Cisco Locator ID Separation Protocol (LISP)

Hey Laz, are you saying that the reality is that ITR/ETRs are going to be WAN facing? I have read that edge routers are connected to end users. I am thinking of the typical 3 tier system with access/distribution/core with access switches being the edge device (layer 3 switch).
The router is often connected to the core. Would that end up being our ITR/ETR?

Would border routers be in our data center/network core and not located at one of our lisp sites?
Also, our Map server/map resolver would be located there along with all of our other services. Am I on the right track?

Hello Justin

As can be seen from the diagrams in the lesson, the ITR/ETR will be connected to the RLOC space. Because LISP sites are remote from each other, the RLOC space will typically include a WAN.

Now the actual topology and architecture within the LISP site can essentially be anything. It’s just like any other LAN. Typically, you would have some sort of hierarchical structure like core/distribution/access or a collapsed core design with core-distribution/access.

Now would the core layer device also play the part of the ITR/ETR? It may. If the LISP site is extensively large, you may have the ITR/ETR role be played by a separate edge router rather than the core, but in smaller setups, you may have that role incorporated into the core device.

Border routers are always placed at the border of the local network, whether that network hosts your enterprise network or your datacenter. Your enterprise network and/or datacenter may also be a LISP site. There is no limitation as to what services you are hosting within a LISP site, so I’m not sure I understand your specific question here. Can you clarify?

The MS/MR is found within the RLOC space. This can be at a physical location of where your LISP site is, but it is not within the LISP site itself. Strictly speaking, it is on “the other side” of the ITR/ETR.

I hope this has been helpful!

Laz

Lazaros and Rene,
please, help me to clarify some of the confusion that arise when I went through your LISP explanation.

Pargraph 4.1.2 Map-Request and Map-Replay states the following

When the MR receives a Map-Request, and it has an entry in its local database, then the MR responds with a Map-Reply. When it doesn’t have an entry, then the MR forwards the Map-Request to an MS. The MS forwards the Map-Request to the ETR, which answers the Map-Request with a Map-Reply directly.

This above paragraph implies that both the MR and MS share a common database, and when an ETR comes online for the first time, or for any new EID added to a LISP site, it sends a MAP-Register to the MS and the MS save the EID-to-RLOC in its database for future reference.

And when an ITR sends a MAP-Request to MR, the MR lookup the database and respond back with an EID-to-RLOC MAP-Reply.

Now, the question is that why in all the given examples the MAP-Requests are forwarded to the MS and in turn the MS forward it to the ETR, of course because the P-flag bit is not set, and not having the MR to respond with EID-to-RLOC although the ETR has already registered its EID with the MS?

In another word, why the MR every time sends the MAP-Request to the MS, and this would contradict with the explanation of paragraph 4.1.2 ?

Hello Bassam

The operation of the MS and the MR can be a bit confusing. We must separate their roles clearly:

  • MS receives Map-Register messages from the ETRs and sends Map-Notify messages to the ETRs.
  • MR receives Map-Request messages for ITRs and either
    • responds with a Map-Reply if it has an entry
    • responds by forwarding the Map-Request to the MS which in turn sends it to the intended ETR

Note that the MS always receives a Map-Register from the ITRs. It will only receive a Map-Request from the MR to be relayed to the appropriate ETR if an EID-to-RLOC mapping is not found in the database.

The MS will not receive Map-Requests directly from the ITRs, but only via the MR.

As for the database, it is true that the MR and MS share a common database. Indeed, Cisco states the following:

The fundamental behavior of LISP is to separate the EID from the RLOC, which allows the host to retain its identity even with a change in location. But the seamless mobility is achieved using the EID-to-RLOC mapping, which is maintained in the distributed database. The map server (MS) learns EID-to-RLOC mapping entries from the ETRs and publishes these mappings to the distributed mapping database. To publish its EID prefixes, an ETR periodically sends its mapping entries to the MS. The MS also receives the map requests via the mapping system and forwards them to the registered ETRs.

The above is taken from the following Cisco documentation:

Note that the distributed database is indeed accessible by the MR, but is populated by the MS.

I hope this has been helpful!

Laz