Cisco IOS IP Routing: LISP Command Reference

ipv4 alt-vrf

To configure which virtual routing and forwarding (VRF) instance supporting the IPv4 address-family that Locator/ID Separation Protocol (LISP) should use when sending map requests for an IPv4 endpoint identifier-to-routing locator ( EID-to-RLOC) mapping directly over the alternative logical topology (ALT), use the ipv4 alt-vrf command in LISP configuration mode. To remove this reference to a VRF, use the no form of this command.

ipv4 alt-vrf vrf-name

no ipv4 alt-vrf [ vrf-name]

Syntax Description


`vrf-name`	Name assigned to the ALT VRF.

Command Default

By default, no ALT VRF is referenced by LISP.

Command Modes

LISP configuration (config-router-lisp)

Command History


Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

The ipv4 alt-vrf command is required for all LISP devices that are connected to the ALT for exchange of LISP control plane messages for IPv4 EID mapping resolution. The VRF instance specified using the ipv4 alt-vrf command is used to segment EID prefixes from the global table and must be configured to enable the IPv4 address family (use the ipv6 alt-vrf command to enable the IPv6 address family).

Additionally, you must use the ipv4 alt-vrf command (or ipv6 alt-vrf command for IPv6 EID mapping resolution) when configuring any LISP device as a map resolver (MR), map server (MS), or proxy ingress tunnel router (PITR). For these LISP devices, configuring the ipv4 alt-vrf or ipv6 alt-vrf command is required regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone MR, MS, PITR, or any combination of the three (such as when a LISP MS/MR device has full knowledge of the LISP mapping system for a private LISP deployment and is not connected to any ALT).

When configuring a device as a LISP ingress tunnel router (ITR) to resolve IPv4 EID-to-RLOC mappings for destination EIDs, you can configure the device to use one of the following two options:

Send map requests to a map resolver—the ITR sends map requests in a LISP encapsulated control message (ECM) header with either an IPv4 or IPv6 map-resolver RLOC as its destination address (depending on the configuration). For this option, use the ipv4 itr map-resolver command instead of the ipv4 alt-vrf command.

Send map requests directly over the LISP ALT using the VRF instance specified when configuring this command—the ITR sends map requests directly over the ALT (without the additional LISP ECM header). The destination of the map request is the EID being queried. For this option, use the ipv4 alt-vrf command.

When using the ALT, you must configure the correct address family (IPv4 or IPv6) for resolving EID-to-RLOC mappings. If an IPv4 EID mapping is required, configure the ipv4 alt-vrf command and specify a VRF that enables the IPv4 address-family and connects to an IPv4-capable ALT.

Note

Before this command is used, the referenced VRF must already have been created using the vrf definition command. In addition, the corresponding configurations for connecting the LISP device to the ALT, including the GRE tunnel interfaces and any routing associated with the VRF (static or dynamic) must also have been created.

Examples

The following example shows how to configure the VRF named lisp and how to configure LISP to use this VRF when resolving IPv4 EID-to-RLOC mappings:


Router (config)# router lisp
Router(config-router-lisp)# vrf definition lisp
Router(config-vrf)# rd 65100:100
Router(config-vrf)# address-family ipv4
Router(config-vrf-af)# exit-address-family
Router(config-vrf)# exit
Router(config)# router lisp
Router(config-router-lisp)# ipv4 alt-vrf lisp

Related Commands


Command	Description
ipv4 itr	Configures the router to act as an IPv4 LISP ITR.
ipv4 itr map-resolver	Configures the IPv4 locator address of the LISP map resolver to which the ITR sends IPv4 map request messages.
ipv4 proxy-itr	Configures the router to act as an IPv4 LISP PITR.
ipv6 alt-vrf	Configures which VRF supporting the IPv4 address family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.

ipv4 etr

To configure a router to act as an IPv4 Locator/ID Separation Protocol (LISP) Ingress Tunnel Router (ITR), use the ipv4 etr command in LISP configuration mode. To remove LISP ITR functionality, use the no form of this command.

ipv4 etr

no ipv4 etr

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide ETR functionality.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable IPv4 LISP ETR functionality on the router. A router configured as an IPv4 ETR is also typically configured with database-mapping commands so that the ETR knows what endpoint identifier (EID)-prefix blocks and corresponding locators are used for the LISP site. In addition, the ETR should be configured to register with a map server with the ipv4 etr map-server command, or to use static LISP EID-to-routing locator (EID-to-RLOC) mappings with the map-cache command to participate in LISP networking.

Note

A device configured as an ETR should also be configured as an Ingress Tunnel Router (ITR). However, the LISP architecture does not require this and ETR and ITR functionality can occur in different devices.

Configuration Inheritance:

At the router lisp level,

ipv4 etr enables the configuration for all the eid-tables defined under router lisp.
no ipv4 etr disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

no ipv4 etr negates the inherited configuration.
default ipv4 etr reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure IPv4 LISP ETR functionality on the router:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 etr

Related Commands


Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv4 etrmap-server	Configures the IPv4 or IPv6 locator address of the LISP map server to which an ETR should register for its IPv4 EID prefixes.
ipv4 itr	Configures the router to act as an IPv4 LISP ITR.
map-cache	Configures a static IPv4 or IPv6 EID prefix to locator map-cache entry.

ipv4 etr accept-map-request-mapping

To configure an Egress Tunnel Router (ETR) to cache IPv4 mapping data contained in a map-request message, use the ipv4 etr accept-map-request-mapping command in Locator/ID Separation Protocol (LISP) configuration mode. To remove this functionality, use the no form of this command.

ipv4 etr accept-map-request-mapping [verify]

no ipv4 etr accept-map-request-mapping [verify]

Syntax Description


verify	(Optional) Specifies that mapping data should be cached but not used for forwarding packets until the ETR can send its own map request to one of the locators from the mapping data record and receive a map reply with the same data in response.

Command Default

The router does not cache mapping data contained in a map request message.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

When an ETR receives a map request message, the message may contain mapping data for the invoking IPv4 source-EID's packet. By default, the ETR ignores mapping data included in map-request messages. However, if you configure the ipv4 etr accept-map-request-mapping command, the ETR caches the mapping data in its map cache and immediately uses it for forwarding packets.

If you configure the optional verify keyword, the ETR caches the mapping data but does not use it for forwarding packets until the ETR can send its own map request to one of the locators from the mapping data record (and receives the same data in a map reply message).

If this command is enabled and then later disabled, issuing the command clear ip lisp map-cache is required to clear any map-cache entries currently in the "tentative" state. Map-cache entries can remain in the “tentative” state for up to one minute and thus it may be desirable to clear these entries manually when this command is removed.

Configuration Inheritance:

At the router lisp level,

ipv4 etr accept-map-request-mapping enables the configuration for all the eid-tables defined under router lisp.
no ipv4 etr accept-map-request-mapping disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

no ipv4 etr accept-map-request-mapping negates the inherited configuration.
default ipv4 etr accept-map-request-mapping reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure the ETR to cache IPv4 mapping data included in map-request messages and verify the accuracy of the data before forwarding packets:


Router (config)# router lisp
Router(config-router-lisp)# ipv4 etr accept-map-request-mapping verify

Related Commands


Command	Description
clear ip lisp map-cache	Clears the LISP IPv4 or IPv6 map cache on the local router.
ipv4 etr	Configures the router to act as an IPv4 LISP ETR.

ipv4 etr map-cache-ttl

To configure the time-to-live (TTL) value inserted into Locator/ID Separation Protocol (LISP) IPv4 map-reply messages, use the ipv4 etr map-cache-ttl command in LISP configuration mode. To remove the configured TTL value and return to the default value, use the no form of this command.

ipv4 etr map-cache-ttl minutes

no ipv4 etr map-cache-ttl [ minutes]

Syntax Description


`minutes`	A value, in minutes, to be inserted in the TTL field in map-reply messages. Valid entries are between 60 (1 hour) and 10080 (1 week).

