LISP DDT Configuration Commands

ddt

To configure a device to perform Locator/ID Separation Protocol (LISP) Delegated Database Tree (DDT) functionality, use the ddt command in LISP configuration mode. To remove LISP DDT functionality, use the no form of this command.

ddt [cache-limit number]

no ddt [cache-limit]

Syntax Description

cache-limit number

(Optional) Displays the DDT resolver cache-entry limit and the number of DDT prefixes to allow in the cache. The range is from 1 to 100000. The default is 1000.

Command Default

The device does not provide DDT services.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release

Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

Use this command to enable a device to function in a DDT node. This command is configured on DDT-enabled map resolvers, map servers, and DDT-only devices.

DDT is a hierarchical distributed database delegating authority to provide mappings from EIDs to RLOCs. DDT functions in the same role as ALT. However, DDT is superior in that it provides inherent support for virtualization (instance IDs), as well as support for other EID address families in addition to IPv4 and IPv6.

This command only enables DDT support. Additional DDT commands are required to configure the specific DDT role(s) supported by this DDT node within the DDT hierarchical database. A DDT node may be configured as authoritative for one or more EID prefixes, along with the set of RLOCs for other DDT nodes to which more-specific EID prefixes are delegated.


Note

DDT services must be enabled via the ddt command before any other DDT functions can be configured.

Examples

The following example shows how to configure DDT resolver cache-entry limit functionality on a device:

Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt
Device(config-router-lisp)# ddt cache-limit 2

Related Commands

Command Description

ddt authoritative-prefix

Configures an extended EID prefix (instance ID and EID prefix) for which a DDT node is authoritative.

ddt delegate

Configures a DDT node to delegate to another DDT node the authority for the specified extended EID prefix (instance ID and EID-prefix).

ddt map-server-peer

Configures the IPv4 or IPv6 locator address and extended EID prefix (instance ID and EID prefix) for a peer map server operating in a delegation hierarchy.

ddt root

Configures an IPv4 or IPv6 locator for a DDT root node within the delegation hierarchy on a DDT-enabled map resolver.

ddt authoritative

To configure a Locator/ID Separation Protocol (LISP) Delegated Database Tree (DDT) node to be authoritative for a specified EID prefix, use the ddt authoritative command in LISP configuration mode. To remove a specific EID prefix from being represented as authoritative on this device, use the no form of this command.

ddt authoritative {eid-prefix | instance-id iid }

no ddt authoritative {eid-prefix | instance-id iid }

Syntax Description

eid-prefix

Configures the IPv4 or IPv6 EID prefix for which the LISP DDT node is authoritative.
instance-id iid

Configures the instance ID associated with the specified EID prefix or a range of instance IDs.

Command Default

A LISP DDT node is not configured to be authoritative for any EID-prefixes.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

Use this command to configure an EID prefix and optional instance ID or instance ID range for which the LISP DDT node or DDT-enabled map server will be authoritative.

This command enables the ability to send a negative map-referral message in response to a DDT-based map request for an EID that matches the EID prefix specified in the ddt authoritative command but does not match an EID prefix specified in any delegate commands, or in the case of a DDT-enabled map server, does not match any configured LISP site EID prefix.

When a DDT node receives a DDT map request, it does the following:

  • The requested EID is checked for a match against any EID prefixes specified in any configured LISP DDT authoritative prefix commands.

    • If there is no match, the DDT node sends a negative map-referral message back to the requesting map resolver, indicating that it is not authoritative for the EID. The map resolver caches this information and drops the map request.

    • If there is a match, the DDT node processing continues below.

  • The requested EID is checked for a match against any EID prefixes specified in any delegate commands. If the DDT node is also a map server, the EID is checked against EID prefixes specified in lisp site commands as well.

    • If there is no match, the DDT node sends a negative map-referral message covering the coarsest negative prefix within the configured EID-prefix range for which the DDT node is authoritative. This indicates that the requested EID is within a delegation-hole and is (currently) not a LISP destination.

    • If there is a match and the DDT node is not a map server, the DDT node sends a map-referral message with the matched more-specific EID prefix and the set of routing locators (RLOCs) for the delegated (child) DDT nodes. When the configured delegate command also includes the optional map-server keyword, the returned map-referral message also indicates for the receiving map resolver that the next map request will be to a DDT-enabled map server. If the DDT node is a map server, the map server replies with the most appropriate response to the EID in the map request. (See the map-server-peer command for details.)

  • When the ddt authoritative command is configured to specify authority for a specific LISP instance ID, or for a range of instance IDs, the optional instance-id keyword is included with the command. The value associated with the instance-id keyword will be specified as follows, depending upon the instance-ID scope being configured:

    • For a single instance ID for a specific EID prefix, iid is specified as an integer between 1 and 16777215 in the form:

      ddt authoritative instance-id iid eid-prefix eid-prefix

    • For a range of instance IDs, iid can either be specified in x-y format, where y must be greater than x and the range must be in a 24-bit instance ID/mask block (where x is a power-of-2 and y is a power-of-2 minus 1) with a range representable by a 24-bit instance ID/mask or in IPv4 prefix format. An EID prefix cannot be included when an instance-ID range is specified. The command is entered in either of these forms:

      ddt authoritative instance-id x-y

      ddt authoritative instance-id A.B.C.D/length

    • For the entire EID address space, for all address families, and for all instance IDs, the * character can be included. In this case, an EID prefix is not included and the command is entered in the form:

      ddt authoritative


Note

The ultimate root DDT node can be configured using the command ddt authoritative* to indicate that it is authoritative for all EID prefixes, for all address families, and for all instance IDs.


Note

When a child LISP DDT node is configured with the ddt authoritative command for an EID prefix (or instance ID) space, the parent LISP DDT node must also be configured using the delegate command with a matching EID prefix (or instance ID) space.

Examples

The following example configures the LISP DDT node to be authoritative for the IPv4 EID-prefix 172.16.0.0/16 and the IPv6 EID prefix 2001:db8:eeee::/48. Note that in this case, the optional instance ID keyword and value are not specified and hence, the EID prefixes are only associated with the default instance ID (0): 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative eid-prefix 172.16.0.0/16
Device(config-router-lisp)# ddt authoritative eid-prefix 2001:db8:eeee::/48
Device(config-router-lisp)# end
Device# show ddt
---<skip>---
Configured authoritative EID-prefixes:
[0] 172.16.0.0/16
[0] 2001:db8:eeee::/48

In the following example, the LISP DDT node is configured to be authoritative for the IPv4 EID-prefix 172.16.0.0/16 within the instance ID 1234: 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative instance-id 1234 eid-prefix 172.16.0.0/16
Device(config-router-lisp)# end
Device# show ddt
---<skip>---
Configured authoritative EID-prefixes:
[1234] 172.16.0.0/16

In the following example, the LISP DDT node is configured to be authoritative for all EID prefixes within the instance-ID range of 16 to 31. (Note that this is equivalent to using the prefix format of 0.0.0.16/28). 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative instance-id 16-31
Device(config-router-lisp)# end
Device# show ddt
---<skip>---
Configured authoritative EID-prefixes:
[16-31 (0.0.0.16/28)] *

In the following example, a root LISP DDT node is configured to be authoritative for all EID prefixes, for all address families, and for all instance IDs: 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative *
Device(config-router-lisp)# end
Device# show ddt
---<skip>---
Configured authoritative EID-prefixes:
[*] *

Related Commands

Command

Description

ddt

Configures a router to enable LISP DDT functionality.

ddt root

Configures an IPv4 or IPv6 locator for a DDT root node within the delegation hierarchy on a DDT-enabled map resolver.

delegate

Configures a LISP DDT node to delegate to another LISP DDT node the authority for the specified extended EID prefix (instance ID and EID prefix).

map-server-peer

Configures the IPv4 or IPv6 locator locator address and extended EID prefix (instance ID and EID prefix) for a peer map server operating in a delegation hierarchy.

delegate

To configure the routing locator (RLOC) address of a Locator/ID Separation Protocol (LISP) Delegated Database Tree (DDT) node within the delegation hierarchy for which a specified EID prefix is being delegated, use the delegate command in LISP DDT authoritative mode. To remove the delegation for a specific EID prefix, use the no form of this command.

delegate {eid-prefix | instance-id iid} child-locator map-server

no delegate {eid-prefix | instance-id iid} child-locator map-server

Syntax Description

eid-prefix

Configures the IPv4 or IPv6 EID prefix for which the LISP DDT node is delegating authority.

instance-id iid

Configures a range of instance IDs or the instance ID associated with a specified EID prefix.

child-locator

IPv4 or IPv6 locator address of the delegation DDT node or map server.

map-server

Indicates that the delegated (child) DDT node being referenced is a map server for the configured IPv4 or IPv6 EID prefix.

Command Default

A LISP DDT node is not configured to delegate authority for any EID prefixes.

Command Modes

LISP DDT authoritative (config-router-lisp-ddt-auth)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

Use this command to configure the IPv4 or IPv6 locator address, EID prefix, and optional instance ID that is delegated to a child DDT node within the delegation hierarchy on a parent DDT node. This enables the DDT node to send a map referral message in response to a DDT-based map request for an EID that matches the EID prefix specified in the delegate command.


Note

For correct hierarchical delegation, the EID prefix specified in the parent’s delegate command must match the EID prefix in the child DDT node’s ddt authoritative command

When a DDT node receives a DDT map request, it does the following:

  1. The requested EID is checked for a match against any EID prefix specified in any configured ddt authoritative commands.

    If there is no match, the DDT node sends a negative map referral message back to the requesting map resolver, indicating that it is not authoritative for the EID. The map resolver caches this information and drops the map request.

    If there is a match, the DDT node processing continues.

  2. The requested EID is checked for a match against any EID prefixes specified in any delegate commands. If the DDT node is also a map server, the EID is checked against EID prefixes specified in lisp site commands as well.

    If there is no match, the DDT node sends a negative map referral message covering the coarsest negative prefix within the configured EID prefix range for which the DDT node is authoritative. This indicates that the requested EID is within a delegation hole and is (currently) not a LISP destination. If there is a match and the DDT node is not also a map server, the DDT node sends a map referral message with the more specific matched EID prefix and the set of RLOCs for the delegated (child) DDT nodes. When the configured delegate command also includes the optional map-server keyword, the returned map-referral message also indicates for the receiving map resolver that the next map request will be to a DDT-enabled map server. If the DDT node is a map server, the map server replies with the most appropriate response to the EID in the map request. (See the map-server-peer command for details).

When the delegate command is configured to delegate a specific LISP instance ID, or for a range of instance IDs, the optional instance-id keyword is included with the command. The value associated with the keyword will be specified as follows, depending upon the instance ID scope being configured:

delegate child-locator instance-id iid eid-prefix eid-prefix

For a range of instance IDs, iid can either be specified in x-y format, where y must be greater than x and the range must be in a power-of-2 block (where x is a power-of-2 and y is a power-of-2 minus 1) with a range represented by a 24-bit instance ID/mask or in IPv4 prefix format. An EID prefix cannot be included when an instance-ID range is specified. The command is entered in either of these forms:

delegate child-locator instance-id x-y

delegate child-locator instance-id A.B.C.D/length


Note

When a LISP DDT node is configured with a delegate command for an EID prefix or instance-ID space, the child LISP DDT node must be configured with the ddt authoritative command with a matching EID prefix and/or instance-ID space.

Examples

The following example shows how to configure a LISP DDT node to delegate authority for the IPv4 EID prefix 172.16.0.0/16 and the IPv6 EID prefix 2001:db8:eeee::/48 to the DDT node with child locator 10.1.1.1. Note that in this case, the instance-id keyword and value are not specified and hence, the EID prefixes are only associated with the default instance ID (0). 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# delegate 10.1.1.1 eid-prefix 172.16.0.0/16
Device(config-router-lisp-ddt-auth)# delegate 10.1.1.1 eid-prefix 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)#end
Device# show ddt
---<skip>---
Configured DDT delegated nodes/map-servers:
[0] 172.16.0.0/16 -> 10.1.1.1, p/w: 0/0
[0] 2001:db8:eeee::/48 -> 10.1.1.1, p/w: 0/0

In the following example, a LISP DDT node is configured to delegate authority for the IPv4 EID prefix 172.16.0.0/16 to the DDT node with child locator 10.1.1.1 where the child is specified as a map server. 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# delegate 10.1.1.1 eid-prefix 172.16.0.0/16 map-server
Device(config-router-lisp-ddt-auth)# end
Device# show ddt
---<skip>---
Configured DDT delegated nodes/map-servers:
[0] 172.16.0.0/16 -> 10.1.1.1, p/w: 0/0, map-server-child

