Cisco Nexus 7000 Series NX-OS LISP Configuration Guide
LISP VM-Mobility
Download this chapter
LISP VM-MobilityLISP VM-Mobility
Download the complete book
Cisco Nexus 7000 Series NX-OS LISP Configuration GuideCisco Nexus 7000 Series NX-OS LISP Configuration Guide (PDF - 1 MB)
 Feedback

LISP VM-Mobility

Information About LISP VM-Mobility

LISP Virtual Machine (VM) mobility enables IP end-points to change location while keeping their assigned IP addresses. LISP separates the location information (RLOCs) from the identity information (EID) which allows mobile devices to change locations dynamically. RLOCs remain associated with the topology and are reachable by traditional routing. EIDs can change locations dynamically and are reachable through different RLOCs, depending on where an EID attaches to the network.

The LISP Tunnel Router (xTR) dynamically detects VM moves based on data plane events. LISP VM-Mobility compares the source IP address of host traffic received at the LISP router against a range of prefixes that are allowed to roam. IP prefixes of roaming devices within the range of allowed prefixes are referred to as the dynamic-EIDs. When a new xTR detects a move, it updates the mappings between EIDs and RLOCs which redirects traffic to the new locations without causing any disruption to the underlying routing. When deployed at the first hop router, LISP VM-Mobility provides adaptable and comprehensive first hop router functionality to service the IP gateway needs of the roaming devices that relocate.

LISP VM-Mobility allows any IP addressable device to move and keep the same IP address in the following two scenarios:

VM-Mobility with LAN Extensions

Moves to a new location on subnet that has been extended with Overlay Transport Virtualization (OTV) or another LAN extension mechanism.

VM-Mobility across Subnets

Moves off of a subnet to a new subnet.

Dynamic EIDs

A device that moves to another subnet or extended subnet is a roaming device. The IP address of this roaming device is within the dynamic-EID prefix. A LISP xTR configured with LISP VM-mobility and dynamic EIDs is a LISP-VM router. The LISP-VM router dynamically determines when a dynamic-EID moves on or off one of the directly connected subnets on the LISP-VM router. The IP addresses of the LISP-VM router are the locators (RLOCs) used for encapsulation for traffic to and from the dynamic-EID. When a dynamic-EID roams, the new LISP-VM router needs to detect the newly moved-in VM and process the following updates:
  • Update the map server with the new locators for the EID.
  • Update the ITRs or PITRs that have cached the EID.

A LISP-VM router compares the source address in a received packet with the range of prefixes configured as dynamic-EIDs for the interface the data packet is received on to detect VM moves. Once the LISP-VM detects a move and registers the dynamic-EID to the map server, the new LISP-VM router also needs to update the map caches on the other LISP domain ITRs and PITRs.

VM-Mobility with LAN Extensions

LISP VM-Mobility supports virtual machine (VM) movement in a network that uses LAN extension mechanisms such as OTV. The LISP-VM router detects the mobile EIDs (VMs) dynamically and updates the LISP mapping system with the new EID-RLOC mapping. LISP can coexist with LAN extensions such as OTV to provide dynamic move detection and updates that are transparent to the host and provide a direct data path to the new location of the mobile VM. The VM move requires no routing re-convergence or DNS updates.

The LISP-VM router detects new VM move events if it receives a data packet from a source that matches the dynamic-EID configured for that interface. Once the LISP-VM router detects a dynamic EID, the LISP-VM router triggers an update to the map server with the database mapping details from the dynamic-EID map configuration.

The LISP-VM router continues to register the dynamic-EID as long as the source continues to be active. The dynamic-EID registration times out based on server inactivity.

Related Tasks

VM-Mobility Across Subnets

In a network without LAN extension mechanisms, the LISP VM router can detect the dynamic-EIDs (VMs) across subnets with automated move detection and map-cache updates that provide a direct data path to the new location of the mobile VM. Off-subnet connections (connections between the moved VM and other devices that are not on the local subnets) are maintained across the move and require no routing re-convergence or DNS updates.

The LISP-VM router detects a VM move if it receives any data packet that is not from one of its configured subnet sand is within the range of prefixes configured as dynamic EIDs for the receiving interface. The LISP-VM router registers the new dynamic-EID-RLOC mapping to the configured map-servers associated with the dynamic-EID.