Command Default

The default TTL value is 1440 minutes (24 hours).

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to change the default value associated with the TTL field in IPv4 map-reply messages. You can use this command to change the default TTL that remote ITRs will cache and use for your site’s IPv4 EID prefix. The default value is 1440 minutes (24 hours), and the minimum value is 60 minutes.

Configuration Inheritance:

At the router lisp level,

ipv4 etr map-cache-ttl enables the configuration for all the eid-tables defined under router lisp.
no ipv4 etr map-cache-ttl resets the configuration to the system default value and the system default value is inherited by all the eid-tables defined under router lisp.

At the eid-table level,

ipv4 etr map-cache-ttl overrides the configuration inherited from the router lisp level.
no ipv4 etr map-cache-ttl resets the configuration to the system default value.
default ipv4 etr map-cache-ttl reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure the Egress Tunnel Router (ETR) to use a TTL of 120 minutes in IPv4 map-reply messages:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 etr map-cache-ttl 120

Related Commands


Command	Description
ipv4 etr	Configures the router to act as an IPv4 LISP ETR.

ipv4 etr map-server

To configure the IPv4 or IPv6 locator address of the Locator/ID Separation Protocol (LISP) map server to be used by the Egress Tunnel Router (ETR) when registering for IPv4 endpoint identifiers (EIDs), use the ipv4 etr map-server command in LISP configuration mode. To remove the configured locator address of the LISP map server, use the no form of this command.

ipv4 etr map-server map-server-address key {0 | 6} authentication-key

no ipv4 etr map-server map-server-address key [ {0 | 6} authentication-key]

Syntax Description


`map-server-address`	The IPv4 or IPv6 locator addresses of the map server.
key	Specifies the key type.
0	Indicates that the password is entered as cleartext.
6	Indicates that the password is in the AES encrypted form.
`authentication-key`	The password used for computing the SHA-1 HMAC hash that is included in the header of the map-register message.

Command Default

No LISP map server locator addresses are configured by default.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use the ipv4 etr map-server command to configure the IPv4 or IPv6 locator of the map server to which the ETR will register for its IPv4 EIDs. The authentication key argument in the command syntax is a password that is used for a SHA-1 HMAC hash (included in the header of the map-register message).

You can configure the ETR to register with up to two map servers. After the ETR registers with the map servers, the map servers begin to advertise the EID-prefix blocks and RLOCs for the LISP site.

The password used for the SHA-1 HMAC may be entered in unencrypted (cleartext) form or encrypted form. To enter an unencrypted password, specify 0. To enter an AES encrypted password, specify 6.

Caution

Map server authentication keys entered in cleartext form will remain in cleartext form and be displayed in the configuration in cleartext form unless the Cisco IOS Encrypted Preshared Key feature is enabled. The Encrypted Preshared Key feature allows you to securely store plain text passwords in type 6 (AES) encryption format in NVRAM. To enable this feature, use the key config-key password-encryption and password encryption aes commands. For additional information on the Encrypted Preshared Key feature and its usage see: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801f2336.shtml .

Caution

If you enable the Encrypted Preshared Key feature and then remove it, all type 6 encrypted keys immediately become unusable because the primary key is deleted—type 6 passwords cannot be unencrypted and used by the router. A warning message displays that details this and confirms the primary key deletion.

Note

The map server must be preconfigured with IPv4 EID prefixes that match the IPv4 EID-prefixes configured on this ETR using the database-mapping command, and a password matching the one provided with the key keyword on this ETR.

Configuration Inheritance

At the router lisp level,

ipv4 etr map-server enables the configuration for all the eid-tables defined under router lisp.
no ipv4 etr map-server disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

ipv4 etr map-server overrides the configuration inherited from the router lisp level.
no ipv4 etr map-server disables the configuration.
default ipv4 etr map-server reinherits the configuration from the router lisp level.

Examples

The following example configures the ETR to register to two map servers, one with the locator 10.1.1.1 and another with the locator 172.16.1.7:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 etr map-server 10.1.1.1 key 0 s3cr3t-k3y
Router(config-router-lisp)# ipv4 etr map-server 172.16.1.7 key 0 s3cr3t-k3y

Related Commands


Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv4 etr	Configures the router to act as an IPv4 LISP ETR.
key config-key password-encryption	Enables storage of a type 6 encryption key in private NVRAM.
password encryption aes	Enables a type 6 encrypted preshared key.

ipv4 itr

To configure a router to act as an IPv4 Locator/ID Separation Protocol (LISP) Ingress Tunnel Router (ITR), use the ipv4 itr command in LISP configuration mode. To remove LISP ITR functionality, use the no form of this command.

ipv4 itr

no ipv4 itr

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide ITR functionality.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv4 LISP ITR functionality.

If a router configured as an ITR receives a packet for which no IPv4 destination address prefix match exists in the routing table and for which the source address of the packet matches an IPv4 EID-prefix block configured using the database-mapping command or map-cache command, then the packet is a candidate for LISP routing. In this case, the ITR sends a LISP map request to the map resolver configured using the ipv4 itr map-resolver command. Next, the ITR caches the IPv4 endpoint identifier-to-routing locator (EID-to-RLOC) mapping information returned by the associated map reply in its map cache. Subsequent packets destined to the same IPv4 EID-prefix block are then LISP-encapsulated according to this IPv4 EID-to-RLOC mapping entry.

Note

Devices are often configured as an ITR and as an Egress Tunnel Router (ETR). However, the LISP architecture does not require this and the functionality can occur in a different device.

Configuration Inheritance:

At the router lisp level,

ipv4 itr enables the configuration for all the eid-tables defined under router lisp.
no ipv4 itr disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

no ipv4 itr negates the inherited configuration.
default ipv4 itr reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure IPv4 LISP ITR functionality on the router:


Router(config)# router lisp
Router(config)# ipv4 itr

Related Commands


Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv4 alt-vrf	Configures which VRF supporting the IPv4 address family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.
ipv4 itr map-resolver	Configures the IPv4 locator address of the LISP map resolver to which the ITR sends IPv4 map-request messages.
map-cache	Configures a static IPv4 or IPv6 EID-prefix to locator map-cache entry.

ipv4 itr map-resolver

To configure the IPv4 locator address of the Locator/ID Separation Protocol (LISP) map resolver to be used by the Ingress Tunnel Router (ITR) when sending map requests for IPv4 endpoint identifier-to-routing locator (EID-to-RLOC) mapping resolution, use the ipv4 itr map-resolver command in LISP configuration mode. To remove the configured locator address of the LISP map resolver, use the no form of this command.

ipv4 itr map-resolver map-resolver-address

no ipv4 itr map-resolver map-resolver-address

Syntax Description


`map-resolver-address`	The IPv4 locator addresses of the map resolver.

Command Default

No LISP map resolver locator address is configured by default.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

This command configures the locator to be used by a LISP ITR to reach the configured map resolver when sending a map request for IPv4 EID-to-RLOC mapping resolution.

