executive panel : lisp customers discuss modern network solutions pnlrst-2020 fabio maino,...
TRANSCRIPT
Executive Panel : LISP Customers Discuss Modern Network SolutionsPNLRST-2020
Fabio Maino, Distinguished Engineer, LISP Team
Colin Kincaid, Vice President, NOSTG Marketing & Architecture
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
3
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
LISP IntroductionFabio Maino, Distinguished EngineerLISP Team
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Introduction
LISP has come a long way since 2006 IETF…– when a small group of Cisco engineers started the design of a protocol for
identity/location separation
8 IETFs RFCs published during 2013 (RFC 6830-6836, RFC 7052)– IETF LISP WG now focusing on LISP use cases
Most importantly we have very significant customer deployments– Enterprise and Service Provider space– Use cases: Internet VPNs, Multi-homing, IPv6 Transition, Data Center Host
Mobility
LISP Update
5
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Introduction
LISP is a transformative technology– LISP adds significant new capabilities and reduces complexities!
LISP deployments are now moving beyond ‘early adopters’– Large number of customers deploying LISP in production– Large scale of LISP deployments and wide diversity of LISP deployments– Commitment to and reliance on LISP
LISP engages a broad range of new participation in networking– Open standard, control plane/data plane separation enables…
Universities and researchers to experiment on new and novel designs Easy and effective Integration with software defined networking initiatives Open source code implementations and wide hardware/device support
What have we learned so far?
6
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Use Cases: Internet Based VPN
IP based, transport independent VPN solution
Support for multi-tenancy and security
Global mobility
Minimal infrastructure disruption
Today’s Testimonial– Etat du Valais: Christian Quenzer
7
IP Network
WestDC
LISP Site
Legacy Site Legacy Site Legacy Site
East DC
PxTR
MappingDB
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Use Cases: BGP-free Multi-homing
Multi-provider connectivity and policy without BGP complexity
OpEx-friendly multi-homing across different providers
Simple Policy Management
Ingress/Egress Traffic Engineering
Today’s Testimonial– AVM GmbH: Eric van Uden
8
LISProuters
LISPSite
Internet
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Use Cases: IPv6 Transition
Rapid deployment of IPv6 over IPv4– Or IPv4 over IPv6
Accelerates IPv6 adoption
Minimal added configurations
No core network changes
Today’s Testimonial– Cisco IT: Khalid Jawaid– AVM GmbH: Eric van Uden
9
IPv4 CoreIPv4
Enterprise Core
v6v4
v6
V6IPv4 Enterprise
Core
v6
xTRV6
xTR
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Use Cases: Host Mobility
Host mobility for Data Center applications– DC Migration– Disaster Recovery– Hybrid Cloud Extension
Integrated mobility, inbound routing optimization, OTV integration
Today’s Testimonial– IBM: Chris Williams
Data Center 1
Data Center 2
a.b.c.1VM
a.b.c.1VM
VM move
LISProuters
LISProuters
Internet
10
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
11
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
LISP PerspectivesColin Kincaid, Vice President NOSTG Marketing & Architecture
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Perspective
NOSTG is a central innovation engine for CISCO– Supports the core of the LISP HIP team (engineering + marketing)
With LISP, Cisco is innovating at the cutting edge of technology providing– An open, scalable architecture for network virtualization– Easy to deploy– Focused on simplifying network operations
LISP and Cisco
13
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP PerspectivePlatforms supporting LISP (Cisco and Open Source)
14
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Perspective
Cisco is strongly committed to LISP technology
Future work is focused on: – Integration with SDN (OpenDayLight LISP project) – Data Center and Hybrid Cloud Extension– Campus Architecture
Support to Customers with existing and new use cases
Future Work
15
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
16
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
LISP @Cisco IT
As a Member of Technical Staff at Cisco Systems, Khalid Jawaid is the Lead Design Engineer for IPv6 integration/deployment across Cisco and the EON project (Cisco IT's SDN Initiative). Double CCIE certified and experienced in routing and switching technologies and WAN design, Khalid has been at Cisco for the last 13 years and worked with multiple technologies across TAC, Cisco Services and Cisco IT.