In the following example, the LISP DDT node is configured to be authoritative for all EID prefixes within the instance-ID range of 0 to 15 to the DDT node with child locator 10.1.1.1. Note that this is equivalent to using the prefix format of 0.0.0.0/28. 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# delegate 10.1.1.1 instance-id 0-15
Device(config-router-lisp-ddt-auth)# end
Device# show ddt
---<skip>---
Configured DDT delegated nodes/map-servers:
[0-15 (0.0.0.0/28)] * -> 10.1.1.1, p/w: 0/0

Command

Description

ddt

Configures a device to enable LISP DDT functionality.

ddt authoritative

Configures an extended EID prefix (instance ID and EID prefix) for which a LISP DDT node is authoritative.

ddt root

Configures an IPv4 or IPv6 locator for a DDT root node within the delegation hierarchy on a DDT-enabled map resolver.

map-server-peer

Configures an IPv4 or IPv6 locator address and extended EID prefix (instance ID and EID prefix) for a peer map server operating in a delegation hierarchy.

ddt root

To configure an IPv4 or IPv6 locator for a delegated database tree (DDT) root node within the delegation hierarchy on a DDT-enabled map resolver, use the ddt root command in LISP configuration mode. To remove a root DDT node reference, use the no form of this command.

ddt root root-locator

no ddt root root-locator

Syntax Description

root-locator

IPv4 or IPv6 locator address of the DDT root node.

Command Default

A map resolver running DDT is not configured to point to a DDT root node.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

Use this command to configure a map resolver running DDT to point to a DDT root node within the delegation hierarchy.


Note

Up to eight DDT root node references (summed across all address families) may be configured on a map resolver. When multiple DDT root nodes are configured, the map resolver uses load-balancing mechanisms to send DDT-based map requests to these DDT root nodes.

Unlike a standalone map resolver or one that uses the ALT mapping system, a DDT map resolver uses an iterative process of following referrals to find the correct Egress Tunnel Router (ETR) to answer a map request. This requires a DDT map resolver to maintain additional state, including a map referral cache and a lookup queue of map requests that are going through the iterative referral process.

When a DDT-enabled map resolver receives an ECM-based map request from an Ingress Tunnel Router (ITR), A map resolver running DDT begins the iterative process by sending a DDT-based map request to a DDT root node referenced in the ddt root command. The DDT root node is configured with the appropriate ddt authoritative and delegate commands to satisfy the request, or refer the map resolver to the next (set of) DDT nodes and ultimately, DDT map servers, within the DDT hierarchy that can provide the most appropriate response for the EID in the map request. (See the ddt authoritative command, delegate command, and map-server-peer command for details on response behavior.)

Examples

The following example shows how to configure a DDT-enabled map resolver to refer to three DDT root node locators: 10.1.1.1, 10.2.1.1, and 2001:db8:1::1111. 

Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt root 10.1.1.1
Device(config-router-lisp)# ddt root 10.2.1.1
Device(config-router-lisp)# ddt root 2001:db8:1::1111
Device(config-router-lisp)# end
Device# show ddt
LISP-DDT Configuration in VRF "default"
  Configured DDT roots: 10.1.1.1  10.2.1.1  2001:db8:1::1111  
---<skip>---

Related Commands

Command

Description

ddt

Configures a router to enable LISP DDT functionality.

ddt authoritative

Configures an extended EID prefix (instance ID and EID Prefix) for which a LISP DDT node is authoritative.

delegate

Configures a LISP DDT node to delegate to another LISP DDT node the authority for the specified extended EID prefix (instance ID and EID prefix).

map-server-peer

Configures an IPv4 or IPv6 locator address and extended EID prefix (instance ID and EID prefix) for a peer map server operating in a delegation hierarchy.

lisp-rig

To configure a LISP rig operation to query the LISP DDT mapping system to return map referrals for a destination EID , use the lisp-rig command in privileged EXEC mode.

lisp-rig {instance-id iid | eid-table name | locator-table name | {vrf name | default }} EID to ddt-node {follow-all-referrals}

Syntax Description

instance-id iid

Specifies the instance ID for the IPv4 or IPv6 EID to perform the lisp-rig operation on.

eid-table name

Specifies the EID table VRF.
locator-table name

Specifies the router LISP ID through an RLOC VRF.
vrf name

Specifies the VRF name.
default

Specifies the default VRF.
EID

Specifies the IPv4/IPv6 destination EID.
to

Specifies the destination DDT node to send map request.
ddt-node

Specifies the IPV4/IPv6 DDT node address.
follow-all-referrals

Resolves alternatives after receiving done referral.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

The lisp-rig command initiates a operation to query the LISP-DDT hierarchy for the indicated destination hostname or EID.

