Overlay
-
VXLAN With Static Unicast Underlay
VXLAN can be configured without multicast. It can be configured simply by pointing one router towards another using unicast. User-Device-1 can ping User-Device-2 in the same subnet, despite there no being no routing between them. User-Device-1#ping 10.1.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds: !!!!! Success…
-
VXLAN with Multicast Underlay
One of the control planes with VXLAN is with a Multicast Underlay; this is how it was configured. The goal is to allow User-Device-1 on 10.1.1.1 to communicate on User-Device-2 on 10.1.1.2 via VXLAN, making both devices appear as if they were in a single broadcast domain. Site-1 and Site-2 are the enterprise owned routers.…
-
Cisco Software Defined Access (SD-Access)
Cisco Software Defined Access is an example of VXLAN implementation with the LISP control plane. VXLAN specific originated from Layer 2 LISP specification that aimed to introduce Layer 2 segmentation support to LISP. LISP encapsulation can only support IP in IP over UDP encapsulation, whilst VXLAN can encapsulate the original ethernet header to perform MAC…
-
Virtual Extensible Local Area Network (VXLAN)
VXLAN is an overlay data plane encapsulation scheme developed to address the various issues seen in layer 2 networks. It can extend Layer 2 and Layer 3 overlay networks over a Layer 3 underlay network, using MAC-in-IP/UDP tunnelling. Each overlay is known as a VXLAN segment. IANA (Internet Assigned Numbers Authority) gave VXLAN the UDP…
-
Lab: Configuring Simple LISP
LISP turns traditional routing upside down. Instead of routes being pushed to all over to other router in the network, routers now request a central server on how and where to access a certain route, almost like a computer querying a DNS server with a domain name for an IP address. The goal in this…
-
Proxy Ingress Tunnel Router (PITR)
A proxy ingress tunnel router receives traffic destined to a LISP end point identifier from non-LISP sites. Proxy ingress tunnel routers behave similarly to ingress tunnel routers. They resolve a mapping for the destination end point identifier to encapsulate and forward the traffic to the destination routing locator. A proxy ingress tunnel router will send…
-
Proxy Egress Tunnel Router (PETR)
A proxy egress tunnel router is a router that is connected to a non-LISP site, such as a data centre or the internet. It used when a LISP site needs to communicate with a non-LISP site. As a proxy egress tunnel router is connected to non-LISP sites, it does not register any end point prefix…
-
How LISP Operates
Map Registration and Notification When a LISP is set up, the ETR routers will need to be configured with the endpoint identifier (EID) prefixes within that LISP site that will be registered with the map server (MS). Any subnets that are attached to the egress tunnel router (ETR) that were not configured as endpoint identifier…
-
LISP Data Plane
Ingress Tunnel Routers (ITRs) encapsulate packets that are received from an endpoint identifier inside a UDP header with a source and destination address in the router locater space, performing an IP-in-IP/UDP encapsulation: Outer LISP IP header The outer LISP IP header is added by the ingress tunnel router to encapsulate the endpoint identifier IP address…
-
LISP Control Plane
The LISP control plane works in a similar way to DNS. As DNS changes a domain name into an IP address, LISP resolves an endpoint identifier (EID) into a routing locator (RLOC) by sending a request to a map resolver (MR) This means that LISP is built as a pull model, it only gains the…