Cisco Nexus 7000 Series NX-OS LISP Configuration Guide
LISP VM Mobility
Downloads: This chapterpdf (PDF - 1.2MB) The complete bookPDF (PDF - 3.91MB) | The complete bookePub (ePub - 890.0KB) | Feedback

LISP VM Mobility

LISP VM Mobility

This chapter contains the following sections:

Information About LISP VM Mobility

Locator/ID Separation Protocol (LISP) Virtual Machine (VM) mobility enables IP end points to change locations while keeping their assigned IP addresses. Because LISP separates the location information (RLOCs) from the identity information (EID), devices can change locations dynamically. RLOCs remain associated with the topology and are reachable by traditional routing. EIDs can change locations dynamically and are reachable through different RLOCs, depending on where an EID attaches to the network.

The LISP Tunnel Router (xTR) dynamically detects VM moves based on data plane events. LISP VM Mobility compares the source IP address of the host traffic received at the LISP router against a range of prefixes that are allowed to roam. The IP prefixes of roaming devices within the range of allowed prefixes are referred to as the dynamic EIDs. When a new xTR detects a move, it updates the mappings between EIDs and RLOCs. Traffic is redirected to the new locations without causing any disruption to the underlying routing. When deployed at the first-hop router, LISP VM Mobility provides adaptable and comprehensive first-hop router functionality to service the IP gateway needs of the roaming devices that relocate.

LISP VM Mobility allows any IP addressable device to move and keep the same IP address in the following two scenarios:

VM Mobility with LAN extensions

The device moves to a new location on a subnet that has been extended with Overlay Transport Virtualization (OTV) or another LAN extension mechanism.

VM Mobility across subnets

The device moves off of a subnet to a new subnet.

Dynamic EIDs

A device that moves to another subnet or extended subnet is a roaming device. The IP address of this roaming device is within the dynamic-EID prefix. A LISP xTR configured with LISP VM mobility and dynamic EIDs is a LISP-VM router. The LISP-VM router dynamically determines when a dynamic EID moves on or off one of the directly connected subnets on the LISP-VM router. The IP addresses of the LISP-VM router are the locators (RLOCs) used to encapsulate traffic to and from the dynamic EID. When a dynamic EID roams, the new LISP-VM router needs to detect the newly moved-in VM and process the following updates:
  • Update the Map Server (MS) with the new locators for the EID.
  • Update the Ingress Tunnel Routers (ITRs) or Proxy ITRs (PITRs) that have cached the EID.

To detect VM moves, LISP-VM router compares the source address in a received packet with the range of prefixes configured as dynamic EIDs for the interface that the data packet is received on. Once the LISP-VM router detects a move and registers the dynamic EID to the MS, the new LISP-VM router also needs to update the map caches on the other LISP domain ITRs and PITRs.

VM-Mobility with LAN Extensions

LISP VM Mobility supports virtual machine (VM) movement in a network that uses LAN extension mechanisms such as OTV. The LISP-VM router detects the mobile EIDs (VMs) dynamically and updates the LISP mapping system with the new EID-RLOC mapping. LISP can coexist with LAN extensions such as OTV to provide dynamic move detection and updates that are transparent to the host and provide a direct data path to the new location of the mobile VM. The VM move requires no routing reconvergence or DNS updates.

The LISP-VM router detects new VM move events if it receives a data packet from a source that matches the dynamic EID configured for that interface. Once the LISP-VM router detects a dynamic EID, the LISP-VM router triggers an update to the map server with the database mapping details from the dynamic-EID map configuration.

The LISP-VM router continues to register the dynamic EID as long as the source continues to be active. The dynamic-EID registration times out based on server inactivity.

VM Mobility Across Subnets

In a network without LAN extension mechanisms, the LISP VM router can detect the dynamic-EIDs (VMs) across subnets with automated move detection and map-cache updates that provide a direct data path to the new location of the mobile VM. Off-subnet connections (connections between the moved VM and other devices that are not on the local subnets) are maintained across the move and require no routing re-convergence or DNS updates.

The LISP-VM router detects a VM move if it receives any data packet that is not from one of its configured subnets and that is within the range of prefixes configured as dynamic EIDs for the receiving interface. The LISP-VM router registers the new dynamic-EID-RLOC mapping to the configured map servers associated with the dynamic EID.