A LISP ITR that needs to resolve an IPv4 EID-to-RLOC mapping for a destination EID can be configured to send a map request message either to a map resolver configured using the ipv4 itr map-resolver command, or directly over the LISP Alternative Logical Topology (ALT) using the ipv4 alt-vrf command. If a map resolver is used, map requests are sent to the map resolver with the additional LISP Encapsulated Control Message (ECM) header that includes the map resolver RLOC as its destination address. When the ALT is used, map requests are sent directly over the ALT without the additional LISP ECM header (the destination of the map request is the EID being queried).

Configuration Inheritance

At the router lisp level,

ipv4 itr map-resolver enables the configuration for all the eid-tables defined under router lisp.
no ipv4 itr map-resolver disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

ipv4 ipv4 itr map-resolver overrides the configuration inherited from the router lisp level.
no ipv4 itr map-resolver disables the configuration.
default ipv4 itr map-resolver reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure an ITR to use the map resolver located at 10.1.1.1 when sending map-request messages:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 itr map-resolver 10.1.1.1

Related Commands


Command	Description
ipv4 itr	Configures the router to act as an IPv4 LISP ITR.
ipv4 map-request-source	Configures the source IPv4 address to be used in IPv4 LISP map request messages.

ipv4 map-cache-limit

To configure the maximum number of IPv4 Locator/ID Separation Protocol (LISP) map-cache entries allowed to be stored by the router, use the ipv4 map-cache-limit command in LISP configuration mode. To remove the configured map-cache limit, use the no form of this command.

ipv4 map-cache-limit cache-limit [reserve-list list]

no ipv4 map-cache-limit cache-limit [reserve-list list]

Syntax Description


`cache-limit`	The maximum number of IPv4 LISP map-cache entries allowed to be stored on the router. The valid range is from 0 to 10000.
reserve-list `list`	(Optional) Specifies a set of IPv4 EID-prefixes in the referenced prefix list for which dynamic map-cache entries will always be stored.

Command Default

The default map-cache limit is 1000 entries.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to control the maximum number of IPv4 LISP map-cache entries allowed to be stored on the router. The optional reserve-list keyword can be configured to guarantee that the referenced IPv4 EID-prefixes are always stored by the router.

LISP map-cache entries are added in one of two ways - dynamically or statically. Dynamic entries are added when a valid map-reply message is returned for a map-request message generated in response to a cache-miss lookup. Static IPV4 entries are added via the map-cache command. Whether a new map-cache entry is stored depends on the following conditions.

Dynamic map-cache entries are always added until the default or configured cache limit is reached. After the default or configured cache limit is reached, unless the optional reserve-list is configured, no further dynamic entries are added and no further map requests are generated in response to cache-miss lookups until a free position is available. Existing dynamic IPv4 map-cache entries can time-out due to inactivity or can be removed by the administrator via the clear ip lisp map-cache command to create a free position in the map-cache. When the optional reserve-list is configured, a map request will be generated and a new dynamic map-cache entry will be added for IPv4 EID prefixes found in the prefix-list referenced by the reserve-list keyword. In this case, a new entry will replace an existing dynamic entry so that the cache-limit is maintained. The dynamic entry deleted will be either a nonreserve idle map-cache entry, nonreserve active map-cache entry, reserve idle map-cache entry, or reserve active map-cache entry (in that order), whichever is available first for deletion. Idle map-cache entries are those that have seen no activity in the last 10 minutes.

Static map-cache entries are always added, even if the addition of the static entry exceeds the default or configured cache-limit. If the current map-cache contains dynamic entries, the addition of a new static entry will replace an existing dynamic entry such that the cache-limit is maintained. The dynamic entry deleted will be either a non-reserve idle map-cache entry, non-reserve active map-cache entry, reserve idle map-cache entry, or reserve active map-cache entry (in that order), whichever is available first for deletion. Idle map-cache entries are those that have seen no activity in the last 10 minutes.

Caution

Static map-cache entries count against the default or configured cache-limit. Since static entries are always added, static entries can be added beyond the default or configured cache limit. If the number of static entries configured exceeds the default or configured cache-limit, no dynamic entries can be added.

Note

If the reserve-list keyword is used, be sure that the prefix list includes entries that match all entries for which you expect to receive a map reply, including the “more-specifics”. This can be ensured by appending "le 32" to the end of all prefix-list entries for IPv4 prefixes. For example, if you want to match on any “more specifics” to 172.16.0.0/16, you specify ip prefix-list lisp-list seq 5 permit 172.16.0.0/16 le 32 in order to cover all replies within this range.

Note

The show ip lisp map-cache detail command provides additional details about the endpoint identifier-to-routing locator (EID-to-RLOC) mapping entries stored in the LISP map cache, including whether the prefix is covered by the reserve-list prefix list.

Configuration Inheritance:

At the router lisp level,

ipv4 map-cache-limit enables the configuration for all the eid-tables defined under router lisp.
no ipv4 map-cache-limit resets the configuration to the system default value and the system default value is inherited by all the eid-tables defined under router lisp.

At the eid-table level,

ipv4 map-cache-limit overrides the configuration inherited from the router lisp level.
no ipv4 map-cache-limit resets the configuration to the system default value.
default ipv4 map-cache-limit reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure a LISP cache limit of 2000 entries and a reserve list that references the IPv4 prefix-list LISP-v4-always:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 map-cache-limit 2000 reserve-list LISP-v4-always
Router(config-router-lisp)# ip prefix-list LISP-v4-always seq 10 permit 172.16.0.0/16 le 32

Related Commands


Command	Description
clear ip lisp map-cache	Clears the LISP IPv4 or IPv6 map-cache on the local router.
ip prefix-list lisp-list
map-cache	Configures a static IPv4 or IPv6 EID prefix to a locator map-cache entry.
show ip lisp map-cache detail	Displays detailed information about the current dynamic and static IPv4 EID-to-RLOC map-cache entries.

ipv4 map-cache-persistent

To configure how often, in minutes, that an Ingress Tunnel Router (ITR) should save its dynamically learned map-cache entries to a file in flash, use the ipv4 map-cache-persistent command in Locator/ID Separation Protocol (LISP) configuration mode. To return to the default save interval setting, use the default form of the command. To disable this automatic save of dynamically learned map-cache entries, use the no form of this command.

ipv4 map-cache-persistent interval minutes

no ipv4 map-cache-persistent

default ipv4 map-cache-persistent

Syntax Description


interval `minutes`	Specifies how often, in minutes, the ITR should save its dynamically learned map-cache entries to a file in flash memory. Default is 60, range 1 to 1440.

Command Default

By default, map-cache persistence is enabled with a default time of 60 minutes.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB3	This command was introduced.
Cisco IOS XE Release 2.5.1XC	This command was integrated into Cisco IOS XE Release 2.5.1XC.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

An ITR forwards LISP packets based on endpoint identifier-to-routing locator (EID-to-RLOC) mapping policy data obtained from destination Egress Tunnel Routers (ETRs) and stored in its local map cache. When the map cache does not contain an entry for the destination prefix, the map resolution process is executed in order to build the map-cache entry. Even though this process takes a short amount of time, upon router reload it may be undesirable to wait for data-driven events to cause map-cache entries to be built.

The LISP map-cache persistence feature periodically stores dynamically learned remote EID map-cache entries to a file located in flash. When the router reloads, it checks for these files and uses the list of remote EIDs to prime the map cache after reboot. This ensures that packet loss after an xTR comes up is minimal because data-driven triggers are not required to repopulate the map cache for previously active EID prefixes.

