LISP VM-Mobility Commands

database-mapping (LISP dynamic-EID)

To configure an IPv4 mapping relationship and an associated traffic policy for Locator/ID Separation Protocol (LISP) Virtual Machine (VM)-mobility (dynamic-EID) policy, enter dynamic-EID configuration mode, use the database-mapping command in LISP dynamic-EID EID-table configuration mode. To remove the configured database mapping, use the no form of this command.

database-mapping dynamic-eid-prefix / prefix-length locator-set name

no database-mapping

Syntax Description

dynamic-eid-prefix/prefix-length

IPv4 dynamic-EID prefix and length to be registered as a roaming EID for the policy.

locator-set

Specifies the IPv4 routing locator (RLOC) associated with the EID prefix.

name

Name of the existing locator set.

Command Default

No dynamic-EID database entries are defined.

Command Modes

LISP dynamic-EID EID-table configuration (config-router-lisp-eid-table-dynamic-eid)

Command History

Release

Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

When a dynamic-EID policy is configured, you must specify the dynamic-EID-to-RLOC mapping relationship and its associated traffic policy to use for each permitted prefix. When a packet is received on an interface on which the lisp mobility command has been applied, the source address of the packet is compared against the EID configured in the database-mapping (LISP dynamic-eid) entry (or entries) of the referenced LISP dynamic-eid dynamic-eid-policy-name that matches the lisp mobility dynamic-eid-policy-name.

When a dynamic-EID match is discovered, the dynamic-EID will be registered to the map server with a locator set. Only one database-mapping (LISP dynamic-EID) entry command is allowed per dynamic-eid dynamic-eid-policy-name . Both dynamic-eid-prefix and locator-set can be IPv4 addresses.


Note


All database-mapping dynamic-EID commands must be consistent on all LISP-VM routers supporting the same roaming dynamic EID.


Examples

The following example shows how to configure the dynamic EID prefix to describe attributes about the dynamic EID prefix and its range in comparison to any static entries configured. It must use the locator set functionality because it cannot use a RLOC address directly. It enters the LISP dynamic-EID EID-table configuration mode and configures the database-mapping command with the dynamic-EID prefix 172.15.1.0/24.

Device> enable
Device# configure terminal
Device(config)# router lisp
Device(config-router-lisp)# locator-set Site-1 
Device(config-router-lisp-locator-set)# 172.16.1.1 priority 0 weight 0 
R1(config-router-lisp-locator-set)# exit
Device(config-router-lisp)# eid-table default instance-id 0
Device(config-router-lisp-eid-table)# dynamic-eid Roamer-1
Device(config-router-lisp-eid-table-dynamic-eid)# database-mapping 172.15.1.0/24 locator-set Site-1

dynamic-eid

To configure a Locator/ID Separation Protocol (LISP) virtual machine (VM)-mobility (dynamic-EID roaming) policy, enter dynamic-EID configuration mode on an xTR and use the dynamic-eid command in LISP EID-table configuration mode. To remove the LISP VM-mobility dynamic-EID policy, use the no form of this command.

dynamic-eid dynamic-eid-name

no dynamic-eid dynamic-eid-name

Syntax Description

dynamic-eid-name

Name of a LISP dynamic-EID.

Command Default

No LISP dynamic-EID policies are configured.

Command Modes

LISP EID-table configuration (config-router-lisp-eid-table)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

To configure LISP VM-mobility, you must create a dynamic-EID roaming policy that can be referenced by the lisp mobility dynamic-eid-name interface command. When the dynamic-eid dynamic-eid-name command is entered, the referenced LISP dynamic-EID policy is created and you enter the dynamic-EID configuration mode. In this mode, all attributes associated with the referenced LISP dynamic-EID policy can be entered.


Note


The following caveats apply for LISP VM-mobility requirements across subnet modes (ASM):

  • When a dynamic EID roams across subnets, the dynamic-EID prefix must be more specific or equal to the subnet configured on the interface.

  • xTR should be the first Layer-3 hop.

  • Proxy-arp should be enabled on the xTR’s gateway interface.

  • Gateway Mac addresses for xTRs should be the same on all roaming sites.

  • All roaming sites xTRs should register with the same set of map servers.

  • Mobility hosts should not be “silent” after they move.

  • Multicast on xTRs is required if a site has multiple xTRs.

  • North-South traffic has vmotion/live host mobility support; for East-West traffic, LISP mobility ESM should be used.

  • All LISP VM-router interfaces (the interface the dynamic EID will roam to) must have the same MAC address. Interfaces can be configured with the following command: mac-address 0000.0e1d.010c

    Note that any MAC address can be used; the MAC address in the example above, which approximates EID (0e1d) and LOC (010c), is an example.



