I first started writing this a couple years ago but the post got shelved and my excitement for LISP faded away….Fortunately for us, LISP is making a bit of a comeback because it is a central component of Cisco’s SD-Access / Campus Fabric solution…and I have some time off during the Xmas holidays!
Locator/ID Separation Protocol (LISP) is a neat solution that aims to decouple the host address from the IP subnet. This is useful for things like vMotioning between data centers since the network can now keep track of hosts as they move across the network. LISP also provides some tunneling through the core so we can reduce the amount of subnets that we need to learn. We’ll also have a look at OTV to help glue things together between the data centers.
Topology
Our topology today is fairly simple aside from the fact I’m using some VMware servers and I’m nesting everything. All the routers are current CSRs, the switches are actually just VMware portgroups, and I’m using VMware Distributed vSwitchs for the convenience since I’m lazy during the holidays 🙂
VMware
To keep the DC LANs separate without messing with my physical setup I have added a VM Host rule for DC1 and DC2 VMs to keep them pinned to different hosts, then I created a standard vswitch without an adapter on each host and created a portgroup that trunks all vlan….it may have been easier to just plug in another switch.
Note: I have configured the vswitches to support jumbo frames for when we get to talking about OTV later.
Routers Config
Core Routers
These are just providing basic routing throughout the network with OSPF or your routing protocol of choice. The MTU is raised everywhere for the OTV configuration between the OTV routers. R03 will be the LISP Map Server (MS) and Map Resolver (MR) as well as the RP when we start adding multicast to the mix so it doesn’t have anything connected to it.
R01
R01(config)#interface Loopback0 R01(config-if)# ip address 192.168.255.1 255.255.255.255 R01(config-if)#interface GigabitEthernet2 R01(config-if)# mtu 9216 R01(config-if)# ip address 10.0.123.1 255.255.255.0 R01(config-if)#interface GigabitEthernet3 R01(config-if)# mtu 9216 R01(config-if)# ip address 10.50.254.1 255.255.255.0 R01(config-if)#interface GigabitEthernet4 R01(config-if)# mtu 9216 R01(config-if)# ip address 10.100.254.1 255.255.255.0 R01(config-if)#router ospf 1 R01(config-router)# network 0.0.0.0 255.255.255.255 area 0
R02
R02(config)#interface Loopback0 R02(config-if)# ip address 192.168.255.2 255.255.255.255 R02(config-if)#interface GigabitEthernet2 R02(config-if)# mtu 9216 R02(config-if)# ip address 10.0.123.2 255.255.255.0 R02(config-if)#interface GigabitEthernet3 R02(config-if)# mtu 9216 R02(config-if)# ip address 10.60.254.1 255.255.255.0 R02(config-if)#interface GigabitEthernet4 R02(config-if)# mtu 9216 R02(config-if)# ip address 10.200.254.1 255.255.255.0 R02(config-if)#router ospf 1 R02(config-router)# network 0.0.0.0 255.255.255.255 area 0
R03
R03(config)#interface Loopback0 R03(config-if)# ip address 192.168.255.3 255.255.255.255 R03(config-if)#interface GigabitEthernet2 R03(config-if)# mtu 9216 R03(config-if)# ip address 10.0.123.3 255.255.255.0
xTRs
The XTR routers have both the Internal Tunnel Router (ITR) and the Egress Tunnel Router (ETR) LISP roles, they will also have the subinterfaces to connect to the ESX hosts so we have something to ping when we are done.