Licensing Requirements for LISP

The following table shows the LISP licensing requirements:

Product

License Requirement

Cisco NX-OS

This feature requires the Transport Services license. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.

LISP Guidelines and Limitations

LISP has the following configuration guidelines and limitations:

  • LISP requires the Cisco Nexus 7000 Series 32-Port, 10 Gigabit Ethernet (M1) module (N7K-M132XP-12 or N7K-M132XP-12L), with Electronic Programmable Logic Device (EPLD) version 186.008 or later.
  • Use an Overlay Transport Virtualization (OTV) or another LAN extension mechanism to filter the HSRP hello messages across the data centers to create an active-active HSRP setup and provide egress path optimization for the data center hosts.
  • Make sure that the HSRP group and the HSRP Virtual IP address in all data centers in the extended LAN are the same. Keeping the HSRP group number consistent across locations guarantees that the same MAC address is always used for the virtual first-hop gateway.
  • LISP VM mobility across subnets requires that the same MAC address is configured across all HSRP groups that allow dynamic EIDs to roam. You must enable the Proxy Address Resolution Protocol (ARP) for the interfaces that have VM mobility enabled across subnets.
  • LISP is not supported for F2 Series modules.

Default Settings for LISP

This table lists the default settings for LISP parameters.

Table 1 LISP Default Settings

Parameters

Default

feature lisp command

Disabled

Configuring LISP VM Mobility

Configuring VM Mobility with VLAN Extensions

You can enable and configure the dynamic-EID roaming functionality for a given EID prefix on a Cisco Nexus 7000 Series device. By default, LISP considers that the mobility event is across the subnet, unless it is configured with the lisp extended-subnet-mode command.

Before You Begin
  • You must enable the LISP feature.
  • Ensure that you are in the correct virtual device context (VDC).
  • Configure a dynamic-EID map to associate with this VLAN interface.
  • Ensure that you have enabled the VLAN interfaces feature.
SUMMARY STEPS

    1.    configure terminal

    2.    lisp dynamic-eid dynamic-eid-map-name

    3.    database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight

    4.    map-notify-group mcast-group-id

    5.    (Optional) map-server map-server-address key key-type-authentication-key

    6.    exit

    7.    interface interface-name

    8.    lisp mobility dynamic-eid-map-name

    9.    lisp extended-subnet-mode

    10.    exit

    11.    show lisp dynamic-eid [summary]

    12.    (Optional) copy running-config startup-config


DETAILED STEPS
      Command or Action Purpose
    Step 1 configure terminal


    Example:
    switch# configure terminal
    switch(config)# 
     

    Enters global configuration mode.

     
    Step 2 lisp dynamic-eid dynamic-eid-map-name


    Example:
    switch(config)# lisp dynamic-eid Roamer-1
    switch((config-lisp-dynamic-eid)#
     

    Enters dynamic-EID map configuration mode.

     
    Step 3 database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight


    Example:
    switch(config)# lisp dynamic-eid Roamer-1
    switch(config-lisp-dynamic-eid)# database-mapping 172.16.1.1/32 10.1.1.1 priority 1 weight
    100
     

    Configures a dynamic-EID range, the RLOC mapping relationship, and associated traffic policy for all IPv4 dynamic-EID-prefixes for this LISP site. Because this is configured under the dynamic-eid-map configuration mode, the LISP ETR registers a /32 host prefix to the mapping system when a dynamic-EID is detected in the configured range.

    Note   

    If you assign multiple dynamic-EID-prefix blocks to the site, database mapping is configured for each dynamic-EID prefix block and for each locator by which the EID-prefix block is reachable. Also, the subnet associated to the dynamic-eid prefixes must be more specific than the one used in the global database-mapping configuration and the one used for the switch virtual interfaces (SVIs) where the LISP map is applied.

    If the site has multiple locators associated with the same EID-prefix block, use the ip lisp database-mapping command to configure all of the locators for a given EID-prefix block. If a site is multihomed, you must consistently configure all ETRs that belong to the same LISP or data center site by using the ip lisp database-mapping command.

     
    Step 4 map-notify-group mcast-group-id


    Example:
    switch(config-dynamic-eid)# map-notify-group 239.1.1.2
    
     

    Configures a discovering LISP-VM router to send a Map-Notify message to other LISP-VM routers within the same data center site so that they can also determine the location of the dynamic EID.

