Cisco SD-Access Commands

broadcast-underlay

To configure the underlay in a LISP network to use a mutlicast group to send encapsulated broadcast packets and link local multicast packets, use the broadcast-underlay command in the service submode.

[ no] broadcast-underlay multicast-ip

Syntax Description

multicast-ip

The IP address of the multicast group used to send the encapsulated broadcast packets

Command Default

None.

Command Modes

LISP Service Ethernet (router-lisp-inst-serv-eth)  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use this command to enable the broadcast functionality on the fabric edge node in a LISP network. Ensure that this command is used in the router-lisp-service-ethernet mode or router-lisp-instance-service-ethernet mode.

Use the no form of the command to remove the broadcast functionality.

The following example shows how to configure broadcast on a fabric edge node:

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ethernet
device(config-router-lisp-inst-serv-eth)#eid-table vlan 250
device(config-router-lisp-inst-serv-eth)#broadcast-underlay 225.1.1.1
device(config-router-lisp-inst-serv-eth)#database-mapping mac locator-set rloc2
device(config-router-lisp-inst-serv-eth)#exit-service-ethernet

database-mapping

To configure an IPv4 or IPv6 endpoint identifier-to-routing locator (EID-to-RLOC) mapping relationship and an associated traffic policy for Locator/ID Separation Protocol (LISP), use the database-mapping command in the LISP EID-table configuration mode. To remove the configured database mapping, use the no form of the command.

[ no ] database-mapping eid-prefix / prefix-length { locator-set RLOC-name [ proxy ] | ipv6-interface interface-name | ipv4-interface interface-name | auto-discover-rlocs | limit }

Syntax Description

eid-prefix / prefix-length

Specifies the IPv4 or IPv6 endpoint identifier prefix and length that is advertised by the router.

locator-set RLOC-name

Specifies the routing locator (RLOC) associated with the value specified for the eid-prefix.

proxy

Enables configuration of static proxy database mapping.

ipv4 interface interface-name

Specifies the IPv4 address and name of the interface to be used as the RLOC for the EID prefix.

ipv6 interface interface-name

Specifies the IPv6 address and name of the interface to be used as the RLOC for the EID prefix.

auto-discover-rlocs

Configures the Egress Tunnel Router (ETR) to discover the locators of all routers configured to function as both an ETR and an Ingress Tunnel Router (ITR)—such routers are referred to as xTRs—in the ETR LISP site when the site uses multiple xTRs and each xTR is configured to use DHCP-learned locators or configured with only its own locators.

limit

Specifies the maximum size of local EID prefixes database.

Command Default

No LISP database entries are defined.

Command Modes

LISP Instance Service (router-lisp-instance-service)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Fuji 16.9.1

Introduced support for the keyword proxy.

Usage Guidelines

In the LISP-instance-service configuration mode, the database-mapping command configures LISP database parameters a specified IPv4 or IPv6 EID-prefix block. The locator is the IPv4 or IPv6 address of any interface used as the RLOC address for the eid-prefix assigned to the site but can also be the loopback address of the interface.

When a LISP site has multiple locators associated with the same EID-prefix block, multiple database-mapping commands are used to configure all of the locators for a given EID-prefix block.

In a multi-site scenario, the LISP border node advertises the site EID that it’s attached to on the transit map-server to attract site traffic. To do this, it has to obtain the route from the internal border and proxy register with the transit site map-server accordingly. The database-mapping eid-prefix locator-set RLOC-name proxy command enables the configuration of a static proxy database mapping.

Examples

The following example shows how to map the eid-prefix with the locator-set, RLOC, in the EID configuration mode on an external border:


Note


Ensure that the locator-set RLOC is already configured.


device(config)# router lisp
device(config-router-lisp)# instance-id 3
device(config-router-lisp-inst)# service ipv4
device(config-router-lisp-inst-serv-ipv4)#eid-table vrf red
device(config-router-lisp-inst-serv-ipv4-eid-table)# database-mapping 172.168.0.0/16 locator-set RLOC proxy
device(config-router-lisp-inst-serv-ipv4-eid-table)# database-mapping 173.168.0.0/16 locator-set RLOC proxy
device(config-router-lisp-inst-serv-ipv4-eid-table)# map-cache 0.0.0.0/0 map-request
device(config-router-lisp-inst-serv-ipv4-eid-table)#exit
device(config-router-lisp-inst-serv-ipv4)#

dynamic-eid

To create a dynamic End Point Identifier (EID) policy and enter the dynamic-eid configuration mode on an xTR, use the dynamic-eid command.

dynamic-eid eid-name

Syntax Description

eid-name

If eid-name exists, it enters eid-name configuration mode. Else, a new dynamic-eid policy with name eid-name is created and it enters the dynamic-eid configuration mode.

Command Default

No LISP dynamic-eid policies are configured.

Command Modes

LISP EID-table (router-lisp-eid-table)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

To configure LISP mobility, create a dynamic-EID roaming policy that can be referenced by the lisp mobility interface command. When the dynamic-eid command is entered, the referenced LISP dynamic-EID policy is created and you enter the dynamic-EID configuration mode. In this mode, all attributes associated with the referenced LISP dynamic-EID policy can be entered. When a dynamic-EID policy is configured, you must specify the dynamic-EID-to-RLOC mapping relationship and its associated traffic policy.

eid-record-provider

To define the extranet policy table for the provider instance use the eid-record-provider command in the lisp-extranet mode.

[ no] eid-record-provider instance-id instance id { ipv4 address prefix| ipv6 address prefix} bidirectional

Syntax Description

instance-id instance id

The instance-id of the LISP instance for which the extranet provider policy applies.

ipv4 address prefix

Defines the IPv4 EID prefixes to be leaked, specified in a.b.c.d/nn form.

ipv6 address prefix

Defines the IPv6 EID prefixes to be leaked, prefix specified in X:X:X:X::X/<0-128> form.

bidirectional

Specifies that the extranet communication between the provider and subscriber EID prefixes are bidirectional.

Command Default

None.

Command Modes

router-lisp-extranet  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the no form of the command to negate the eid-record-provider configuration.

Examples

device(config)#router lisp
device(config-router-lisp)#extranet ext1
device(config-router-lisp-extranet)#eid-record-provider instance-id 5000 10.0.0.0/8 bidirectional
device(config-router-lisp-extranet)#eid-record-subscriber instance-id 1000 3.0.0.0/24 bidirectional

eid-record-subscriber

To define the extranet policy table for the subscriber instance use the eid-record-subscriber command in the lisp-extranet mode.

[ no] eid-record-subscriber instance-id instance id { ipv4 address prefix| ipv6 address prefix} bidirectional

Syntax Description

instance-id instance id

The instance-id of the LISP instance for which the extranet provider policy applies.

ipv4 address prefix

Defines the IPv4 EID prefixes to be leaked, specified in a.b.c.d/nn form.

ipv6 address prefix

Defines the IPv6 EID prefixes to be leaked, prefix specified in X:X:X:X::X/<0-128> form.

bidirectional

Specifies that the extranet communication between the provider and subscriber EID prefixes are bidirectional.

Command Default

None.

Command Modes

LISP Extranet (router-lisp-extranet)  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the no form of the command to negate the eid-record-subscriber configuration.

Examples

device(config)#router lisp
device(config-router-lisp)#extranet ext1
device(config-router-lisp-extranet)#eid-record-provider instance-id 5000 10.0.0.0/8 bidirectional
device(config-router-lisp-extranet)#eid-record-subscriber instance-id 1000 3.0.0.0/24 bidirectional
device(config-router-lisp-extranet)#eid-record-subscriber instance-id 2000 20.20.0.0/8 bidirectional

eid-table

The eid-table command associates the instance-service instantiation with a virtual routing and forwarding (VRF) table or default table through which the endpoint identifier address space is reachable.