Note

The remote EID prefixes listed in the stored file are used to trigger map requests. The map replies that return based on these map requests are what prime the map-cache. In this way, the map cache always contains fresh information upon reload.

Use the ipv4 map-cache-persistent command to control how often, in minutes, the ITR or PITR should save dynamically learned IPv4 map-cache entries to a file in flash. By default, map-cache persistence is set at 10 minutes. Use the no form of the command to disable LISP map-cache persistence. Alternatively, if the default value is changed, you can use the default form of this command to return the save interval setting to the default value.

Note

Use theshow run | include persistent command to determine the current state of this feature. If this command returns nothing, then map-cache persistence is enabled and set to the default value. Other output results are self-explanatory.

Configuration Inheritance:

At the router lisp level,

ipv4 map-cache-persistent interval enables the configuration for all the eid-tables defined under router lisp.
no ipv4 map-cache-persistent interval resets the configuration to the system default value and the system default value is inherited by all the eid-tables defined under router lisp.

At the eid-table level,

ipv4 map-cache-persistent interval overrides the configuration inherited from the router lisp level.
no ipv4 map-cache-persistent interval resets the configuration to the system default value.
default ipv4 map-cache-persistent interval reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure the ipv6 map-cache-persistent command to save dynamically learned EID prefixes every 30 minutes:


Router (config)# router lisp
Router(config-router-lisp)# ipv4 map-cache-persistent interval 30

Related Commands


Command	Description
clear ip lisp map-cache	Clears the LISP IPv4 or IPv6 map cache on the local router.
map-cache	Configures a static IPv4 or IPv6 EID prefix to a locator map-cache entry.

ipv4 map-request-source

To configure an IPv4 address to be used as the source address for Locator/ID Separation Protocol (LISP) IPv4 map-request messages, use the ipv4 map-request-source command in LISP configuration mode. To remove the configured map-request source address, use the no form of this command.

ipv4 map-request-source source-address

no ipv4 map-request-source

Syntax Description


`source-address`	The IPv4 source address to be used in LISP IPv4 map-request messages.

Command Default

The router uses one of the locator addresses configured in the database-mapping command as the default source address for LISP map-request messages.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to configure the IPv4 source address to be used by the Ingress Tunnel Router (ITR) for LISP IPv4 map-request messages. Typically, a locator address configured in the database-mapping command is used as the source address for LISP IPv4 map-request messages. There are cases, however, where it may be desirable to configure the specified source address for these map-request messages. For example, when the ITR is behind a network address translation (NAT) device, you may have to specify a source address that matches the NAT configuration to properly allow for return traffic.

Configuration Inheritance

At the router lisp level,

ipv4 map-request-source enables the configuration for all the eid-tables defined under router lisp.
no ipv4 map-request-source disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

ipv4 map-request-source overrides the configuration inherited from the router lisp level.
no ipv4 map-request-source disables the configuration.
default ipv4 map-request-source reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure an ITR to use the source IP address 172.16.1.7 in its IPv4 map-request messages:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 map-request-source 172.16.1.7

Related Commands


Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.

ipv4 map-resolver

To configure a router to act as an IPv4 Locator/ID Separation Protocol (LISP) map resolver, use the ipv4 map-resolver command in LISP configuration mode. To remove LISP map-resolver functionality, use the no form of this command.

ipv4 map-resolver

no ipv4 map-resolver

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide map-resolver functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History


Release	Modification
15.1(1)XB2	This command was introduced.
Cisco IOS XE Release 2.5.1XB	This command was integrated into Cisco IOS XE Release 2.5.1XB
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv4 LISP map-resolver functionality. A LISP map resolver is deployed as a LISP Infrastructure component.

A map resolver receives LISP Encapsulated Control Messages (ECMs) containing map requests from LISP Ingress Tunnel Routers (ITRs) directly over the underlying locator-based network. The map-resolver decapsulates these messages and forwards them on the LISP Alternative Logical Topology (ALT), where they are delivered either to:

An Egress Tunnel Router (ETR) that is directly connected to the LISP ALT and that is authoritative for the endpoint identifier (EID) being queried by the map request.

The map server that is injecting EID prefixes into the LISP ALT on behalf of the authoritative ETR.

Map resolvers also send negative map replies directly back to an Ingress Tunnel Router (ITR) in response to queries for non-LISP addresses.

Note

For a router configured as an IPv4 map resolver, you must configure the ipv4 alt-vrf command regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone map resolver. Refer to the ipv4 alt-vrf for related configuration information.

Examples

The following example shows how to configure IPv4 LISP map-resolver functionality on the router.


Router (config)# router lisp
Router(config-router-lisp)# ipv4 map-resolver

Related Commands


Command	Description
ipv4 alt-vrf	Configures which VRF supporting the IPv4 address-family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.

ipv4 map-server

To configure a router to act as an IPv4 Locator/ID Separation Protocol (LISP) map server, use the ipv4 map-server command in LISP configuration mode. To remove LISP map-server functionality, use the no form of this command.

ipv4 map-server

no ipv4 map-server

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide map-server functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History


Release	Modification
15.1(1)XB2	This command was introduced.
2.5.1XB	This command was integrated into Cisco IOS XE Release 2.5.1XB.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv4 LISP map-server functionality. A LISP map server is deployed as a LISP infrastructure component. LISP site commands are configured on the map server for a LISP Egress Tunnel Router (ETR) that registers to the map server. The authentication key on the map server must match the one configured on the ETR. A map server receives map-register control packets from ETRs. A map server configured with a service interface to the LISP Alternative Logical Topology (ALT) injects aggregates for the registered EID prefixes into the LISP ALT.

The map-server also receives map-request control packets from the LISP-ALT, which it then forwards as a LISP encapsulated control messages (ECMs) to the registered ETR that is authoritative for the EID prefix being queried. The ETR returns a map-reply message directly back to the Ingress Tunnel Router (ITR).

Note

For a router configured as a IPv4 map server, you must configure the ipv4 alt-vrf command regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone map server. Refer to the ipv4 alt-vrf command for related configuration information.

Examples

The following example shows how to configure IPv4 LISP map-server functionality on the router:


Device(config)# device lisp
Device(config-router-lisp)# ipv4 map-server

Related Commands


Command	Description
ipv4 alt-vrf	Configures which VRF supporting the IPv4 address-family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.

ipv4 path-mtu-discovery

To configure the upper and lower bounds to be considered by IPv4 path maximum transmission unit (MTU) discovery (PMTUD), use the ipv4 path-mtu-discovery command in Locator/ID Separation Protocol (LISP) configuration mode. To return the IPv4 PMTUD parameters to their default settings, use theipv4 path-mtu-discovery form of the command without additional parameters. To disable the use of IPv4 PMTUD by LISP, use the no form of this command.

ipv4 path-mtu-discovery [min lower-bound | max upper-bound]

no ipv4 path-mtu-discovery

Syntax Description


min `lower-bound`	(Optional) Specifies lower bound on path MTU accepted, in bytes. Valid range is 68 to 65535.
max `upper-bound`	(Optional) Specifies upper bound on path MTU accepted, in bytes. Valid range is 68 to 65535.

Command Default

By default, LISP participates in IPv4 PMTUD can adjust the MTU used by LISP on a per-destination locator basis. The default minimum and maximum MTU boundaries are 576 bytes and 65,535 bytes, respectively.

Command Modes

LISP configuration (config-router-lisp)

Command History


Release	Modification
15.1(1)XB	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

By default, IPv4 PMTUD is enabled for LISP. When IPv4 PMTUD is enabled, all LISP packets are sent with DF=1 in the outer IP header, and incoming IPv4 Internet Control Message Protocol (ICMP) Type 3 Code 4 (“Destination Unreachable, Fragmentation Needed and Don’t Fragment was Set”) messages are processed and maintained by LISP on a per-destination locator basis. The MTU setting for a destination locator will be updated according to the ICMP message as long as the requested new MTU is lower than the existing MTU but is still within the configured min and max keywords MTU boundaries.

IPv4 PMTUD can be disabled for LISP using the no ipv4 path-mtu-discovery command in LISP configuration mode. When IPv4 PMTUD is disabled, all LISP packets are sent with DF=0 in the outer IP header and LISP does not process incoming ICMP Type 3 Code 4 messages. Disabling IPv4 PMTUD for LISP is not recommended. To re-enable IPv4 PMTUD, use the ipv4 path-mtu-discovery command in LISP configuration mode without any additional parameters.

Examples

The following example shows how to modify PMTUD for LISP to accept only ICMP Type 3 Code 4 messages requesting an MTU of at least 1200 bytes (the maximum of 65,535 bytes remains unchanged).


Router(config)# router lisp
Router(config-router-lisp)# ipv4 path-mtu-discovery min 1200

Related Commands


Command	Description
ipv4 itr	Configures the router to act as an IPv4 LISP ITR.

ipv4 proxy-etr

To configure a router to act as an IPv4 Locator/ID Separation Protocol (LISP) Proxy Egress Tunnel Router (PETR), use the ipv4 proxy-etr command in LISP configuration mode. To remove LISP PETR functionality, use the no form of this command.

ipv4 proxy-etr

no ipv4 proxy-etr

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide PETR functionality.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable IPv4 LISP PETR functionality on the router. PETR functionality is a special case of Egress Tunnel Router (ETR) functionality where the router accepts LISP-encapsulated packets from an Ingress Tunnel Router (ITR) or Proxy ITR (PITR) that are destined to non-LISP sites, decapsulates them, and then forwards them natively toward the non-LISP destination.

PETR services may be necessary in several cases. For example, by default when a LISP site forwards packets to a non-LISP site natively (not LISP encapsulated), the source IP address of the packet is that of a site endpoint identifiers (EIDs). If the provider side of the access network is configured with strict unicast reverse path forwarding (uRPF), these packets are considered spoofed and dropped because EIDs are not advertised in the provider default free zone (DFZ). In this case, instead of natively forwarding packets intended for non-LISP sites, the ITR encapsulates the packets (using the site locator as the source address and the PETR as the destination address) so that packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR. As a second example, if a LISP IPv6 (EID) site wants to communicate with a non-LISP IPv6 site and some portion of the intermediate network does not support an IPv6 (it is IPv4 only). Assuming that the PETR has both IPv4 and IPv6 connectivity, the ITR can LISP-encapsulate the IPv6 EIDs with IPv4 locators destined for the PETR, which decapsulates the packets and forwards them natively to the non-LISP IPv6 site over its IPv6 connection. That is, the use of the PETR effectively allows the LISP sites packets to traverse (hop over) the IPv4 portion of the network using the LISP mixed protocol encapsulation support.

Note

A router that is configured as an ETR performs a check to verify that the LISP packet inner header destination address is within the address range of a local EID prefix, whereas a router configured as a PETR does not perform this check.

Note

When an ITR or PITR requires the use of IPv4 PETR services, the ITR or PITR must be configured to forward IPv4 EID packets to the PETR using the ipv4 use-petr command.

Configuration Inheritance:

At the router lisp level,

ipv4 proxy-etr enables the configuration for all the eid-tables defined under router lisp.
no ipv4 proxy-etr disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

no ipv4 proxy-etr negates the inherited configuration.
default ipv4 proxy-etr reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure IPv4 LISP PETR functionality on the router.


Router(config)# router lisp
Router(config-router-lisp)# ipv4 proxy-etr

Related Commands


Command	Description
ipv4 etr	Configures the router to act as an IPv4 LISP ETR.
ipv4 use-petr	Configures an ITR or PITR to use the PETR for traffic destined to non-LISP IPv4 destinations.

ipv4 proxy-itr

To configure a router to act as an IPv4 Locator/ID Separation Protocol (LISP) Proxy Ingress Tunnel Router (PITR), use the ipv4 proxy-itr command in LISP configuration mode. To remove LISP PITR functionality, use the no form of this command.

ipv4 proxy-itr ipv4-local-locator

no ipv4 proxy-itr [ipv4-local-locator]

Syntax Description


`ipv4-local-locator`	The IPv4 locator address used as a source address for encapsulation of data packets, a data probe, or a map-request message.

Command Default

By default, the router does not provide PITR functionality.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB1	This command was introduced.
15.1(1)XB2	This command was modified.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 2.5.1XB	This command was modified.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable IPv4 LISP Proxy Ingress Tunnel Router (PITR) functionality on the router. PITR functionality is a special case of Ingress Tunnel Router (ITR) functionality where the router receives native packets from non-LISP sites that are destined for LISP sites, encapsulates them, and forwards them to the Egress Tunnel Router (ETR) that is authoritative for the destination LISP site endpoint identifier (EID).

PITR services are required to provide interconnectivity between non-LISP sites and LISP sites. For example, when connected to the Internet, a PITR acts as a gateway between the legacy Internet and the LISP-enabled network. To accomplish this, the PITR must advertise one or more highly aggregated EID prefixes on behalf of LISP sites into the underlying DFZ (that is, the Internet) and act as an ITR for traffic received from the public Internet.

If PITR services are enabled using the ipv4 proxy-itr command, the PITR creates LISP-encapsulated packets when it sends a data packet to a LISP site, sends a Data Probe, or sends a map-request message. The outer (LISP) header address-family and source address are determined as follows:

When the locator-hash function returns a destination routing locator (RLOC) in the following ways:
- A destination RLOC is returned within the IPv4 address-family, then the address ipv4-local-locator is used as the source address from the locator namespace.
- A destination RLOC is returned within the IPv6 address-family (assuming the optional address ipv6-local-locator is entered), it will be used as a source locator for encapsulation.
When configuring a router as a LISP PITR, you must configure the ipv4 alt-vrf command (or ipv6 alt-vrf command for IPv6 EID mapping) regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone PITR on the same device as a LISP MS/MR.

Note

A router cannot be configured to perform ITR and PITR functions at the same time. It must be configured for one or the other purpose. A router that is configured as an ITR performs a check to verify that the source of any packet intended for LISP encapsulation is within the address range of a local EID prefix, whereas a router configured as a PITR does not perform this check. If a router is configured as an ITR using the ipv4 itr command and an attempt is made to also configure PITR functionality, and an error indicating that ITR functionality must first be disabled is issued.

Note

When a device is configured as a non-ALT-connected PITR, it must also be configured with information defining the extent of the LISP EID space it is proxying for. This can be done using either static map-cache entries incorporating the map-request keyword, or by importing RIB routes using the ipv4 route-import map-cache command. The use of either method provides information to the non-ALT-connected PITR that allows it to send Map-Requests for destinations in order to determine their IPv4 EID-to-RLOC mappings, or negative-mapping results.

Configuration Inheritance

At the router lisp level,

ipv4 proxy-itr enables the configuration for all the eid-tables defined under router lisp.
no ipv4 proxy-itr disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

ipv4 proxy-itr overrides the configuration inherited from the router lisp level.
no ipv4 proxy-itr disables the configuration.
default ipv4 proxy-itr reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure LISP PITR functionality on the router and encapsulate packets using a source locator of 10.1.1.1.



Router(config)# router lisp
Router(config-router-lisp)# ipv4 proxy-itr 10.1.1.1

The following example configures a router to act as a PITR but without using the LISP ALT. In this example, the PITR is configured to use the Map-Resolver with the locator 10.2.1.1, and to provide proxy-ITR services for the EID-prefix 192.168.0.0/16 with encapsulation using an IPv4 source locator of 10.1.1.1 and an IPv6 source locator of 2001:db8:bb::1.


Router(config)# router lisp
Router(config-router-lisp)# ipv4 proxy-itr 10.1.1.1 2001:db8:bb::1
Router(config-router-lisp)# ipv4 itr map-resolver 10.2.1.1
Router(config-router-lisp)# map-cache 192.168.0.0/16 map-request
Router(config-router-lisp)# exit

Related Commands


Command	Description
ipv4 alt-vrf	Configures which VRF supporting the IPv4 address-family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.
ipv4 itr	Configures the router to act as an IPv4 LISP ITR.
ipv6 alt-vrf	Configures which VRF supporting the IPv6 address-family LISP should use when sending map requests for an IPv6 EID-to-RLOC mapping directly over the ALT.

ipv4 route-import database

To configure the import of IPv4 Routing Information Base (RIB) routes to define local endpoint identifier (EID) prefixes for database entries and associate them with a locator set, use the ipv4 route-import database command in LISP EID-table configuration mode. To remove this configuration, use the no form of this command.

ipv4 route-import database protocol [ route-map map-name] locator-set locator-set-name

no ipv4 route-import database protocol [ route-map map-name] locator-set locator-set-name

Syntax Description


`protocol`	Name of an Internet protocol: bgp `autonomous-system-number` connected eigrp `autonomous-system-number` isis `process-name` ospf `process-id` ospfv3 `process-id` rip static
route-map	(Optional) Specifies the route map for route filtering.
`map-name`	Name of the route map.
locator-set	Specifies the locator set to use with created database mapping entries.
`locator-set-name`	Name of the locator set.

Command Default

IPv4 RIB routes to define local EID prefixes for database entries are not configured for import.

Command Modes

LISP EID-table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.4(2)T	This command was introduced.

Usage Guidelines

When the ipv4 route-import database command is used with the optional route-map map-name keyword and argument, imported IPv4 prefixes are filtered according to the specified route map name and are associated with the specified locator set.

When the ipv4 route-import database command is used without the optional route-map keyword, all imported IPv4 prefixes are filtered and associated with the specified locator set.

Examples

The following example shows how to configure the import of IPv4 RIB routes to define local EID prefixes for database entries and associate them with a locator set using the ipv4 route-import database command:

Device> enable
Device# configure terminal
Device(config)# router lisp 22
Device(config-router-lisp)# locator-set ABC
Device(config-router-lisp-locator-set)# ipv4-interface gigabitEthernet 0/0 priority 5 weight 10
Device(config-router-lisp-locator-set)# exit
Device(config-router-lisp)# eid-table vrf ABC instance-id 10
Device(config-router-lisp-eid-table)# ipv4 route-import database bgp 11 route-map MAP1 locator-set ABC
Device(config-router-lisp-eid-table)# end

Related Commands


Command	Description
clear ip lisp route-import	Clears the current IPv4 RIB routes imported into LISP.
ipv4 route-import map-cache	Configures the import of IPv4 routes from the RIB to define EID space on an ITR or PITR.
ipv4 route-import maximum-prefix	Configures the maximum number of IPv4 prefixes permitted to be dynamically imported into the PITR map cache for use in defining proxy EID space.
show ip lisp route-import	Displays the current IPv4 RIB routes imported into LISP.

ipv4 route-import map-cache

To configure the import of IPv4 routes from the Routing Information Base (RIB) to define endpoint identifier (EID) space on an Ingress tunnel router (ITR) or a Proxy ingress tunnel router (PITR), use the ipv4 route-import map-cache command in LISP EID table configuration mode. To remove this configuration, use the no form of this command.

ipv4 route-import map-cache protocol [ route-map map-name]

no ipv4 route-import map-cache protocol [ route-map map-name]

Syntax Description


`protocol`	Name of an Internet protocol: bgp `autonomous-system-number` connected eigrp `autonomous-system-number` isis `process-name` ospf `process-id` ospfv3 `process-id` rip static
route-map	(Optional) Route map for route filtering.
`map-name`	Name of the route map.

Command Default

IPv4 routes from the RIB to define EID space on an ITR or PITR are not configured for import.

Command Modes

LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.2(3)T	This command was introduced.
15.4(2)T	This command was modified. Support for redistribution of routes from EIGRP, IS-IS, OSPF, OSPFv3, RIP, and connected sources was added.

Usage Guidelines

When a device is configured as a PITR, it must be informed about the extent of the IPv4 LISP EID space for which it is proxying to provide a means for signaling the LISP control plane process (map request generation) for populating the PITR IPv4 LISP map cache when it receives traffic.

If the PITR is configured to connect to an ALT infrastructure (see the ipv4 alt-vrf command), it will have full knowledge of the LISP IPv4 EID address space for which it is proxying. However, when a PITR is configured to use a map resolver for map-cache resolution, the LISP EID space for which it is proxying must be defined for the PITR to send map requests for destinations needed to determine IPv4 EID-to-RLOC mappings or negative mapping results.

The ipv4 route-import map-cache command provides a simple mechanism to define the extent of IPv4 LISP EID space for the PITR by taking advantage of the existing static, connected, the Interior Gateway Protocol (IGP) dynamic routing protocols EIGRP, OSPF, OSPFv3, and RIP or the Border Gateway Protocol (BGP)-based routing infrastructure. (Prior to the ipv4 route-import map-cache command, static map-cache entries with the map-request keyword were required to drive the LISP control plane.)

The type of IPv4 LISP EID space can be configured using the ipv4 route-import map-cache command with the protocol argument to import all appropriate IPv4 EID prefixes. In all cases, an optional route-map keyword can be added to provide filtering to selective import-appropriate EID prefixes. The route-map keyword can match on any useful criteria such as community, tag, or local preference.

Note

If the ipv4 route-import map-cache command is configured to use BGP and then BGP is removed (using the no router bgp autonomous-system-number command), the corresponding ipv4 route-import map-cache bgp configuration is not automatically removed.

Note

See the clear ip lisp route-import command for information about reimporting prefixes.

Examples

In the following example, a PITR is configured to import IPv4 static routes representing EID prefixes to be used for signaling the LISP control plane to send a Map-Request message for EID-to-RLOC mapping resolution. A route map called static-lisp is also configured to filter only static routes that match tag 123. The resulting imported static routes are then displayed using the show ip lisp route-import command, illustrating that only those static prefixes that match tag 123 are imported.


