LISP Overview - SwiNOG - Swiss Network Operators Group

Download Report

Transcript LISP Overview - SwiNOG - Swiss Network Operators Group 

Locator/ID Separation Protocol
Overview
Roque Gagliano
SWINOG – November 2011
© 2011 Cisco and/or its affiliates. All rights reserved.
1

LISP Overview

LISP Core Use Cases

LISP Developments

LISP Summary

LISP References
© 2011 Cisco and/or its affiliates. All rights reserved.
2
IP addressing overloads location
and identity – leading to Internet
scaling issues
 Why current IP semantics cause
scaling issues?
− Overloaded IP address semantic makes
efficient routing impossible
− Today, “addressing follows topology,” which
limits route aggregation compactness
− IPv6 does not fix this
 Why are route scaling issues bad?
− Routers require expensive memory to hold
Internet Routing Table in forwarding plane
− It’s expensive for network builders/operators
− Replacing equipment for the wrong reason
(to hold the routing table); replacement
should be to implement new features
© 2011 Cisco and/or its affiliates. All rights reserved.
“… routing scalability is the most
important problem facing the Internet
today and must be solved … ”
Internet Architecture Board (IAB)
October 2006 Workshop (written as RFC 4984)
3
DFZ
Today’s Internet Behavior
Locator/ID “overload”
Internet
Map System
LISP
Mapping System
DFZ
LISP Behavior
Locator/ID “split”
Internet
© 2011 Cisco and/or its affiliates. All rights reserved.
In this model, everything goes in the
“Default Free Zone” (DFZ)
In this model, only RLOCs go in the DFZ;
EIDs go in the LISP Mapping System!
4
LISP creates a Level of indirection with two namespaces: EID and RLOC
EID
 EID (Endpoint Identifier) is the IP
address of a host – just as it is today
 RLOC (Routing Locator) is the IP
address of the LISP router for the host
MS/MR
RLOC
a.a.a.0/24
b.b.b.0/24
c.c.c.0/24
d.d.0.0/16
w.x.y.1
x.y.w.2
z.q.r.5
z.q.r.5
EID
EID Space
EID
Non-LISP
 EID-to-RLOC mapping is the
distributed architecture that maps
EIDs to RLOCs
w.x.y.1
x.y.w.2
z.q.r.5
z.q.r.5
RLOC
a.a.a.0/24
b.b.b.0/24
c.c.c.0/24
d.d.0.0/16
xTR
w.x.y.1
x.y.w.2
z.q.r.5
z.q.r.5
EID-toRLOC
mapping
Prefix Next-hop
w.x.y.1
x.y.w.2
z.q.r.5
z.q.r.5
RLOC
a.a.a.0/24
b.b.b.0/24
c.c.c.0/24
d.d.0.0/16
e.f.g.h
e.f.g.h
e.f.g.h
e.f.g.h
PxTR
RLOC Space
xTR
xTR
EID Space
 Network-based solution  Incrementally deployable
 No host changes
 Support for mobility
 Minimal configuration
 Address Family agnostic
© 2011 Cisco and/or its affiliates. All rights reserved.
5
IP encapsulation scheme
 Decouples host IDENTITY and LOCATION
 Dynamic IDENTITY-to-LOCATION
mapping resolution
v4 EID
v4 RLOC
v4 EID
 Address Family agnostic day-one
v4 EID
v6 RLOC
v4 EID
v6 EID
v4 RLOC
v6 EID
v6 EID
v6 RLOC
v6 EID
Minimal Deployment Impact
 No changes to end systems or core
 Minimal changes to edge devices
Incrementally deployable
 LISP/LISP and non-LISP/LISP considered day-one
© 2011 Cisco and/or its affiliates. All rights reserved.
6
LISP Map Lookup is analogous to a DNS lookup
 DNS resolves IP addresses for URLs
[ who is lisp.cisco.com] ?
DNS
Server
host
DNS
URL Resolution
[153.16.5.29, 2610:D0:110C:1::3 ]
 LISP resolves locators for queried identities
[ where is 2610:D0:110C:1::3] ?
LISP
router
© 2011 Cisco and/or its affiliates. All rights reserved.
[ location is 128.107.81.169 ]
LISP
Mapping
System
LISP
Identity-to-location
Map Resolution
7
IPv4 Outer Header:
Router supplies
RLOCs
UDP:
LISP
Header:
IPv4 Inner Header:
Host supplies
EIDs
© 2011 Cisco and/or its affiliates. All rights reserved.
8
LISP
S
x.y.z.1
LISP
router
© 2011 Cisco and/or its affiliates. All rights reserved.
LISP
a.b.c.1
r.s.t.7
Internet
LISP
router
D
e.f.g.9
9
• Messages:
- Map-Request: An ITR requesting RLOC for an EID
- Map-Reply: Response to a Map-Request
- Map-Register: An ETR registration of EID/RLOCs to Map-Server
- Map-Notify: Confirmation from Map-Server to ETR that registration was
successful.
• Advance Features (no time to go into details):
- Traffic engineering using Priority and Weight
- LISP Multicast
- Dynamic RLOC configuration
- RLOC Reach-ability Algorithms
- Negative-Map-Replies
- Solicited-Map-Request
© 2011 Cisco and/or its affiliates. All rights reserved.
10
Cisco-operated
 ~ 4 years operational
 > 130+ sites, 25 countries
Nine implementations
Deployed today…