    Note    In LISP extended subnet mode, a dynamic-EID detection by one xTR needs to be notified to all of the xTRs that belong to the same LISP site. In this case, use the map-notify-group command under the dynamic-EID-map with a multicast group IP address. This address is used to send a map-notify message by the xTR to all other xTRs when a dynamic-EID is detected. The Time To Live (TTL) value for this notification message is set to 1. This multicast group IP address can be any user-defined address other than an address that is already in use in your network. The multicast message is delivered by leveraging the LAN extension connection established between separate data centers.
     
    Step 5 map-server map-server-address key key-type-authentication-key


    Example:
    switch(config)# lisp dynamic-eid Roamer-1
    switch(config-lisp-dynamic-eid)# map-server 10.111.10.14 key 0 cisco
    switch(config-lisp-dynamic-eid)# map-server 10.111.10.14 proxy-reply
     
    (Optional) Configures the IP address of the LISP MS to which this router registers dynamic-EID-RLOC mappings. When deploying a redundant MS pair, you can specify both IP addresses.

    Use this optional configuration step when you want to register Dynamic-EID-RLOC mapping to a specific MS other than one configured in the global LISP configuration. If you do not configure the MS, LISP uses the MS that is configured in the global configuration.

     
    Step 6 exit


    Example:
    switch(config-lisp-dynamic-eid)# exit
     

    Exits the configuration mode.

     
    Step 7 interface interface-name


    Example:
    switch(config)# interface Ethernet 2/0
     

    Enters the interface configuration mode.

    The interface-name value is the name of the interface in which the dynamic EIDs are expected to roam in or out. Switch virtual interfaces (SVIs) are specifically used in this scenario.

     
    Step 8 lisp mobility dynamic-eid-map-name


    Example:
    switch(config-if)# lisp mobility Roamer-1
     
    Configures the interface that you configured earlier in Step 7 to detect a dynamic EID when a roam event occurs.

    The dynamic-eid-map-name can be any case-sensitive, alphanumeric string up to 64 characters.

    Note    The interface-name value is the dynamic EID map name that you configured in Step 2.

     
    Step 9 lisp extended-subnet-mode


    Example:
    switch(config-if)# lisp extended-subnet-mode
     

    Configures the interface that you configured in Step 7 to accept and detect dynamic-EID roaming on extended subnets.

     
    Step 10 exit


    Example:
    switch(config-if)# exit
     

    Exits the interface configuration mode.

     
    Step 11 show lisp dynamic-eid [summary]


    Example:
    switch # show lisp dynamic-eid summary 
     

    (Optional) Displays the summary of the LISP dynamic EIDs that are detected.

     
    Step 12 copy running-config startup-config


    Example:
    switch(config-if-hsrp)# copy running-config startup-config
     
    (Optional)

    Copies the running configuration to the startup configuration.

     

    Configuring VM Mobility Across Subnets

    You can configure LISP VM Mobility across subnets.

    Before You Begin
    • You must enable the LISP feature.
    • Ensure that you are in the correct VDC.
    • Configure a dynamic-EID map to associate with this VLAN interface.
    • Ensure that you have enabled the VLAN interfaces feature.
    SUMMARY STEPS

      1.    configure terminal

      2.    {ip | ipv6} database-mapping EID-prefix/prefix­length locator priority priority weight weight

      3.    lisp dynamic-eid dynamic-eid-map-name

      4.    database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight

      5.    map-notify-group multicast-group-ip

      6.    map-server map-server-address key key-type-authentication-key

      7.    exit

      8.    interface interface-name

      9.    lisp mobility dynamic-eid-map-name

      10.    ip proxy-arp

      11.    exit

      12.    show lisp dynamic-eid [summary]

      13.    copy running-config startup-config


    DETAILED STEPS
        Command or Action Purpose
      Step 1 configure terminal


      Example:
      switch# configure terminal
      switch(config)#
       

      Enters global configuration mode.

       
      Step 2 {ip | ipv6} database-mapping EID-prefix/prefix­length locator priority priority weight weight


      Example:
      switch(config)# ip lisp database-mapping 172.16.0.0/16 
      172.16.1.1 priority 1 weight 100


      Example:
      switch(config)# ipv6 lisp database-mapping 
      2001:db8:bb::/48 172.16.1.1 priority 1 weight 100
       

      Configures an EID-to-RLOC mapping relationship and associated traffic policy for all IPv4 or IPv6 EID prefix(es) for this LISP site. When deploying LISP for VM Mobility, the prefix specified here is added only to one specific datacenter location where the EIDs are deployed initially before they are moved to remote sites.

