The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
To initiate a LISP Internet Groper (LIG) operation for a destination endpoint identifier (EID) or to test the router’s local EID prefix, use the lig command.
lig { hostname | destination-EID } [ count count ] [ source source-EID ] [ to map-resolver ]
lig { self | self6 | version } [ count count ] [ source source-EID ] [ to map-resolver ]
hostname |
Destination hostname. |
destination-EID |
Destination IPv4 or IPv6 EID. |
count count |
(Optional) Specifies to send this number of Map Requests. The range is from 1 to 5. |
source source-EID |
(Optional) Specifies to send the Map Request using this IPv4 or IPv6 source EID. |
to map-resolver |
(Optional) Specifies to send the Map Request to this map-resolver locator instead of the configured Map-Resolver. |
self |
Tests to see if the local IPv4 EID prefix is registered in the mapping database. |
self6 |
Test to see if the local IPv6 EID prefix is registered in the mapping database. |
version |
Displays the version of LIG that the system is supporting. |
None
Any command mode
Release |
Modification |
---|---|
5.0(1.13) |
This command was introduced. |
Use the lig command to test whether a destination EID exists in the LISP mapping database system, or to see if your site is registered with the mapping database system.
When a LIG query is initiated with a hostname or destination EID, the router sends a Map Request to the configured Map Resolver for the indicated destination hostname or EID. When a Map Reply is returned, its contents are displayed and entered in the LISP map cache.
When a LIG self query is initiated, the router’s local EID prefix is substituted in place of the destination EID when the router sends a Map Request to the configured Map Resolver.
The following operational attributes apply to LIG:
This command does not require a license.
This example shows how to initiate a LIG operation for a destination EID or to test the router’s local EID prefix:
switch# lig self Send loopback map-request to 128.223.156.35 for 153.16.12.0 ... Received map-reply from 128.223.156.23 with rtt 0.002770 secs Map-cache entry for EID 153.16.12.0: 153.16.12.0/24, uptime: 00:00:02, expires: 23:59:57, via map-reply, self Locator Uptime State Priority/ Data Control Weight in/out in/out 128.223.156.23 00:00:02 up 1/100 0/0 0/0
This example shows how to display the local IPv6 EID prefix that is registered in the mapping database:
switch# lig self6 Send loopback map-request to 128.223.156.35 for 2610:d0:1203:: ... Received map-reply from 128.223.156.23 with rtt 0.001148 secs Map-cache entry for EID 2610:d0:1203::: 2610:d0:1203::/48, uptime: 00:00:02, expires: 23:59:57, via map-reply, self Locator Uptime State Priority/ Data Control Weight in/out in/out 128.223.156.23 00:00:02 up 1/100 0/0 0/0 switch#
This example shows how to display all LISP map-cache entries, and then uses lig to test for the remote IPv6 EID prefix:
switch# show ipv6 lisp map-cache LISP IPv6 Mapping Cache for VRF “default”, 0 entries
This example show to to configure LIG to test for the remote IPv6 EID prefix:
switch# lig 2610:d0:210f::1 end map-request to 128.223.156.35 for 2610:d0:210f::1 ... Received map-reply from 85.184.2.10 with rtt 0.204710 secs Map-cache entry for EID 2610:d0:210f::1: 2610:d0:210f::/48, uptime: 00:00:01, expires: 23:59:58, via map-reply, auth Locator Uptime State Priority/ Data Control Weight in/out in/out 85.184.2.10 00:00:01 up 0/100 0/0 0/0 2001:6e0:4:2::2 00:00:01 up 0/100 0/0 0/0
This example shows how to display all IPv6 LISP map-cache entries:
switch# show ipv6 lisp map-cache LISP IPv6 Mapping Cache for VRF "default", 1 entries 2610:d0:210f::/48, uptime: 00:01:25, expires: 23:58:34, via map-reply, auth Locator Uptime State Priority/ Data Control Weight in/out in/out 85.184.2.10 00:01:25 up 0/100 0/0 0/0 2001:6e0:4:2::2 00:01:25 up 0/100 0/0 0/0 switch#
This example shows how to display the version of LIG being used by the system:
switch# lig version http://tools.ietf.org/html/draft-ietf-lisp-05 http://tools.ietf.org/html/draft-farinacci-lisp-lig-01
Command |
Description |
---|---|
show ip lisp map-cache |
Displays the current dynamic and static IPv4 EID-to-RLOC map-cache entries. |
show ipv6 lisp map-cache |
Displays the current dynamic and static IPv6 EID-to-RLOC map-cache entries. |
To enable Locator/ID Separation Protocol (LISP) to run on the Cisco NX-OS device, use the lisp beta command. To disable this functionality, use the no form of this command.
