Usage Guidelines

Use this command to enable the broadcast functionality on the fabric edge node in a LISP network. Ensure that this command is used in the router-lisp-service-ethernet mode or router-lisp-instance-service-ethernet mode.

Usage Guidelines

In the LISP-instance-service configuration mode, the database-mapping command configures LISP database parameters with a specified IPv4 or IPv6 EID prefix block. The locator is the IPv4 or IPv6 address of any interface used as the RLOC address for the eid-prefix assigned to the site but can also be the loopback address of the interface.

When a LISP site has multiple locators associated with the same EID prefix block, multiple database-mapping commands are used to configure all of the locators for a given EID prefix block.

In a MultiSite scenario, the LISP border node advertises about the site EID that it is attached to on the transit map server to attract site traffic. To advertise, the border node has to obtain the route from the internal border and proxy register with the transit site map server accordingly. The database-mapping eid-prefix locator-set RLOC-name proxy command enables the configuration of a static proxy database mapping.

In Cisco IOS XE Bengaluru 17.5.1 and later releases, the database-mapping eid-prefix locator-set RLOC-name default-etr-route-map route-map command monitors the specified route-map for route updates corresponding to the eid-prefix. If there is an update from the route map, and if the route map has a defined LISP locator set, the locator-set of this database mapping is changed to the one specified in the route-map.

By default, RIB metric (BGP MED attribute) information for the specified default-etr eid-prefix is obtained. You can disable the default, by using the default-etr disable-metric command.

Enabling the default-etr-route-map option allows you to match other BGP attributes such as AS_PATH, COMMUNITIES, and so on, and modify the locator set of the database mapping accordingly.

If the silent-host-detection option is enabled, LISP triggers silent host detection for the traffic destined for the host that is not present in the site table. SISF then sends probes for silent hosts, if any, in the network, and if a response is received, a site entry is added to the LISP database and traffic is forwarded accordingly.

Usage Guidelines

To configure LISP mobility, create a dynamic-EID roaming policy that can be referenced by the lisp mobility interface command. After you execute the dynamic-eid command, the referenced LISP dynamic-EID policy is created and the device goes to dynamic-EID configuration mode. In this mode, all attributes that are associated with the referenced LISP dynamic-EID policy can be configured. When you configure a dynamic-EID policy, you must specify the dynamic-EID-to-RLOC mapping relationship and its associated traffic policy.

Usage Guidelines

The VMs on a wireless host are networked in a bridge mode. Each VM has its own IP address that is associated with the host MAC address. This leads to a situation where several IP addresses (one on each of the VMs) are associated with a single MAC address (of the host). Use the dynamic-eid detection multiple-addr command on the fabric edge node to enable the detection of multiple IP addresses for a single MAC address.

In Cisco IOS XE Cupertino 17.8.1, 105 IP addresses, which are a mix of both IPv4 and IPv6, are supported for one MAC address.

In an SD-Access network, when a wireless host roams, a LISP roaming notification carries the Security Group Tag (SGT) for each IP address in the host. To enable SGT propagation during wireless host mobility, configure the edge node with the dynamic-eid detection multiple-addr bridged-vm command .

Usage Guidelines

Use this command only in the LISP Instance Service mode.

For Layer 3 (service ipv4 / service ipv6), a VRF table is associated with the instance-service. For Layer 2 (service ethernet), a VLAN is associated with the instance-service.

Note	For Layer 2, ensure that you have defined a VLAN before configuring the eid-table. For Layer 3, ensure that you have defined a VRF table before you configure the eid-table.

Usage Guidelines

Use the encapsulation vxlan command in the LISP Service Ethernet mode to encapuslate Layer 2 packets. Use the encapsulation vxlan command in the LISP Service IPv4 or LISP Service IPv6 mode to encapsulate the Layer 3 packets.

Usage Guidelines

Use this command to enable a device to perform the ETR functionality.

A router configured as an ETR is also typically configured with database-mapping commands so that the ETR knows what endpoint identifier (EID)-prefix blocks and corresponding locators are used for the LISP site. In addition, the ETR should be configured to register with a map server with the etr map-server command, or to use static LISP EID-to-routing locator (EID-to-RLOC) mappings with the map-cache command to participate in LISP networking.

Usage Guidelines

Use the etr map-server command to configure the locator of the map server to which the ETR will register for its EIDs. The authentication key argument in the command syntax is a password that is used for a SHA-1 HMAC hash (included in the header of the map-register message). The password used for the SHA-1 HMAC may be entered in unencrypted (cleartext) form or encrypted form. To enter an unencrypted password, specify 0. To enter an AES encrypted password, specify 6.

Use the no form of the command to remove the map server functionality.

Usage Guidelines

In multi-site deployment of an SD-Access fabric, an extranet policy is propagated from the transit map server map resolver (MSMR) to all the site map servers. In such cases, run the extranet-config-from-transit command on the local map server to allow the extranet policy propagation from the transit MSMR to the site local map server. After configuring this command, do not add or delete the policy on the local map server.