DC1-XTR
DC1-XTR(config)#interface GigabitEthernet2 DC1-XTR(config-if)# mtu 9216 DC1-XTR(config-if)# ip address 10.100.254.11 255.255.255.0 DC1-XTR(config-if)# ip ospf 1 area 0 DC1-XTR(config-if)#interface GigabitEthernet3 DC1-XTR(config-if)# no ip address DC1-XTR(config-if)#interface GigabitEthernet3.10 DC1-XTR(config-subif)# ip address 10.100.10.1 255.255.255.0 DC1-XTR(config-subif)#interface GigabitEthernet3.20 DC1-XTR(config-subif)# ip address 10.100.20.1 255.255.255.0 DC1-XTR(config-subif)#interface GigabitEthernet3.30 DC1-XTR(config-subif)# ip address 10.100.30.1 255.255.255.0 DC1-XTR(config-subif)#interface GigabitEthernet3.123 DC1-XTR(config-subif)# ip address 10.102.123.253 255.255.255.0 DC1-XTR(config-subif)#interface GigabitEthernet3.4094 DC1-XTR(config-subif)# ip address 10.100.255.1 255.255.255.0
DC2-XTR
DC2-XTR(config)# interface GigabitEthernet2 DC2-XTR(config-if)# mtu 9216 DC2-XTR(config-if)# ip address 10.200.254.11 255.255.255.0 DC2-XTR(config-if)# ip ospf 1 area 0 DC2-XTR(config-if)#interface GigabitEthernet3 DC2-XTR(config-if)# no ip address DC2-XTR(config-if)#interface GigabitEthernet3.10 DC2-XTR(config-subif)# ip address 10.200.10.1 255.255.255.0 DC2-XTR(config-subif)#interface GigabitEthernet3.20 DC2-XTR(config-subif)# ip address 10.200.20.1 255.255.255.0 DC2-XTR(config-subif)#interface GigabitEthernet3.30 DC2-XTR(config-subif)# ip address 10.200.30.1 255.255.255.0 DC2-XTR(config-subif)#interface GigabitEthernet3.123 DC2-XTR(config-subif)# ip address 10.102.123.254 255.255.255.0 DC2-XTR(config-subif)#interface GigabitEthernet3.4094 DC2-XTR(config-subif)# ip address 10.200.255.1 255.255.255.0
BR1-R01
BR1-R01(config)#interface GigabitEthernet2 BR1-R01(config-if)# mtu 9216 BR1-R01(config-if)# ip address 10.50.254.11 255.255.255.0 BR1-R01(config-if)# ip ospf 1 area 0 BR1-R01(config-if)#interface GigabitEthernet3 BR1-R01(config-if)# no ip address BR1-R01(config-if)#interface GigabitEthernet3.10 BR1-R01(config-subif)# ip address 10.50.10.1 255.255.255.0 BR1-R01(config-subif)#interface GigabitEthernet3.20 BR1-R01(config-subif)# ip address 10.50.20.1 255.255.255.0 BR1-R01(config-subif)#interface GigabitEthernet3.30 BR1-R01(config-subif)# ip address 10.50.30.1 255.255.255.0
BR2-R01
BR2-R01(config)#interface GigabitEthernet2 BR2-R01(config-if)# mtu 9216 BR2-R01(config-if)# ip address 10.60.254.11 255.255.255.0 BR2-R01(config-if)# ip ospf 1 area 0 BR2-R01(config-if)#interface GigabitEthernet3 BR2-R01(config-if)# no ip address BR2-R01(config-if)#interface GigabitEthernet3.10 BR2-R01(config-subif)# ip address 10.60.10.1 255.255.255.0 BR2-R01(config-subif)#interface GigabitEthernet3.20 BR2-R01(config-subif)# ip address 10.60.20.1 255.255.255.0 BR2-R01(config-subif)#interface GigabitEthernet3.30 BR2-R01(config-subif)# ip address 10.60.30.1 255.255.255.0
OTV Routers
These routers will be used to run OTV between the DCs so we just need basic routing on it for now.
DC1-OTV
DC1-OTV(config)#interface GigabitEthernet2 DC1-OTV(config-if)# mtu 9216 DC1-OTV(config-if)# ip address 10.100.254.12 255.255.255.0 DC1-OTV(config-if)# ip ospf 1 area 0
DC2-OTV
DC2-OTV(config)#interface GigabitEthernet2 DC2-OTV(config-if)# mtu 9216 DC2-OTV(config-if)# ip address 10.200.254.12 255.255.255.0 DC2-OTV(config-if)# ip ospf 1 area 0
VMs
The VMs are just basic Ubuntu Servers, they have use .100 as their host IP except for DCX-S01 which uses .101, .102, .103 and DCX-S02 which uses .201,.202,.203. This is just to give us more IPs to work with.
LISP Config
R03 is going to be the Map Server and the Map Resolver, while it is possible to have each role on different routers, it is very common to combine the roles. The Map Resolver’s job is to listen for Map-Request messages from the Ingress Tunnel Routers, de-encapsulate them and forward them to the Map-Server role.
The Map-Server listens to the Egress Tunnel Routers and keeps track of the endpoint identifiers (EID) as well as aggregates them.
To configure the router we need to do the following:
- Enable LISP with
router lisp
-
Define each site with a EID Prefix and authentication key
-
Specify what routing table to use with
locator-table default
-
Enable the Map Server and Resolver roles
R03(config)#router lisp R03(config-router-lisp)# locator-table default R03(config-router-lisp)# site BRANCH1 R03(config-router-lisp-site)# authentication-key MEOWCAT R03(config-router-lisp-site)# eid-prefix 10.50.0.0/16 accept-more-specifics R03(config-router-lisp-site)# exit R03(config-router-lisp)# site BRANCH2 R03(config-router-lisp-site)# authentication-key MEOWCAT R03(config-router-lisp-site)# eid-prefix 10.60.0.0/16 accept-more-specifics R03(config-router-lisp-site)# exit R03(config-router-lisp)# site DC1 R03(config-router-lisp-site)# authentication-key MEOWCAT R03(config-router-lisp-site)# eid-prefix 10.100.0.0/16 accept-more-specifics R03(config-router-lisp-site)# exit R03(config-router-lisp)# site DC1-DC2 R03(config-router-lisp-site)# authentication-key MEOWCAT R03(config-router-lisp-site)# eid-prefix 10.102.0.0/16 accept-more-specifics R03(config-router-lisp-site)# exit R03(config-router-lisp)# site DC2 R03(config-router-lisp-site)# authentication-key MEOWCAT R03(config-router-lisp-site)# eid-prefix 10.200.0.0/16 accept-more-specifics R03(config-router-lisp-site)# exit R03(config-router-lisp)# ipv4 map-server R03(config-router-lisp)# ipv4 map-resolver
Once we are done we can use the show lisp site
command to see the status of all the sites, which shouldn’t be all that interesting since we haven’t configured the rest of the sites.
R03(config)#do sh lisp site LISP Site Registration Information * = Some locators are down or unreachable # = Some registrations are sourced by reliable transport Site Name Last Up Who Last Inst EID Prefix Register Registered ID BRANCH1 never no -- 10.50.0.0/16 BRANCH2 never no -- 10.60.0.0/16 DC1 never no -- 10.100.0.0/16 DC1-DC2 never no -- 10.102.0.0/16 DC2 never no -- 10.200.0.0/16
XTR
The xTR config is also fairly simple, we just need to do the following:
- Enable LISP with
router lisp
- Specify the ETR interfaces on the router with the
locator-set
command - Create a EID-Prefix for each subnet on the router we want to advertise with
database-mapping
- Point the router to R03 for the Map Resolver and Server using the loopback.
DC1-XTR(config)#router lisp DC1-XTR(config-router-lisp)# locator-table default DC1-XTR(config-router-lisp)# locator-set DC1 DC1-XTR(config-router-lisp-locator-set)# 10.100.254.11 priority 10 weight 50 DC1-XTR(config-router-lisp-locator-set)# exit DC1-XTR(config-router-lisp)# database-mapping 10.100.10.0/24 locator-set DC1 DC1-XTR(config-router-lisp)# database-mapping 10.100.20.0/24 locator-set DC1 DC1-XTR(config-router-lisp)# database-mapping 10.100.30.0/24 locator-set DC1 DC1-XTR(config-router-lisp)# ipv4 itr map-resolver 192.168.255.3 DC1-XTR(config-router-lisp)# ipv4 itr DC1-XTR(config-router-lisp)# ipv4 etr map-server 192.168.255.3 key MEOWCAT DC1-XTR(config-router-lisp)# ipv4 etr DC1-XTR(config-router-lisp)# exit
Same thing for DC2