Related Tasks

Licensing Requirements for LISP

The following table shows the licensing requirements for the Locator/ID Separation Protocol:

Product

License Requirement

Cisco NX-OS

This feaure requires the Transport Services license. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.

LISP Guidelines and Limitations

LISP has the following configuration guidelines and limitations:

  • LISP requires the Cisco Nexus 7000 Series 32-Port, 10 Gigabit Ethernet (M1) module (N7K-M132XP-12 or N7K-M132XP-12L), with EPLD version 186.008 or later.
  • OTV or any other LAN extension mechanism should filter the HSRP hello messages across the data centers to create an active-active HSRP setup and provide egress path optimization for the data center hosts.
  • The HSRP group and the HSRP Virtual IP address in all data centers in the extended LAN should be the same. Keeping the HSRP group number consistent across locations guarantees that the same MAC address is always used for the virtual first hop gateway.
  • LISP VM-mobility across subnets requires that the same MAC address is configured across all HSRP groups that will allow dynamic-EIDs to roam. Proxy-arp must also be enabled for the interfaces that have VM-mobility enabled when used across subnets.
  • LISP is not supported for F2 Series modules.

Default Settings for LISP

This table lists the default settings for LISP parameters.

Table 1 LISP Default Settings

Parameters

Default

feature lisp command

Disabled

Configuring LISP VM-Mobility

Configuring VM-Mobility with VLAN Extensions

You can enable and configure the dynamic-EID roaming functionality for a given EID prefix on a Cisco Nexus 7000 Series device. By default, LISP considers that the mobility event is across the subnet, unless it is configured with the lisp extended-subnet-mode command.

Before You Begin
  • You must enable the LISP feature.
  • Ensure that you are in the correct VDC.
  • Configure a dynamic-EID map to associate with this VLAN interface.
  • Ensure that you have enabled the VLAN interfaces feature.
SUMMARY STEPS

    1.    configure terminal

    2.    lisp dynamic-eid dynamic-eid-map-name

    3.    database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight

    4.    map-notify-group mcast-group-id

    5.    (Optional) map-server map-server-address key key-type-authentication-key

    6.    exit

    7.    interface interface-name

    8.    lisp mobility dynamic-eid-map-name

    9.    lisp extended-subnet-mode

    10.    exit

    11.    show lisp dynamic-eid [ summary]

    12.    (Optional) copy running-config startup-config


DETAILED STEPS
     Command or ActionPurpose
    Step 1 configure terminal


    Example: 
    switch# configure terminal
switch(config)#
     

    Enters global configuration mode.

     
    Step 2 lisp dynamic-eid dynamic-eid-map-name


    Example:
    switch(config)# lisp dynamic-eid Roamer-1
switch((config-lisp-dynamic-eid)#
     

    Enters dynamic-EID map configuration mode.

     
    Step 3database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight


    Example:
    switch(config)# lisp dynamic-eid Roamer-1
switch(config-lisp-dynamic-eid)# database-mapping 172.16.1.1/32 10.1.1.1 priority 1 weight
100
     

    Configures a dynamic-EID range, the RLOC mapping relationship, and associated traffic policy for all IPv4 dynamic-EID-prefixes for this LISP site. Because this is configured under the dynamic-eid-map configuration mode, the LISP ETR registers a /32 host prefix to the mapping system when a dynamic-EID is detected in the configured range.

    Note   

    If you assign multiple dynamic-EID-prefix blocks to the site, database mapping is configured for each dynamic-EID-prefix block and for each locator by which the EID-prefix block is reachable. Also, the subnet associated to the dynamic-eid prefixes must be more specific than the one used in the global database-mapping configuration and the one used for the SVIs where the LISP map is applied.

    If the site has multiple locators associated with the same EID-prefix block, use the ip lisp database-mapping command to configure all of the locators for a given EID-prefix block. If a site is multi homed, you must configure all ETRs that belong to the same LISP or data center site consistently by using the ip lisp database-mapping command.

     
    Step 4map-notify-group mcast-group-id


    Example:
    switch(config-dynamic-eid)# map-notify-group 239.1.1.2
     

    Configures a discovering LISP-VM router to send a Map-Notify message to other LISP-VM routers within the same data center site so that they can also determine the location of the dynamic-EID.