[ no] eid-table { vrf-name | default | vrf vrf-name}

Syntax Description

default

Selects the default (global) routing table for association with the configured instance-service.

vrf vrf-name

Selects the named VRF table for association with the configured instance.

Command Default

Default VRF is associated with instance-id 0.

Command Modes

router-lisp-instance-service  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

This command is used only in the instance-service mode.

For Layer 3 (service ipv4 / service ipv6), a VRF table is associated with the instance-service. For Layer 2 (service ethernet), a VLAN is associated with the instance-service.


Note


For Layer 2, ensure that you have defined a VLAN before configuring the eid-table.

For Layer 3, ensure that you have defined a VRF table before you configure the eid-table.


Examples

In the following example, an XTR is configured to segment traffic using VRF named vrf-table. The EID prefix associated with vrf-table is connected to instance ID 3.

device(config)#vrf definition vrf-table
device(config-vrf)#address-family ipv4
device(config-vrf-af)#exit
device(config-vrf)#exit
device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#eid-table vrf vrf-table

Examples

In the following example, the EID prefix associated with a VLAN, named Vlan10, is connected to instance ID 101.

device(config)#interface Vlan10 
device(config-if)#mac-address ba25.cdf4.ad38
device(config-if)#ip address 10.1.1.1 255.255.255.0
device(config-if)#end
device(config)#router lisp
device(config-router-lisp)#instance-id 101
device(config-router-lisp-inst)#service ethernet
device(config-router-lisp-inst-serv-ethernet)#eid-table Vlan10
device(config-router-lisp-inst-serv-ethernet)#database-mapping mac locator-set set
device(config-router-lisp-inst-serv-ethernet)#exit-service-etherne
device(config-router-lisp-inst)#exit-instance-id

encapsulation

To configure the type of encapsulation of the data packets in the LISP network, use the encapsulation command in the service mode.

[ no] encapsulation { vxlan | lisp}

Syntax Description

encapsulation vxlan

Specifies VXLAN-based encapsulation.

encapsulation lisp

Specifies LISP-based encapsulation

Command Default

None.

Command Modes

LISP Service IPv4 (router-lisp-serv-ipv4)

LISP Service IPv6 (router-lisp-serv-ipv6)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the encapsulation vxlan command in the service ethernet mode to encapuslate Layer 2 packets. Use the encapsulation lisp command in the service ipv4 or service ipv6 mode to encapsulate the Layer 3 packets.

Use the no form of the command to remove encapsulation on the packets.

The following example shows how to configure an xTR for data encapsulation

Examples

device(config)#router lisp
device(config-router-lisp)#service ipv4
device(config-router-lisp-serv-ipv4)#encapuslation vxlan
device(config-router-lisp-serv-ipv4)#map-cache-limit 200
device(config-router-lisp-serv-ipv4)#exit-service-ipv4

etr

To configure a device as an Egress Tunnel Router (ETR) use the etr command in the instance-service mode or service submode.

[ no ] etr

Command Default

The device is not configured as ETR by default.

Command Modes

router-lisp-instance-service

router-lisp-service

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use this command to enable a device to perform the ETR functionality.

Use the no form of the command to remove the ETR functionality.

A router configured as an ETR is also typically configured with database-mapping commands so that the ETR knows what endpoint identifier (EID)-prefix blocks and corresponding locators are used for the LISP site. In addition, the ETR should be configured to register with a map server with the etr map-server command, or to use static LISP EID-to-routing locator (EID-to-RLOC) mappings with the map-cache command to participate in LISP networking.

The following example shows how to configure a device as an ETR.

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#etr

etr map-server

To configure a map server to be used by the Egress Tunnel Router (ETR) when configuring the EIDs, use the etr map-server command in the instance mode or instance-service mode. To remove the configured locator address of the map-server, use the no form of this command.

etr map-server map-server-address { key [ 0| 6| 7] authentication-key | proxy-reply }

Syntax Description

map-server-address

The locator address of the map server.

key

Specifies the key type.

0

Indicates that password is entered as clear text.

6

Indicates that password is in the AES encrypted form.

7

Indicates that passowrd is a weak encrypted one.

authentication-key

The password used for computing the SHA-1 HMAC hash that is included in the header of the map-register message.

proxy-reply

Specifies that the map server answer the map-requests on behalf the ETR.

Command Default

None.

Command Modes

LISP Instance Service (router-lisp-inst-serv)

LISP Service (router-lisp-serv)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the etr map-server command to configure the locator of the map server to which the ETR will register for its EIDs. The authentication key argument in the command syntax is a password that is used for a SHA-1 HMAC hash (included in the header of the map-register message). The password used for the SHA-1 HMAC may be entered in unencrypted (cleartext) form or encrypted form. To enter an unencrypted password, specify 0. To enter an AES encrypted password, specify 6.

Use the no form of the command to remove the map server functionality.

The following example shows how to configure a map server located at 2.1.1.6 to act as a proxy in order to answer the map-requests on the ETR .

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#etr map-server 2.1.1.6 key foo
device(config-router-lisp-inst-serv-ipv4)#etr map-server 2.1.1.6 proxy-reply

extranet

To enable the inter-VRF communication in a LISP network, use the extranet command in the LISP configuration mode on the MSMR.

extranet name-extranet

Syntax Description

name-extranet

Specifies the name of the extranet created.

Command Default

None.

Command Modes

LISP (router-lisp)  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Examples

device(config)#router lisp
device(config-router-lisp)#extranet ext1
device(config-router-lisp-extranet)#

first-packet-petr

To prevent the loss of the first packet (and subsequent packets until map-cache is resolved), use the first-packet-petr command on the Map Server, in the LISP-service or the LISP-instance-service configuration mode. To disable the configuration of this command, use its no form.

Configuring this command ensures that even the first packet that is sent out from the fabric edge device reaches its destination through a first-packet-handler border that is available.

[ no] first-packet-petr remote-locator-set fpetr-RLOC

Syntax Description

remote-locator-set fpetr-RLOC

Specifies a remote locator-set, which is a set of IP addresses of remote devices, that connect to an external network or to networks across sites or to Data Center through remote or local sites.

Command Default

None.

Command Modes

LISP-instance-service

LISP-service

Command History

Release Modification

Cisco IOS XE Amsterdam 17.3.1

The command was introduced.

Usage Guidelines

The ITR or the fabric edge device drops the initial packets sent to it until it learns the destination EID reachability from the local MSMR. To prevent the drop of the first packet, configure the first-packet-petr command on the local MSMR.

Configure the first-packet-petr command on the local map server to ensure that when the fabric edges boots up and resolves the 0/0 map-cache entry, it gets the first packet forwarding RLOCs.

When an MSMR receives a request to connect to an external network (like internet), it first checks for the availability of an external border. If the map server does not find the default-ETR border or the internet service providing border, it responds with the remote RLOCs that are configured with the first-packet-petr command.


Note


You can configure the first-packet-petr command only on a control plane that is within a fabric site. You cannot configure this command on the control plane of a transit site.


Examples

The following example first defines a remote locator set and associates the remote RLOCs with the first-packet-petr command:

Device(config)#router lisp
Device(config-router-lisp)#remote-locator-set fpetr
Device(config-router-lisp-remote-locator-set)#23.23.23.23 priority 1 weight 1
Device(config-router-lisp-remote-locator-set)#24.24.24.24 priority 1 weight 1
 Device(config-router-lisp-remote-locator-set)#exit-remote-locator-set

Device(config-router-lisp)#service ipv4
Device(config-lisp-srv-ipv4)#first-packet-petr remote-locator-set fpetr
Device(config-lisp-srv-ipv4)#map-server
Device(config-lisp-srv-ipv4)#map-resolver
Device(config-lisp-srv-ipv4)#exit-service-ipv4
Device(config-router-lisp)#

The configured behavior is inherited by all instances under service ipv4.

