Protocol can be used for network address virtualization; will be added to Cisco ONE
Network virtualization is one of the hotter trends in the industry today, and when Cisco speaks to it you hear a distinct LISP.
Not the speech impediment, mind you – but the Location/Identifier Separation Protocol (LISP), which the company authored in 2009. LISP describes a method for reducing the number of entries in the BGP routing tables of core routers when enterprises split traffic among multiple carriers.
LISP proposes a “map and encapsulate” tunneling mechanism to be used by the Internet’s edge and core routers. The protocol logically separates a block of IP addresses that a company advertises into two functions: one for identifying the systems using the IP addresses; and the other for locating where these systems connect to the Internet.
RECENT HISTORY: 13 events that defined Cisco’s 2012
SOMETHING NEW! IETF to explore new routing technique
The idea behind the routing locator and identifier separation in an IP address is that it allows LISP-enabled edge routers to aggregate the location information, so less of it needs to be stored in the core routers.
This makes LISP beneficial for the following applications, proponents say: multihoming; mobility; improved scalability; customer-managed VPN provisioning; and network virtualization, among others. For network virtualization in particular, LISP allows mobile endpoints, for example, to keep their identification while changing locations. The separated IP address becomes a virtual Layer 3 overlay abstracted from the physical network topology.
Essentially, you do the same thing with an IP address that you do with a cell number when you roam to a different network or change providers – even though your location changes, your number stays the same. With this, a user can create a VPN over the top of two different service provider networks, Cisco officials say, and allow devices to more seamlessly roam between Wi-Fi and 3G networks.
NJEDge.Net, is a non-profit technology consortium of academic and research institutions in New Jersey, is using LISP as a virtual network overlay between different ISPs in a multi-homing arrangement.
Many of the NJEDge.Net’s members were procuring multiple broadband services from ISPs for business continuity reasons. But due to the challenges of balancing network traffic between ISPs using BGP, members of the consortium were often buying more bandwidth than they needed.
“They couldn’t use the second link that they brought up; they had an 80:20 balance of traffic,” says Jim Stankiewicz, director of Internet engineering for NJEDge.Net. “They were struggling with it.”
NJEDge.Net implemented LISP to move applications, network resources or devices between network providers without having them lose connectivity. LISP enabled users to remain connected even when workloads were balanced between their ISPs.
NJEDge.Net is also assessing LISP to address disaster recovery needs. LISP provides the ability for customers to move data center resources, such as virtual machines, between data centers while maintaining connectivity.
“[Members] want applications or servers to run in another location without making DNS changes, without making any routing changes,” Stankiewicz says. “Our initial testing has proven that we can move a Web service application around without making those changes.”
LISP is implemented the same way some installations of network virtualization are: with a separate and centralized policy and control database that maps the static endpoint ID to its fluid location. Network virtualization and its software-defined networking underpinnings usually separate and centralize a switch/router control plane from the forwarding plane of those switches and routers.
But in the case of LISP, users don’t program the routers or switches; they program the mapping database.
Vinci Consulting’s use of LISP enabled it to host lisp.cisco.com in its New York data center without global server load balancing or DNS name changes. Using LISP endpoint identifiers, Vinci was able to move individual host IP addresses from servers in San Jose to some B-series servers in its Cisco UCS farm in New York.
Vinci provides its own mapping and proxy infrastructure for its LISP customers, but the addresses for lisp.cisco.com are registered to the LISP beta network and use a separate infrastructure. Vinci used the same equipment to simultaneously support its own addresses and address infrastructure, and the lisp.cisco.com addresses in a separate infrastructure.
“LISP hides addresses behind a gateway,” says Paul Vinciguerra, president of Vinci Consulting. “For circuit redundancy, instead of running BGP on two links we can use multiple cable modems or broadband connections to increase out bandwidth and spread across multiple carriers. That’s multihoming without BGP.”
LISP also allows Vinci to establish a virtual IPv6 network to aid in the migration from IPv4 to IPv6 addresses.
“We can put an IPv6 address behind the gateway even when the carrier isn’t IPv6,” Vinciguerra says. “It’s IPv4 from our gateways to our routers, but it’s IPv6 end-to-end.”
Cisco plans to include LISP in its Cisco ONE onePK programmable networking schematic for routers and switches running its IOS, IOS XR and NX OS operating systems. LISP could serve as both a northbound and southbound interface and control protocol between the database and management applications, Cisco officials say. It will also interact with the CiscoONE controller programming the routers and switches.
LISP is already shipping on Cisco’s ISR and ASR 1000 customer premises routers. Company officials are targeting end of 2012 for inclusion on the ASR 9000 service provider edge router, and mid-2013 for Catalyst switches. Mid- to late-2013 will see it on Nexus 3000 and 5000 series switch hardware, they say.