• Khalid Jawaid
• Member of the Technical Staff, Cisco IT
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public 19
Introducing CiscoThe Global Cisco Family
369 locations in 90 countries
450+ buildings
51 data centers and server rooms
1500+ labs world wide (500+ in San Jose)
66,000+ Employees
20,000 Channel Partners
110+ Application Service Providers
210+ Business and Support Development Partners
Over 180,000 people around the world in the extended Cisco family
Estimated Numbers
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Cisco IT LISP Use-caseIPv6 Transition Support
20
IPv6 Deployment strategy
Dual stack
Overlay
Long term plan that absorbs cost in established lifecycle process
Have a quick and scalable solution in hand to relieve delivery pressure
IPv6 deployment challenges
Financial investment required Migration to L2 VPN
Anycast ISATAP Manual 6in4 Tunnel
Business Impact
Next-Generation overlay architectureLocator/ID Separation Protocol
IPv4 only WAN BackboneL3 MPLS VPN
Day-1 tunneling techniques do not scale very well
Delayed deployment of IPv6
affects product development/testing
and IPv6 adoption.
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Why LISP ?
Anycast ISATAP
End-Client centric solutionSupport challenge
Manual 6in4 tunnels
Configuration overheadPerformance impact (Hub & Spoke)
Locator/ID Separation Protocol
Configuration & Troubleshooting simplicityAny-to-any traffic flows
IPv4 exit-strategy (IPv4 over IPv6)New capabilities (Mobility, Virtualization)
DMVPN
Potential routing challenges when multi-homingScalability concerns
Any-to-any traffic flows
Day-1 tunneling techniques Next-Generation overlay
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Mapping SystemProxy Tunnel Router
ASR1006
EMEAR LISP IPv6 Deployment overview
Cisco Managed CE Map-Resolver, Map-Server, Proxy Ingress/Egress Tunnel Router
Cisco Managed CE Ingress/Egress Tunnel Router
IPSEC VPN Tunnel head-end
From an interim to permanent solution ?
“LISP allows us to postpone some of our WAN migrations in locations where services are not
available or cost inefficient “
Tunnel RouterASR 1006 & ISR 3945
London Amsterdam
Carrier Managed
L3VPN MPLSInternet
Load Sharing Primary/Backup Primary/Backup
Cisco Enterprise Backbone NetworkDC Internet
DC
DC
DS3DS3 DS3 E1 E1 BB
Dual Stack
Dual Stack
Geographically diverseStandalone / Self-managed
Primary / Backup PxTR
Default Route / HSRPv6 to attract trafficLoad sharing defined by WAN topology
Liveliness features
RLOC route-loss detectionRLOC probing
Locator Status Bits (LSB)Solicited Map-Request (SMR)
LISP IPv6 in IPv4
Cisco Remote Offices
IPv4 Only
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Deployment Status
Istanbul(Turkey)
Pilot Deployment(Completed September 2013)
Accelerated Deployment(Completed November 2013)
General Deployment(Target completion May 2014)
Greenpark(UK)
Galway(Ireland)
Munich(Germany)
Vimercatie(Italy)
Moscow(Russia)
Dubai(UAE)
80+ Remote Offices7000+ end-users
3 Engineering Data Centers
Target = IPv6 configuration
automation via scripts !
LISP is the easy part !