Cisco: IOS, IOS-XE, NX-OS
FreeBSD: OpenLISP
Linux/OpenWrt
Android (Gingerbread)
Two other router vendor
http://www.lisp4.net
http://lisp.cisco.com
http://www.lisp.intouch.eu/
http://www.lisp6.facebook.com
http:/lisp.isarnet.net/
http://www6.eudora.com
http://myvpn6.qualcomm.com
and more…
© 2011 Cisco and/or its affiliates. All rights reserved.
11
1. Efficient Multi-Homing
2. IPv6 Transition Support
3. Efficient Virtualization/Multi-Tenancy
4. Data Center/VM Mobility
5. LISP Mobile-Node
© 2011 Cisco and/or its affiliates. All rights reserved.
12
Needs:
 Site connectivity to multiple
providers
 Low OpEx/CapEx
LISP Solution:
 LISP provides a streamlined solution
for handling multi-provider connectivity
and policy without BGP complexity
Benefits:
 OpEx-friendly multi-homing across
different providers
Internet
LISP
Site
LISP
routers
Applicability:
 Branch sites where multihoming is
typically too expensive
 Useful in all other LISP Use Cases
 Simple Policy Management
 Ingress Traffic Engineering
 Egress Traffic Engineering
© 2011 Cisco and/or its affiliates. All rights reserved.
13
Connecting IPv6 Islands
v6
Needs:
 Rapid IPv6 Deployment
 Minimal Infrastructure disruption
IPv4 Enterprise
Core
v6
island
IPv6 interconnected over IPv4 core
IPv4 interconnected over IPv6 core
 Minimal added configurations
© 2011 Cisco and/or its affiliates. All rights reserved.
v4 v6
v6
PxTR
v4 v6
IPv4 Core
v6 service
IPv6
Internet
IPv4
Internet
xTR
v6
IPv6 Access Support
v4 v6
v6
 No core network changes
 Can be used as a transitional or
permanent solution
IPv4
Enterprise
Core
IPv6 Services Support
Benefits:
 Accelerated IPv6 adoption
xTR
xTR
v6
island
v6
LISP Solution:
 LISP encapsulation is Address Family
agnostic
IPv4
Internet
v6 site
IPv6 Internet
xTR
v6 home
Network
xTR
v6 home
Network
PxTR
PxTR
IPv4
access &
Internet
v6
.
.
PxTR
xTR
v6 home
Network
14
Needs:
Legacy
Site
 Integrated Segmentation
 Minimal Infrastructure disruption
Legacy
Site
LISP Site
PxTR
 Global scale and interoperability
LISP Solution:
Legacy
Site
IP Network
Mapping
DB
 24-bit LISP instance-ID segments
control plane and data plane mappings
 VRF mappings to instance-id
Benefits:
 Very high scale tenant segmentation
 Global mobility + high scale
segmentation integrated in single IP
solution
West
DC
East
DC
Applicability:
 Multi-provider Core
 Encryption can be added
 IP based solution, transport independent
 No Inter-AS complexity
 Overlay solution transparent to the core
© 2011 Cisco and/or its affiliates. All rights reserved.
15
Needs:
 VM-Mobility across subnets
 Move detection, dynamic EID-toRLOC mappings, traffic redirection
Data
Center 1
Data
Center 2
Internet
LISP
routers
LISP
routers
VM move
LISP Solution:
 OTV + LISP to extend subnets
VM
VM
a.b.c.1
a.b.c.1
 LISP for VM-moves across subnets
Benefits:
Applicability:
 Integrated Mobility
 VM OS agnostic
 Direct Path (no triangulation)
 Services Creation (disaster recovery,
cloud burst, etc.)
 Connections maintained across moves
 No routing re-convergence
 No DNS updates required
 Global Scalability (cloud bursting)
 IPv4/IPv6 Support
 ARP elimination
© 2011 Cisco and/or its affiliates. All rights reserved.
16
Needs:
 Mobile devices roaming across any access
media without connection reset
 Mobile device keeps the same IP address
forever
Any 3G/4G
Network
Dynamic
RLOC
Any WiFi
Network
Dynamic
RLOC