DC2-XTR(config)# router lisp DC2-XTR(config-router-lisp)# locator-table default DC2-XTR(config-router-lisp)# locator-set DC2 DC2-XTR(config-router-lisp-locator-set)# 10.200.254.11 priority 10 weight 50 DC2-XTR(config-router-lisp-locator-set)# exit DC2-XTR(config-router-lisp)# database-mapping 10.200.10.0/24 locator-set DC2 DC2-XTR(config-router-lisp)# database-mapping 10.200.20.0/24 locator-set DC2 DC2-XTR(config-router-lisp)# database-mapping 10.200.30.0/24 locator-set DC2 DC2-XTR(config-router-lisp)# ipv4 itr map-resolver 192.168.255.3 DC2-XTR(config-router-lisp)# ipv4 itr DC2-XTR(config-router-lisp)# ipv4 etr map-server 192.168.255.3 key MEOWCAT DC2-XTR(config-router-lisp)# ipv4 etr DC2-XTR(config-router-lisp)#exit
Once again for Branch1
BR1-R01(config)# router lisp BR1-R01(config-router-lisp)# locator-set BRANCH1 BR1-R01(config-router-lisp-locator-set)# 10.50.254.11 priority 10 weight 50 BR1-R01(config-router-lisp-locator-set)# exit BR1-R01(config-router-lisp)# database-mapping 10.50.10.0/24 locator-set BRANCH1 BR1-R01(config-router-lisp)# database-mapping 10.50.20.0/24 locator-set BRANCH1 BR1-R01(config-router-lisp)# database-mapping 10.50.30.0/24 locator-set BRANCH1 BR1-R01(config-router-lisp)# ipv4 itr map-resolver 192.168.255.3 BR1-R01(config-router-lisp)# ipv4 itr BR1-R01(config-router-lisp)# ipv4 etr map-server 192.168.255.3 key MEOWCAT BR1-R01(config-router-lisp)# ipv4 etr BR1-R01(config-router-lisp)# exit
And finally Branch2
BR2-R01(config)# router lisp BR2-R01(config-router-lisp)# locator-set BRANCH2 BR2-R01(config-router-lisp-locator-set)# 10.60.254.11 priority 10 weight 50 BR2-R01(config-router-lisp-locator-set)# exit BR2-R01(config-router-lisp)# database-mapping 10.60.10.0/24 locator-set BRANCH2 BR2-R01(config-router-lisp)# database-mapping 10.60.20.0/24 locator-set BRANCH2 BR2-R01(config-router-lisp)# database-mapping 10.60.30.0/24 locator-set BRANCH2 BR2-R01(config-router-lisp)# ipv4 itr map-resolver 192.168.255.3 BR2-R01(config-router-lisp)# ipv4 itr BR2-R01(config-router-lisp)# ipv4 etr map-server 192.168.255.3 key MEOWCAT BR2-R01(config-router-lisp)# ipv4 etr BR2-R01(config-router-lisp)# exit
Once we are done with all that we can run our show lisp site
command again on R03 to see things registering. We can see that because we used /16’s for each each we can see both the /16 and the more specific subnet for each site.
R03(config)#do sh lisp site LISP Site Registration Information * = Some locators are down or unreachable # = Some registrations are sourced by reliable transport Site Name Last Up Who Last Inst EID Prefix Register Registered ID BRANCH1 never no -- 10.50.0.0/16 00:23:15 yes# 10.50.254.11:40107 10.50.10.0/24 00:23:15 yes# 10.50.254.11:40107 10.50.20.0/24 00:23:15 yes# 10.50.254.11:40107 10.50.30.0/24 BRANCH2 never no -- 10.60.0.0/16 00:23:15 yes# 10.60.254.11:30416 10.60.10.0/24 00:06:39 yes# 10.60.254.11:30416 10.60.20.0/24 00:06:37 yes# 10.60.254.11:30416 10.60.30.0/24 DC1 never no -- 10.100.0.0/16 00:00:19 yes# 10.100.254.11:48560 10.100.10.0/24 00:00:19 yes# 10.100.254.11:48560 10.100.20.0/24 00:00:19 yes# 10.100.254.11:48560 10.100.30.0/24 DC1-DC2 never no -- 10.102.0.0/16 DC2 never no -- 10.200.0.0/16 00:23:13 yes# 10.200.254.11:23411 10.200.10.0/24 00:23:13 yes# 10.200.254.11:23411 10.200.20.0/24 00:23:13 yes# 10.200.254.11:23411 10.200.30.0/24
If we try to ping from Branch1 we can see that….it doesn’t work 🙁
BR1-R01#ping 10.100.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.10.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
The reason why is that we have only told LISP about the subinterfaces so we will need to source the ping for it to work.