Usage Guidelines

The ITR or the fabric edge device drops the initial packets sent to it until it learns the destination EID reachability from the local MSMR. To prevent the drop of the first packet, configure the first-packet-petr command on the local MSMR.

Configure the first-packet-petr command on the local map server to ensure that when the fabric edges boots up and resolves the 0/0 map-cache entry, it gets the first packet forwarding RLOCs.

When an MSMR receives a request to connect to an external network (like internet), it first checks for the availability of an external border. If the map server does not find the default-ETR border or the internet service providing border, it responds with the remote RLOCs that are configured with the first-packet-petr command.

Note	You can configure the first-packet-petr command only on a control plane that is within a fabric site. You cannot configure this command on the control plane of a transit site.

Usage Guidelines

In a LISP multisite topology wherein multiple fabric sites are connected through a transit, you can choose the point from where traffic can egress the multisite domain. This is done by assigning a priority to the RLOCs when registering them with the map server. An RLOC with a higher priority is chosen for the traffic to egress. (A lower value indicates higher priority. An RLOC with a priority value of 1 has the highest priority.)

In a fabric site, when a map server receives a registration for a prefix, it publishes the prefix and its RLOC. To import this publication to the database on an external border, use the import database publication locator-set command. To employ the priority value from the publication while importing to the database, use the preserve-priority keyword. The external border registers this database entry to the Transit Map Server with the priority which is preserved. The Transit Map Server receives registrations of the prefixes from all the fabric sites that it is connected to.

To reach a particular destination, traffic from each fabric site (in a multisite topology) chooses an RLOC with a higher priority as the egress point.

Usage Guidelines

Use the instance-id command to create a LISP EID instance to group multiple services.

Configuration under this instance applies to all the services underneath it.

Example

Native multicast transport supports only PIM SSM in the underlay or the core. Multicast transport uses a grouping mechanism to map the end-point identifiers (EID) entries to the RLOC space SSM group entries. By default, the group range 232.100.100.1 to 232.100.100.255 is used as the SSM range of addresses on a LISP interface to transport multicast traffic. Use the ip pim lisp core-group-range command to manually change this SSM core group range of IP addresses on the LISP interfaces.

The following example defines a group of 1000 IP addresses starting from 232.0.0.1 as the SSM range of addresses on the core for multicast traffic.

Device(config)#interface LISP0.201
Device(config-if)#ip pim lisp core-group-range 232.0.0.1 1000
 

Usage Guidelines

Use the ip pim rp-address command to statically define the RP address for multicast groups that are to operate in sparse mode or bidirectional mode.

You can configure the Cisco IOS XE software to use a single RP for more than one group. The conditions specified by the access list determine the groups for which an RP can be used. If no access list is configured, the RP is used for all groups. A PIM router can use multiple RPs, but only one per group.

Usage Guidelines

The NetFlow collect commands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow.

Usage Guidelines

When an SSM range of IP multicast addresses is defined by the ip pim ssm command, no Multicast Source Discovery Protocol (MSDP) Source-Active (SA) messages will be accepted or originated in the SSM range.

Usage Guidelines

First define a locator-set and then configure an affinity ID for its locator.

Affinity ID with its x and y dimensions identifies a particular site or region. Affinity ID is a part of the locator information, like priority and weight. Locator publications and map replies carry affinity ID. A border node uses the affinity ID and priority values to determine the remote site with backup internet which is closest to its local site. Affinity ID takes precedence over the priority value. If both affinity ID and priority values are defined for a locator, the site with a closer affinity-id is preferred.

Usage Guidelines

Use this command to enable a device to perform the ITR functionality. A device configured as an ITR helps find the EID-to-RLOC mapping for all traffic that is destined to LISP-capable sites.

Usage Guidelines

Use this command to enable a device to perform the ITR map-resolver functionality.

A device configured as a Map Resolver accepts encapsulated Map-Request messages from ITRs, decapsulates those messages, and then forwards the messages to the Map Server responsible for the egress tunnel routers (ETRs) that are authoritative for the requested EIDs. In a multi-site environment, the site border relies on Map Resolver prefix-list to determine whether to query the transit site MSMR or site MSMR.

Usage Guidelines

The locator-set configured as default with the locator default-set command applies to all services and instances.

Usage Guidelines

You must first define the locator-set before referring to it.

Usage Guidelines

The first use of this command is to configure an Ingress Tunnel Router (ITR) with a static IPv4 or IPv6 EID-to-RLOC mapping relationship and its associated traffic policy. For each entry, a destination EID-prefix block and its associated locator, priority, and weight are entered. The value in the EID-prefix/prefix-length argument is the LISP EID-prefix block at the destination site. The locator is an IPv4 or IPv6 address of the remote site where the IPv4 or IPv6 EID-prefix can be reached.

Usage Guidelines

To support inter-VRF communication, use the map-cache extranet command on the Map Server Map Resolver (MSMR). This command generates map requests for all fabric destinations. Use this command in the service-ipv4 or service-ipv6 mode under the extranet instance.

Usage Guidelines

Use the prefix-list command to configure an IPV4 or IPv6 prefix list. This command places the router in prefix-list configuration mode, in which you can define IPv4 prefix list, or IPv6 prefix list. Use the exit-prefix-list command to exit the prefix-list-configuration mode.

Usage Guidelines

When you configure the route-export destinations-summary route-tag route-tag-value command, the static endpoint ID to routing locator (EID-to-RLOC) mappings are exported to RIB as routes with a specified route tag.

If you use this command in the LISP Service mode, all the EID instances that are enabled for Layer 3 services export the map-cache mappings to the RIB.

Usage Guidelines

Use the route-import database command with the proxy option to enable the dynamic import of RIB route as proxy database mapping. When RIB import is in use, the corresponding RIB map-cache import, using route-import map-cache command must also be configured, else the inbound site traffic will not pass the LISP eligibility check due to the presence of RIB route.

Usage Guidelines

The service command creates a service instance under the instance-id and enters the instance-service mode. You cannot configure service ethernet for the same instance where service ipv4 or service ipv6 is configured.

Usage Guidelines

Use the show lisp instance-id ipv4 publication config-propagation detail command on the border node to see a detailed report of all the extranet policy publications. Use the show lisp instance-id ipv4 publication config-propagation ipv4-prefix command to view the extranet policy publication for the particular EID prefix specified by ipv4-prefix .

Usage Guidelines

Use the show lisp instance-id ipv4 publisher config-propagation command on the border node to see a report of all the publishers. Use the show lisp instance-id ipv4 publisher config-propagation ip-address command to view the information for the publisher that is specified by the IP address.

Usage Guidelines

This command is used to display the current dynamic and static IPv4 EID-to-RLOC map-cache entries. When no IPv4 EID or IPv4 EID prefix is specified, summary information is listed for all current dynamic and static IPv4 EID-to-RLOC map-cache entries. When an IPv4 EID or IPv4 EID prefix is included, information is listed for the longest-match lookup in the cache. When the detail option is used, detailed (rather than summary) information related to all current dynamic and static IPv4 EID-to-RLOC map-cache entries is displayed.

The following are sample outputs from the show lisp instance-id ipv4 map-cache commands:

device# show lisp instance-id 102 ipv4 map-cache 
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
0.0.0.0/0, uptime: 2d14h, expires: never, via static-send-map-request
  Negative cache entry, action: send-map-request
128.0.0.0/3, uptime: 00:01:44, expires: 00:13:15, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:40  up           1/100       103
  55.55.55.2  13:32:40  up           1/100       103
  55.55.55.3  13:32:40  up           1/100       103
  55.55.55.4  13:32:40  up           1/100       103
  55.55.55.5  13:32:40  up           5/100       103
  55.55.55.6  13:32:40  up           6/100       103
  55.55.55.7  13:32:40  up           7/100       103
  55.55.55.8  13:32:40  up           8/100       103
150.150.2.0/23, uptime: 11:47:25, expires: 00:06:30, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:40  up           1/100       103
  55.55.55.2  13:32:40  up           1/100       103
  55.55.55.3  13:32:40  up           1/100       103
  55.55.55.4  13:32:40  up           1/100       103
  55.55.55.5  13:32:40  up           5/100       103
  55.55.55.6  13:32:40  up           6/100       103
  55.55.55.7  13:32:43  up           7/100       103
  55.55.55.8  13:32:43  up           8/100       103
150.150.4.0/22, uptime: 13:32:43, expires: 00:05:19, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:43  up           1/100       103
  55.55.55.2  13:32:43  up           1/100       103
  55.55.55.3  13:32:43  up           1/100       103
  55.55.55.4  13:32:43  up           1/100       103
  55.55.55.5  13:32:43  up           5/100       103
  55.55.55.6  13:32:43  up           6/100       103
  55.55.55.7  13:32:43  up           7/100       103
  55.55.55.8  13:32:43  up           8/100       103
150.150.8.0/21, uptime: 13:32:35, expires: 00:05:27, via map-reply, unknown-eid-forward
  PETR        Uptime    State      Pri/Wgt     Encap-IID
 55.55.55.1  13:32:43  up           1/100       103
  55.55.55.2  13:32:43  up           1/100       103
  55.55.55.3  13:32:43  up           1/100       103
  55.55.55.4  13:32:43  up           1/100       103
  55.55.55.5  13:32:43  up           5/100       103
  55.55.55.6  13:32:43  up           6/100       103
  55.55.55.7  13:32:43  up           7/100       103
  55.55.55.8  13:32:45  up           8/100       103
171.171.0.0/16, uptime: 2d14h, expires: never, via dynamic-EID, send-map-request
  Negative cache entry, action: send-map-request
172.172.0.0/16, uptime: 2d14h, expires: never, via dynamic-EID, send-map-request
  Negative cache entry, action: send-map-request
178.168.2.1/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.2/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.3/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.4/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.5/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
178.168.2.6/32, uptime: 2d14h, expires: 09:27:13, via map-reply, complete
  Locator     Uptime    State      Pri/Wgt     Encap-IID

