LISP tutorial

In this tutorial we will configure a LISP network on the basis of an ARF network that is named INTRANET and uses tag 1. This involves registering the network prefix as an EID prefix with the MAP server 1.1.1.1. Registration is performed via the WAN remote site INTERNET (default route), which uses tag 0. The IP address of the INTERNET remote site can be dynamic or static. This address is registered as an RLOC address with the MAP server.

Data from the INTRANET should be sent to the LISP tunnel. For this purpose, the router requesting an unknown destination sends a map request to the MAP resolver 1.1.1.1.

If the map resolver returns a positive mapping, LISP automatically establishes a dynamic tunnel to the remote LISP router and enters the corresponding routes into the routing table.

If the map resolver returns a negative mapping, i.e. the destination prefix is unknown or is not registered on the map server/resolver, then the packet can optionally be sent directly over the INTERNET remote site, without using a tunnel (native forward).

Note: LISP routes do not have to be configured manually. LISP automatically creates routes and later deletes them.
Important: As a matter of principle, entries for the routing tags have to be created manually in the WAN tag table.
  1. First, enable the LISP protocol under Routing protocols > LISP > Locator/ID separation protocol (LISP) activated.




  2. Create a new entry in the table of LISP instances. Do this by navigating to Routing protocols > LISP > LISP instances and then click on Add.
    1. Give this LISP instance a Name, e.g. LISP-INTRANET.
    2. Enable the entry Operating.
    3. Set the EID routing tag to 1.
    4. Set the RLOC routing tag to the value of the tag of the WAN remote site INTERNET, in this case 0.
    5. Set the Instance ID to the value created on the LISP map server, in this case 1 like the tag of the INTRANET.
    6. Under IPv6 you can remove the entry DEFAULT, as we are only considering IPv4 here.




  3. Create a new entry in the EID mapping table, which is used to link the EID prefix and the locator. Do this by navigating to Routing protocols > LISP > EID mapping and then click on Add.
    1. Set the Name to the LISP instance created previously, in this case LISP-INTRANET.
    2. Enable the entry Operating.
    3. Set both the EID address type and the Locator address type to IPv4.
    4. Set the EID prefix to INTRANET.
    5. Set the Locator to INTERNET.




  4. In the ETR settings table, create a new entry containing the parameters for communication with the map server. Do this by navigating to Routing protocols > LISP > ETR settings and then click on Add.
    1. Set the Name to the LISP instance created previously, in this case LISP-INTRANET.
    2. Enable the entry Operating.
    3. Set the Map server to 1.1.1.1.
    4. Set the Routing tag to 0.
    5. Set the Key type and the Key for connecting to the map server. These must match the type and password configured on the map server. In this example we take HMAC-SHA-1-96 and 12345678.




  5. In the ITR settings table, create a new entry containing the parameters for communications with the map resolver. Do this by navigating to Routing protocols > LISP > ITR settings and then click on Add.
    1. Set the Name to the LISP instance created previously, in this case LISP-INTRANET.
    2. Enable the entry Operating.
    3. Set the Map resolver to 1.1.1.1.
    4. Set the Routing tag to 0.




  6. Optional: Packets to destinations that are not LISP networks can be sent directly via a local interface, i.e. without using the LISP tunnel. In our example, the interface to be used is INTERNET. Create a new entry in the Native forward table. Do this by navigating to Routing protocols > LISP > Native forward and then click on Add.
    1. Set the Name to the LISP instance created previously, in this case LISP-INTRANET.
    2. Set the Type to Interface.
    3. Set the Interface to INTERNET.




  7. Navigate to Communication > Remote sites > WAN tag table, click on Add and create an entry for the LISP instance with the instance ID of 1 that you just created.

    For each LISP instance, an entry with the corresponding interface tag for the EID/ARF network must be created in the WAN tag table.

    Do this by creating each entry with the name for the remote site set to LISP-<LISP instance ID>*. The name of each remote site is formed from the keyword LISP supplemented by the corresponding LISP instance ID (in hexadecimal form) and the wildcard *. This unequivocally assigns the incoming traffic from the LISP tunnel to the EID/ARF network.

    The instance ID must be specified in hexadecimal without a leading 0x.

    Representation: LISP-<LISP instance ID>*

    Examples:
    • For LISP instance 1: LISP-1*
    • For LISP instance 15: LISP-F*
    1. Fill out the Remote site field as described above, i.e. the LISP instance with instance ID 1 takes the value "LISP-1*".
    2. Set the Interface tag to 1.




That's it!

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo