CCNP Enterprise Core (350-401)

LISP turns traditional routing upside down. Instead of routes being pushed to all over to other router in the network, routers now request a central server on how and where to access a certain route, almost like a computer querying a DNS server with a domain name for an IP address. The goal in this…

A proxy ingress tunnel router receives traffic destined to a LISP end point identifier from non-LISP sites. Proxy ingress tunnel routers behave similarly to ingress tunnel routers. They resolve a mapping for the destination end point identifier to encapsulate and forward the traffic to the destination routing locator. A proxy ingress tunnel router will send…

A proxy egress tunnel router is a router that is connected to a non-LISP site, such as a data centre or the internet. It used when a LISP site needs to communicate with a non-LISP site. As a proxy egress tunnel router is connected to non-LISP sites, it does not register any end point prefix…

Map Registration and Notification When a LISP is set up, the ETR routers will need to be configured with the endpoint identifier (EID) prefixes within that LISP site that will be registered with the map server (MS). Any subnets that are attached to the egress tunnel router (ETR) that were not configured as endpoint identifier…

Ingress Tunnel Routers (ITRs) encapsulate packets that are received from an endpoint identifier inside a UDP header with a source and destination address in the router locater space, performing an IP-in-IP/UDP encapsulation: Outer LISP IP header The outer LISP IP header is added by the ingress tunnel router to encapsulate the endpoint identifier IP address…

The LISP control plane works in a similar way to DNS. As DNS changes a domain name into an IP address, LISP resolves an endpoint identifier (EID) into a routing locator (RLOC) by sending a request to a map resolver (MR) This means that LISP is built as a pull model, it only gains the…

In a traditional routing architecture, the endpoints IP address represents it’s identity and location. If the location of the endpoint changes, it’s IP address also changes. LISP separates the IP address into endpoint identifiers (an EID) and routing locators (RLOC). Endpoints are able to roam from site to site, and the only thing that will…

Endpoint Identifier The Endpoint Identifier is the IP address of an endpoint within a LISP site, such as a laptop or other end user device LISP Site The LISP site is a name of a site where LISP routers and endpoint identifiers reside Ingress Tunnel Router (ITR) An ingress tunnel router are the LISP routers…

The rapid growth a default-free zone, DFZ, also known as the global internet routing table led to development of Cisco Location/ID Separation Protocol. LISP is a routing architecture, data and control plane protocol designed to address several problems on the internet: Aggregation Issues Routes on the internet that a provider independent routes that can not…

GRE over IPSec first encapsulates traffic within GRE and adds a new IP header. That new GRE packet is then encapsulated again inside of a IPSec transport mode. VTI over IPSec encapsulates an IP packet without the need of an additional GRE header. Site to Site GRE over IPSec with Pre-Shared Key There are two…