device#show lisp instance-id 102 ipv4 map-cache detail
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
0.0.0.0/0, uptime: 2d15h, expires: never, via static-send-map-request
  Sources: static-send-map-request
  State: send-map-request, last modified: 2d15h, map-source: local
  Exempt, Packets out: 30531(17585856 bytes) (~ 00:01:36 ago)
  Configured as EID address space
  Negative cache entry, action: send-map-request
128.0.0.0/3, uptime: 00:02:02, expires: 00:12:57, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 00:02:02, map-source: local
  Active, Packets out: 9(5184 bytes) (~ 00:00:36 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:32:58  up           1/100       103
  55.55.55.2  13:32:58  up           1/100       103
  55.55.55.3  13:32:58  up           1/100       103
  55.55.55.4  13:32:58  up           1/100       103
  55.55.55.5  13:32:58  up           5/100       103
  55.55.55.6  13:32:58  up           6/100       103
  55.55.55.7  13:32:58  up           7/100       103
  55.55.55.8  13:32:58  up           8/100       103
150.150.2.0/23, uptime: 11:47:43, expires: 00:06:12, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 11:47:44, map-source: local
  Active, Packets out: 4243(2443968 bytes) (~ 00:00:38 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:33:00  up           1/100       103
  55.55.55.2  13:33:00  up           1/100       103
  55.55.55.3  13:33:00  up           1/100       103
  55.55.55.4  13:33:00  up           1/100       103
  55.55.55.5  13:33:00  up           5/100       103
  55.55.55.6  13:33:00  up           6/100       103
  55.55.55.7  13:33:00  up           7/100       103
  55.55.55.8  13:33:00  up           8/100       103
150.150.4.0/22, uptime: 13:33:00, expires: 00:05:02, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 13:33:00, map-source: local
  Active, Packets out: 4874(2807424 bytes) (~ 00:00:38 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:33:00  up           1/100       103
  55.55.55.2  13:33:00  up           1/100       103
  55.55.55.3  13:33:00  up           1/100       103
  55.55.55.4  13:33:00  up           1/100       103
 55.55.55.5  13:33:00  up           5/100       103
  55.55.55.6  13:33:00  up           6/100       103
  55.55.55.7  13:33:01  up           7/100       103
  55.55.55.8  13:33:01  up           8/100       103
150.150.8.0/21, uptime: 13:32:53, expires: 00:05:09, via map-reply, unknown-eid-forward
  Sources: map-reply
  State: unknown-eid-forward, last modified: 13:32:53, map-source: local
  Active, Packets out: 4874(2807424 bytes) (~ 00:00:39 ago)
  PETR        Uptime    State      Pri/Wgt     Encap-IID
  55.55.55.1  13:33:01  up           1/100       103
  55.55.55.2  13:33:01  up           1/100       103
  55.55.55.3  13:33:01  up           1/100       103
  55.55.55.4  13:33:01  up           1/100       103
  55.55.55.5  13:33:01  up           5/100       103
  55.55.55.6  13:33:01  up           6/100       103
  55.55.55.7  13:33:01  up           7/100       103
  55.55.55.8  13:33:01  up           8/100       103
171.171.0.0/16, uptime: 2d15h, expires: never, via dynamic-EID, send-map-request
  Sources: NONE
  State: send-map-request, last modified: 2d15h, map-source: local
  Exempt, Packets out: 2(1152 bytes) (~ 2d14h ago)
  Configured as EID address space
  Configured as dynamic-EID address space
  Encapsulating dynamic-EID traffic
  Negative cache entry, action: send-map-request
172.172.0.0/16, uptime: 2d15h, expires: never, via dynamic-EID, send-map-request
  Sources: NONE
  State: send-map-request, last modified: 2d15h, map-source: local
  Exempt, Packets out: 2(1152 bytes) (~ 2d14h ago)
  Configured as EID address space
  Configured as dynamic-EID address space
  Encapsulating dynamic-EID traffic
  Negative cache entry, action: send-map-request
178.168.2.1/32, uptime: 2d14h, expires: 09:26:55, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22513(12967488 bytes) (~ 00:00:41 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 92ms)
178.168.2.2/32, uptime: 2d14h, expires: 09:26:55, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22513(12967488 bytes) (~ 00:00:45 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
178.168.2.3/32, uptime: 2d14h, expires: 09:26:51, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22513(12967488 bytes) (~ 00:00:45 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
178.168.2.4/32, uptime: 2d14h, expires: 09:26:51, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4

device#show lisp instance-id 102 ipv4 map-cache 178.168.2.3/32
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
178.168.2.3/32, uptime: 2d14h, expires: 09:26:25, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22519(12970944 bytes) (~ 00:00:11 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)

device#show lisp instance-id 102 ipv4 map-cache 178.168.2.3
LISP IPv4 Mapping Cache for EID-table vrf blue (IID 102), 4008 entries
 
178.168.2.3/32, uptime: 2d14h, expires: 09:26:14, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 2d14h, map-source: 48.1.1.4
  Active, Packets out: 22519(12970944 bytes) (~ 00:00:22 ago)
  Locator     Uptime    State      Pri/Wgt     Encap-IID
  11.11.11.1  2d14h     up           1/100       -
    Last up-down state change:         2d14h, state change count: 1
    Last route reachability change:    2d14h, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            2d14h (rtt 91ms)
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 sta                       
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 stat
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 ipv4 stat
OTT-LISP-C3K-4-xTR2#show lisp instance-id 102 ipv4 statistics
LISP EID Statistics for instance ID 102 - last cleared: never
Control Packets:
  Map-Requests in/out:                              5911/66032
    Map-Request receive rate (5 sec/1 min/5 min):   0.00/ 0.00/ 0.00
    Encapsulated Map-Requests in/out:               0/60600
    RLOC-probe Map-Requests in/out:                 5911/5432
    SMR-based Map-Requests in/out:                  0/0
    Extranet SMR cross-IID Map-Requests in:         0
    Map-Requests expired on-queue/no-reply          0/0
    Map-Resolver Map-Requests forwarded:            0
    Map-Server Map-Requests forwarded:              0
  Map-Reply records in/out:                         64815/5911
    Authoritative records in/out:                   12696/5911
    Non-authoritative records in/out:               52119/0
    Negative records in/out:                        8000/0
    RLOC-probe records in/out:                      4696/5911
    Map-Server Proxy-Reply records out:             0
  WLC Map-Subscribe records in/out:                 0/4
    Map-Subscribe failures in/out:                  0/0
  WLC Map-Unsubscribe records in/out:               0/0
    Map-Unsubscribe failures in/out:                0/0
  Map-Register records in/out:                      0/8310
    Map-Register receive rate (5 sec/1 min/5 min):  0.00/ 0.00/ 0.00
    Map-Server AF disabled:                         0
    Authentication failures:                        0
  WLC Map-Register records in/out:                  0/0
    WLC AP Map-Register in/out:                     0/0
    WLC Client Map-Register in/out:                 0/0
    WLC Map-Register failures in/out:               0/0
  Map-Notify records in/out:                        20554/0
    Authentication failures:                        0
  WLC Map-Notify records in/out:                    0/0
    WLC AP Map-Notify in/out:                       0/0
    WLC Client Map-Notify in/out:                   0/0
    WLC Map-Notify failures in/out:                 0/0
  Publish-Subscribe in/out:                        
    Subscription Request records in/out:            0/6
    Subscription Request failures in/out:           0/0
    Subscription Status records in/out:             4/0
      End of Publication records in/out:            4/0
      Subscription rejected records in/out:         0/0
      Subscription removed records in/out:          0/0
    Subscription Status failures in/out:            0/0
    Solicit Subscription records in/out:            0/0
    Solicit Subscription failures in/out:           0/0
    Publication records in/out:                     0/0
    Publication failures in/out:                    0/0
Errors:
  Mapping record TTL alerts:                        0
  Map-Request invalid source rloc drops:            0
  Map-Register invalid source rloc drops:           0
  DDT Requests failed:                              0
  DDT ITR Map-Requests dropped:                     0 (nonce-collision: 0, bad-xTR-nonce: 0)
Cache Related:
  Cache entries created/deleted:                    200103/196095
  NSF CEF replay entry count                        0
  Number of EID-prefixes in map-cache:              4008
  Number of rejected EID-prefixes due to limit :    0
  Number of negative entries in map-cache:          8
  Total number of RLOCs in map-cache:               4000
  Average RLOCs per EID-prefix:                     1
Forwarding:
  Number of data signals processed:                 199173 (+ dropped 5474)
  Number of reachability reports:                   0 (+ dropped 0)
  Number of SMR signals dropped:                    0
ITR Map-Resolvers:
  Map-Resolver         LastReply  Metric ReqsSent Positive Negative No-Reply    AvgRTT(5 sec/1 min/5 min)
  44.44.44.44          00:03:11        6    62253    19675     8000        0    0.00/ 0.00/10.00
  66.66.66.66          never     Unreach        0        0        0        0    0.00/ 0.00/ 0.00
ETR Map-Servers:
  Map-Server           AvgRTT(5 sec/1 min/5 min)
  44.44.44.44          0.00/ 0.00/ 0.00
  66.66.66.66          0.00/ 0.00/ 0.00
LISP RLOC Statistics - last cleared: never
Control Packets:
  RTR Map-Requests forwarded:                       0
  RTR Map-Notifies forwarded:                       0
  DDT-Map-Requests in/out:                          0/0
  DDT-Map-Referrals in/out:                         0/0
Errors:
  Map-Request format errors:                        0
  Map-Reply format errors:                          0
  Map-Referral format errors:                       0
LISP Miscellaneous Statistics - last cleared: never
Errors:
  Invalid IP version drops:                         0
  Invalid IP header drops:                          0
  Invalid IP proto field drops:                     0
  Invalid packet size drops:                        0
  Invalid LISP control port drops:                  0
  Invalid LISP checksum drops:                      0
  Unsupported LISP packet type drops:               0
  Unknown packet drops:                             0      
 

Usage Guidelines

This command is used to display the current dynamic and static IPv6 EID-to-RLOC map-cache entries. When no IPv6 EID or IPv6 EID prefix is specified, summary information is listed for all current dynamic and static IPv4 EID-to-RLOC map-cache entries. When an IPv6 EID or IPv6 EID prefix is included, information is listed for the longest-match lookup in the cache. When the detail option is used, detailed (rather than summary) information related to all current dynamic and static IPv6 EID-to-RLOC map-cache entries is displayed.