lisp beta
no lisp beta
This command has no arguments or keywords.
None
Global configuration mode
Release |
Modification |
---|---|
5.2(1) |
This command was deprecated. |
5.0(1.13) |
This command was introduced. |
The lisp beta command is only applicable to the Cisco NX-OS device.
In order to run LISP on the Cisco Nexus 7000 Series device, the functionality must be enabled by using the lisp beta command. When enabled, hardware forwarding of LISP packets is automatically enabled, assuming that at least one 32x10GE line card is installed. Hardware forwarding is the default mode of operation when LISP is enabled.
Caution | You can disable hardware forwarding by using the no ip lisp hardware-forwarding command. However, we strongly recommend that you do not do so. Its use is intended for diagnostic functions only. |
Additional caveats and requirements apply when LISP is configured on the Cisco NX-OS device only.
In order for LISP to operate, you must configure at least one tunnel interface (or any type) on the system. If no tunnel interface is configured, you must configure an arbitrary (unused) tunnel interface. The only requirements for the tunnel is that the source be active or up and that the destination be reachable, usually by matching a default route to exit the switch or by using a loopback interface that is not in a shutdown state. An example is as follows:
interface Tunnel101 tunnel source Ethernet10/9 tunnel destination 10.1.1.1 no shutdown
This command does not require a license.
This example shows how to enable LISP on the Cisco Nexus 7000 Series device:
switch# configure terminal switch(config)# lisp beta
Command |
Description |
---|---|
ip lisp hardware-forwarding |
Enables IPv4 LISP hardware-forwarding on the Cisco NX-OS device. |
ipv6 lisp hardware-forwarding |
Enables IPv6 LISP hardware-forwarding on the Cisco NX-OS device. |
To configure a switch to perform LISP Delegated Database Tree (DDT) functionality, use the lisp ddt command. To remove the LISP DDT mapping, use the no form of this command.
lisp ddt
no lisp ddt
This command has no arguments or keywords.
None
Global configuration mode
Release |
Modification |
---|---|
6.2(2) |
This command was introduced. |
This command does not require a license.
This example shows how to configure a LISP DDT mapping:
switch# configure terminal switch(config)# lisp ddt switch(config)#
Command |
Description |
---|---|
lisp mobility |
Configures an interface on an Ingress Tunnel Router (ITR) to participate in LISP VM Mobility (dynamic-EID roaming). |
To configure a Locator ID/Separation Protocol (LISP) Delegated Database Tree (DDT) node to be authoritative for a specified endpoint identifier (EID) prefix, use the lisp ddt authoritative-prefix command. To remove the LISP DDT node to be authoritative for a specified EID prefix, use the no form of this command.
lisp ddt authoritative-prefix { eid-prefix eid-prefix | instance-id id }
no lisp ddt authoritative-prefix { eid-prefix eid-prefix | instance-id id }
eid-prefix |
Specifies the authoritative IPv4 or IPv6 EID prefix. |
eid-prefix |
EID prefix in IPv4 and IPv6 slash format. |
instance-id |
Specifies the instance ID of VPN for EID prefix. |
id |
Instance ID range in X and Y format where y > x. The range is from 0 to 2147483647. |
None
Global configuration mode
Release |
Modification |
---|---|
6.2(2) |
This command was introduced. |
This command does not require a license.