Note: The first ping will take about two pings to work while it first does its registration to the map-server
BR1-R01#ping 10.100.10.1 source g3.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.100.10.1, timeout is 2 seconds: Packet sent with a source address of 10.50.10.1 ..!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/2 ms
If we run a packet capture on Branch1 we can see the router sending encapsulated map-requests to the Map-Resolver as well as the replies.
Looking at the actual ping packet we can see that it is encapsulated in UDP 4341 as it is tunneled through the network.
Multicast
For the next segment of this post we’ll need multicast to support LISP mobility and optionally for OTV (though I’m running it in Unicast mode)
Each router will need to have multicast enabled ip multicast-routing distributed
command and each interface will need to have ip pim sparse
on it.
R03 will run BSR so we’ll enable PIM on the loopback and enable the feature.
R03(config)#interface Loopback0 R03(config-if)# ip pim sparse-mode R03(config-if)#ip pim bsr-candidate Loopback0 0 R03(config)#ip pim rp-candidate Loopback0
OTV
Right now we have inter-site communication working great with LISP but we have a problem with the DCX servers which share the 10.102.123.0/24 subnet so we will need to glue them together so they can talk properly.
OTV is simple enough to configure, first we need to set a site-id for DC1 and DC2 and also define the site bridge-domain. We don’t really care about the site bridge-domain today so I’m just going to set it to 4094.
DC1-OTV(config)#otv site-identifier 0000.0000.1111 DC1-OTV(config)#otv site bridge-domain 4094 DC1-OTV(config-otv-site)#exit
DC2-OTV(config)#otv site-identifier 0000.0000.2222 DC2-OTV(config)#otv site bridge-domain 4094 DC2-OTV(config-otv-site)#exit
Next we need to set service instances to add the bridge-domains that OTV will use.
Note: Service Instances require the config directly on the physical interface so you can’t use a sub-interface based design on the OTV routers.
DC1-OTV(config)#int g3 DC1-OTV(config-if)# service instance 123 ethernet DC1-OTV(config-if-srv)# encapsulation dot1q 123 DC1-OTV(config-if-srv)# bridge-domain 123 DC1-OTV(config-if-srv)# service instance 4094 ethernet DC1-OTV(config-if-srv)# encapsulation dot1q 4094 DC1-OTV(config-if-srv)# bridge-domain 4094 DC2-OTV(config)#int g3 DC2-OTV(config-if)# service instance 123 ethernet DC2-OTV(config-if-srv)# encapsulation dot1q 123 DC2-OTV(config-if-srv)# bridge-domain 123 DC2-OTV(config-if-srv)# service instance 4094 ethernet DC2-OTV(config-if-srv)# encapsulation dot1q 4094 DC2-OTV(config-if-srv)# bridge-domain 4094
Finally we need to add the Overlay interface to each side. Since we just did multicast a minute ago, lets do unicast for this feature by using the OTV adjacency server.
DC1-OTV(config)#interface Overlay1 DC1-OTV(config-if)# otv join-interface GigabitEthernet2 DC1-OTV(config-if)# otv adjacency-server unicast-only DC1-OTV(config-if)# service instance 123 ethernet DC1-OTV(config-if-srv)# encapsulation dot1q 123 DC1-OTV(config-if-srv)# bridge-domain 123 DC1-OTV(config-if-srv)# exit DC1-OTV(config-if)# no shut
DC2-OTV(config)#interface Overlay1 DC2-OTV(config-if)# otv join-interface GigabitEthernet2 DC2-OTV(config-if)# otv use-adjacency-server 10.100.254.12 unicast-only DC2-OTV(config-if)# service instance 123 ethernet DC2-OTV(config-if-srv)# encapsulation dot1q 123 DC2-OTV(config-if-srv)# bridge-domain 123 DC2-OTV(config-if-srv)#exit DC2-OTV(config-if)#no shut
Once OTV comes up and some traffic happens you will be able to see the OTV routes being learned.