The following is a sample output from the show lisp instance-id ipv6 map-cache command:

device# show lisp instance-id 101 ipv6 map-cache 
LISP IPv6 Mapping Cache, 2 entries

::/0, uptime: 00:00:26, expires: never, via static
  Negative cache entry, action: send-map-request
2001:DB8:AB::/48, uptime: 00:00:04, expires: 23:59:53, via map-reply, complete
  Locator   Uptime    State      Pri/Wgt
  10.0.0.6  00:00:04  up           1/100

The following sample output from the show lisp instance-id x ipv6 map-cache detail command displays a detailed list of current dynamic and static IPv6 EID-to-RLOC map-cache entries:

device#show lisp instance-id 101 ipv6 map-cache detail 
LISP IPv6 Mapping Cache, 2 entries

::/0, uptime: 00:00:52, expires: never, via static
  State: send-map-request, last modified: 00:00:52, map-source: local
  Idle, Packets out: 0
  Negative cache entry, action: send-map-request
2001:DB8:AB::/48, uptime: 00:00:30, expires: 23:59:27, via map-reply, complete
  State: complete, last modified: 00:00:30, map-source: 10.0.0.6
  Active, Packets out: 0
  Locator   Uptime    State      Pri/Wgt
  10.0.0.6  00:00:30  up           1/100
    Last up-down state change:         never, state change count: 0
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            never

The following sample output from the show ipv6 lisp map-cache command with a specific IPv6 EID prefix displays detailed information associated with that IPv6 EID prefix entry.

device#show lisp instance-id 101 ipv6 map-cache 2001:DB8:AB::/48 
LISP IPv6 Mapping Cache, 2 entries

2001:DB8:AB::/48, uptime: 00:01:02, expires: 23:58:54, via map-reply, complete
  State: complete, last modified: 00:01:02, map-source: 10.0.0.6
  Active, Packets out: 0
  Locator   Uptime    State      Pri/Wgt
  10.0.0.6  00:01:02  up           1/100
    Last up-down state change:         never, state change count: 0
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:    
        Last RLOC-probe sent:            never

Usage Guidelines

When a host is detected by the tunnel router (xTR), it registers the host with the map server. Use the show lisp instance-id ipv4 server command to see the site registration details. TCP registrations display the port number, whereas UDP registrations do not display the port number. The port number is 4342 by default for UDP registrations.

Usage Guidelines

When a host is detected by the tunnel router (xTR), it registers the host with the map server.

Usage Guidelines

This command is used to display IPv4 LISP statistics related to packet encapsulations, de-encapsulations, map requests, map replies, map registers, and other LISP-related packets.

The following is a sample output of the show lisp instance-id 4099 ipv4 statistics command:

device# show lisp instance-id 4099 ipv4 statistics 
LISP EID Statistics for instance ID 4099 - last cleared: never
Control Packets:
  Map-Requests in/out:                              0/0
    Map-Requests in (5 sec/1 min/5 min):            0/0/0
    Encapsulated Map-Requests in/out:               0/0
    RLOC-probe Map-Requests in/out:                 0/0
    SMR-based Map-Requests in/out:                  0/0
    Extranet SMR cross-IID Map-Requests in:         0
    Map-Requests expired on-queue/no-reply          0/0
    Map-Resolver Map-Requests forwarded:            0
    Map-Server Map-Requests forwarded:              0
  Map-Reply records in/out:                         0/0
    Authoritative records in/out:                   0/0
    Non-authoritative records in/out:               0/0
    Negative records in/out:                        0/0
    RLOC-probe records in/out:                      0/0
    Map-Server Proxy-Reply records out:             0
  WLC Map-Subscribe records in/out:                 2/2
    Map-Subscribe failures in/out:                  0/0
  WLC Map-Unsubscribe records in/out:               1/1
    Map-Unsubscribe failures in/out:                0/0
  Map-Register records in/out:                      11/11
    Map-Registers in (5 sec/1 min/5 min):           0/0/0
    Map-Server AF disabled:                         0
    Not valid site eid prefix:                      2
    Authentication failures:                        0
    Disallowed locators:                            0
    Miscellaneous:                                  0
  WLC Map-Register records in/out:                  0/0
    WLC AP Map-Register in/out:                     0/0
    WLC Client Map-Register in/out:                 0/0
    WLC Map-Register failures in/out:               0/0
  Map-Notify records in/out:                        14/7
    Authentication failures:                        0
  WLC Map-Notify records in/out:                    0/0
    WLC AP Map-Notify in/out:                       0/0
    WLC Client Map-Notify in/out:                   0/0
    WLC Map-Notify failures in/out:                 0/0
  Publish-Subscribe in/out:                         
    Subscription Request records in/out:            1/1
      IID subscription requests in/out:             1/1
      Pub-refresh subscription requests in/out:     0/0
      Policy subscription requests in/out:          0/0
    Subscription Request failures in/out:           0/0
    Subscription Status records in/out:             5/5
      End of Publication records in/out:            5/5
      Subscription rejected records in/out:         0/0
      Subscription removed records in/out:          0/0
    Subscription Status failures in/out:            0/0
    Solicit Subscription records in/out:            2/1
    Solicit Subscription failures in/out:           0/0
    Publication records in/out:                     13/13
    Publication failures in/out:                    0/0
Errors:
  Mapping record TTL alerts:                        0
  Map-Request invalid source rloc drops:            0
  Map-Register invalid source rloc drops:           0
  DDT Requests failed:                              0
  DDT ITR Map-Requests dropped:                     0 (nonce-collision: 0, bad-xTR-nonce: 0)
Cache Related:
  Cache entries created/deleted:                    2/2
  Cache full:                                       no
  Cache entry limit:                                32768
  NSF replay entry count                            0
  NSF CEF replay entry count                        0
  Number of EID-prefixes in map-cache:              0
  Number of native EID forward entries:             0
  Number of unknown EID forward entries:            0
  Number of mappings skipped due to RLOC watch:     0
  Number of rejected EID-prefixes due to limit:     0
  Number of times signal suppression was turned on: 0
  Time since last signal suppressed change:         never
  Number of negative entries in map-cache:          0
  Total number of RLOCs in map-cache:               0
  Total number of RLOCs as last resort source:      0
  Average RLOCs per EID-prefix:                     0
  Policy active entries:                            0
  Idle entries:                                     0
Forwarding:
  Number of data signals processed:                 1 (+ dropped 0)
  Number of reachability reports:                   0 (+ dropped 0)
  Number of SMR signals dropped:                    0
LISP RLOC Statistics - last cleared: never
Control Packets:
  RTR Map-Requests forwarded:                       0
  RTR Map-Notifies forwarded:                       0
  DDT-Map-Requests in/out:                          0/0
  DDT-Map-Referrals in/out:                         0/0
Errors:
  Map-Request format errors:                        0
  Map-Reply format errors:                          0
  Map-Referral format errors:                       0
LISP Miscellaneous Statistics - last cleared: never
Errors:
  Invalid IP version drops:                         0
  Invalid IP header drops:                          0
  Invalid IP proto field drops:                     0
  Invalid packet size drops:                        0
  Invalid LISP control port drops:                  0
  Invalid LISP checksum drops:                      0
  Unsupported LISP packet type drops:               0
  Unknown packet drops:                             0
device#

Usage Guidelines

This command is used to display IPv6 LISP statistics related to packet encapsulations, de-encapsulations, map requests, map replies, map registers, and other LISP-related packets.

The following is a sample output of the show lisp instance-id 4099 ipv6 statistics command :

device# show lisp instance-id 4099 ipv6 statistics
LISP EID Statistics for instance ID 4099 - last cleared: never
Control Packets:
  Map-Requests in/out:                              2/2
    Map-Requests in (5 sec/1 min/5 min):            0/0/0
    Encapsulated Map-Requests in/out:               2/2
    RLOC-probe Map-Requests in/out:                 0/0
    SMR-based Map-Requests in/out:                  0/0
    Extranet SMR cross-IID Map-Requests in:         0
    Map-Requests expired on-queue/no-reply          0/0
    Map-Resolver Map-Requests forwarded:            0
    Map-Server Map-Requests forwarded:              0
  Map-Reply records in/out:                         2/2
    Authoritative records in/out:                   2/2
    Non-authoritative records in/out:               0/0
    Negative records in/out:                        0/0
    RLOC-probe records in/out:                      0/0
    Map-Server Proxy-Reply records out:             0
  WLC Map-Subscribe records in/out:                 2/2
    Map-Subscribe failures in/out:                  0/0
  WLC Map-Unsubscribe records in/out:               1/1
    Map-Unsubscribe failures in/out:                0/0
  Map-Register records in/out:                      9/9
    Map-Registers in (5 sec/1 min/5 min):           0/0/0
    Map-Server AF disabled:                         0
    Not valid site eid prefix:                      2
    Authentication failures:                        0
    Disallowed locators:                            0
    Miscellaneous:                                  0
  WLC Map-Register records in/out:                  0/0
    WLC AP Map-Register in/out:                     0/0
    WLC Client Map-Register in/out:                 0/0
    WLC Map-Register failures in/out:               0/0
  Map-Notify records in/out:                        10/5
    Authentication failures:                        0
  WLC Map-Notify records in/out:                    0/0
    WLC AP Map-Notify in/out:                       0/0
    WLC Client Map-Notify in/out:                   0/0
    WLC Map-Notify failures in/out:                 0/0
  Publish-Subscribe in/out:                         
    Subscription Request records in/out:            1/1
      IID subscription requests in/out:             1/1
      Pub-refresh subscription requests in/out:     0/0
      Policy subscription requests in/out:          0/0
    Subscription Request failures in/out:           0/0
    Subscription Status records in/out:             5/5
      End of Publication records in/out:            5/5
      Subscription rejected records in/out:         0/0
      Subscription removed records in/out:          0/0
    Subscription Status failures in/out:            0/0
    Solicit Subscription records in/out:            1/1
    Solicit Subscription failures in/out:           0/0
    Publication records in/out:                     11/11
    Publication failures in/out:                    0/0
Errors:
  Mapping record TTL alerts:                        0
  Map-Request invalid source rloc drops:            0
  Map-Register invalid source rloc drops:           0
  DDT Requests failed:                              0
  DDT ITR Map-Requests dropped:                     0 (nonce-collision: 0, bad-xTR-nonce: 0)
Cache Related:
  Cache entries created/deleted:                    4/4
  Cache full:                                       no
  Cache entry limit:                                32768
  NSF replay entry count                            0
  NSF CEF replay entry count                        0
  Number of EID-prefixes in map-cache:              0
  Number of native EID forward entries:             0
  Number of unknown EID forward entries:            0
  Number of mappings skipped due to RLOC watch:     0
  Number of rejected EID-prefixes due to limit:     0
  Number of times signal suppression was turned on: 0
  Time since last signal suppressed change:         never
  Number of negative entries in map-cache:          0
  Total number of RLOCs in map-cache:               0
  Total number of RLOCs as last resort source:      0
  Average RLOCs per EID-prefix:                     0
  Policy active entries:                            0
  Idle entries:                                     0
Forwarding:
  Number of data signals processed:                 1 (+ dropped 0)
  Number of reachability reports:                   0 (+ dropped 0)
  Number of SMR signals dropped:                    0
LISP RLOC Statistics - last cleared: never
Control Packets:
  RTR Map-Requests forwarded:                       0
  RTR Map-Notifies forwarded:                       0
  DDT-Map-Requests in/out:                          0/0
  DDT-Map-Referrals in/out:                         0/0
Errors:
  Map-Request format errors:                        0
  Map-Reply format errors:                          0
  Map-Referral format errors:                       0
LISP Miscellaneous Statistics - last cleared: never
Errors:
  Invalid IP version drops:                         0
  Invalid IP header drops:                          0
  Invalid IP proto field drops:                     0
  Invalid packet size drops:                        0
  Invalid LISP control port drops:                  0
  Invalid LISP checksum drops:                      0
  Unsupported LISP packet type drops:               0
  Unknown packet drops:                             0
device#