    Note    In LISP Extended Subnet mode, a dynamic-EID detection by one xTR needs to be notified to all of the xTRs that belong to the same LISP site, for example, deployed across data center sites that are connected at Layer 2 through the LAN Extension technology. In this case, use the map-notify-group command under the dynamic-EID-map with a multicast group IP. This address is used to send a map-notify message by the xTR to all other xTRs when a dynamic-EID is detected. The time to live (TTL) value for this notification message is set to 1. This multicast group IP address can be any user-defined address other than an address that is already in use in your network. The multicast message is delivered by leveraging the LAN extension connection established between separate data centers.
     
    Step 5map-server map-server-address key key-type-authentication-key


    Example:
    switch(config)# lisp dynamic-eid Roamer-1
switch(config-lisp-dynamic-eid)# map-server 10.111.10.14 key 0 cisco
switch(config-lisp-dynamic-eid)# map-server 10.111.10.14 proxy-reply
          		(Optional) Configures the IP address of the LISP Map Server to which this router registers dynamic-EID-RLOC mappings. When deploying a redundant Map-Sever pair, you can specify both IP addresses.

    This is an optional configuration step in case you want to register Dynamic-EID-RLOC mapping to a specific Map-Server other than configured in the global LISP configuration. If you do not configure the Map Server, LISP uses the Map Server that is configured in the global configuration.

     
    Step 6exit


    Example:
    switch(config-lisp-dynamic-eid)# exit
     

    Exits the configuration mode.

     
    Step 7interface interface-name


    Example:
    switch(config)# interface Ethernet 2/0
     

    Enters the interface configuration mode.

    Theinterface-name value is the name of the interface in which the dynamic EIDs are expected to roam in or out. Switch virtual interfaces (SVIs) are specifically used in this scenario.

     
    Step 8lisp mobility dynamic-eid-map-name


    Example:
    switch(config-if)# lisp mobility Roamer-1
          		Configures the interface that you configured earlier in Step 7 to detect a dynamic-EID when a roam event occurs.

    The dynamic-eid-map-name can be any case-sensitive, alphanumeric string up to 64 characters.

    Note    Theinterface-name value is the dynamic EID map name that you configured in Step 2.

     
    Step 9lisp extended-subnet-mode


    Example:
    switch(config-if)# lisp extended-subnet-mode
     

    Configures the interface that you configured in Step 7 to accept and detect dynamic-EID roaming on extended subnets.

     
    Step 10exit


    Example:
    switch(config-if)# exit
     

    Exits the configuration mode.

     
    Step 11 show lisp dynamic-eid [ summary]


    Example:
    switch # show lisp dynamic-eid summary
     

    (Optional) Displays the summary of the LISP dynamic EIDs that are detected.

     
    Step 12copy running-config startup-config


    Example:
    switch(config-if-hsrp)# copy running-config startup-config
          		(Optional)

    Copies the running configuration to the startup configuration.

     
    Related Concepts

    Configuring VM-Mobility Across Subnets

    You can configure LISP VM-Mobility across subnets.

    Before You Begin
    • You must enable the LISP feature.
    • Ensure that you are in the correct VDC.
    • Configure a dynamic-EID map to associate with this VLAN interface.
    • Ensure that you have enabled the VLAN interfaces feature.
    SUMMARY STEPS

      1.    configure terminal

      2.    {ip | ipv6} database-mapping EID-prefix/prefix­length locator priority priority weight weight

      3.    lisp dynamic-eid dynamic-eid-map-name

      4.    database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight

      5.    map-notify-group multicast-group-ip

      6.    map-server map-server-address key key-type-authentication-key

      7.    exit

      8.    interface interface-name

      9.    lisp mobility dynamic-eid-map-name

      10.    ip proxy-arp

      11.    exit

      12.    show lisp dynamic-eid [summary]

      13.    copy running-config startup-config


    DETAILED STEPS
       Command or ActionPurpose
      Step 1configure terminal


      Example: 
      switch# configure terminal
switch(config)#
       

      Enters global configuration mode.