This example shows how to configure a LISP DDT node to be authoritative for a specified EID prefix:
switch# configure terminal Switch(config)# lisp ddt authoritative-prefix eid-prefix 172.16.0.0/16 switch(config)#
Command |
Description |
---|---|
lisp mobility |
Configures an interface on an Ingress Tunnel Router (ITR) to participate in LISP VM Mobility (dynamic-EID roaming). |
To configure a Delegated Database Tree (DDT) enabled Map Server, the locator and endpoint identifier EID prefix (and/or instance ID) for a Map Server peer within the Locator ID-Separation Protocol (LISP) DDT delegation hierarchy, use the lisp ddt map-server-peer command. To remove the other Map Server peers, use the no form of this command.
lisp ddt map-server-peer map-server-locator { eid-prefix eid-prefix | instance-id id }
no lisp ddt map-server-peer map-server-locator { eid-prefix eid-prefix | instance-id id }
map-server-locator |
IPv4 or IPv6 locator address of the DDT node. |
eid-prefix |
Specifies the child delegation for the IPv4 or IPv6 EID prefix. |
eid-prefix |
EID prefix in IPv4 or IPv6 slash format. |
instance-id |
Specifies the instance ID of VPN for the EID prefix. |
id |
Instance ID range in X and Y format where y > x. The range is from 0 to 2147483647. |
Global configuration mode
Release |
Modification |
---|---|
6.2(2) |
This command was introduced. |
This command does not require a license.
This example shows how to configure a LISP DDT Map Server that is configured as authoritative for the IPv6 EID prefix 2001:db8:eeee::/48 for its own locator 10.1.1.1:
switch# configure terminal Switch(config)# lisp ddt map-server-peer 10.1.1.1 eid-prefix 2001:db8:eeee::/48 switch(config)#
To configure an IPv4 or IPv6 locator for a Delegated Database Tree (DDT) root node within the delegation hierarchy on a DT-enabled Map Resolver, use the lisp ddt root command. To remove the IPv4 or IPv6 locator for a DDT root node within the delegation hierarchy on a DT-enabled Map Resolver, use the no form of this command.
lisp ddt root root-locator [ public-key number ]
no lisp ddt root root-locator [ public-key number ]
root-locator |
IPv6 or IPv4 locator address of DDT root. |
public-key |
(Optional) Specifies the DDT root's public key used to verify signed Map Referrals. |
number |
(Optional) 0 specifies an UNENCRYPTED rsa public key. 3 specifies an 3DES ENCRYPTED RSA public key. 7 specifies a Cisco type 7 ENCRYPTED RSA public key. LINE specifies the UNENCRYPTED (cleartext) RSA public key. |
Global configuration mode
Release |
Modification |
---|---|
6.2(2) |
This command was introduced. |
This command does not require a license.
This example shows how to configure an IPv4 or IPv6 locator for a DDT root node within the delegation hierarchy on a DT enabled Map Resolver:
switch# configure terminal Switch(config)# lisp ddt root 10.1.1.1 eid-prefix 172.16.0.0/16 switch(config)#
Command |
Description |
---|---|
lisp mobility |
Configures an interface on an Ingress Tunnel Router (ITR) to participate in LISP VM Mobility (dynamic-EID roaming). |
To configure a Locator ID/Separation Protocol (LISP) Virtual Machine (VM) Mobility (dynamic-EID roaming) policy and enter dynamic-EID configuration mode on an xTR, use the lisp dynamic-eid command. To remove the LISP dynamic-EID policy, use the no form of this command.
lisp dynamic-eid dynamic-EID-policy-name
no lisp dynamic-eid dynamic-EID-policy-name
dynamic-EID-policy-name |
Name of the LISP dynamic-EID policy. |
None
Global configuration mode
Release |
Modification |
---|---|
5.0(1.13) |
This command was introduced. |
To configure LISP VM Mobility, you must create a dynamic-EID roaming policy that can be referenced by the lisp mobility dynamic-eid-policy-name command. When you enter the lisp dynamic-eid dynamic-EID-policy-name command, the referenced LISP dynamic-EID policy is created and you are placed in the dynamic-EID configuration mode. In this mode, you can enter all attributes associated with the referenced LISP dynamic-EID policy.
Note | In this release of LISP VM Mobility, the following caveats apply:When a dynamic EID is roaming across subnets, you must configure it with a /32 IP address and an interface route to the default switch. For example, for a Linux or UNIX host, the following configuration is used:ifconfig eth0 eid-address netmask 255.255.255.255route add default any-switch-addressroute add default any-switch-addressWhen a dynamic-EID is roaming across subnets, you must configure it with a /32 IP address and an interface route to the default switch. For example, for a Linux or UNIX host, the following configuration will be used:ifconfig eth0 eid-address netmask 255.255.255.255route add default any-switch-addressarp -s any-switch-address 00:00:0e:1d:01:0cAll LISP VM-router interfaces (the interface the dynamic EID will roam to) must have the same MAC address. You can configure interfaces by using the mac-address 0000.0e1d.010c command. |
Note | This feature is available for both IPv4 and IPv6. However, this feature is tested for IPv4 only. In addition, while necessary Address Resolution Protocol (ARP) changes have been made for IPv4, similar changes required for Neighbor Discover (ND) for IPv6 have not been implemented. |
This command does not require a license.
This example shows how to configure the LISP dynamic-EID policy named Roamer-1 and enter dynamic-EID configuration mode:
switch# configure terminal switch(config)# lisp dynamic-eid Roamer-1 switch(config-lisp-dynamic-eid)#
Command |
Description |
---|---|
lisp mobility |
Configures an interface on an Ingress Tunnel Router (ITR) to participate in LISP VM Mobility (dynamic-EID roaming). |
To configure an interface to create a dynamic-endpoint identifier (EID) state for hosts attached on their own subnet in order to track the movement of EIDs from one part of the subnet to another part of the same subnet, use the lisp extend-subnet-mode command. To remove this functionality, use the no form of this command.
lisp extended-subnet-mode
no lisp extended-subnet-mod
This command has no arguments or keywords.
Disabled
Interface configuration mode
Release |
Modification |
---|---|
5.0(3) |
This command was introduced. |
Use the lisp extended-subnet-mode command when a subnet is extended across a Layer 3 cloud where Layer 2 connectivity is maintained by a mechanism other than the Locator Separation Protocol (LISP) (for example, Overlay Transport Virtualization (OTV) or Virtual Private LAN Services (VPLS)). Use the lisp extended-subnet-mode command to enable the dynamic-EID state to create host attached on their own subnet so that the remote Ingress Tunnel Routers (ITRs) and Proxy ITRs (PITRs) can track the movement of EIDs from one part of its subnet to another part of the same subnet.
Note | When you enter the lisp extended-subnet-mode command on an interface, any dynamic-EID prefixes configured by using the lisp mobility commands on the same interface must have more specific prefixes than any overlapping subnet prefixes. For example, if lisp extended-subnet-mode is configured on an interface that has a base subnet of a /24, when you enter the lisp mobility dyn-eid-name command, the EID prefix for the dynamic EID dyn-eid-name must be /25 or greater. |
This command does not require a license.
This example shows how to configure an interface to create a dynamic EID state for hosts attached on their own subnet:
switch# configure terminal switch(config)# interface Ethernet 2/0 switch(config-if)# lisp extended-subnet-mode
Command |
Description |
---|---|
lisp site |
Configures a LISP site and enters site configuration mode on a Map Server. |
lisp dynamic-eid |
Configures the LISP dynamic-EID roaming policy. |
lisp mobility |
Configures an interface on an Ingress Tunnel Router (ITR) to participate in LISP Virtual Machine (VM) mobility (dynamic-EID roaming). |
To configure an instance ID to be associated with endpoint identifier (EID)-prefixes for a Locator/ID Separation Protocol (LISP) Tunnel Router (xTR), use the lisp instance-id command. To disable this functionality, use the no form of this command.
lisp instance-id iid
no lisp instance-id iid
iid |
Instance ID for this xTR. The range is from 1 to 16777215. |
None
Global configuration mode
Release |
Modification |
---|---|
5.0(1.13) |
This command was introduced. |
Virtualization support is currently available in LISP xTRs and the Map Server (MS) and Map Resolver (MR). The instance ID has been added to LISP to support virtualization.
Only one instance ID can be configured per EID virtual routing and forwarding (VRF) context. When an instance ID is configured, this instance ID is included with the EID prefixes when they are registered with the Map Server. The Map Server must also include the same instance ID within the EID prefix configurations for this LISP site. You can configure instance IDs on the MS by using the eid-prefix command in the lisp site command mode.
Note | Virtualization support is not currently available for the LISP Alternate Topology (ALT), which means that it is also not supported on LISP Proxy Ingress Tunnel Routers (PITRs). |
This command does not require a license.
This example shows how to configure an instance ID on this xTR:
switch# configure terminal switch(config)# lisp xtr instance-id 123
Command |
Description |
---|---|
eid-prefix |
Configures a list of EID prefixes that are allowed in a Map Register message sent by an ETR when registering to the Map Server. |
To configure a Locator/ID Separation Protocol (LISP) locator reachability algorithm, use the lisp loc-reach-algorithm command. To disable this functionality, use the no form of this command.
lisp loc-reach-algorithm { count-tcp | echo-nonce | rloc-probing }
no lisp loc-reach-algorithm { count-tcp | echo-nonce | rloc-probing }
count-tcp |
Enables the tcp-count locator reachability algorithm. |
echo-nonce |
Enables the echo-nonce locator reachability algorithm. |
rloc-probing |
Enables the rloc-probing locator reachability algorithm. |
Disabled
Global configuration mode
Release |
Modification |
---|---|
5.0(1.13) |
This command was introduced. |
When a LISP site communicates with a remote LISP site, it maintains endpoint identifier-to-Routing Locator (EID-to-RLOC) mapping information in its local map cache. In order for a LISP site to maintain an accurate status of locators at remote LISP sites with which it is communicating, theLISP Tunnel Router (xTR) can be configured to use three different locator reachability algorithms: tcp-count, echo-nonce, and rloc-probing. Certain algorithms can only be enabled on certain devices.
The following locator reachability algorithms and their descriptions are as follows:
You can enable multiple algorithms concurrently, subject to the dependencies listed above with each algorithm.
You can view the status associated with each locator reachability algorithm by using the show ip lisp map-cache or show ipv6 lisp map-cache commands.
This command does not require a license.
This example shows how to configure the locator reachability algorithm rloc-probing functionality on a Cisco NX-OS device:
switch# configure terminal switch(config)# lisp loc-reach-algorithm rloc-probing
Command |
Description |
---|---|
ip lisp etr |
Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel Router (ETR). |
ip lisp itr |
Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel Router (ITR). |
ipv6 lisp etr |
Configures the Cisco NX-OS device to act as an IPv6 LISP Egress Tunnel Router (ETR). |
ipv6 lisp itr |
Configures the Cisco NX-OS device to act as an IPv6 LISP Ingress Tunnel Router (ITR). |
show ip lisp map-cache |
Displays the current dynamic and static IPv4 EID-to-RLOC map-cache entries. |
show ipv6 lisp map-cache |
Displays the current dynamic and static IPv6 EID-to-RLOC map-cache entries. |
To specify a locator set for RTR RLOCs, use the lisp locator-set command. To disable this functionality, use the no form of this command.
lisp locator-set name
no lisp locator-set name
name |
Locator set name. |
None
VRF configuration (config-vrf) #
Release |
Modification |
---|---|
8.1(1) |
This command was introduced. |
Create a locator set and then specify the RTR RLOCs for the locator set. In the following example, a locator set set5000 is created, and RTR RLOCs 192.0.2.10 and 192.0.2.21 (connecting the RTR to IPv4 locator spaces) are associated with the locator set.
(config-vrf)# lisp locator-set set5000 192.0.2.10 priority 1 weight 10 192.0.2.21 priority 2 weight 20RTR locator-set inheritance
(config)# vrf context core ip lisp itr-etr ip lisp itr map-resolver 192.0.2.9/32 ip lisp etr map-server 192.0.2.9/32 key 3 a97b0defe7b8ff70 lisp locator-set setCore 192.0.2.10 priority 1 weight 10 192.0.2.21 priority 2 weight 20 exit ip lisp multicast lisp encapsulation vxlan
The LISP locator-set setCore is defined in the underlay VRF core (as shown above) and then associated in the lisp map-request itr-rlocs command in the overlay VRF vrf5000 (as shown below).