Usage Guidelines

The show lisp session command displays only those sessions that are in Up or Down state. Use the show lisp session all command to see all sessions in any state.

The following is a sample output of the command show lisp session on an MSMR:

device# show lisp session
Sessions for VRF default, total: 4, established: 2
Peer                           State      Up/Down        In/Out    Users
172.16.1.3:22667               Up         00:00:52        4/8      2
172.16.1.4:18904               Up         00:22:15        5/13     1

device# show lisp session all
Sessions for VRF default, total: 4, established: 2
Peer                           State      Up/Down        In/Out    Users
172.16.1.3                     Listening  never           0/0      0
172.16.1.3:22667               Up         00:01:13        4/8      2
172.16.1.4                     Listening  never           0/0      0
172.16.1.4:18904               Up         00:22:36        5/13     1

Usage Guidelines

Use the use-petr command to enable an Ingress Tunnel Router (ITR) or Proxy Ingress Tunnel Router (PITR) to use IPv4 Proxy Egress Tunnel Router (PETR) services. When the use of PETR services is enabled, instead of natively forwarding LISP endpoint identifier (EID) (source) packets destined to non-LISP sites, these packets are LISP-encapsulated and forwarded to the PETR. Upon receiving these packets, the PETR decapsulates them and then forwards them natively toward the non-LISP destination.

Do not use use-petr command in Service-Ethernet configuration mode.

PETR services may be necessary in several cases:

1. By default when a LISP site forwards packets to a non-LISP site natively (not LISP encapsulated), the source IP address of the packet is that of an EID. When the provider side of the access network is configured with strict unicast reverse path forwarding (uRPF) or an anti-spoofing access list, it may consider these packets to be spoofed and drop them since EIDs are not advertised in the provider core network. In this case, instead of natively forwarding packets destined to non-LISP sites, the ITR encapsulates these packets using its site locator(s) as the source address and the PETR as the destination address.

   Note

   The use of the use-petr command does not change LISP-to-LISP or non-LISP-to-non-LISP forwarding behavior. LISP EID packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR as normal. Non-LISP-to-non-LISP packets are never candidates for LISP encapsulation and are always forwarded natively according to normal processes.

2. When a LISP IPv6 (EID) site needs to connect to a non-LISP IPv6 site and the ITR locators or some portion of the intermediate network does not support IPv6 (it is IPv4 only), the PETR can be used to traverse (hop over) the address family incompatibility, assuming that the PETR has both IPv4 and IPv6 connectivity. The ITR in this case can LISP-encapsulate the IPv6 EIDs with IPv4 locators destined for the PETR, which de-encapsulates the packets and forwards them natively to the non-LISP IPv6 site over its IPv6 connection. In this case, the use of the PETR effectively allows the LISP site packets to traverse the IPv4 portion of network using the LISP mixed protocol encapsulation support.