To override the behavior for a particular instance, configure the first-packet-petr command for that instance. In the following example, instance 101 disables the first-packet-petr command.

Device(config-router-lisp)#instance-id 101
  Device(config-router-lisp-inst)#service ipv4
  Device(config-router-lisp-inst-service-ipv4)#no first-packet-petr remote-locator-set  
  Device(config-router-lisp-inst-service-ipv4)#exit-service-ipv4

instance-id

To creae a LISP EID instance under the router-lisp configuration mode and enter the instance-id submode, use the instance-id command.

instance-id iid

Command Default

None.

Command Modes

LISP (router-lisp)  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the instance-id command to create a LISP eid instance to group multiple services.

Configuration under this instance-id will apply to all services underneath it.

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#

ip pim lisp core-group-range

To configure the core range of address of a Protocol Independent Multicast (PIM) Source Specific Multicast (SSM) on a LISP sub-interface, use the ip pim lisp core-group-range command in interface configuration mode. To remove SSM address range, use the no form of this command

[ no] ip pim lisp core-group-range start-SSM-address range-size

Syntax Description

start-SSM-address

Specifies the start of the SSM IP address range.

number-of-groups

Specifies the size of group range.

Command Default

By default the group range 232.100.100.1 to 232.100.100.255 is assigned if a core range of addresses is not configured.

Command Modes

LISP Interface Configuration  (config-if)

Command History

Release Modification

Cisco IOS XE 16.9.1

This command was introduced.

Example

Native multicast transport supports only PIM SSM in the underlay or the core. Multicast transport uses a grouping mechanism to map the end-point identifiers (EID) entries to the RLOC space SSM group entries. By default, the group range 232.100.100.1 to 232.100.100.255 is used as the SSM range of addresses on a LISP interface to transport multicast traffic. Use the ip pim lisp core-group-range command to manually change this SSM core group range of IP addresses on the LISP interfaces.

The following example defines a group of 1000 IP addresses starting from 232.0.0.1 as the SSM range of addresses on the core for multicast traffic.

Device(config)#interface LISP0.201
Device(config-if)#ip pim lisp core-group-range 232.0.0.1 1000
 

ip pim lisp transport multicast

To enable multicast as the transport mechanism on LISP interface and sub-interface, use the ip pim lisp transport multicast command in the LISP Interface Configuration mode. To disable multicast as the transport mechanism on the LISP interface, use the no form of this command

[ no] ip pim lisp transport multicast

Syntax Description

This command has no keywords or arguments.

Command Default

If this command is not configured, head-end replication is used for multicast.

Command Modes

LISP Interface Configuration  (config-if)

Command History

Release Modification

Cisco IOS XE 16.9.1

This command was introduced.

Example

The following example configures multicast as the transport mechanism on a LISP Interface:

Device(config)#interface LISP0
 Device(config-if)#ip pim lisp transport multicast 

ip pim rp-address

To configure the address of a Protocol Independent Multicast (PIM) rendezvous point (RP) for a particular group, use the ip pim rp-address command in global configuration mode. To remove an RP address, use the no form of this command

[ no] ip pim [ vrfvrf-name] rp-address rp-address[ access-list]

Syntax Description

vrf

Optional) Specifies the multicast Virtual Private Network (VPN) routing and forwarding (VRF) instance.

vrf-name

(Optional) Name assigned to the VRF.

rp-address

IP address of a router to be a PIM RP. This is a unicast IP address in four-part dotted-decimal notation.

access-list

(Optional) Number or name of an access list that defines the multicast groups for which the RP should be used.

Command Default

None.

Command Modes

Global Configuration  (config)

Command History

Release Modification

Cisco IOS XE 16.8.1s

This command was introduced.

Example

Use the ip pim rp-address command to statically define the RP address for multicast groups that are to operate in sparse mode or bidirectional mode.

You can configure the Cisco IOS software to use a single RP for more than one group. The conditions specified by the access list determine for which groups the RP can be used. If no access list is configured, the RP is used for all groups. A PIM router can use multiple RPs, but only one per group.

The following example sets the PIM RP address to 185.1.1.1 for all multicast groups:

Device(config)#ip pim rp-address 185.1.1.1
 

ip pim sparse mode

To enable sparse mode of operation of Protocol Independent Multicast (PIM) on an interface, use the ip pim sparse-mode command in the Interface Configuration mode. To disable the sparse mode of operation use the no form of this command

[ no] ip pim sparse mode{

Syntax Description

This command has no keywords or arguments.

Command Default

None.

Command Modes

Interface Configuration  (config-if)

Command History

Release Modification

Cisco IOS XE 16.8.1s

This command was introduced.

Usage Guidelines

The NetFlow collect commands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow.

Examples

Device(config)#interface Loopback0
Device(config-if)#ip address 170.1.1.1 255.255.255.0 
Device(config-if)#ip pim sparse-mode 

ipv4 multicast multitopology

To enable Multicast-Specific RPF topology support for IP Multicast routing, use the ipv4 multicast multitopology command in the VRF configuration mode. To disable the Multicast-Specific RPF Topology support, use the no form of this command.

[ no] ipv4 multicast multitopology

Syntax Description

This command has no arguments or keywords.

Command Default

None.

Command Modes

VRF Configuration  (config-vrf)

Command History

Release Modification

Cisco IOS XE 16.8.1s

Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Examples

Device(config)#vrf definition VRF1
Device(config-vrf)#ipv4 multicast multitopology 

ip pim ssm

To define the Source Specific Multicast (SSM) range of IP multicast addresses, use the ip pim ssm command in global configuration mode. To disable the SSM range, use the no form of this command.

[ no] ip pim[ vrfvrf-name] ssm{ default | range access-list}

Syntax Description

vrf

Optional) Specifies the multicast Virtual Private Network (VPN) routing and forwarding (VRF) instance.

vrf-name

(Optional) Name assigned to the VRF.

range access-list

Specifies the standard IP access list number or name defining the SSM range.

default2

Defines the SSM range access list to 232/8.

Command Default

None.

Command Modes

Global Configuration  (config)

Command History

Release Modification

Cisco IOS XE 16.8.1s

This command was introduced.

Usage Guidelines

When an SSM range of IP multicast addresses is defined by the ip pim ssm command, no Multicast Source Discovery Protocol (MSDP) Source-Active (SA) messages will be accepted or originated in the SSM range.

Examples

Device(config)#ip pim ssm default

itr

To configure a device as an Ingress Tunnel Router (ITR) use the itr command in the service submode or instance-service mode.

[ no ] itr

Command Default

The device is not configured as ITR by default.

Command Modes

LISP Instance Service (router-lisp-instance-service)

LISP Service (router-lisp-service)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use this command to enable a device to perform the ITR functionality.

Use the no form of the command to remove theITR functionality.

A device configured as an ITR helps find the EID-to-RLOC mapping for all traffic destined to LISP-capable sites.

The following example shows how to configure a device as an ITR.

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#itr

itr map-resolver

To configure a device as a map resolver to be used by an Ingress Tunnel Router (ITR) when sending map-requests, use the itr map-resolver command in the service submode or instance-service mode.

[ no] itr [ map-resolver map-address] prefix-list prefix-list-name

Syntax Description

map-resolver map-address

Configures map-resolver address for sending map requests, on the ITR.

prefix-list prefix-list-name

Specifies the prefix list to be used.

Command Default

None.

Command Modes

router-lisp-instance-service  

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Fuji 16.9.1

Introduced prefix-list as part of the command.

Usage Guidelines

Use this command to enable a device to perform the ITR map-resolver functionality.

Use the no form of the command to remove the map-resolver functionality.

A device configured as a Map Resolver accepts encapsulated Map-Request messages from ITRs, decapsulates those messages, and then forwards the messages to the Map Server responsible for the egress tunnel routers (ETRs) that are authoritative for the requested EIDs. In a multi-site environment, the site border relies on Map Resolver prefix-list to determine whether to query the transit site MSMR or site MSMR.