The lisp-rig function initiates an ECM-based map request for the specified EID or extended EID instance-id iid EID and sends it to the specified DDT node. The DDT node receiving the query returns an appropriate map-referral message (based on its knowledge of the queried EID), and this information is displayed.


Note

When the lisp-rig command is entered and referrals are returned, these referrals do not create or modify state in the referral cache.

Examples

The following examples use the lisp-rig command to query the LISP DDT hierarcy for the EID 172.16.17.17. 

Device# lisp-rig 172.16.17.17 to 10.1.1.1

rig LISP-DDT hierarchy for EID [0] 172.16.17.17 
Send Map-Request to DDT-node 10.1.1.1 ... replied, rtt: 0.007072 secs
  EID-prefix [0] 172.16.17.16/28, ttl: 1, action: ms-not-registered, referrals:
    10.1.1.1, priority/weight: 0/0
    10.2.1.1, priority/weight: 0/0
    10.3.1.1, priority/weight: 0/0

Device# lisp-rig 172.16.17.17 to 192.168.252.136 

Send Map-Request to DDT-node 192.168.252.136 ... node referral, rtt: 12 ms
  EID-prefix: [0] 172.16.0.0/16, ttl: 1440
  referrals: 192.168.1.91, 10.36.254.167, 10.217.187.20

Send Map-Request to DDT-node 192.168.1.91 ... node referral, rtt: 132 ms
  EID-prefix: [0] 172.16.0.0/19, ttl: 1440
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 192.168.48.61 ... map-server not registered, rtt: 72 ms
  EID-prefix: [0] 172.16.17.16/28, ttl: 1
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Device# lisp-rig 172.16.17.17 to 192.168.252.136 follow-all-referrals 

Send Map-Request to DDT-node 192.149.252.136 ... node referral, rtt: 4 ms
  EID-prefix: [0] 172.16.0.0/16, ttl: 1440
  referrals: 192.168.1.91, 10.36.254.167, 10.217.187.20

Send Map-Request to DDT-node 192.168.1.91 ... node referral, rtt: 132 ms
  EID-prefix: [0] 172.16.0.0/19, ttl: 1440
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 192.168.48.61 ... map-server not registered, rtt: 76 ms
  EID-prefix: [0] 172.16.17.16/28, ttl: 1
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 10.36.254.164 ... map-server acknowledgement, rtt: 80 ms
  EID-prefix: [0] 172.16.17.16/28, ttl: 1440
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 192.168.255.37 ... map-server not registered, rtt: 8 ms
  EID-prefix: [0] 172.16.17.16/28, ttl: 1
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 10.223.132.89 ... map-server acknowledgement, rtt: 92 ms
  EID-prefix: [0] 172.16.17.16/28, ttl: 1440
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 10.36.254.167 ... node referral, rtt: 76 ms
  EID-prefix: [0] 172.16.0.0/19, ttl: 1440
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

Send Map-Request to DDT-node 10.217.187.20 ... node referral, rtt: 80 ms
  EID-prefix: [0] 172.16.0.0/19, ttl: 1440
  referrals: 192.168.48.61, 10.36.254.164, 192.168.255.37, 10.223.132.89

No more referrals to pursue.

Related Commands

Command

Description

clear lisp ddt

Clears the DDT referral cache stored on a DDT-enabled map resolver.

ddt

Configures a device to enable LISP DDT functionality.

show lisp ddt

Displays the configured LISP DDT root(s) and/or DDT delegation nodes on a device enabled for LISP DDT.

map-server-peer

To configure on a DDT-enabled map server the locator and EID prefix (and/or instance ID) for a map server peer within the Locator/ID Separation Protocol (LISP) delegated database tree (DDT) delegation hierarchy, use the use the map-server-peer command in LISP DDT authoritative mode. To remove the map server as a peer, use the no form of this command.

map-server-peer map-server-locator

no map-server-peer map-server-locator

Syntax Description

map-server-locator

Configures the IPv4 or IPv6 locator address of this map server, or of a map server peer that is also authoritative for the same EID prefix (and/or instance ID).

Command Default

No map-server peers are configured.

Command Modes

LISP DDT authoritative (config-router-lisp-ddt-auth)

Command History

Release Modification

15.3(1)T

This command was introduced.

Cisco IOS XE Release 3.8S

This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

Use this command to configure the IPv4 or IPv6 locator address of map server peers that are all configured to be authoritative and acting as map servers for the same EID prefix (and/or instance ID) within the LISP DDT delegation hierarchy. This enables the map server to provide the appropriate response when the EID in a DDT-based map-request matches the EID prefix specified in this map-server-peer command.

A map server is generally configured with one or more lisp site configurations that include EID prefixes (and possibly instance IDs) for which one or more LISP Sites and ETRs may be registering. In addition, there may be more than one map server to which a LISP Site and its ETRs may be configured to register (for example, in a redundant map servers are deployment). When multiple map servers are deployed within a LISP DDT delegation hierarchy and they are all configured to be authoritative for the same EID prefix (and/or instance ID) space they are then considered peers. map server peers also have upstream LISP DDT node(s) delegating the same EID prefix (and/or instance ID) space to them. In this case, the following considerations are important:

  • Each map server must be identically configured with map-server-peer commands specifying each map server locator, including their own, for each EID prefix (and/or instance ID) represented by the map server and its peers.

  • Each map server must be identically configured with ddt authoritative commands with an EID prefix (and/or instance ID) matching the one used within the map-server-peer commands.

  • The EID prefix configured in map-server-peer and ddt authoritative commands must cover the EID prefix contained in the lisp site configurations. If there are multiple lisp site configurations and the EID prefix can be summarized by a coarse aggregate, the EID prefix configured in map-server-peer and ddt authoritative commands may use this aggregate instead of the individual EID prefixes from each lisp site configuration.

  • For a given authoritative prefix, each map server must have identical lisp site configurations, regardless of whether the LISP Site is configured to register to all/any one map server or not. This is because when the upstream LISP DDT node configures the delegate command and includes the map-server keyword, the map referral message it returns to the querying map resolver includes the set of RLOCs for all map servers (referral target DDT nodes) to which the EID prefix has been delegated. Thus, any map server in the peer group can receive subsequent DDT map requests from the map resolver.

  • Depending on the EID prefix configured in map-server-peer and ddt authoritative commands and the state of LISP Site registrations, the following responses may be generated by this map server.

  1. When the EID in a DDT map request matches an EID prefix for a LISP site that is currently registered to THIS map server, the map server forwards the ECM-based map request to the ETR at that LISP site (or sends a map reply if it is providing proxy map reply services). This ETR will send a map reply back to the requesting ITR. The map server also returns a map referral back to the map resolver indicating that it successfully processed the map request and forwarded it to the registering ETR.

  2. When the EID in a DDT map request matches an EID prefix for a LISP site that is configured but not currently registered to THIS map server, the map server returns a map referral message back to the map resolver. The map resolver caches the fact that the LISP site is configured but not currently registered to THIS map server, and proceeds to query the other map server peerss for the EID prefix. If one of those map servers has the LISP site registered, it will respond as in (1) above. If none of the map server peers has the LISP site registered, the map resolver will send a negative map reply (TTL 1 minute) back to the requesting ITR.

  3. When the EID in a DDT map request does not match any EID prefix for configured LISP sites but is within the EID prefix (and/or instance ID) configured in map-server-peer and ddt authoritative commands, this means that the EID prefix (or Instance ID) configured in map-server-peer and ddt authoritative commands is a coarse aggregate and a LISP Site has not been configured to cover some portion of it. In this case, the map server returns a negative map referral message back to the map resolver indicating that the EID does not match any EID prefix (and/or instance ID) delegated to the map server. This negative map referral contains the “least specific” EID prefix that covers the delegation hole, allowing the map resolver to create and send a negative map reply (TTL 15 minutes) back to the requesting ITR.