       
      Step 2 {ip | ipv6} database-mapping EID-prefix/prefix­length locator priority priority weight weight


      Example:
      switch(config)# ip lisp database-mapping 172.16.0.0/16 
172.16.1.1 priority 1 weight 100


      Example:
      switch(config)# ipv6 lisp database-mapping 
2001:db8:bb::/48 172.16.1.1 priority 1 weight 100
       

      Configures an EID-to-RLOC mapping relationship and associated traffic policy for all IPv4 or IPv6 EID prefix(es) for this LISP site. When deploying LISP for VM-Mobility, the prefix specified here is added only to one specific datacenter location where the EIDs are deployed initially before they are moved to remote sites.

       
      Step 3 lisp dynamic-eid dynamic-eid-map-name


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
switch((config-lisp-dynamic-eid)#
       

      Enters dynamic-EID map configuration mode.

      Note   

      The dynamic-eid-map-name value can be any user-defined name.

       
      Step 4database-mapping EID-prefix | prefix-length locator-ip priority priority weight weight


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
switch(config-lisp-dynamic-eid)# database-mapping 172.16.1.0/24 10.1.1.1 priority 1 weight
100
       

      Configures a dynamic-EID range, the RLOC mapping relationship, and associated traffic policy for all IPv4 dynamic-EID prefixes for this LISP site. Because this is configured under the dynamic-eid-map configuration mode, the LISP ETR registers a /32 host prefix to the mapping system when a dynamic-EID is detected in the configured range.

      Note   

      If you assign multiple dynamic-EID-prefix blocks to the site, database mapping is configured for each dynamic-EID-prefix block and for each locator by which the EID-prefix block is reachable.

      If the site has multiple locators associated with the same EID-prefix block, use the database-mapping command to configure all of the locators for a given EID-prefix block. If a site is multi homed, you must consistently configure all ETRs that belong to the same LISP or data center site by using the database-mapping command. Only the RLOCs of the xTRs that belong to the same data center site must be specified, which you specified by using the database-mapping command. Do not specify the RLOCs for all the xTRs that belong to the same LISP site.

       
      Step 5map-notify-group multicast-group-ip


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
switch(config-lisp-dynamic-eid)# map-notify-group 239.1.1.254
       

      Configures a discovering LISP-VM router to send a Map-Notify message to other LISP-VM routers within the same data center site so that they can also determine the location of the dynamic-EID.

      Note   

      If the LISP dynamic-EID site is multi homed, a dynamic-EID detection by one ETR needs to notify the second ETR in the same site so that the traffic is handled or load balanced by both xTRs. In this case, use the map-notify-group command to configure the dynamic-EID-map with a multicast group IP. This address is used to send a map-notify message from the ETR to all other ETRs that belong to the same LISP or data center site when a dynamic EID is detected. The time to live (TTL) value for this notification message is set to 1. This multicast group IP address can be any user-defined address other than an address that is already in use in your network.

       
      Step 6map-server map-server-address key key-type-authentication-key


      Example:
      switch(config)# lisp dynamic-eid Roamer-1
switch(config-lisp-dynamic-eid)# map-server 10.1.1.1 key some-password
switch(config-lisp-dynamic-eid)# map-server 10.1.1.1 proxy-reply
       

      Configures the IP address of the LISP Map Server to which this router registers dynamic-EID-RLOC mappings.

       
      Step 7exit


      Example:
      switch(config-lisp-dynamic-eid)# exit
       

      Exits the configuration mode.

       
      Step 8interface interface-name


      Example:
      switch(config)# interface Ethernet 2/0
       

      Enters the interface configuration mode.

      The interface-name value is the name of the interface in which the dynamic EIDs are expected to roam in or out.

       
      Step 9lisp mobility dynamic-eid-map-name


      Example:
      switch(config-if)# lisp mobility Roamer-1
       

      Configures the interface that you configured earlier in Step 7 to detect a dynamic-EID when a roam event occurs.

       
      Step 10ip proxy-arp


      Example:
      switch(config-if)# ip proxy-arp
       

      Configures the interface to proxy-arp.

       
      Step 11exit


      Example:
      switch(config-if) exit
       

      Exits the configuration mode.

       
      Step 12 show lisp dynamic-eid [summary]


      Example:
      switch # show lisp dynamic-eid summary
       

      (Optional) Displays the summary of the LISP dynamic EIDs that are detected.

       
      Step 13 copy running-config startup-config


      Example:
      switch # copy running-config start-up-config
       

      (Optional) Copies the running configuration to the startup configuration.

