SDA – Control Plane (LISP)

These are self-study crib notes and may not be 100% accurate.

Traditional networks arranged by subnet. Client identifier is usually an IP address and security access determined at L3 points. Problem here is that the IP address can change in the event of roaming rendering ACL entries invalid or complex to maintain.

Solution is to allow the IP address to be used anywhere on the network and this can be achieved using LISP – Locator Identification Separation Protocol.

LISP tracks Endpoint Identifiers as they move around the network. It associates the Endpoint ID (EID) with the closest RLOC (Routing Locator) which is normally a lookback address on the L3 switch or router connected to the endpoint.

The combination of EID and RLOC is stored on a mapping server (control plane node).

RLOC’s create tunnels to all other RLOC’s participating in the SDA fabric to create a full mesh – these are referred to as Fabric Edge Nodes.

LISP has two components:

  • Control Plane – the mapping server etc.
  • Data Plane – the tunneling component.

However LISP tunnels are L3 only. This causes a problem in an SDA environment because subnets cannot be split up.

Therefore in an SDA implementation, only the control plane component of LISP is used. VxLAN takes care of the tunnel.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.