EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USImplementing LISP Host Mobility with Extended Subnet
Implementing LISP Host Mobility Extended Subnet
In Below Figure, LAN subnet 10.11.11.0/24 VLAN 100 has been extended between West and East DC. DC switches are said be to xTR and Remote Site is hosting 10.10.10.0/24 subnet. The MS/MR is also configured on same xTR devices in both DC.
Here we will how these DC and Remotes sites are configured as LISP sites and later we will see how traffic flows between them.
Prerequisites:
- HSRP message must not be exchanged across DC, which will make sure that an active default gateway is present in each DC locations and prevent asymmetric path.
- The Default gateway (VIP) and vMAC must be consistent across DC for that Extended VLAN.
- The L2 extension protocols (OTV or any) must have multicast support over Extended LAN subnet for proper operation of LISP host Mobility in an extended subnet mode.
Sample Configuration & Explanation
Below Both Nexus 7k on West DC and East DC and also each command explanation has been given.
Step1: Enable LISP feature which will make Nexus 7K as ETR while decapsulation LISP traffic received from L3 domain and N7K acts as ITR for encapsulating LISP traffic destined to desired location.
Feature lisp ip lisp itr-etr
Step2: A global Database mapping to be configured with aggregated subnet that identifies all IP subnets deployed in specific DC. Here 10.11.0.0/16 is mapped with two RLOC IP address each with xTR1 & xTR2 at DC West. The RLOC recommendation is to use loopback IP address. Priority and weight is also configured to insure that inbound traffic can be load-balanced across both DC xTRs.
ip lisp database-mapping 10.11.0.0/16 2.2.2.2 priority 1 weight 50 ip lisp database-mapping 10.11.0.0/16 2.2.2.3 priority 1 weight 50
Step3: Now configuration to define IP address of Map-Servers and MP-Resolvers. Here we have used Map-Server from Both DC and anycast IP address of MR.
ip lisp itr map-resolver 1.1.1.100 ip lisp etr map-server 1.1.1.1 key abcd ip lisp etr map-server 5.5.5.5 key abcd
Step4: A Dynamic mapping of the mobile subnet is also required , Here Subnet 10.11.11.0/24 is mobile subnet under which host is moved from West Dc to East DC.
lisp dynamic-eid EXTENDED_SUBNET database-mapping 10.11.11.0/24 2.2.2.2 priority 1 weight 50 database-mapping 10.11.11.0/24 2.2.2.3 priority 1 weight 50 map-notify-group 239.1.1.1
Step5: Finally LISP dynamic-eid-policy must be configured under L3 interface ( SVI of VLAN 100 )
N7K1: interface vlan 100 ip address 10.11.11.2/24 lisp mobility EXTENDED_SUBNET lisp extended-subnet-mode hsrp 1 preempt delay reload 300 priority 130 ip 10.11.11.1 ! N7K2: interface vlan 100 ip address 10.11.11.3/24 lisp mobility EXTENDED_SUBNET lisp extended-subnet-mode hsrp 1 preempt delay reload 300 priority 120 ip 10.11.11.1
Now below configuration also shows about East DC xTR
The Explanation of configuration is same as discussed above, but only few things needs to be noted which makes some difference.
- The global mapping is different from one configured on west DC xTR, on east side it is 10.12.0.0/16.
- Dynamic-eid mapping subnet must me same that is 10.11.11.0/24 which is defined on west xTR. However the RLOC is mapped to east DC RLOC.
- Map-notify-group associated to dynamic-eid mapping must be identical as configured on West DC xTR switches. This is because it will be used for control plane communication by all xTR connected to extended subnet and due to which multicast support must be enabled and configured for this multicast IP.
- HSRP group is same on both DC xTR so that it can give same vMAC address
Remote Site Cisco IOS-xTR configuration:
The Configuration of branch xTR is shown in below figure.
Step 1: Define EID space or subnet and host of this subnet will communicate to DC workload. RLOC address associated to EID prefix may be loopback address, which is 4.4.4.4 with priority 1 and weight 100 which influence the inbound traffic policies or the physical WAN IP can also be used as RLOC addresses.
database-mapping 10.10.10.0/24 4.4.4.4 priority 1 weight 100
Step2: Configuration of Map-Server and Map-Resolver Anycast address.
ipv4 itr map-resolver 1.1.1.100 ipv4 etr map-server 1.1.1.1 key abcd ipv4 etr map-server 5.5.5.5 key abcd
Step3: Enable ITR & ETR functionalities on device.
ipv4 itr ipv4 etr
Map-Server & Map-Resolver N7K Configuration:
Below Figure describes the Map-server and map-Resolver configuration.
Step1: Enable MS& MR functionalities on the device.
feature lisp ip lisp map-resolver ip lisp map-server
Step2: Configure Loopback IP address for Map-Resolver and Map-Server.
interface loopback0 description Map-Resolver IP Address ip address 1.1.1.100/32 ! interface loopback1 description Map-Server IP Address ip address 1.1.1.1/32
Step3: Configure Remote Site Branch
lisp site BRANCH eid-prefix 10.10.10.0/24 authentication-key 0 abcd
Step4: Configure West & East DC Sites.
lisp site WEST_DATA_CENTER eid-prefix 10.11.0.0/16 accept-more-specifics authentication-key 0 abcd ! lisp site EAST_DATA_CENTER eid-prefix 10.12.0.0/16 accept-more-specifics authentication-key 0 abcd
Here in above configuration accept-more-specifics is associated to both DC eid-prefix , this is mandatory configuration where LISP host mobility is enabled because /32 prefix which are part of larger prefix will be registered by DC xTRs.
Comment
TABLE OF CONTENTS
RECENT POSTS
- What is Docker and Why is It Important?
- Learn Python 3.0 Programming for Network Automation
- Cisco ACI Data Centre: A Comprehensive Overview
- How to Prepare for the Microsoft Azure AZ-305 Exam
- AWS Training Certification Course for Solutions Architect
- Cisco SASE Architecture
- SASE vs SD-WAN
- What is SASE
- Accessing Amazon S3 using AWS private Link in Secure hybrid method.
- Cisco Smart Licensing Policy
LEAVE A COMMENT
Please login here to comment.