Home > Articles > LISP Architecture

LISP Architecture

Contents

  1. Seminal Idea: Location-Identity Separation
  2. Seminal Idea: Location-Identity Separation
  3. Map and Encapsulate
  4. Map and Encapsulate
  5. Demand-Based Routing and Caching
  6. Demand-Based Routing and Caching
  7. LISP Roles
  8. LISP Roles
  9. An Asset-Controlled Mapping Database
  10. An Asset-Controlled Mapping Database
  11. Networking Beyond Traditional Address Types
  12. Networking Beyond Traditional Address Types
  13. The LISP Data Plane
  14. The LISP Data Plane
  15. NAT Traversal
  16. NAT Traversal
  17. Summary
  18. Summary

Chapter Description

In this sample chapter from The LISP Network: Evolution to the Next-Generation of Data Networks, you will explore the control and data plane architecture of LISP in the context of its foundational principles and their implications in enabling networking services that augment the functionality delivered by existing networking protocols.

From the Book

LISP Network, The: Evolution to the Next-Generation of Data Networks

LISP Network, The: Evolution to the Next-Generation of Data Networks

$47.99 (Save 20%)

NAT Traversal

In many cases, especially when the RLOC space is IPv4, an xTR has RLOC addresses that are private. These addresses generally have to be translated by a Network Address Translation (NAT) device to achieve connectivity beyond the private address space. The use of Network Address Translation poses a challenge in LISP because ETRs are generally unaware of whether they are behind a NAT device or not. Because an ETR doesn’t know whether it is behind a NAT, it may register its EIDs with private RLOCs that are not globally reachable.

For LISP to successfully function in an RLOC environment where Network Address Translation is at play, a handful of things need to happen:

  • An xTR must determine whether it is behind a NAT.

  • If an xTR is behind a NAT, any EIDs registered by that xTR must be registered using the global/translated addresses for its RLOCs.

  • Forwarding state needs to be created in the NAT and the LISP data plane.

NOTE

EIDs can be private addresses. When they are, they must be registered within a VPN. That means the sites that use the private addresses must be LISP sites and can only talk to each other. When a privately addressed LISP site wants to talk to a host outside its VPN, it may need to have its address translated. Thus, if a LISP site is talking to a non-LISP site and the non-LISP site uses global addresses, a packet sent from the LISP site with a private address must be translated first and then encapsulated next. This function happens when the NAT and xTR are co-located and the NAT function happens first.

In the mail system analogy, the use of NAT in the RLOC space is similar to using a corporate address with mailstops to send mail to employees within a large corporate campus. The mailstops basically identify the building and floor within the campus. All mail is addressed to the main corporate address. For example, if you were to send mail to an employee at Cisco, you would send it to 170 West Tasman Drive, San Jose, CA 95134. You would further specify the mailstop for the recipient; for example, if someone’s office is on the second floor of building 7, it would be SJ07/2. In this example, the corporate address is equivalent to the Global RLOC, and the mailstop is equivalent to the port number for a specific destination. The real RLOC is actually 425 East Tasman Drive, San Jose, CA 95134, and you could choose to specify the second floor as part of the address.

When you give your address to a sender or register it in a directory, you would give the main corporate address plus a mailstop; this is what a registering ETR must be able to do in the LISP system.

LISP NAT-traversal can support the following scenarios:

  • An xTR behind a single NAT

  • An xTR multihomed across multiple NATs

  • Multiple xTRs supported behind a single NAT

All these scenarios interoperate with each other as well as with sites that are not behind NATs.

16. NAT Traversal | Next Section Previous Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.