Router(config)# route-map static-lisp permit 10
Router(config-route-map)# match tag 123
Router(config-route-map)# exit
Router(config)# ip route 10.0.1.0 255.255.255.0 null0 tag 123
Router(config)# ip route 10.0.2.0 255.255.255.0 null0 tag 123
Router(config)# ip route 10.0.3.0 255.255.255.0 null0 tag 123
Router(config)# ip route 10.0.4.0 255.255.255.0 null0 tag 456
Router(config)# router lisp
Router(config-router-lisp)# eid-table default instance-id 0
Router(config-router-lisp-eid-table)# ipv4 route-import map-cache static route-map static-lisp
Router(config-router-lisp-eid-table)# end
Router# show ip lisp route-import
LISP IPv4 imported routes for EID-table default (IID 0)
Config: 1, Entries: 4
Prefix         Uptime     Source   Map-cache State
10.0.1.0/24    00:05:31   static   installed
10.0.2.0/24    00:05:31   static   installed
10.0.3.0/24    00:05:31   static   installed
10.0.4.0/24    00:05:31   static   installed

In the following example, a PITR is configured to import IPv4 BGP routes representing EID prefixes to be used for signaling the LISP control plane to send a Map-Request message for EID-to-RLOC mapping resolution. A route map called bgp-lisp is also configured to filter BGP routes that match tag 123. The resulting imported BGP routes are then displayed using the show ip lisp route-import command.


Router(config)# route-map bgp-lisp permit 10
Router(config-route-map)# match tag 123
Router(config-route-map)# exit
Router(config)# router lisp
Router(config-router-lisp)# eid-table default instance-id 0
Router(config-router-lisp-eid-table)# ipv4 route-import map-cache bgp 123 route-map bgp-lisp
Router(config-router-lisp-eid-table)# end
Router# show ip lisp route-import
LISP IPv4 imported routes for EID-table default (IID 0)
Config: 1, Entries: 3
Prefix         Uptime    Source    Map-cache State
10.0.1.0/24    4d12h     bgp       installed
10.0.2.0/24    4d12h     bgp       installed
10.0.3.0/24    4d12h     bgp       installed

Related Commands


Command	Description
clear ip lisp route-import	Clears the current IPv4 RIB routes imported into LISP.
ipv4 alt-vrf	Configures the VRF instance supporting the IPv4 address-family that LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.
ipv4 route-import database	Configures the import of IPv4 RIB routes to define local EID prefixes for database entries and associate them with a locator set.
ipv4 route-import maximum-prefix	Configures the maximum number of IPv4 prefixes permitted to be dynamically imported into the PITR map cache for use in defining proxy EID space.
map-cache	Configures a static IPv4 or IPv6 EID-to-RLOC mapping relationship and its associated traffic policy, or statically configures the packet handling behavior for a specified destination IPv4 or IPv6 EID prefix.
show ip lisp route-import	Displays the current IPv4 RIB routes imported into LISP.

ipv4 route-import maximum-prefix

To configure a limit to the number of IPv4 Locator ID Separation Protocol (LISP) endpoint identifier (EID) prefixes that a Proxy Ingress Tunnel Router (PITR) can dynamically import, use the ipv4 route-import maximum-prefix command in LISP EID table configuration mode. To remove this limit, use the no form of this command.

ipv4 route-import { database | map-cache} maximum-prefix max-limit [threshold] [ warning-only]

no ipv4 route-import { database | map-cache} maximum-prefix max-limit [threshold] [ warning-only]

Syntax Description


database	Uses RIB routes to define local EID database entries.
map-cache	Uses RIB routes to define EID address space in map cache.
`max-limit`	Maximum number of IPv4 prefixes that can be imported to define the EID address space in the map cache. The range is from 1 to 4294967295.
`threshold`	(Optional) Threshold value, as a percentage, at which to generate a warning message while importing IPv4 prefixes. The range is from 0 to 100.
warning-only	(Optional) Specifies that only a warning message is given and that entries are not limited.

Command Default

An IPv4 route-import maximum-prefix limit is not configured.

Command Modes

LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.2(3)T	This command was introduced.
15.4(2)T	This command was modified. The database and map-cache keywords were added.

Usage Guidelines

When the ipv4 route-import map-cache command is configured, it may also be desired to configure a limit on the number of EID prefixes that can be imported by the PITR. This can be accomplished by configuring the ipv4 route-import maximum-prefix command. When the optional threshold value is specified, expressed as a percentage of the maximum limit, a warning message is generated when the number of IPv4 prefixes exceeds the threshold percentage. The warning-only keyword permits all prefixes to be imported but alerts the user when the threshold is exceeded.

Examples

In the following example, a PITR is configured to import IPv4 BGP routes representing EID prefixes to be used for signaling the LISP control plane to send a Map Request message for EID-to-RLOC mapping resolution. A route map called bgp-lisp is also configured to filter BGP routes that match tag 123. In addition, a limit is placed on the number of IPv4 prefixes that can be imported using the ipv4 route-import maximum-prefix command. In the example below, a limit of two is specified. The resulting imported BGP routes are then shown using the show ip lisp route-import command.


Device(config)# route-map bgp-lisp permit 10
Device(config-route-map)# match tag 123
Device(config-route-map)# exit
Device(config)# router lisp
Device(config-router-lisp)# eid-table default instance-id 0
Device(config-router-lisp-eid-table)# ipv4 route-import map-cache bgp 123 route-map bgp-lisp
Device(config-router-lisp-eid-table)# ipv4 route-import map-cache maximum-prefix 2
Device(config-router-lisp-eid-table)# end
Device# show ip lisp route-import
LISP IPv4 imported routes for EID-table default (IID 0)
Config: 1, Entries: 2
Prefix         Uptime    Source    Map-cache State
10.0.1.0/24    4d12h     bgp       installed
10.0.2.0/24    4d12h     bgp       installed

Related Commands


Command	Description
clear ip lisp route-import	Clears the current IPv4 RIB routes imported into LISP.
ipv4 route-import database	Configures the import of IPv4 RIB routes to define local EID prefixes for database entries and associate them with a locator set.
ipv4 route-import map-cache	Configures the import of IPv4 routes from the RIB to define EID space on an ITR or PITR.
show ip lisp route-import	Displays the current IPv4 RIB routes imported into LISP.

ipv4 solicit-map-request ignore

To configure an Ingress Tunnel Router (ITR) to ignore an IPv4 map-request message that has the solicit-map-request (SMR) bit set, use the ipv4 solicit-map-request ignore command in Locator/ID Separation Protocol (LISP) configuration mode. To disable the ignore setting for this feature, use the no form of this command.

ipv4 solicit-map-request ignore

no ipv4 solicit-map-request ignore

Syntax Description

This command has no arguments or keywords.

Command Default

A LISP ITR will respond to an IPv4 map-request message that has the SMR bit set when it has an existing IPv4 map-cache entry for the endpoint identifier (EID) in the SMR map-request.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(4)M	This command was introduced.
Cisco IOS XE Release 3.3.0S	This command was integrated into Cisco IOS XE Release 3.3.0S.

Usage Guidelines

When a change occurs on an Egress Tunnel Router (ETR) for some attribute of an IPv4 EID prefix configured using the database-mapping command such as an associated routing locator (RLOC), priority, or weight, the ETR will automatically attempt to inform all LISP sites with which it has recently been communicating of this change. The ETR informs the other xTRs (with which it has recently been communicating) by sending a map request with the SMR bit in the header set to on to the RLOC addresses of those other xTRs. The ETR obtains the RLOC addresses by reviewing its own IPv4 LISP map cache, which contains these entries for the most recent conversations.

When an xTR receives the SMR map-request message from the ETR, the default response of the xTRs is to send a new map-request message with the SMR bit cleared through the Mapping System (such as through the configured map resolver) to get an up-to-date mapping for the EID indicated in the SMR map-request.

Once the map reply is received by the ETR for the new map request, the xTR will have an updated cache entry representing the changed state of the ETR that initially sent the SMR map request (as will all other xTRs that completed the SMR map-request process).

By default, xTRs process and respond to any map-request message that has the SMR bit set to on. Use the ipv4 solicit-map-request ignore command to disable this behavior, causing xTRs to ignore all map-request messages that have the SMR bit set to on. To restore SMR map request handling capabilities, use the no form of this command.

Note

A LISP ITR will only respond to an SMR map request only when it has an existing IPv4 map-cache entry for the EID in the SMR map request. If it does not have an entry, the SMR map request is ignored.

Configuration Inheritance:

At the router lisp level,

ipv4 solicit-map-request ignore enables the configuration for all the eid-tables defined under router lisp.
no ipv4 solicit-map-request ignore disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

no ipv4 solicit-map-request ignore negates the inherited configuration.
default ipv4 solicit-map-request ignore reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure the xTR to ignore map-request messages that have the SMR bit set.


Router(config)# router lisp
Router(config-router-lisp)# ipv4 solicit-map-request ignore

Related Commands


Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv4 etr	Configures the router to act as an IPv4 LISP ETR.
ipv4 itr	Configures the router to act as an IPv4 LISP ITR.

ipv4 use-petr

To configure a router to use an IPv4 Locator/ID Separation Protocol (LISP) Proxy Egress Tunnel Router (PETR), use the ipv4 use-petr command in LISP configuration mode. To remove the use of a LISP PETR, use the no form of this command.

ipv4 use-petr locator-address [priority priority weight weight]

no ipv4 use-petr locator-address [priority priority weight weight]

Syntax Description


`locator-address`	IPv4 locator address of the PETR.
priority `priority`	(Optional) Specifies the priority (value between 0 and 255) assigned to this PETR. A lower value indicates a higher priority.
weight `weight`	(Optional) Specifies the percentage of traffic to be load-shared (value between 0 and 100).

Command Default

The router does not use PETR services.

Command Modes

LISP configuration (config-router-lisp) or LISP EID table configuration (config-router-lisp-eid-table)

Command History


Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 3.3S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the ip keyword was changed to ipv4 , and the lisp keyword was removed from the command syntax.
Cisco IOS XE Release 3.6S	This command was modified. The priority `priority` and weight `weight` keywords and arguments were added.
15.2(3)T	This command was modified. The priority `priority` and weight `weight` keywords and arguments were added.

Usage Guidelines

Use the ipv4 use-petr command to enable an Ingress Tunnel Router (ITR) or Proxy Ingress Tunnel Router (PITR) to use IPv4 Proxy Egress Tunnel Router (PETR) services. When the use of PETR services is enabled, instead of natively forwarding LISP endpoint identifier (EID) (source) packets destined to non-LISP sites, these packets are LISP-encapsulated and forwarded to the PETR. Upon receiving these packets, the PETR decapsulates them and then forwards them natively toward the non-LISP destination.

PETR services may be necessary in several cases:

By default when a LISP site forwards packets to a non-LISP site natively (not LISP encapsulated), the source IP address of the packet is that of an EID. When the provider side of the access network is configured with strict unicast reverse path forwarding (uRPF) or an anti-spoofing access list, it may consider these packets to be spoofed and drop them since EIDs are not advertised in the provider core network. In this case, instead of natively forwarding packets destined to non-LISP sites, the ITR encapsulates these packets using its site locator(s) as the source address and the PETR as the destination address.

Note

The use of the ipv4 use-petr command does not change LISP-to-LISP or non-LISP-to-non-LISP forwarding behavior. LISP EID packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR as normal. Non-LISP-to-non-LISP packets are never candidates for LISP encapsulation and are always forwarded natively according to normal processes.

When a LISP IPv6 (EID) site needs to connect to a non-LISP IPv6 site and the ITR locators or some portion of the intermediate network does not support IPv6 (it is IPv4 only), the PETR can be used to traverse (hop over) the address family incompatibility, assuming that the PETR has both IPv4 and IPv6 connectivity. The ITR in this case can LISP-encapsulate the IPv6 EIDs with IPv4 locators destined for the PETR, which de-encapsulates the packets and forwards them natively to the non-LISP IPv6 site over its IPv6 connection. In this case, the use of the PETR effectively allows the LISP site packets to traverse the IPv4 portion of network using the LISP mixed protocol encapsulation support.

Note

Because LISP supports mixed protocol encapsulations, the locator specified for the PETR in this case can either be an IPv4 or IPv6 address.

Up to eight PETR locators can be entered per address family. When multiple entries are made, the packet forwarding behavior is as follows:

When multiple PETRs are configured using the ipv4 use-petr command by itself (that is, without the optional priority and weight configurations), packets are sent to each PETR based on hash-based load sharing.
When multiple PETRs are configured using the ipv4 use-petr command and including the optional priority and weight configurations, packets are sent to each PETR according the normal LISP priority and weight load sharing algorithms. The priority configuration is used to determine load-sharing among PETR resources when multiple PETRs are specified. The weight configuration is used to determine how to loadshare traffic between multiple PETRs of identical priority when multiple PETRs are specified. The value represents the percentage of traffic to be load-shared.

Note

The use of the ipv4 use-petr command by itself (that is, without the optional priority and weight configurations) and with the optional priority and weight configurations at the same time is not permitted. Only one method may be used. If the ipv4 use-petr command is already configured without priority and weight , adding an additional PETR entry that includes priority and weight is not permitted. All entries that do not include priority and weight must first be removed prior to adding any entries that include priority and weight .

Configuration Inheritance

At the router lisp level,

ipv4 use-petr enables the configuration for all the eid-tables defined under router lisp.
no ipv4 use-petr disables the configuration for all the eid-tables under router lisp.

At the eid-table level,

ipv4 use-petr overrides the configuration inherited from the router lisp level.
no ipv4 use-petr disables the configuration.
default ipv4 use-petr reinherits the configuration from the router lisp level.

Examples

The following example shows how to configure an ITR to use the PETR with the IPv4 locator of 10.1.1.1. In this case, LISP site IPv4 EIDs destined to non-LISP IPv4 sites are encapsulated in an IPv4 LISP header destined to the PETR located at 10.1.1.1:


Router(config)# router lisp
Router(config-router-lisp)# ipv4 use-petr 10.1.1.1

The following example configures an ITR to use two PETRs: one has an IPv4 locator of 10.1.1.1 and is configured as the primary PETR (priority 1 weight 100), and the other has an IPv4 locator of 10.1.2.1 and is configured as the secondary PETR (priority 2 weight 100). In this case, LISP site IPv4 EIDs destined to non-LISP IPv4 sites will be encapsulated in an IPv4 LISP header to the primary PETR located at 10.1.1.1 unless it fails, in which case the secondary will be used.


Router(config-router-lisp)# ipv4 use-petr 10.1.1.1 priority 1 weight 100
Router(config-router-lisp)# ipv4 use-petr 10.1.2.1 priority 2 weight 100

Related Commands


Command	Description
ipv4 proxy-etr	Configures the router to act as an IPv4 LISP PETR.
ipv6 use-petr	Configures a router to use an IPv6 LISP PETR.

Bias-Free Language

Results

Chapter: LISP Router IPv4 Configuration Commands

LISP Router IPv4 Configuration Commands

ipv4 alt-vrf

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 etr

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 etr accept-map-request-mapping

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 etr map-cache-ttl

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 etr map-server

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 itr

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 itr map-resolver

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 map-cache-limit

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 map-cache-persistent

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ipv4 map-request-source

Syntax Description

Command Default