Note

Because all map server peers must be identically configured, a DDT map resolver receiving a negative map referral from a DDT map server can accept it without further need for checking of the other map server peers for a configured or registered LISP Site.

When the map-server-peer command is configured for a specific LISP instance ID, or for a range of instance IDs, the optional instance-id keyword is included with the command. The value associated with the keyword will be specified as follows, depending upon the instance ID scope being configured:

  • For a single instance ID for a specific EID prefix, iid is specified as an integer between 1 and 16777215 in the form:

map-server-peer map-server-locator instance-id iid eid-prefix eid-prefix

  • For a range of instance IDs, iid can either be specified in x-y format, where y must be greater than x and the range must be in a power-of-2 block (where x is a power-of-2 and y is a power-of-2 minus 1) with a range representable by a 24-bit instance ID/mask or in IPv4 prefix format. An EID prefix cannot be included when an instance ID range is specified. The command is entered in either of these forms:

map-server-peer map-server-locator instance-id x-y

map-server-peer map-server-locator instance-id A.B.C.D/length

Examples

The following example shows how to configure a LISP DDT map server as authoritative for the IPv4 EID prefix 172.16.0.0/16 and the IPv6 EID prefix 2001:db8:eeee::/48 for its own locator 10.1.1.1, as well as one other map server peer (for the same EID prefix space) with map-server locator 10.2.1.1. Note that in this case, the optional instance-id keyword and value are not specified and hence, the EID prefixes are only associated with the default instance ID (0). 


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# map-server-peer 10.1.1.1 eid-prefix 172.16.0.0/16
Device(config-router-lisp-ddt-auth)# map-server-peer 10.2.1.1 eid-prefix 172.16.0.0/16
Device(config-router-lisp-ddt-auth)# authoritative eid-prefix 172.16.0.0/16
Device(config-router-lisp-ddt-auth)# map-server-peer 10.1.1.1 eid-prefix 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# map-server-peer 10.2.1.1 eid-prefix 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# authoritative eid-prefix 2001:db8:eeee::/48
Device# end
Device# show ddt
---<skip>---
Configured DDT delegated nodes/map-servers:
[0] 172.16.0.0/16 -> 10.1.1.1, p/w: 0/0, map-server-peer
[0] 172.16.0.0/16 -> 10.2.1.1, p/w: 0/0, map-server-peer
[0] 2001:db8:eeee::/48 -> 10.1.1.1, p/w: 0/0, map-server-peer
[0] 2001:db8:eeee::/48 -> 10.2.1.1, p/w: 0/0, map-server-peer
Configured authoritative EID-prefixes:
[0] 172.16.0.0/16
[0] 2001:db8:eeee::/48
Device(config)#

In the following example, a LISP DDT map server is configured as authoritative for all EID prefixes within the instance ID range of 0 to 15. Its own locator is 10.1.1.1; one other map server peer with locator 10.2.1.1 is configured for the same Instance ID space. (Note that this is equivalent to using the prefix format of 0.0.0.0/28). 

Device> enable
Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# router lisp
Device(config-router-lisp)# ddt authoritative 2001:db8:eeee::/48
Device(config-router-lisp-ddt-auth)# map-server-peer 10.1.1.1 instance-id 0-15
Device(config-router-lisp-ddt-auth)# map-server-peer 10.2.1.1 instance-id 0-15
Device(config)-router-lisp-ddt-auth# authoritative instance-id 0-15
Device# end
Device# show ddt
---<skip>---
Configured DDT delegated nodes/map-servers:
[0-15 (0.0.0.0/28)] * -> 10.1.1.1, p/w: 0/0, map-server-peer
[0-15 (0.0.0.0/28)] * -> 10.2.1.1, p/w: 0/0, map-server-peer
Configured authoritative EID-prefixes:
[0-15 (0.0.0.0/28)] *
Device(config)#

Related Commands

Command

Description

ddt

Configures a device to enable LISP DDT functionality.

ddt authoritative

Configures an extended EID prefix (instance ID and EID prefix) for which a LISP DDT node is authoritative.

delegate

Configures a LISP DDT node to delegate to another LISP DDT node the authority for the specified extended EID prefix (instance ID and EID prefix).

ddt root

Configures an IPv4 or IPv6 locator for a DDT root node within the delegation hierarchy on a DDT-enabled map resolver.