To learn network technology, choose SPOTO, the most famous training base for high-end network engineers in China.
Cisco Software-Defined Access (SD Access) uses an endpoint identifier (EID) to control access (RLOC) in the fabric. In traditional network architecture, the IP address of an endpoint represents its location and identity. For security, the management of traditional enterprise networks will severely limit the use of the same value for endpoint location and identity.
The Locator ID Separation Protocol (LISP) is a protocol that can be used to separate the endpoint identifier (EID) and its location (RLOC).
SPOTO’s EI course will lead you to understand the working principle of LISP in detail, so as to understand its role in Cisco SD-Access solution.
In the current Internet routing and addressing architecture, a single device is identified by an IP address, which simultaneously represents its identity and how to connect it to the network.
When the device moves, it must obtain a new IP address for its identity and location. Due to non-aggregable address allocation, as well as business conditions such as mergers and acquisitions, the rapid development of the Internet has proved that this single namespace (one IP for each device) can produce very obvious and harmful results.
When using LISP, the IP address represents only the identity of the device. When the device moves, its IP address remains unchanged in both locations, and only the location ID will change.
The LISP architecture was originally designed to solve the problem of Internet expansion, but it also allows enterprises to enable new functions and features, such as VM mobility between data centers. If LISP is used for VM mobility in the data center, the main advantage is that there is no need for route convergence, no need for DNS updates, and it is transparent to the host.
LISP is a routing architecture that provides new semantics for IP addressing. The current IP routing and addressing architecture uses a single number space (IP address) to express two pieces of information:
● Device identity;
● Connection method (location) of the device to the network.
The LISP routing architecture design groups the device ID or endpoint identifier (EID) into two different number spaces according to its location or routing locator (RLOC).
There are several advantages to splitting EID and RLOC. One advantage is host mobility.
LISP namespace defines two separate address spaces:
● Endpoint identifier (EID) address: It is composed of IP address and prefix to identify the endpoint. The EID accessibility between LISP sites can be achieved by resolving the EID to RLOC mapping.
● Routing locator (RLOC) address: It consists of IP address and prefix, and is used to identify different routers in the IP network. Reachability in RLOC space is achieved through traditional routing methods.
LISP uses a mapping and encapsulation routing model, in which traffic destined for EID is encapsulated and sent to RLOC instead of being sent to the target EID directly. It is based on the lookup results in the mapping database.
There are many new technical contents in EI CCIE certification. You can obtain more learning materials through SPOTO’s online customer service.