       
      Step 3 lisp dynamic-eid dynamic-eid-map-name


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
      switch((config-lisp-dynamic-eid)#
       

      Enters dynamic-EID map configuration mode.

      Note   

      The dynamic-eid-map-name value can be any user-defined name.

       
      Step 4 database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
      switch(config-lisp-dynamic-eid)# database-mapping 172.16.1.0/24 10.1.1.1 priority 1 weight
      100
       

      Configures a dynamic-EID range, the RLOC mapping relationship, and associated traffic policy for all IPv4 dynamic-EID prefixes for this LISP site. Because this is configured under the dynamic-eid-map configuration mode, the LISP ETR registers a /32 host prefix to the mapping system when a dynamic-EID is detected in the configured range.

      Note   

      If you assign multiple dynamic-EID-prefix blocks to the site, database mapping is configured for each dynamic-EID-prefix block and for each locator by which the EID-prefix block is reachable.

      If the site has multiple locators associated with the same EID-prefix block, use the database-mapping command to configure all of the locators for a given EID-prefix block. If a site is multihomed, you must consistently configure all ETRs that belong to the same LISP or data center site by using the database-mapping command. Only the RLOCs of the xTRs that belong to the same data center site must be specified, which you specified by using the database-mapping command. Do not specify the RLOCs for all the xTRs that belong to the same LISP site.

       
      Step 5 map-notify-group multicast-group-ip


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
      switch(config-lisp-dynamic-eid)# map-notify-group 239.1.1.254
       

      Configures a discovering LISP-VM router to send a Map-Notify message to other LISP-VM routers within the same data center site so that they can also determine the location of the dynamic EID.

      Note   

      If the LISP dynamic-EID site is multihomed, a dynamic-EID detection by one ETR needs to notify the second ETR in the same site so that the traffic is handled or load balanced by both xTRs. In this case, use the map-notify-group command to configure the dynamic-EID-map with a multicast group IP address. This address is used to send a map-notify message from the ETR to all other ETRs that belong to the same LISP or data center site when a dynamic EID is detected. The Time To Live (TTL) value for this notification message is set to 1. This multicast group IP address can be any user-defined address other than an address that is already in use in your network.

       
      Step 6 map-server map-server-address key key-type-authentication-key


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
      switch(config-lisp-dynamic-eid)# map-server 10.1.1.1 key some-password
      switch(config-lisp-dynamic-eid)# map-server 10.1.1.1 proxy-reply
       

      Configures the IP address of the LISP Map Server to which this router registers dynamic-EID-RLOC mappings.

       
      Step 7 exit


      Example:
      switch(config-lisp-dynamic-eid)# exit
       

      Exits configuration mode.

       
      Step 8 interface interface-name


      Example:
      switch(config)# interface Ethernet 2/0
       

      Enters interface configuration mode.

      The interface-name value is the name of the interface in which the dynamic EIDs are expected to roam in or out.

       
      Step 9 lisp mobility dynamic-eid-map-name


      Example:
      switch(config-if)# lisp mobility Roamer-1
       

      Configures the interface that you configured earlier in Step 7 to detect a dynamic EID when a roam event occurs.

       
      Step 10 ip proxy-arp


      Example:
      switch(config-if)# ip proxy-arp
       

      Configures the proxy-arp interface.

       
      Step 11 exit


      Example:
      switch(config-if) exit
       

      Exits the configuration mode.

       
      Step 12 show lisp dynamic-eid [summary]


      Example:
      switch # show lisp dynamic-eid summary 
       

      (Optional) Displays the summary of the LISP dynamic EIDs that are detected.

       
      Step 13 copy running-config startup-config


      Example:
      switch # copy running-config start-up-config
       

      (Optional) Copies the running configuration to the startup configuration.

       
      Related Concepts

      Configuring HSRP for VM Mobility

      You can configure the Hot Standby Router Protocol (HSRP) for LISP VM Mobility.