1700 end-users
1300 IPv6 endpoints
+ 30 Mbps IPv6 peak BW
0 LISP related cases opened !!!
Internal LISP Design(Guidelines, Cut-sheet, test plan)
Resource training(Configuration & Troubleshooting)
Implementation(Test plan execution and monitoring)
Operational support
In numbers …
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Lesson learned
Network convergence
Minor routing architecture changes required to match IPv4 convergence SLA RLOC route-down detection provides fastest convergence (/32 Prefix leakage) RLOC Probing detects all other failures
MTU handling
Only stateful fragmentation (pMTU) supported as per IPv6 best practices Previous overlay solutions provided stateful fragmentation Our LISP implementation uncovered some pMTU support problems
Feature Support
Most exciting capabilities/enhancements included in more recent versions of code
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Potential use-cases Data-Center VM MobilityClient IP Portability & Disaster RecoveryTraffic engineering (SDN/OnePK)
Cisco IT LISP Strategy
Evaluate Learn Explore
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Conclusion
Big wins for Cisco IT
– Accelerated EMEAR IPv6 deployment within 6-9 months– More time to explore most cost-efficient WAN backbone replacement– Supported on existing WAN Edge platforms – no capital investment– Easy to deploy … It just works !– Relatively low risk learning experience for future use-cases
THANKS to the LISP-Support for the guidance and great customer focus !
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
27
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
LISP @IBM
• Chris Williams
• Infrastructure Architect/Network Architect CEng (MIET), IBM
Chris enjoyed a successful career with IBM spanning 21 years. His notable achievements include the role of chief architect for IBM on the multi-million dollar Lloyds TSB converged IP network, and conceiving and developing IBM’s global secure network infrastructure connecting its outsourcing clients to IBM Global Services. Chris now works as an independent consultant, and more recently at IBM, working on a data centre and network migration.
PIC
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
IBM and RSA
International Business Machines Corporation. Founded 1911. Headquarters in Armonk, New York. Multinational technology, consulting and hosting corporation.
Royal and Sun Alliance, Founded 1710. Headquartered in London. Operating in 32 countries. 17 million customers in 140 countries . Listed on the London Stock Exchange and FTSE 100 Index.
In 2001, IBM and RSA signed the first IT services agreement for IBM to manage and support the IT infrastructure and provide end-to-end service integration across all of the third party technology suppliers.
Company Overviews
30
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Data Centre Migration Challenges for IBM
To reduce the time it takes to migrate servers or applications from:– a customers data centre to an IBM data centre– an ‘inherited’ data centre to an IBM strategic data centre– within a data centre, from a legacy to a new environment (our challenge here)
Competitors who can perform a faster migration can offer a lower price to the customer and have higher margins.
Traditional migration approaches all have limitations:– Application migration– Physical move– Whole DC ‘Big Bang’ migration
Why this is an issue
31
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration without IP mobility / IP Retention Application Migration – Complexity of Ensuring Interfaces are Maintained
32
Move application to new DC requires change of IP address and hostname
Takes longer to start moving servers due to data gathering / documentation of legacy application interfaces
Risk – has an interface been overlooked?
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration without IP mobility / IP Retention Application Migration – Complexity of Ensuring Interfaces are Maintained
33
Complexity of ensuring interfaces are maintained - affects even non-moved / non-migrated systems
DNS may not always help with legacy hard coded applications
Applications local and remote may need to be amended
Firewalls need to be amended
Risk - Can you be sure you have the complete picture?
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration without IP mobility / IP Retention What is the traditional approach?
34
Move a server (physical move or virtual migration) and keep the IP Address and Hostname
Should be simpler process – Is this true?
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration without IP mobility / IP Retention Affinity Groups
35
Move requires understanding of server VLAN cross-patching / affinity groups if smaller units of servers to be migrated in one event
Subnet A Subnet B Subnet C
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration without IP mobility / IP Retention Affinity Groups
36
Move requires understanding of server VLAN cross-patching / affinity groups if smaller units of servers to be migrated in one event
Subnet A Subnet B Subnet C
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration – Server Physical Move Physical Move of Affinity Groups – The Reality
37
Physically move the server and patch into new infrastructure: Takes longer to start moving servers due to data gathering and
understanding of virtual server network interfaces. Requires understanding of server VLAN cross-patching & affinity
groups if smaller units of servers to be migrated in one event Conflicting VLAN numbering in switch blocks – virtual server
VLAN re-configuration required during migration event Risk – has a server or VLAN cross connection been overlooked? Server virtualisation / platform refresh is a follow on project
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration – Big BangEvery Server Migrated in Single Migration Event (Physical Move or Re-build)
38
Without a solution that enables IP mobility with IP Retention for each server then ‘Big Bang’ approach implies:
Years in Planning - takes longer to start moving servers due to data gathering and move planning
Longer storage migration cycle that requires keeping a large data set in synch over WAN (or other methods)
High risk / large service outage during migration event Cast of thousands / large workforce required
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
DC Migration with IP mobility / IP Retention Using LISP
39
We need a way to move servers with IP mobility and removing affinity group constraints of traditional approach:
Move a server (physical or virtual) and keep the IP Address and Hostname
Should be simpler process – Is this true using LISP?
