxTR. MS/MR. ETR. Using ASR1K as PxTR No modification of existing DC Need LISP PxTR in the flow. Using Nexus 7K ETR with Mobility - PowerPoint PPT Presentation
Citation preview
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
LISP usage for DC migration
Patrice BellagambaMax Ardica
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Enable LISP for Migration
Using ASR1K as PxTRNo modification of existing DCNeed LISP PxTR in the flow
Using Nexus 7K ETR with MobilityLISP ETR (using M1-32) can be either at aggregation or in Octopus
PxTR
ETR
MS/MR
Brownfield DC Greenfield DC
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Control-plane event
/32
PiTR cache:10.17.0.0/24 send map-request10.17.0.0/24 forward-native10.17.0.0/28 forward-native10.17.0.31/32 complete
ETR dyn EID cache:10.17.0.31 Vlan1300
MS cache:10.17.0.0/2410.17.0.31/32
‘Send-map request’ is data-plane driven and triggers after ‘forward-native’ times out every 30s
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Packet flow for North-West1. Ingress flow is tunnelled by
PiTR toward Greenfield2. Return flow is in clear,
using IP path
Asymetric flow (ingress LISP, egress IP) is optimal if no Firewall between WAN edge & PiTR)
PxTR
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Packet flow for North-West
PeTR
Existance of a Firewall between WAN edge & PxTR requires symatrical flow
Use PeTR
PeTR allows return flow to go thru LISP Path, nevertheless it requires ETR to work with default routing
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Packet flow for West-EastNeed a /32 (today manually) to enable 1. proxy-ARP2. Inter-subnet routing
Still option of return traffic using PeTR
Need a /32
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Convergence testing
Any failure on Browfield (PxTR side) is sub-second Failure on Greenfield (ETR with mobility side): If no default routing
‒ Sub second convergence‒ But vPC peer-link failure (requires EEM script to get sub-second)
If default routing:‒ Requires RLOC Probing per EID 60s
© 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID
Cisco Public
Caveat
PxTR is not (yet?) advertizing map-cache entries to routing‒ Moved VM is not know in Brownfield‒ Requires a manual /32
Route watch is not working with default routing‒ But there is always in general a default route‒ RLOC probing is per EID (scale ?) and slow (60s)‒ LSB bits is not working with Nexus 7K
vPC peer-link failure is not handled well‒ Workaround using script
Globally the solution works well and is deployable