      Before You Begin
      • You must enable the LISP feature.
      • Ensure that you are in the correct VDC.
      • Ensure that you have enabled the VLAN interfaces feature and the HSRP feature.
      • In extended subnet mode, you must filter HSRP hellos between sites to allow a localized default gateway functionality.
      SUMMARY STEPS

        1.    configure terminal

        2.    interface vlan-id

        3.    ip ip-address

        4.    hsrp id

        5.    (Optional) mac-address virtual-mac-address

        6.    (Optional) ip virtual-ip-address

        7.    (Optional) show lisp dynamic-eid [summary]

        8.    (Optional) copy running-config startup-config


      DETAILED STEPS
          Command or Action Purpose
        Step 1 configure terminal


        Example:
        switch# configure terminal
        switch(config)#
         

        Enters global configuration mode.

         
        Step 2 interface vlan-id


        Example:
        switch(config)# interface VLAN 10
        switch(config-if)#
         

        Configures a VLAN interface (SVI) and enters interface configuration mode.

         
        Step 3 ip ip-address


        Example:
        switch(config-if)# ip 10.3.3.5/24
         

        Configures the IPv4 address. The address is in dotted decimal notation.

         
        Step 4 hsrp id


        Example:
        switch(config-if)# hsrp 100
        switch(config-if-hsrp)#
         

        Configures HSRP for this VLAN interface and enters interface HSRP configuration mode. When using LISP-VM Mobility with LAN extensions, we recommend that the same HSRP IDs be used consistently across all sites where the VLANs are extended to guarantee that the same MAC address is used for the HSRP gateway in all sites. If different HSRP IDs are used, then you must manually set the mac-address as described in the following step.

         
        Step 5 mac-address virtual-mac-address


        Example:
        switch(config-if-hsrp)# mac-address 0000.0E1D.010C
         
        (Optional)

        Configures the HSRP virtual MAC address. This address must be identical across all subnets. This command is required when using LISP-VM mobility across subnets, but might not be required when using LISP VM-mobility in conjunction with LAN extensions and if the HSRP ID is kept constant across the different sites.

         
        Step 6 ip virtual-ip-address


        Example:
        switch(config-if-hsrp)# ip 10.3.3.1
         
        (Optional)

        Configures the HSRP virtual IP address. You must use this command for extended VLANs, and the address must be identical in all sites in the extended VLAN.

         
        Step 7 show lisp dynamic-eid [summary]


        Example:
        switch(config-if-hsrp)# show lisp dynamic-eid summary
         
        (Optional)

        Displays a summary of the dynamic EIDs detected.

         
        Step 8 copy running-config startup-config


        Example:
        switch(config-if-hsrp)# copy running-config startup-config
         
        (Optional)

        Copies the running configuration to the startup configuration.

         

        Additional References

        This section includes additional information related to implementing LISP.

        RFCs

        RFC

        Title

        draft-ietf-lisp-07

        Locator/ID Separation Protocol (LISP)

        http:/​/​tools.ietf.org/​html/​draft-ietf-lisp-07

        draft-ietf-lisp-alt-04

        LISP Alternative Topology (LISP+ALT)

        http:/​/​tools.ietf.org/​html/​draft-ietf-lisp-alt-04

        draft-ietf-lisp-interworking-01

        Interworking LISP with IPv4 and IPv6

        http:/​/​tools.ietf.org/​html/​draft-ietf-lisp-interworking-01

        draft-ietf-lisp-lig-00

        LISP Internet Groper (LIG)

        http:/​/​tools.ietf.org/​html/​draft-ietf-lisp-lig-00

        draft-ietf-lisp-ms-05

        LISP Map Server

        http:/​/​tools.ietf.org/​html/​draft-ietf-lisp-ms-05

        Standards

        Standard

        Title

        No new or modified standards are supported by this release.

         

        MIBs

        MIB

        MIBs Link

        None

        To locate and download MIBs for selected platforms, Cisco NX-OS software releases, and feature sets, use Cisco MIB Locator found at the following URL: http:/​/​www.cisco.com/​go/​mibs

        Feature History for LISP

        Table 2 Feature History for LISP

        Feature Name

        Releases

        Feature Information

        LISP-ALT functionality

        5.2(3)

        This functionality is no longer required to configure other LISP features.

        Locator/ID Separation Protocol (LISP)

        5.2(1)

        This feature is introduced.