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Implementation ModelsWe Used Model 3
40
Model 1 – To use this method, would require every location to have its site WAN routers involved in the LISP ‘cloud’
Model 2 – Located at a pinch point in the network
Model 3 – The model we intend to use - Link is across the machine room floor in our case
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
The Migration ScopeLegacy DC to New Infrastructure – Same Location
41
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP InfrastructureCross Machine Room Links – ASR1002 Routers
42
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Server MigrationInitial State
43
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Server MigrationIntermediate State – Some Servers Migrated
44
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Server MigrationServers Migrated
45
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Server MigrationServers Migrated – HSRP Cut-Over
46
Migration Steps:
New DC aggregation router interface enabled & added to HRSP group
HSRP priority raised - ‘active’ router becomes New DC aggregation router
Routes injected into New DC OSPF & removed from legacy
Remove HSRP configuration on the MR-MS LISP router i/f for fully migrated subnet
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Server MigrationEnd State – Servers Migrated & Cut-Over to New DC Complete
47
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Why Choose LISPWhy not use other Layer 2 LAN extension methods?
48
We looked at but rejected:
IRB (Integrated Route Bridging)
VPLS (Virtual Private LAN Service) over MPLS
There are two viable candidate technologies. They are:
OTV (Overlay Transport Virtualization)
LISP (Locator Identifier Separation Protocol)
Our Preferred Method is LISP
Because it’s a safer interconnection method. It protects against broadcast storms and spanning tree issues
Non-disruptive Layer 3 connection to existing live data centre's
Works with all server types – physical/virtual/x86/P-Series/Mainframe
Cisco Services – How They Helped Us
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Cisco Professional ServicesData Centre Replica – Cisco Lab Reading UK
50
Replica data centre - same hardware & code levels
LISP infrastructure - 4x Cisco AS1002’s
Comprehensive suite of LISP function & performance tests
129Mb test report !
LISP configurations created
Post implementation support
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
51
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
LISP @Etat du Valais
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
State of Valais
One of the 26 states forming Switzerland.
Composed of government, administration, police and justice.
5’000 employees.
Serves more than 320’000 inhabitants.
Most offices are located in seven major cities.
General Facts
53
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
State of Valais
One of the 26 states forming Switzerland.
Composed of government, administration, police and justice.
5’000 employees.
Serves more than 320’000 inhabitants.
Most offices are located in seven major cities.
General Facts
54
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
State of Valais
7 POPs, one in each of the main cities.– 200 buildings– 800 network devices– 5’000 IP Phones / 1’000 TDM Phones
Operate a dedicated MPLS backbone build on dark fiber.
90 % of the links are build with dark fiber.– 300 km of dark fibers
10 % of the links are build with leased line or leased L3 services.
About the Network
55
EXISTING TOPOLOGIES
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Existing TopologyConnecting the Police’s Offices
57
Voice
DataInternet
Voice gateway with SRST
Leased L3 VPNAll routers are outsourced
Provider A
IPv4
PSTN
Transport– P-to-P IPSec tunnel for
“blue” VRF.– Juniper SSG on both
sides.