DC1-OTV#show otv route Codes: BD - Bridge-Domain, AD - Admin-Distance, SI - Service Instance, * - Backup Route OTV Unicast MAC Routing Table for Overlay1 Inst VLAN BD MAC Address AD Owner Next Hops(s) ---------------------------------------------------------- 0 123 123 0000.0c07.ac7b 40 BD Eng Gi3:SI123 *0 123 123 0000.0c07.ac7b 50 ISIS DC2-OTV 0 123 123 0050.569d.1e76 40 BD Eng Gi3:SI123 0 123 123 0050.569d.8001 50 ISIS DC2-OTV 4 unicast routes displayed in Overlay1 ---------------------------------------------------------- 4 Total Unicast Routes Displayed
Now we will setup HSRP on the 123 subinterface so each side can use .1 as the default gateway
DC1-XTR(config)#interface GigabitEthernet3.123 DC1-XTR(config-subif)# encapsulation dot1Q 123 DC1-XTR(config-subif)# ip address 10.102.123.253 255.255.255.0 DC1-XTR(config-subif)# standby 123 ip 10.102.123.1 DC1-XTR(config-subif)# standby 123 priority 110 DC1-XTR(config-subif)# standby 123 preempt
Note: OTV will filter HSRP messages by default with the otv filter-fhrp
command so it isn’t necessary to do things like preempt since both sides will be active, but old habits die hard and it gives me a reason to talk about the fact that FHRP is filtered!
LISP Mobility
Now we have LISP and a slick L2VPN setup, what else do we need? Well we have a bit of a communication problem since we have IPs in the 10.102.123.0/24 that can be in DC1 and DC2, we can add another EID-Prefix but we will end up forcing traffic from a branch through the OTV if it is misrouted. Instead we can use the LISP Mobility feature to allow for more intelligent routing.
To do this we use the dynamic-eid, the process is similar except we can name it and we need to specify a multicast address so the XTR can notify the map server when hosts relocate.
DC1-XTR(config)#router lisp DC1-XTR(config-router-lisp)# dynamic-eid SERVERS DC1-XTR(config-router-lisp-dynamic-eid)# database-mapping 10.102.123.0/24 locator-set DC1 DC1-XTR(config-router-lisp-dynamic-eid)# map-server 192.168.255.3 key MEOWCAT DC1-XTR(config-router-lisp-dynamic-eid)# map-notify-group 239.123.0.12 DC1-XTR(config-router-lisp-dynamic-eid)# exit
For our hard work we now get a local /32 route for each mobile host on the XTR, this solves the routing issue that OTV caused by ensuring that traffic is only sent across the OTV if the host isn’t local.
DC1-XTR#show ip route lisp Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 19 subnets, 2 masks l 10.102.123.101/32 [10/1] via 10.102.123.101, 00:01:51, GigabitEthernet3.123 l 10.102.123.102/32 [10/1] via 10.102.123.102, 00:00:57, GigabitEthernet3.123 l 10.102.123.103/32 [10/1] via 10.102.123.103, 00:00:16, GigabitEthernet3.123
Now if we migrate the VM we should see at least the 10.102.123.101 route move to DC2-XTR
DC2-XTR(config-subif)# do sh ip route lisp | be Gateway Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 21 subnets, 2 masks l 10.102.123.101/32 [10/1] via 10.102.123.101, 00:02:24, GigabitEthernet3.123 l 10.102.123.102/32 [10/1] via 10.102.123.102, 00:00:01, GigabitEthernet3.123 l 10.102.123.201/32 [10/1] via 10.102.123.201, 01:15:11, GigabitEthernet3.123 l 10.102.123.202/32 [10/1] via 10.102.123.202, 00:01:02, GigabitEthernet3.123 l 10.102.123.203/32 [10/1] via 10.102.123.203, 00:01:02, GigabitEthernet3.123
Cool!!!
Conclusion
That’s all for me today, hopefully you found this interesting. I’ll probably look more into the Campus Fabric solution which pairs LISP with VXLAN and TrustSec which sounds like plenty of fun!