Note


This feature is available only for IPv4 at this time. Support for IPv6, including necessary changes for IPv6 neighbor discovery (ND) has not yet been implemented.


Examples

The following example shows how to enter EID-table mode and configure the dynamic-eid command:

Device# configure terminal
Device(config)# router lisp
Device(config-router-lisp)# eid-table default instance-id 0
Device(config-router-lisp-eid-table)# dynamic-eid Site-1

map-notify-group

To enable a router to send map-notify messages to other Locator/ID Separation Protocol-virtual machine (LISP-VM) routers, use the map-notify-group command in dynamic-EID configuration mode. To remove this functionality, use the no form of this command.

map-notify-group {ipv4-group-address | ipv6-group-address}

no map-notify-group

Syntax Description

ipv4-group-address

IPv4 multicast group address used for sending and receiving site-based map-notify multicast messages.

ipv6-group-address

IPv6 multicast group address used for sending and receiving site-based map-notify multicast messages.

Command Default

No map-notify message is sent to other LISP-VM routers.

Command Modes

Dynamic-EID configuration (config-router-lisp-dynamic-eid)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

This command is used when dynamic-EID discovery is necessary in a multihomed data center. When a dynamic EID has been configured with more than one locator in the locator set, any locator can decapsulate LISP packets that enter the data center. Because unicast packets that egress the data center go out a single LISP-VM router, this router is the only one that can discover the location of a roaming dynamic EID. By using this command, the discovering LISP-VM router will send map-notify messages to other LISP-VM routers (via the configured ipv4-group-address multicast group address) at the data center site, so that they can determine the location of the dynamic EID.

The multicast group address is used for sending and receiving site-based map-notify multicast messages. The interface for which this multicast map-notify messages are received on is the interface used to send decapsulated packets to the dynamic EID. This feature is disabled by default.

Examples

The following example shows how to configure a LISP dynamic-EID policy named Site-1, enter dynamic-EID configuration mode, and configure the map-notify-group command.

Device(config)# router lisp
Device(config-router-lisp)# lisp dynamic-eid Site-1
Device(config-router-lisp-dynamic-eid)# map-notify-group 239.1.1.254

map-server

To configure the map server to which the dynamic EID registers to when this policy is invoked, use the map-server command in dynamic-EID configuration mode. To remove the configured reference to the map server, use the no form of this command.

map-server address {key key-type password | proxy-reply}

no map-server address {key key-type password | proxy-reply}

Syntax Description

address

IPv4 or IPv6 address of the map server

key key-type

Specifies how the key-type that the following SHA-1 password (key) is encoded. Type (0) indicates that a cleartext password follows; Type (3) indicates that a 3DES encrypted key follows; Type (7) indicates that a Cisco Type 7 encrypted password follows.

password

Password used to create the SHA-1 HMAC hash when authenticating the map-register message sent by the ETR.

proxy-reply

Specifies that the map register sent to the map server requests that the map server proxy map reply on behalf of dynamic EIDs included in this policy.

Command Default

No map server is configured within a dynamic-EID policy and the configured map-server on the LISP-VM router (from the {ip|ipv6 } lisp etr map-server command) will be used to register the dynamic EID.

Command Modes

Dynamic-EID configuration (config-router-lisp-dynamic-eid)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

In LISP virtual machine (VM) Mobility, when a dynamic-EID roams to this LISP-VM router, the dynamic EID must be registered to a map server with its new attributes (the 3-tuple of (locator , priority , weight ) according to the database-mapping dynamic-EID command). This map-server dynamic-EID command configures the map server to which the dynamic EID registers. The locator value specified in the map-server command can be either an IPv4 or IPv6 address in locator space.

Multiple map-server commands can be configured so that registration can occur to different map servers with either the same or different authentication keys.


Note


Typically, the home map server (that is, the one that the dynamic EID initially registered to) should be configured as the dynamic-EID map server.


When the map-server dynamic EID command is not configured, the configured map server on the LISP-VM router (from the {ip|ipv6 } lisp etr map-server command) will be used to register the dynamic EID.

When the proxy-reply keyword is configured, the map-register sent to the map-server requests that the map-server proxy map-reply on behalf of dynamic-EIDs when it receives a Map-Request for the dynamic-EID prefix.

Examples

The following example shows how to configure the LISP dynamic EID policy named Roamer-1, enter dynamic EID configuration mode, and then configure the map server with IPv4 locator 10.1.1.1 for dynamic EIDs matching this policy to register. The map server is also specified to proxy-reply on behalf of the dynamic EID.

Device# configure terminal
Device(config)# router lisp
Device(config-router-lisp)# dynamic-eid Roamer-1
Device(config-router-lisp-dynamic-eid)# map-server 10.1.1.1 key some-password
Device(config-router-lisp-dynamic-eid)# map-server 10.1.1.1 proxy-reply