Sites– 12 remote locations.– 2 VRFs.– IP Phones register to
central CUCM.– Voice call goes through
PSTN.– SRST for some phones.– Single-homed
CUCM Cluster
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Existing TopologyConnecting the Administration's Offices
58
Voice
DataInternet
Voice gateway with CUCME
Multiple leased L3 VPN
Provider B
IPv4
PSTN
Transport– DMVP.– GRE tunnels with IPSec.– Nothing
Sites– 20 remote locations.– 0-1-2 VRFs.– CUCM Express– IP Phones register to
local CUCME.– Voice call goes through
PSTN.– Single-homed
CUCM Cluster
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Existing TopologyPutting All Together
59
Voice
DataInternet
Provider B
IPv4
Provider A
IPv4
PSTN
Multiple leased L3 VPN
Voice gateway with CUCME
Voice gateway with SRST
Leased L3 VPNAll routers are outsourced CUCM Cluster
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Existing Topology
It’s a complex solution DMVPN, encrypted GRE tunnel
There must be at least one voice gateway and one PSTN access on the remote sites for telephony.
Require lots of configuration whether to add a new site or a new VRF also require modification on the provider side in each case.
Absolutely not scalable whether at site level or at VRF level.
Lots of centrally hosted services are not available to the remote sites– CUCM, Unity and UCCE.– Radio network.
Unable to deploy IPv6 to the sites.
Limitations
60
THE LISP PROJECT
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Goals of the LISP Project
Should be able to replace all existing solutions.
One leased L3 VPN will be used to interconnect all the existing sites.
This leased L3 VPN will be put in production in parallel to the actual.
We should be able to migrate every site independently and one after the other.
Our networks should be totally isolated from the leased L3 VPN.
Changes to our networks should be transparent for the provider.
QoS should be implemented and enforced by the provider on the leased L3 VPN
Provider’s network
62
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Goals of the LISP Project
All centrally hosted services should be available to all the remote sites.
No more voice gateway and/or PSTN access on the sites.
All IP Phones should register to the corporate CUCM cluster.
All external voice calls should goes through the centralized PSTN access.
Voice and radio traffic must be prioritized.
Each remote site will have at least 8 VRFs implemented.
Encryption must be possible, if needed, at VRF level.
Ours networks
63
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP TopologyProvider’s network
64
Site 1
Headquarters
Provider A
IPv4
HQ– Multihomed, two CPE.– One provider.
Sites– Single-home, one CPE.– BW between1 and 8 Mb/s.– Same provider on every site.
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP TopologyUser’s VRFs
65
Headquarters
Site 3
Site 1
Site 2
Internet
Provider A
IPv4
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyUser’s VRFs
66
Internet
Provider A
IPv4
HQ– Has lots of networks in each of
VRF.– Some networks are /16.– Gives access to the Internet .– Hosts 3 DCs.
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyUser’s VRFs
67
Internet
Provider A
IPv4
Sites– Have 1-2 networks in each VRF.– Some networks are /24 but most
are smaller.– Have Loopback interfaces in
each VRF.
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyUser’s VRFs
68
Internet
Provider A
IPv4
HQ RTR acts as– Map Server.– Map Resolver.– PxTR
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyUser’s VRFs
69
Internet
Provider A
IPv4
Site RTR – acts as xTR– use PxTR at HQ– use MS/MR at HQ
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyAdding GETVPN
70
Internet
Provider A
IPv4
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyAdding GETVPN
71
Internet
Provider A
IPv4
HQ RTR acts as– Map Server.– Map Resolver.– xTR
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Headquarters
Site 3
Site 1
Site 2
LISP TopologyAdding GETVPN
72
Internet
Provider A
IPv4
Site RTR – acts as xTR– use MS/MR at HQ
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP Topology
The “orange” VRF is only used to connect the LISP routers to the Key Servers.
We defined only one Loopback per site in the “orange” VRF.
Internet Key Exchange (IKE) Phase 1 use “Pre-shared” key for authentication.
The “orange” VRF is not encrypted.
Voice traffic is not encrypted by GETVPN, this has to be done directly by the phones.
Adding GETVPN
73
NTP can be your main concern
Conclusions
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Why LISP
LISP was easy to deploy and has a great supporting team.
LISP worked out of the box.
It’s easy to add encryption on a VRF basis (GETVPN).
The configurations on each remote site are the same only the provider’s link has to be adapted.
It’s very easy to add new sites with minimal configuration on the HQ side.