The following example shows how to configure an ITR to use the map-resolver located at 2.1.1.6 when sending map request messages.

Examples

device(config)#router lisp
device(config-router-lisp)#prefix-list wired
device(config-router-lisp-prefix-list)#2001:193:168:1::/64
device(config-router-lisp-prefix-list)#192.168.0.0/16
device(config-router-lisp-prefix-list)#exit-prefix-list

device(config-router-lisp)#service ipv4
device(config-router-lisp-serv-ipv4)#encapsulation vxlan
device(config-router-lisp-serv-ipv4)#itr map-resolver 2.1.1.6 prefix-list wired
device(config-router-lisp-serv-ipv4)#

locator default-set

To mark a locator-set as default, use the locator default-set command at the router-lisp level.

[ no] locator default-set rloc-set-name

Syntax Description

rloc-set-name

The name of locator-set that is set as default.

Command Default

None

Command Modes

LISP (router-lisp)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The locator-set configured as default with the locator default-set command applies to all services and instances.

locator-set

To specify a locator-set and enter the locator-set configuration mode, use the locator-set command at the router-lisp level.

[ no] locator-set loc-set-name

Syntax Description

loc-set-name

The name of locator-set.

Command Default

Name

Command Modes

LISP (router-lisp)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

You must first define the locator-set before referring to it.

map-cache

To configure a static endpoint identifier (EID) to routing locator (RLOC) (EID-to-RLOC) mapping relationship, use the map-cache command in the instance-service ipv4 or instance-service ipv6 mode.

[ no ] map-cache destination-eid-prefix/prefix-len { ipv4-address { priority priority weight weight } | ipv6-address | map-request | native-forward}

Syntax Description

destination-eid-prefix/prefix-len

Destination IPv4 or IPv6 EID-prefix/prefix-length. The slash is required in the syntax.

ipv4-address priority priority weight weight

IPv4 Address of loopback interface. Associated with this locator address is a priority and weight that are used to define traffic policies when multiple RLOCs are defined for the same EID-prefix block.

Note

 

Lower priority locator takes preference.

ipv6-address

IPv6 Address of loopback interface.

map-request

Send map-request for LISP destination EID

native-forward

Natively forward packets that match this map-request.

Command Default

None.

Command Modes

LISP Instance Service (router-lisp-instance-service)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The first use of this command is to configure an Ingress Tunnel Router (ITR) with a static IPv4 or IPv6 EID-to-RLOC mapping relationship and its associated traffic policy. For each entry, a destination EID-prefix block and its associated locator, priority, and weight are entered. The value in the EID-prefix/prefix-length argument is the LISP EID-prefix block at the destination site. The locator is an IPv4 or IPv6 address of the remote site where the IPv4 or IPv6 EID-prefix can be reached. Associated with the locator address is a priority and weight that are used to define traffic policies when multiple RLOCs are defined for the same EID-prefix block.

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#map-cache 1.1.1.1/24 map-request

map-cache extranet

To install all configured extranet prefixes into map-cache, use the map-cache extranet command in the instance-service ipv4 or instance-service ipv6 mode.

map-cache extranet-registration

Command Default

None.

Command Modes

LISP Instance Service (router-lisp-instance-service)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

To support inter-VRF communication, use the map-cache extranet command on the Map Server Map Resolver (MSMR). This command generates map requests for all fabric destinations. Use this command in the service ipv4 or service ipv6 mode under the extranet instance.

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#map-cache extranet-registration

prefix-list

To define a named LISP prefix set and to enter the LISP prefix-list configuration mode, use the prefix-list command in the Router LISP configuration mode. Use the no form of the command to remove the prefix list.

[ no] prefix-list prefix-list-name

Syntax Description

prefix-list prefix-list-name

Specifies the prefix list to be used and enters the prefix-list configuration mode.

Specifies IPv4 EID-prefixes or IPv6 EID-prefixes in the prefix-list mode.

Command Default

No prefix list is defined.

Command Modes

LISP (router-lisp)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

Use the prefix-list command to configure an IPV4 or IPv6 prefix list. This command places the router in prefix-list configuration mode, in which you can define IPv4 prefix list, or IPv6 prefix list. Use the exit-prefix-list command to exit the prefix-list-configuration mode.

Examples

device(config)#router lisp
device(config-router-lisp)#prefix-list wired
device(config-router-prefix-list)#2001:193:168:1::/64
device(config-router-lisp-prefix-list)#192.168.0.0/16
device(config-router-lisp-prefix-list)#exit-prefix-list

route-import database

To configure the import of Routing Information Base (RIB) routes to define local endpoint identifier (EID) prefixes for database entries and associate them with a locator set, use the route-import database command in the instance service submode. To remove this configuration, use the no form of this command.

[ no] route-import database { bgp| connected| eigrp| isis| maximum-prefix| ospf| ospfv3| rip| static} { [ route-map] locator-set locator-set-name proxy}

Syntax Description

bgp

Border Gateway Protocol. Imports RIB routes into LISP using BGP protocol.

connected

Connected routing protocol

eigrp

Enhanced Interior Gateway Routing Protocol. Imports RIB routes into LISP using EIGRP protocol.

isis

ISO IS-IS. Imports RIB routes into LISP using IS-IS protocol.

ospf

ospfv3

Open Shortest Path First

Open Shortest Path First version 3

maximum-prefix

Configures the maximum number of prefixes to pick up from the RIB.

rip

Routing Information Protocol

static

Defines static routes.

locator-set locator-set-name

Specifies the Locator Set to be used with created database mapping entries.

proxy

Enables the dynamic import of RIB route as proxy database mapping.

Command Default

None.

Command Modes

LISP Instance Service (router-lisp-instance-service)  

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

Use the route-import database command with the proxy option to enable the dynamic import of RIB route as proxy database mapping. When RIB import is in use, the corresponding RIB map-cache import, using route-import map-cache command must also be configured, else the inbound site traffic will not pass the LISP eligibility check due to the presence of RIB route.

The following example shows how to configure the dynamic import of RIB route as proxy database:

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#eid-table default
device(config-router-lisp-inst-serv-ipv4)#database-mapping 193.168.0.0/16 locator-set RLOC proxy
device(config-router-lisp-inst-serv-ipv4)#route-import map-cache bgp 65002 route-map map-cache-database
device(config-router-lisp-inst-serv-ipv4)#route-import database bgp 65002 locator-set RLOC proxy

service

The service command creates a configuration template for all instance-service instantiations of that particular service.

[ no] service{ ipv4 | ipv6 | ethernet}

Syntax Description

service ipv4

Enables Layer 3 network services for the IPv4 Address family.

service ipv6

Enables Layer 3 network services for the IPv6 Address family.

service ethernet

Enables Layer 2 network services.

Command Default

None.

Command Modes

LISP Instance (router-lisp-instance)

LISP  (router-lisp)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The service command creates a service instance under the instance-id and enters the instance-service mode. You cannot confgure service ethernet for the same instance where service ipv4 or service ipv6 is configured.

Use the no form of the command to exit the service submode.

Examples

device(config)#router lisp
device(config-router-lisp)#instance-id 3
device(config-router-lisp-inst)#service ipv4
device(config-router-lisp-inst-serv-ipv4)#
device(config)#router lisp
device(config-router-lisp)#instance-id 5
device(config-router-lisp-inst)#service ethernet
device(config-router-lisp-inst-serv-ethernet)#

show lisp instance-id ipv4 database

To display the operational status of the IPv4 address family and the database mappings on the device, use the show lisp instance-id ipv4 database command in the privileged EXEC mode.

show lisp instance-id instance-id ipv4 database

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Cisco IOS XE Fuji 16.9.1

Support for display of proxy database size.