(config)# vrf context vrf5000 ip lisp proxy-itr 192.0.2.1 ip lisp proxy-etr lisp instance-id 5000 lisp map-request itr-rlocs setCore ip lisp locator-vrf core ip lisp map-cache 198.51.100.1/24 map-request ip lisp map-cache 198.51.100.2/24 map-request ip lisp multicast lisp encapsulation vxlan
This example shows how to specify a locator set for RTR RLOCs:
switch(config-vrf)# lisp locator-set set5000 192.0.2.10 priority 1 weight 10 192.0.2.21 priority 2 weight 20
Command |
Description |
---|---|
lisp map-request itr-rlocs |
Defines RTR RLOCs to be used in the Map-Request messages generated by the RTR. |
To define RTR RLOCs to be used in Map-Request messages generated by the RTR, use the lisp map-request itr-rlocs command. To disable this functionality, use the no form of this command.
lisp map-request itr-rlocs locator-set-name
no lisp map-request itr-rlocs locator-set-name
locator-set-name |
Locator set name. |
None
VRF configuration (config-vrf) #
Release |
Modification |
---|---|
8.1(1) |
This command was introduced. |
After creating a locator set and specifying RTR RLOCs, you should define RTR RLOCs to be used in the Map-Request messages generated by the RTR. Though you can enable multiple locator-sets, only one of them can be active at a point in time, and that is determined by including the name in the lisp map-request itr-rlocs option.
(config)# vrf context core ip lisp itr-etr ip lisp itr map-resolver 192.0.2.9/32 ip lisp etr map-server 192.0.2.9/32 key 3 a97b0defe7b8ff70 lisp locator-set setCore 192.0.2.10 priority 1 weight 10 192.0.2.21 priority 2 weight 20 exit ip lisp multicast lisp encapsulation vxlan
The LISP locator-set setCore is defined in the underlay VRF core (as shown above) and then associated in the lisp map-request itr-rlocs command in the overlay VRF vrf5000 (as shown below).
(config)# vrf context vrf5000 ip lisp proxy-itr 192.0.2.1 ip lisp proxy-etr lisp instance-id 5000 lisp map-request itr-rlocs setCore ip lisp locator-vrf core ip lisp map-cache 198.51.100.1/24 map-request ip lisp map-cache 198.51.100.2/24 map-request ip lisp multicast lisp encapsulation vxlan
This example shows how to define RTR RLOCs to be used in the Map-Request messages generated by the RTR:
(config)# vrf context vrf5000 ip lisp proxy-itr 192.0.2.1 ip lisp proxy-etr lisp instance-id 5000 lisp locator-set set5000 192.0.2.10 priority 1 weight 10 192.0.2.21 priority 2 weight 20 exit lisp map-request itr-rlocs set5000
Command |
Description |
---|---|
lisp locator-set |
Specifies a locator set for RTR RLOCs. |
To configure an interface on an Ingress Tunnel Router (ITR) to participate in Locator/ID Separation Protocol (LISP) Virtual Machine (VM) mobility (dynamic-endpoint identifier (EID) roaming) for a specific dynamic-EID policy, use the lisp mobility command. To remove this functionality, use the no form of this command.
lisp mobility dynamic-EID-policy-name
no lisp mobility dynamic-EID-policy-name
dynamic-EID-polic-name |
Name of the LISP dynamic-EID policy to apply to this interface. |
Disabled
Interface configuration mode
Release |
Modification |
---|---|
5.0(1.13) |
This command was introduced. |
In order for an interface on an xTR to participate in LISP Virtual Machine (VM) Mobility (dynamic-EID roaming), it must be associated by name with a specific LISP dynamic-EID roaming policy. A LISP dynamic-EID roaming policy is configured by using the lisp dynamic-eid command. This policy is then associated with an interface when you enter the lisp mobility dynamic-eid-policy-name command, where the dynamic-eid-policy-name provides the association.