       
      Related Concepts

      Configuring HSRP for VM-Mobility

      You can configure HSRP for LISP VM-Mobility.

      Before You Begin
      • You must enable the LISP feature.
      • Ensure that you are in the correct VDC.
      • Ensure that you have enabled the VLAN interfaces feature and the HSRP feature.
      • In extended subnet mode, you must filter HSRP hellos between sites to allow a localized default gateway functionality.
      SUMMARY STEPS

        1.    configure terminal

        2.    interface vlan-id

        3.    ip ip-address

        4.    hsrp id

        5.    (Optional) mac-address virtual-mac-address

        6.    (Optional) ip virtual-ip-address

        7.    (Optional) show lisp dynamic-eid [summary]

        8.    (Optional) copy running-config startup-config


      DETAILED STEPS
         Command or ActionPurpose
        Step 1configure terminal


        Example: 
        switch# configure terminal
switch(config)#
         

        Enters global configuration mode.

         
        Step 2 interface vlan-id


        Example:
        switch(config)# interface VLAN 10
switch(config-if)#
         

        Configures a VLAN interface (SVI) and enters interface configuration mode.

         
        Step 3ip ip-address


        Example:
        switch(config-if)# ip 10.3.3.5/24
         

        Configures the IPv4 address. The address is in dotted decimal notation.

         
        Step 4hsrp id


        Example:
        switch(config-if)# hsrp 100
switch(config-if-hsrp)#
         

        Configures HSRP for this VLAN interface and enters interface HSRP configuration mode. When using LISP-VM-Mobility in conjunction with LAN extensions, we recommend that the same HSRP IDs are used consistently across all sites where the VLANs are extended. This guarantees that the same MAC address is used for the HSRP gateway in all sites. If different HSRP IDs are used, then the mac-address must be set manually as described below.

         
        Step 5mac-address virtual-mac-address


        Example:
        switch(config-if-hsrp)# mac-address 0000.0E1D.010C
                  		(Optional)

        Configures the HSRP virtual MAC address. This address must be identical across all subnets. This command is required when using LISP-VM mobility across subnets, but may not be required when using LISP VM-mobility in conjunction with LAN extensions and if the HSRP ID is kept constant across the different sites.

         
        Step 6ip virtual-ip-address


        Example:
        switch(config-if-hsrp)# ip 10.3.3.1
                  		(Optional)

        Configures the HSRP virtual IP address. This command is mandatory for extended VLANs and the address must be identical in all sites in the extended VLAN.

         
        Step 7show lisp dynamic-eid [summary]


        Example:
        switch(config-if-hsrp)# show lisp dynamic-eid summary
                  		(Optional)

        Displays a summary of dynamic-EIDs detected.

         
        Step 8copy running-config startup-config


        Example:
        switch(config-if-hsrp)# copy running-config startup-config
                  		(Optional)

        Copies the running configuration to the startup configuration.

         

        Additional References

        This section includes additional information related to implementing LISP.

        RFCs

        RFC

        Title

        draft-ietf-lisp-07

        Locator/ID Separation Protocol (LISP)

        http://tools.ietf.org/html/draft-ietf-lisp-07

        draft-ietf-lisp-alt-04

        LISP Alternative Topology (LISP+ALT)

        http://tools.ietf.org/html/draft-ietf-lisp-alt-04

        draft-ietf-lisp-interworking-01

        Interworking LISP with IPv4 and IPv6

        http://tools.ietf.org/html/draft-ietf-lisp-interworking-01

        draft-ietf-lisp-lig-00

        LISP Internet Groper (LIG)

        http://tools.ietf.org/html/draft-ietf-lisp-lig-00

        draft-ietf-lisp-ms-05

        LISP Map Server

        http://tools.ietf.org/html/draft-ietf-lisp-ms-05

        Standards

        Standard

        Title

        No new or modified standards are supported by this release.

        		  

        MIBs

        MIB

        MIBs Link

        None

        To locate and download MIBs for selected platforms, Cisco NX-OS software releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs

        Feature History for LISP

        Table 2 Feature History for LISP

        Feature Name

        Releases

        Feature Information

        LISP-ALT functionality

        5.2(3)

        This functionality is no longer required to configure other LISP features.

        Locator/ID Separation Protocol (LISP)

        5.2(1)

        This feature is introduced.