Usage Guidelines

Use the command show lisp instance-id id ipv4 database to display the EID prefixes configured for a site. The following is a sample output:

device#show lisp instance-id 101 ipv4 database
LISP ETR IPv4 Mapping Database for EID-table vrf red (IID 101), LSBs: 0x1
Entries total 1, no-route 0, inactive 0
 
172.168.0.0/16, locator-set RLOC, proxy
  Locator          Pri/Wgt  Source     State
  100.110.110.110    1/100  cfg-intf   site-self, reachable
 
 device#
device#show lisp instance-id 101 ipv4
  Instance ID:                         101
  Router-lisp ID:                      0
  Locator table:                       default
  EID table:                           vrf red
  Ingress Tunnel Router (ITR):         disabled
  Egress Tunnel Router (ETR):          enabled
  Proxy-ITR Router (PITR):             enabled RLOCs: 100.110.110.110
  Proxy-ETR Router (PETR):             disabled
  NAT-traversal Router (NAT-RTR):      disabled
  Mobility First-Hop Router:           disabled
  Map Server (MS):                     enabled
  Map Resolver (MR):                   enabled
  Mr-use-petr:                         enabled
  Mr-use-petr locator set name:        site2
  Delegated Database Tree (DDT):       disabled
  Site Registration Limit:             0
  Map-Request source:                  derived from EID destination
  ITR Map-Resolver(s):                 100.77.77.77
                                       100.78.78.78
                                       100.110.110.110 prefix-list site2
  ETR Map-Server(s):                   100.77.77.77 (11:25:01)
                                       100.78.78.78 (11:25:01)
  xTR-ID:                              0xB843200A-0x4566BFC9-0xDAA75B2D-0x8FBE69B0
  site-ID:                             unspecified
  ITR local RLOC (last resort):        100.110.110.110
  ITR Solicit Map Request (SMR):       accept and process
    Max SMRs per map-cache entry:      8 more specifics
    Multiple SMR suppression time:     20 secs
  ETR accept mapping data:             disabled, verify disabled
  ETR map-cache TTL:                   1d00h
  Locator Status Algorithms:
    RLOC-probe algorithm:              disabled
    RLOC-probe on route change:        N/A (periodic probing disabled)
    RLOC-probe on member change:       disabled
    LSB reports:                       process
    IPv4 RLOC minimum mask length:     /0
    IPv6 RLOC minimum mask length:     /0
  Map-cache:
    Static mappings configured:        1
    Map-cache size/limit:              1/32768
    Imported route count/limit:        0/5000
    Map-cache activity check period:   60 secs
    Map-cache FIB updates:             established
    Persistent map-cache:              disabled
 Database:
    Total database mapping size:       1
    static database size/limit:        1/65535
    dynamic database size/limit:       0/65535
    route-import database size/limit:  0/5000
    import-site-reg database size/limit0/65535
    proxy database size:               1
    Inactive (deconfig/away) size:     0
  Encapsulation type:                  vxlan
 

show lisp instance-id ipv6 database

To display the operational status of the IPv6 address family and the database mappings on the device, use the show lisp instance-id ipv6 database command in the privileged EXEC mode.

show lisp instance-id instance-id ipv6 database

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Cisco IOS XE Fuji 16.9.1

Support for display of proxy database size.

Usage Guidelines

Use the command show lisp instance-id id ipv6 database to display the EID prefixes configured for a site. The following is a sample output:

device#show lisp instance-id 101 ipv6 database
LISP ETR IPv6 Mapping Database, LSBs: 0x1

EID-prefix: 2610:D0:1209::/48
  172.16.156.222, priority: 1, weight: 100, state: up, local
 
 device#

show lisp instance-id ipv4 map-cache

To display the IPv4 end point identifier (EID) to the Resource Locator (RLOC) cache mapping on an ITR, use the show lisp instance-id ipv4 map-cache command in the privileged Exec mode.

show lisp instance-id instance-id ipv4 map-cache [ destination-EID| destination-EID-prefix | detail]

Syntax Description

destination-EID

(Optional) Specifies the IPv4 destination end point identifier (EID) for which the EID-to-RLOC mapping is displayed.

destination-EID-prefix

(Optional) Specifies the IPv4 destinationEID prefix (in the form of a.b.c.d/nn) for which to display the mapping.

detail

(Optional) Displays detailed EID-to-RLOC cache mapping information.

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

Introduced this command.

Usage Guidelines

This command is used to display the current dynamic and static IPv4 EID-to-RLOC map-cache entries. When no IPv4 EID or IPv4 EID prefix is specified, summary information is listed for all current dynamic and static IPv4 EID-to-RLOC map-cache entries. When an IPv4 EID or IPv4 EID prefix is included, information is listed for the longest-match lookup in the cache. When the detail option is used, detailed (rather than summary) information related to all current dynamic and static IPv4 EID-to-RLOC map-cache entries is displayed.

The following are sample outputs from the show lisp instance-id ipv4 map-cache commands:

device# show lisp instance-id 102 ipv4 map-cache 
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
0.0.0.0/0, uptime: 2d14h, expires: never, via static-send-map-request
  Negative cache entry, action: send-map-request
128.0.0.0/3, uptime: 00:01:44, expires: 00:13:15, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:40  up           1/100       103
  55.55.55.2  13:32:40  up           1/100       103
  55.55.55.3  13:32:40  up           1/100       103
  55.55.55.4  13:32:40  up           1/100       103
  55.55.55.5  13:32:40  up           5/100       103
  55.55.55.6  13:32:40  up           6/100       103
  55.55.55.7  13:32:40  up           7/100       103
  55.55.55.8  13:32:40  up           8/100       103
150.150.2.0/23, uptime: 11:47:25, expires: 00:06:30, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:40  up           1/100       103
  55.55.55.2  13:32:40  up           1/100       103
  55.55.55.3  13:32:40  up           1/100       103
  55.55.55.4  13:32:40  up           1/100       103
  55.55.55.5  13:32:40  up           5/100       103
  55.55.55.6  13:32:40  up           6/100       103
  55.55.55.7  13:32:43  up           7/100       103
  55.55.55.8  13:32:43  up           8/100       103
150.150.4.0/22, uptime: 13:32:43, expires: 00:05:19, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:43  up           1/100       103
  55.55.55.2  13:32:43  up           1/100       103
  55.55.55.3  13:32:43  up           1/100       103
  55.55.55.4  13:32:43  up           1/100       103
  55.55.55.5  13:32:43  up           5/100       103
  55.55.55.6  13:32:43  up           6/100       103
  55.55.55.7  13:32:43  up           7/100       103
  55.55.55.8  13:32:43  up           8/100       103
150.150.8.0/21, uptime: 13:32:35, expires: 00:05:27, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
 55.55.55.1  13:32:43  up           1/100       103
  55.55.55.2  13:32:43  up           1/100       103
  55.55.55.3  13:32:43  up           1/100       103
  55.55.55.4  13:32:43  up           1/100       103
  55.55.55.5  13:32:43  up           5/100       103
  55.55.55.6  13:32:43  up           6/100       103
  55.55.55.7  13:32:43  up           7/100       103
  55.55.55.8  13:32:45  up           8/100       103
171.171.0.0/16, uptime: 2d14h, expires: never, via dynamic-EID, send-map-request
  Negative cache entry, action: send-map-request
172.172.0.0/16, uptime: 2d14h, expires: never, via dynamic-EID, send-map-request
  Negative cache entry, action: send-map-request
178.168.2.1/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.2/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.3/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.4/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.5/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.6/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
device#show lisp instance-id 102 ipv4 map-cache detail
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
0.0.0.0/0, uptime: 2d15h, expires: never, via static-send-map-request
  Sources: static-send-map-request
  State: send-map-request, last modified: 2d15h, map-source: local
  Exempt, Packets out: 30531(17585856 bytes) (~ 00:01:36 ago)
  Configured as EID address space
  Negative cache entry, action: send-map-request
128.0.0.0/3, uptime: 00:02:02, expires: 00:12:57, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 00:02:02, map-source: local
  Active, Packets out: 9(5184 bytes) (~ 00:00:36 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:58  up           1/100       103
  55.55.55.2  13:32:58  up           1/100       103
  55.55.55.3  13:32:58  up           1/100       103
  55.55.55.4  13:32:58  up           1/100       103
  55.55.55.5  13:32:58  up           5/100       103
  55.55.55.6  13:32:58  up           6/100       103
  55.55.55.7  13:32:58  up           7/100       103
  55.55.55.8  13:32:58  up           8/100       103
150.150.2.0/23, uptime: 11:47:43, expires: 00:06:12, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 11:47:44, map-source: local
  Active, Packets out: 4243(2443968 bytes) (~ 00:00:38 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:33:00  up           1/100       103
  55.55.55.2  13:33:00  up           1/100       103
  55.55.55.3  13:33:00  up           1/100       103
  55.55.55.4  13:33:00  up           1/100       103
  55.55.55.5  13:33:00  up           5/100       103
  55.55.55.6  13:33:00  up           6/100       103
  55.55.55.7  13:33:00  up           7/100       103
  55.55.55.8  13:33:00  up           8/100       103
150.150.4.0/22, uptime: 13:33:00, expires: 00:05:02, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 13:33:00, map-source: local
  Active, Packets out: 4874(2807424 bytes) (~ 00:00:38 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:33:00  up           1/100       103
  55.55.55.2  13:33:00  up           1/100       103
  55.55.55.3  13:33:00  up           1/100       103
  55.55.55.4  13:33:00  up           1/100       103
 55.55.55.5  13:33:00  up           5/100       103
  55.55.55.6  13:33:00  up           6/100       103
  55.55.55.7  13:33:01  up           7/100       103
  55.55.55.8  13:33:01  up           8/100       103
150.150.8.0/21, uptime: 13:32:53, expires: 00:05:09, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 13:32:53, map-source: local
  Active, Packets out: 4874(2807424 bytes) (~ 00:00:39 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:33:01  up           1/100       103
  55.55.55.2  13:33:01  up           1/100       103
  55.55.55.3  13:33:01  up           1/100       103
  55.55.55.4  13:33:01  up           1/100       103
  55.55.55.5  13:33:01  up           5/100       103
  55.55.55.6  13:33:01  up           6/100       103
  55.55.55.7  13:33:01  up           7/100       103
  55.55.55.8  13:33:01  up           8/100       103
171.171.0.0/16, uptime: 2d15h, expires: never, via dynamic-EID, send-map-request
  Sources: NONE
  State: send-map-request, last modified: 2d15h, map-source: local
  Exempt, Packets out: 2(1152 bytes) (~ 2d14h ago)
  Configured as EID address space
  Configured as dynamic-EID address space
  Encapsulating dynamic-EID traffic
  Negative cache entry, action: send-map-request
172.172.0.0/16, uptime: 2d15h, expires: never, via dynamic-EID, send-map-request
  Sources: NONE
  State: send-map-request, last modified: 2d15h, map-source: local
  Exempt, Packets out: 2(1152 bytes) (~ 2d14h ago)
  Configured as EID address space
  Configured as dynamic-EID address space
  Encapsulating dynamic-EID traffic
  Negative cache entry, action: send-map-request
178.168.2.1/32, uptime: 2d14h, expires: 09:26:55, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22513(12967488 bytes) (~ 00:00:41 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 92ms)
178.168.2.2/32, uptime: 2d14h, expires: 09:26:55, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22513(12967488 bytes) (~ 00:00:45 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
178.168.2.3/32, uptime: 2d14h, expires: 09:26:51, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22513(12967488 bytes) (~ 00:00:45 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
178.168.2.4/32, uptime: 2d14h, expires: 09:26:51, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
device#show lisp instance-id 102 ipv4 map-cache 178.168.2.3/32
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
178.168.2.3/32, uptime: 2d14h, expires: 09:26:25, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22519(12970944 bytes) (~ 00:00:11 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
device#show lisp instance-id 102 ipv4 map-cache 178.168.2.3
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
178.168.2.3/32, uptime: 2d14h, expires: 09:26:14, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22519(12970944 bytes) (~ 00:00:22 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 sta                       
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 stat
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 ipv4 stat
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 ipv4 statistics
LISP EID Statistics for instance ID 102 - last cleared: never
Control Packets:
  Map-Requests in/out:                              5911/66032
    Map-Request receive rate (5 sec/1 min/5 min):   0.00/ 0.00/ 0.00
    Encapsulated Map-Requests in/out:               0/60600
    RLOC-probe Map-Requests in/out:                 5911/5432
    SMR-based Map-Requests in/out:                  0/0
    Extranet SMR cross-IID Map-Requests in:         0
    Map-Requests expired on-queue/no-reply          0/0
    Map-Resolver Map-Requests forwarded:            0
    Map-Server Map-Requests forwarded:              0
  Map-Reply records in/out:                         64815/5911
    Authoritative records in/out:                   12696/5911
    Non-authoritative records in/out:               52119/0
    Negative records in/out:                        8000/0
    RLOC-probe records in/out:                      4696/5911
    Map-Server Proxy-Reply records out:             0
  WLC Map-Subscribe records in/out:                 0/4
    Map-Subscribe failures in/out:                  0/0
  WLC Map-Unsubscribe records in/out:               0/0
    Map-Unsubscribe failures in/out:                0/0
  Map-Register records in/out:                      0/8310
    Map-Register receive rate (5 sec/1 min/5 min):  0.00/ 0.00/ 0.00
    Map-Server AF disabled:                         0
    Authentication failures:                        0
  WLC Map-Register records in/out:                  0/0
    WLC AP Map-Register in/out:                     0/0
    WLC Client Map-Register in/out:                 0/0
    WLC Map-Register failures in/out:               0/0
  Map-Notify records in/out:                        20554/0
    Authentication failures:                        0
  WLC Map-Notify records in/out:                    0/0
    WLC AP Map-Notify in/out:                       0/0
    WLC Client Map-Notify in/out:                   0/0
    WLC Map-Notify failures in/out:                 0/0
  Publish-Subscribe in/out:                        
    Subscription Request records in/out:            0/6
    Subscription Request failures in/out:           0/0
    Subscription Status records in/out:             4/0
      End of Publication records in/out:            4/0
      Subscription rejected records in/out:         0/0
      Subscription removed records in/out:          0/0
    Subscription Status failures in/out:            0/0
    Solicit Subscription records in/out:            0/0
    Solicit Subscription failures in/out:           0/0
    Publication records in/out:                     0/0
    Publication failures in/out:                    0/0
Errors:
  Mapping record TTL alerts:                        0
  Map-Request invalid source rloc drops:            0
  Map-Register invalid source rloc drops:           0
  DDT Requests failed:                              0
  DDT ITR Map-Requests dropped:                     0 (nonce-collision: 0, bad-xTR-nonce: 0)
Cache Related:
  Cache entries created/deleted:                    200103/196095
  NSF CEF replay entry count                        0
  Number of EID-prefixes in map-cache:              4008
  Number of rejected EID-prefixes due to limit :    0
  Number of negative entries in map-cache:          8
  Total number of RLOCs in map-cache:               4000
  Average RLOCs per EID-prefix:                     1
Forwarding:
  Number of data signals processed:                 199173 (+ dropped 5474)
  Number of reachability reports:                   0 (+ dropped 0)
  Number of SMR signals dropped:                    0
ITR Map-Resolvers:
  Map-Resolver         LastReply  Metric ReqsSent Positive Negative No-Reply    AvgRTT(5 sec/1 min/5 min)
  44.44.44.44          00:03:11        6    62253    19675     8000        0    0.00/ 0.00/10.00
  66.66.66.66          never     Unreach        0        0        0        0    0.00/ 0.00/ 0.00
ETR Map-Servers:
  Map-Server           AvgRTT(5 sec/1 min/5 min)
  44.44.44.44          0.00/ 0.00/ 0.00
  66.66.66.66          0.00/ 0.00/ 0.00
LISP RLOC Statistics - last cleared: never
Control Packets:
  RTR Map-Requests forwarded:                       0
  RTR Map-Notifies forwarded:                       0
  DDT-Map-Requests in/out:                          0/0
  DDT-Map-Referrals in/out:                         0/0
Errors:
  Map-Request format errors:                        0
  Map-Reply format errors:                          0
  Map-Referral format errors:                       0
LISP Miscellaneous Statistics - last cleared: never
Errors:
  Invalid IP version drops:                         0
  Invalid IP header drops:                          0
  Invalid IP proto field drops:                     0
  Invalid packet size drops:                        0
  Invalid LISP control port drops:                  0
  Invalid LISP checksum drops:                      0
  Unsupported LISP packet type drops:               0
  Unknown packet drops:                             0      
 