When a packet is received on an interface configured for LISP VM Mobility, the packet is considered a candidate for LISP VM Mobility (dynamic-EID roaming) and its source address is compared against the EID prefix in the database-mapping entry (or entries) included as part of the specific LISP dynamic-EID policy. If there is a match, the rules associated with LISP dynamic-EID roaming are applied. If there is no match, the packet is forwarded natively (that is not LISP encapsulated).
You can apply multiple lisp mobility commands that refer to different dynamic-EID-policy-name instances to the same interface. Packets received on the interface are compared against all policies until a match is found or the packet discarded.
Caution | In this release of LISP Virtual Machine (VM) Mobility, note the following:– When a dynamic-EID is roaming across subnets, you must configure it with a /32 IP address and an interface route to the default switch. For example, for a Linux or UNIX host, use the following configuration:ifconfig eth0 eid-address netmask 255.255.255.255route add default any-switch-addressarp -s any-switch-address 00:00:0e:1d:01:0c– All LISP VM-router interfaces (which is the interface the dynamic EID will roam to) must have the same MAC address. You can configure interfaces by using the mac-address 0000.0e1d.010c command. |
Note | This feature is available for both IPv4 and IPv6. However, this feature is tested for IPv4 only. In addition, while necessary Address Resolution Protocol (ARP) changes have been made for IPv4, similar required changes for Neighbor Discovery (ND) for IPv6 have not been implemented. |
When you configure lisp extended-subnet-mode on an interface, any dynamic-EID prefixes configured by using lisp mobility commands on the same interface must have more specific prefixes than any overlapping subnet prefixes. For example, if lisp extended-subnet-mode is configured on an interface that has a base subnet of a /24, when you enter the lisp mobility dyn-eid-name command, the EID prefix for dynamic-EID dyn-eid-name must be /25 or greater.
This command does not require a license.
This example shows how to configure the Roamer-1 policy defined under the LISP dynamic-EID configuration:
switch# configure terminal switch(config)# interface Ethernet 2/0 switch(config-if)# lisp mobility Roamer-1
Command |
Description |
---|---|
lisp site |
Configures a LISP site and enters site configuration mode on a Map Server. |
lisp dynamic-eid |
Configures the LISP dynamic-EID roaming policy. |
lisp extended-subnet-mode |
Configures an interface to create a dynamic-EID state for hosts attached on their own subnet to track EID movement from one part of the subnet to another part of the same subnet. |
To configure a Locator/ID Separation Protocol (LISP) site and enter site configuration mode on a LISP Map Server, use the lisp site command. To remove the LISP site, use the no form of this command.
lisp site site-name
no lisp site site-name
site-name |
Name assigned to a LISP site locally. |
None
Global configuration mode
Release |
Modification |
---|---|
5.0(1.13) |
This command was introduced. |
To properly register a Locator/ID Separation Protocol (LISP) Egress Tunnel Router (ETR) with a Map Server, the Map Server must already have been configured with certain LISP site attributes that match the ETR attributes. At a minimum, these attributes include the EID prefix(es) to be registered by the ETR and a shared authentication key. On the ETR, these attributes are configured by using the ip lisp database-mapping, ipv6 lisp database-mapping, ip lisp etr map-server, and ipv6 lisp etr map-server commands.
When you enter the lisp site command, the referenced LISP site is created and you are placed in the site configuration mode. In this mode, all attributes associated with the referenced LISP site can be entered.
This command does not require a license.
This example shows how to configure the LISP site and enter the site command mode:
switch# configure terminal switch(config)# lisp site Customer-1 switch(config-lisp-site)#
Command |
Description |
---|---|
ip lisp database-mapping |
Configures an IPv4 EID-to-RLOC mapping relationship and its associated traffic policy. |
ip lisp etr map-server |
Configures the IPv4 or IPv6 locator address of the LISP Map Server to which an ETR should register for its IPv4 EID prefixes. |
ipv6 lisp database-mapping |
Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy. |
ipv6 lisp etr map-server |
Configured the IPv4 or IPv6 locator address of the LISP Map Server to which an ETR should register for its IPv6 EID prefixes. |