LISP Solution:
 LISP level or indirection separates endpoints
and locators
 Network-based; no host changes, minimal
network changes
 Scalable, host-level registration (1010)
Benefits:
dino.cisco.com
Static EID: 2610:00d0:xxxx::1/128
Applicability:
 IPv4 and IPv6
 MNs can roam and stay connected
 Android and Linux
 MNs can be servers
 Open
 MNs roam without DNS changes
 MNs use multiple interfaces
 Packets have “stretch-1” reducing latency
© 2011 Cisco and/or its affiliates. All rights reserved.
17
LISP IETF Standardization
IETF LISP WG: http://tools.ietf.org/wg/lisp/
 IETF LISP Working Group progressing standards
− now in “last call”
LISP Beta Network:
LISP Beta Network: http://lisp4.net & http://lisp6.net
LISP Implementations at Cisco
LISP Code: http://lisp.cisco.com
 IOS since Dec ‘09… ISR, ISRG2, 7200
 IOS-XE since Mar ‘10…. ASR1K
 NX-OS since Dec 09… N7K, UCS C200
 Coming… Cat6K, IOS XR for CRS-3, ASR9K, and others…
Other LISP Implementations
 OpenWrt (Cisco posting shortly…)
 FreeBSD/OpenLISP (several open source implementations)
 Android for LISP-MN
LISPMob: http://lispmob.org
 Furukawa Network Solution Corporation
© 2011 Cisco and/or its affiliates. All rights reserved.
18
Enables IP Number Portability
 With session survivability
 Never change host IP addresses
No renumbering costs
 No DNS “name -> EID” binding change
Uses pull vs. push routing
 OSPF and BGP are push models;
routing stored in the forwarding plane
 LISP is a pull model; Analogous to
DNS; massively scalable
An over-the-top technology
 Address Family agnostic
 Incrementally deployable
 No changes in end systems
Creates a Level of Indirection
 Separates End-Host and Site addresses
Deployment simplicity
 No host changes
 Minimal CPE changes
 Some new core infrastructure components
Enables other interesting
features
 Simplified multi-homing with Ingress traffic
engineering – without the need for BGP
 End-host mobility without renumbering
 Address Family agnostic support
An Open Standard
 No Cisco Intellectual Property Rights
© 2011 Cisco and/or its affiliates. All rights reserved.
19
LISP Information
• IETF LISP WG
http://tools.ietf.org/wg/lisp/
• LISP Beta Network
http://www.lisp4.net
http://www.lisp6.net
• LISP Mobile Node: http://lispmob.org
• Cisco LISP Site
http://lisp.cisco.com
• Cisco LISP Marketing (EXTERNAL) http://www.cisco.com/go/lisp
Mailing Lists
• IETF LISP WG [email protected]
• LISP Interest
[email protected]
• Cisco LISP Questions
© 2011 Cisco and/or its affiliates. All rights reserved.
[email protected]
20
World IPv6 Day Sites using LISP
Applicability:
 Low CapEx, Quick, IPv6 Web
Presence
 Useful in all other LISP Use Cases
(Multi-homing, VM-mobility,
Virtualization…)
Cisco
lisp.cisco.com (AAAA: 2610:d0:110c:1::3, ::4)
Facebook
www.lisp6.facebook.com (AAAA: 2610:D0:FACE::9)
Qualcomm
www.ipv6.eudora.com (AAAA: 2610:d0:120d::10)
Deutsche Bank
www.ipv6-db.com (AAAA: 2610:d0:2113:3::3)
Isarnet
lisp.isarnet.net (AAAA: 2610:d0:211f:fffe::101)
InTouch
www.lisp.intouch.eu (AAAA: 2610:d0:210f:100::101)
World IPv6 Day Sites Statistics (and current)
http://honeysuckle.noc.ucla.edu/cgi-bin/smokeping.cgi?target=LISP
Facebook IPv6 Experience with LISP
http://nanog.org/meetings/nanog50/presentations/Tuesday/NANOG50.Ta
lk9.lee_nanog50_atlanta_oct2010_007_publish.pdf
© 2011 Cisco and/or its affiliates. All rights reserved.
22