show lisp instance-id ipv6 map-cache

To display the IPv6 end point identifier (EID) to the Resource Locator (RLOC) cache mapping on an ITR, use the show lisp instance-id ipv6 map-cache command in the privileged EXEC mode.

show lisp instance-id instance-id ipv6 map-cache [ destination-EID| destination-EID-prefix | detail]

Syntax Description

destination-EID

(Optional) Specifies the IPv4 destination end point identifier (EID) for which the EID-to-RLOC mapping is displayed.

destination-EID-prefix

(Optional) Specifies the IPv4 destination EID prefix (in the form of a.b.c.d/nn) for which to display the mapping.

detail

(Optional) Displays detailed EID-to-RLOC cache mapping information.

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

Introduced this command.

Usage Guidelines

This command is used to display the current dynamic and static IPv6 EID-to-RLOC map-cache entries. When no IPv6 EID or IPv6 EID prefix is specified, summary information is listed for all current dynamic and static IPv4 EID-to-RLOC map-cache entries. When an IPv6 EID or IPv6 EID prefix is included, information is listed for the longest-match lookup in the cache. When the detail option is used, detailed (rather than summary) information related to all current dynamic and static IPv6 EID-to-RLOC map-cache entries is displayed.

The following is a sample output from the show lisp instance-id ipv6 map-cache command:

device# show lisp instance-id 101 ipv6 map-cache 
LISP IPv6 Mapping Cache, 2 entries

::/0, uptime: 00:00:26, expires: never, via static
  Negative cache entry, action: send-map-request
2001:DB8:AB::/48, uptime: 00:00:04, expires: 23:59:53, via map-reply, complete
  Locator   Uptime    State      Pri/Wgt
  10.0.0.6  00:00:04  up           1/100

The following sample output from the show lisp instance-id x ipv6 map-cache detail command displays a detailed list of current dynamic and static IPv6 EID-to-RLOC map-cache entries:

device#show lisp instance-id 101 ipv6 map-cache detail 
LISP IPv6 Mapping Cache, 2 entries

::/0, uptime: 00:00:52, expires: never, via static
  State: send-map-request, last modified: 00:00:52, map-source: local
  Idle, Packets out: 0
  Negative cache entry, action: send-map-request
2001:DB8:AB::/48, uptime: 00:00:30, expires: 23:59:27, via map-reply, complete
  State: complete, last modified: 00:00:30, map-source: 10.0.0.6
  Active, Packets out: 0
  Locator   Uptime    State      Pri/Wgt
  10.0.0.6  00:00:30  up           1/100
    Last up-down state change:         never, state change count: 0
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            never

The following sample output from the show ipv6 lisp map-cache command with a specific IPv6 EID prefix displays detailed information associated with that IPv6 EID prefix entry.

device#show lisp instance-id 101 ipv6 map-cache 2001:DB8:AB::/48 
LISP IPv6 Mapping Cache, 2 entries

2001:DB8:AB::/48, uptime: 00:01:02, expires: 23:58:54, via map-reply, complete
  State: complete, last modified: 00:01:02, map-source: 10.0.0.6
  Active, Packets out: 0
  Locator   Uptime    State      Pri/Wgt
  10.0.0.6  00:01:02  up           1/100
    Last up-down state change:         never, state change count: 0
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:    
        Last RLOC-probe sent:            never

show lisp instance-id ipv4 server

To display the LISP site registration information, use the show lisp instance-id ipv4 server command in the privileged EXEC mode.

show lisp instance-id instance-idipv4 server[ EID-address| EID-prefix| detail| name| rloc| summary]

Syntax Description

EID-address

(Optional) Displays site registration information for this end point.

EID-prefix

(Optional) Displays site registration information for this IPv4 EID prefix.

detail

(Optional) Displays a detailed site information.

name

(Optional) Displays the site registration information for the named site.

rloc

(Optional) Displays the RLOC-EID instance membership details.

summary

(Optional) Displays summary information for each site.

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

When a host is detected by the tunnel router (xTR), it registers the host with the map server (MS). Use the show lisp instance-id x ipv4 server command to see the site registration details. TCP registrations display the port number, whereas UDP registration do not display port number. The port number is 4342 by default fir UDP registration.

The following are sample outputs of the command :

device# show lisp instance-id 100 ipv4 server
LISP Site Registration Information
* = Some locators are down or unreachable
# = Some registrations are sourced by reliable transport
 
Site Name      Last      Up     Who Last             Inst     EID Prefix
               Register         Registered           ID
XTR            00:03:22  yes*#  172.16.1.4:64200     100      101.1.0.0/16
               00:03:16  yes#   172.16.1.3:19881     100      101.1.1.1/32
device# show lisp instance-id 100 ipv4 server 101.1.0.0/16
LISP Site Registration Information                                       
 
Site name: XTR
Allowed configured locators: any
Requested EID-prefix:          
 
  EID-prefix: 101.1.0.0/16 instance-id 100
    First registered:     00:04:24        
    Last registered:      00:04:20
    Routing table tag:    0
    Origin:               Configuration, accepting more specifics
    Merge active:         No
    Proxy reply:          No
    TTL:                  1d00h
    State:                complete
    Registration errors:
      Authentication failures:   0
      Allowed locators mismatch: 0
    ETR 172.16.1.4:64200, last registered 00:04:20, no proxy-reply, map-notify
                          TTL 1d00h, no merge, hash-function sha1, nonce 0xC1ED8EE1-0x553D05D4
                          state complete, no security-capability
                          xTR-ID 0x46B2F3A5-0x19B0A3C5-0x67055A44-0xF5BF3FBB
                          site-ID unspecified
                          sourced by reliable transport
      Locator     Local  State      Pri/Wgt  Scope
      172.16.1.4  yes    admin-down 255/100  IPv4 none

 

The following is an ouput that shows an UDP registration (without port number):

device# show lisp instance-id 100 ipv4 server 101.1.1.1/32
LISP Site Registration Information                                       
 
Site name: XTR
Allowed configured locators: any
Requested EID-prefix:          
 
  EID-prefix: 101.1.1.1/32 instance-id 100
    First registered:     00:00:08        
    Last registered:      00:00:04        
    Routing table tag:    0               
    Origin:               Dynamic, more specific of 101.1.0.0/16
    Merge active:         No                                   
    Proxy reply:          No                                   
    TTL:                  1d00h                                
    State:                complete                             
    Registration errors:
      Authentication failures:   0
      Allowed locators mismatch: 0
    ETR 172.16.1.3:46245, last registered 00:00:04, no proxy-reply, map-notify
                          TTL 1d00h, no merge, hash-function sha1, nonce 0x1769BD91-0x06E10A06
                          state complete, no security-capability
                          xTR-ID 0x4F5F0056-0xAE270416-0x360B42D6-0x6FCD3F5B
                          site-ID unspecified
                          sourced by reliable transport
      Locator     Local  State      Pri/Wgt  Scope
      172.16.1.3  yes    up         100/100  IPv4 none
    ETR 172.16.1.3, last registered 00:00:08, no proxy-reply, map-notify
                    TTL 1d00h, no merge, hash-function sha1, nonce 0x1769BD91-0x06E10A06
                    state complete, no security-capability
                    xTR-ID 0x4F5F0056-0xAE270416-0x360B42D6-0x6FCD3F5B
                    site-ID unspecified
      Locator     Local  State      Pri/Wgt  Scope
      172.16.1.3  yes    up         100/100  IPv4 none

show lisp instance-id ipv6 server

To display the LISP site registration information, use the show lisp instance-id ipv6 server command in the privileged EXEC mode.

show lisp instance-id instance-idipv6 server[ EID-address| EID-prefix| detail| name| rloc| summary]

Syntax Description

EID-address

(Optional) Displays site registration information for this end point.

EID-prefix

(Optional) Displays site registration information for this IPv6 EID prefix.

detail

(Optional) Displays a detailed site information.

name

(Optional) Displays the site registration information for the named site.

rloc

(Optional) Displays the RLOC-EID instance membership details.

summary

(Optional) Displays summary information for each site.

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

When a host is detected by the tunnel router (xTR), it registers the host with the map server (MS). Use the show lisp instance-id ipv6 server command to see the site registration details.

show lisp instance-id ipv4 statistics

To display Locator/ID Separation Protocol (LISP) IPv4 address-family packet count statistics, use the show lisp instance-id ipv4 statistics command in the privileged EXEC mode.

show lisp instance-id instance-id ipv4 statistics

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

This command is used to display IPv4 LISP statistics related to packet encapsulations, de-encapsulations, map requests, map replies, map registers, and other LISP-related packets.

The following are sample outputs of the command :

device# show lisp instance-id 100 ipv4 statistics

show lisp instance-id ipv6 statistics

To display Locator/ID Separation Protocol (LISP) IPv6 address-family packet count statistics, use the show lisp instance-id ipv6 statistics command in the privileged EXEC mode.

show lisp instance-id instance-id ipv6 statistics

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

This command is used to display IPv4 LISP statistics related to packet encapsulations, de-encapsulations, map requests, map replies, map registers, and other LISP-related packets.

The following are sample outputs of the command :

device# show lisp instance-id 100 ipv6 statistics

show lisp prefix-list

To display the LISP prefix-list information, use the show lisp prefix-list command in the privileged EXEC mode.

show lisp prefix-list [ name-prefix-list]

Syntax Description

name-prefix-list

(Optional) Specifies the prefix-list whose information is displayed.

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

The following is a sample output from the show lisp prefix-list command:

device# show lisp prefix-list 
Lisp Prefix List information for router lisp 0

Prefix List: set
    Number of entries: 1       
    Entries:
	1.2.3.4/16
	    Sources: static

show lisp session

To display the current list of reliable transport sessions in the fabric, use the show lisp session command in the privileged EXEC mode.

show lisp session [ all| established]

Syntax Description

all

(Optional) Displays transport session inforamtion for all the sessions.

established

(Optional) Displays transport session information for established connections.

Command Default

None.

Command Modes

Privileged Exec

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The show lisp session command displays only those sessions that are in Up or Down state. Use the show lisp session all command to see all sessions in any state.

The following is a sample output of the command show lisp session on an MSMR:

device# show lisp session
Sessions for VRF default, total: 4, established: 2
Peer                           State      Up/Down        In/Out    Users
172.16.1.3:22667               Up         00:00:52        4/8      2
172.16.1.4:18904               Up         00:22:15        5/13     1
device# show lisp session all
Sessions for VRF default, total: 4, established: 2
Peer                           State      Up/Down        In/Out    Users
172.16.1.3                     Listening  never           0/0      0
172.16.1.3:22667               Up         00:01:13        4/8      2
172.16.1.4                     Listening  never           0/0      0
172.16.1.4:18904               Up         00:22:36        5/13     1

use-petr

To configure a router to use an IPv4 or IPv6 Locator/ID Separation Protocol (LISP) Proxy Egress Tunnel Router (PETR), use the use-petr command in LISP Instance configuration mode or LISP Instance Service configuration mode. To remove the use of a LISP PETR, use the no form of this command.

[ no] use-petr locator-address [priority priority weight weight]

Syntax Description

locator-address

The name of locator-set that is set as default.

priority priority

(Optional) Specifies the priority (value between 0 and 255) assigned to this PETR. A lower value indicates a higher priority.

weight weight

(Optional) Specifies the percentage of traffic to be load-shared (value between 0 and 100).

Command Default

The router does not use PETR services.

Command Modes

LISP Service (router-lisp-service)

LISP Instance-Service (router-lisp-instance-service)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the use-petr command to enable an Ingress Tunnel Router (ITR) or Proxy Ingress Tunnel Router (PITR) to use IPv4 Proxy Egress Tunnel Router (PETR) services. When the use of PETR services is enabled, instead of natively forwarding LISP endpoint identifier (EID) (source) packets destined to non-LISP sites, these packets are LISP-encapsulated and forwarded to the PETR. Upon receiving these packets, the PETR decapsulates them and then forwards them natively toward the non-LISP destination.

Do not use use-petr command in Service-Ethernet configuration mode.

PETR services may be necessary in several cases:

  1. By default when a LISP site forwards packets to a non-LISP site natively (not LISP encapsulated), the source IP address of the packet is that of an EID. When the provider side of the access network is configured with strict unicast reverse path forwarding (uRPF) or an anti-spoofing access list, it may consider these packets to be spoofed and drop them since EIDs are not advertised in the provider core network. In this case, instead of natively forwarding packets destined to non-LISP sites, the ITR encapsulates these packets using its site locator(s) as the source address and the PETR as the destination address.

    Note


    The use of the use-petr command does not change LISP-to-LISP or non-LISP-to-non-LISP forwarding behavior. LISP EID packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR as normal. Non-LISP-to-non-LISP packets are never candidates for LISP encapsulation and are always forwarded natively according to normal processes.


  2. When a LISP IPv6 (EID) site needs to connect to a non-LISP IPv6 site and the ITR locators or some portion of the intermediate network does not support IPv6 (it is IPv4 only), the PETR can be used to traverse (hop over) the address family incompatibility, assuming that the PETR has both IPv4 and IPv6 connectivity. The ITR in this case can LISP-encapsulate the IPv6 EIDs with IPv4 locators destined for the PETR, which de-encapsulates the packets and forwards them natively to the non-LISP IPv6 site over its IPv6 connection. In this case, the use of the PETR effectively allows the LISP site packets to traverse the IPv4 portion of network using the LISP mixed protocol encapsulation support.

Examples

The following example shows how to configure an ITR to use the PETR with the IPv4 locator of 10.1.1.1. In this case, LISP site IPv4 EIDs destined to non-LISP IPv4 sites are encapsulated in an IPv4 LISP header destined to the PETR located at 10.1.1.1:


device(config)# router lisp
device(config-router-lisp)#service ipv4
device(config-router-lisp-serv-ipv4)# use-petr 10.1.1.1

The following example configures an ITR to use two PETRs: one has an IPv4 locator of 10.1.1.1 and is configured as the primary PETR (priority 1 weight 100), and the other has an IPv4 locator of 10.1.2.1 and is configured as the secondary PETR (priority 2 weight 100). In this case, LISP site IPv4 EIDs destined to non-LISP IPv4 sites will be encapsulated in an IPv4 LISP header to the primary PETR located at 10.1.1.1 unless it fails, in which case the secondary will be used.


Router(config-router-lisp-serv-ipv4)# use-petr 10.1.1.1 priority 1 weight 100
Router(config-router-lisp-serv-ipv4)# use-petr 10.1.2.1 priority 2 weight 100