IPv6 can be pushed to the sites with the current implementation no change on the provider’s side.
We are totally isolated from the provider’s network.
Key Facts
75
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Next steps
Multiple service providers disjoined RLOC-space.
Using the Internet as an “SP” to deploy very small sites.
Using LISP to solve the north-south routing optimization in the case of VM-mobility between DC.
CY2014
76
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
77
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
LISP @AVM GmbH
• Eric van Uden
• Country Manager, AVM GmbH
Currently Country Manager at AVM. Experience in the data and telecommunications sector since the early1990s. Specialized in remote access projects with ISDN, GSM and VPN for several international customers. At AVM, Eric is responsible for sales in the Dutch market. He launched IPv6 with customer XS4ALL to the Dutch consumer market and is a member of the Dutch IPv6 Taskforce. Looking forward to commercial use of LISP with AVM products.
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
About AVM
AVM is a Berlin-based communications specialist that develops and manufactures products for your broadband connection. The company has received numerous awards for its innovative FRITZ!Box family.
FRITZ! offers fast Internet access, easy networking, convenient telephony and versatile multimedia applications.
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Overview
Founded 1986 in Berlin
Management formed byshareholders
Fiscal 2012
Worldwide productionwith focus on Germany
- EUR 250 million in revenue
- 420 employees
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
What sets AVM apart
Proximity to our core markets (EU and D)
Continuous innovations
In-house developments – made in Berlin
Speed – time to market
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
What is a FRITZ!Box?
83
A router for the Smart Home or Office
Models for DSL,LTE or Cable
WLAN AC + N with 1300 Mbit/s (5 GHz) and 450 Mbit/s (2.4 GHz) simultaneously
Telephone system (ISDN, analog, IP) with DECT base station, answering machine and faxing
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Why LISP at AVM?
84
• Request for multiple WAN, Aggregation of multiple links• To speed up IPv6 implementation• Request for cooperation from CISCO LISP Team
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP in the FRITZ!Box, IPv6
LISP: Locator / Identifier Separator Protocol Idea: address space of my hosts (EIDs) is independent of the address space
from my ISP (RLOC) Very flexible tunneling scenarios are possible: IPv4 in IPv6, IPv6 in IPv4, v6 in
v6, v4 in v4
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP in the FRITZ!Box, Hybrid solutions
Aggregation of multiple links with LISP
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Example, Hybrid solution VDSL and LTE
87
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
88
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Executive Panel : LISP Customers Discuss Modern Network Solutions
89
Introduction Fabio Maino
LISP Perspectives Colin Kincaid
Customer Use Case :: Cisco IT Khalid Jawaid
Customer Use Case :: IBM Chris Williams
Customer Use Case :: Etat du Valais Christian Quenzer
Customer Use Case :: AVM GmbH Eric van Uden
Questions/Answers ALL
Closing Words Fabio Maino
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
LISP ReferencesLISP Information
LISP InformationCisco LISP Site ……………………. http://lisp.cisco.com (IPv4 and IPv6)
Cisco LISP Marketing Site ………... http://www.cisco.com/go/lisp/
LISP Beta Network Site …………… http://www.lisp4.net or http://www.lisp6.net
LISP DDT Root ……………………... http://www.ddt-root.org
IETF LISP Working Group ……...… http://tools.ietf.org/wg/lisp/
LISP Mailing ListsCisco LISP Questions ……………… [email protected]
IETF LISP Working Group ………… [email protected]
LISP Interest (public) ………………. [email protected]
LISPmob Questions ………………... [email protected]
90
© 2014 Cisco and/or its affiliates. All rights reserved.PNLRST-2020 Cisco Public
Maximize your Cisco Live experience with your free Cisco Live 365 account. Download session PDFs, view sessions on-demand and participate in live activities throughout the year. Click the Enter Cisco Live 365 button in your Cisco Live portal to log in.
Complete Your Online Session Evaluation
Complete your session evaluation online now through either the mobile app or internet kiosk stations.
Note: This slide is now a Layout choice
91