Cisco IOS IP Routing: LISP Command Reference - LISP Router IPv6 Configuration Commands [Support]

ipv6 alt-vrf

To configure which virtual routing and forwarding (VRF) instance supporting the IPv6 address-family Locator/ID Separation Protocol (LISP) should use when sending map requests for an IPv6 endpoint identifier-to-routing locator (EID-to-RLOC) mapping directly over the Alternative Logical Topology (ALT), use the ipv6 alt-vrf command in LISP configuration mode. To remove this reference to a VRF, use the no form of this command.

ipv6 alt-vrf vrf-name

no ipv6 alt-vrf [ vrf-name ]

Syntax Description

vrf-name

Name assigned to the ALT VRF.

Command Default

By default, no ALT VRF is referenced by LISP.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

The ipv6 alt-vrf command is required for all LISP devices that are connected to the ALT for exchange of LISP control plane messages for IPv6 EID mapping resolution. The VRF instance specified using the ipv6 alt-vrf command is used to segment EID prefixes from the global table and must be configured to enable the IPv6 address family (use the ipv4 alt-vrf command to enable the IPv4 address family).

Additionally, you must use the ipv6 alt-vrf command (or ipv4 alt-vrf command for IPv4 EID mapping resolution) when configuring any LISP device as a map resolver (MR), map server (MS), or proxy ingress tunnel router (PITR). For these LISP devices, configuring the ipv6 alt-vrf or ipv4 alt-vrf command is required regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a stand-alone MR, MS, PITR, or any combination of the three (such as when a LISP MS/MR device has full knowledge of the LISP mapping system for a private LISP deployment and is not connected to any ALT).

When configuring a device as a LISP ingress tunnel router (ITR) to resolve IPv6 EID-to-RLOC mappings for destination EIDs, you can configure the device to use one of the following two options:

Send map requests to a map resolver—the ITR sends map requests in a LISP encapsulated control message (ECM) header with either an IPv6 or IPv4 map-resolver RLOC as its destination address (depending on the configuration). For this option, use the ipv6 map-resolver command instead of the ipv6 alt-vrf command.

Send map requests directly over the LISP ALT using the VRF instance specified when configuring this command—the ITR sends map requests directly over the ALT (without the additional LISP ECM header). The destination of the map request is the EID being queried. For this option, use the ipv6 alt-vrf command

When using the ALT, you must configure the correct address family (IPv6 or IPv4) for resolving EID-to-RLOC mappings. If an IPv4 EID mapping is required, configure the ipv6 alt-vrf command and specify a VRF that enables the IPv6 address-family and connects to an IPv6-capable ALT.

Note

Before this command is used, the referenced VRF must already have been created using the vrf definition command. In addition, the corresponding configurations for connecting the LISP device to the ALT, including the GRE tunnel interfaces and any routing associated with the VRF (static or dynamic) must also have been created.

Examples

The following example shows how to configure the VRF named lisp and how to configure LISP to use this VRF when resolving IPv6 EID-to-RLOC mappings:

Router(config)# vrf definition lisp
Router(config-vrf)# rd 65100:100
Router(config-vrf)# address-family ipv6
Router(config-vrf-af)# exit-address-family
Router(config-vrf)# exit
Router(config)# ipv6 alt-vrf lisp

Related Commands

Command	Description
ipv4 alt-vrf	Configures which VRF supporting the IPv4 address family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.
ipv6 itr	Configures the router to act as a LISP ITR.
ipv6 itr map-resolver	Configures the IPv6 locator address of the LISP map resolver to which the ITR sends IPv6 map-request messages.
ipv6 lisp pitr	Configures the router to act as a LISP PITR.

ipv6 etr

To configure a router to act as an IPv6 Locator/ID Separation Protocol (LISP) Egress Tunnel Router (ETR), use the ipv6 etr command in LISP configuration mode. To remove LISP ETR functionality, use the no form of this command.

ipv6 etr

no ipv6 etr

Syntax Description

This command has no arguments or keywords.

Command Default

The router does not provide ETR functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv6 LISP Egress Tunnel Router (ETR) functionality. A router configured as an IPv6 ETR is typically configured with the database-mapping command so that the ETR knows what IPv6 EID-prefix blocks and corresponding locators are used for the LISP site. The ETR should be configured to register with a map server with the ipv6 etr map-server command, or to use static LISP endpoint identifier-to-routing locator (EID-to-RLOC) mappings with the map-cache command in order to participate in LISP networking.

Note

A device configured as an ETR can also be configured as an Ingress Tunnel Router (ITR). However, the LISP architecture does not require this and ETR and ITR functionality can occur in different devices.

Examples

The following example shows how to configure IPv6 LISP ETR functionality on the router.

Router(config)# router lisp
Router(config-router-lisp)# ipv6 etr

Related Commands

Command	Description
database-mapping	Configures an IPv4 or IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv6 etr map-server	Configures the IPv4 or IPv6 locator address of the LISP map server to which an ETR should register for its IPv6 EID prefixes.
ipv6 itr	Configures the router to act as an IPv6 LISP ITR.
map-cache	Configures a static IPv6 EID prefix to a locator map-cache entry.

ipv6 etr accept-map-request-mapping

To configure an Egress Tunnel Router (ETR) to cache IPv6 mapping data contained in a map-request message, use the ipv6 etr accept-map-request-mapping command in Locator/ID Separation Protocol (LISP) configuration mode. To remove this functionality, use the no form of this command.

ipv6 etr accept-map-request-mapping [verify]

no ipv6 etr accept-map-request-mapping [verify]

Syntax Description

verify

(Optional) Specifies that mapping data should be cached but not used for forwarding packets until the ETR can send its own map request to one of the locators from the mapping data record and receive a map reply with the same data in response.

Command Default

The router does not cache mapping data contained in a map-request message.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

If an ETR receives a map-request message that contains mapping data for the invoking IPv6 source-EID's packet, the ETR, by default, ignores the mapping data. However, if you configure the ipv6 etr accept-map-request-mapping command, the ETR will cache the mapping data in its map cache and immediately use it for forwarding packets.

If you enter the verify keyword, the ETR still caches the mapping data but will not use it for forwarding packets until the ETR can send its own map request to one of the locators from the mapping data record, and receives the same data in a map-reply message.

If this command is enabled and then later disabled, issuing the command clear map-cache is required to clear any map-cache entries that are in the “tentative” state. Map-cache entries can remain in the “tentative” state for up to one minute so you might want to clear these entries manually when this command is removed.

Examples

The following example shows how to configure the ETR to cache IPv6 mapping data included in map-request messages and verify the accuracy of the data prior to using this data to forward packet:.

Router(config)# router lisp
Router(config-router-lisp)# ipv6 etr accept-map-request-mapping verify

Related Commands

Command	Description
clear ipv6 lisp map-cache	Clear the LISP IPv6 map-cache on the local router.
ipv6 etr	Configures the router to act as an IPv6 LISP ETR.

ipv6 etr map-cache-ttl

To configure the time-to-live (TTL) value inserted into Locator/ID Separation Protocol (LISP) IPv6 map-reply messages, use the ipv6 etr map-cache-ttl command in LISP configuration mode. To remove the configured TTL value and return to the default value, use the no form of this command.

ipv6 etr map-cache-ttl minutes

no ipv6 etr map-cache-ttl minutes

Syntax Description

minutes

A value, in minutes, to be inserted in the TTL field in map-reply messages. Valid entries are between 60 (1 hour) and 10080 (1 week).

Command Default

The default TTL value is 1440 minutes (24 hours).

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to change the default value associated with the Time-to-Live (TTL) field in IPv6 map-reply messages. Entering this command changes the default TTL that remote ITRs will cache and use for your site’s IPv4 endpoint identifier (EID) prefix. The default value is 1440 minutes (24 hours), and the minimum value is 60 minutes.

Examples

The following example shows how to configure the Egress Tunnel Router (ETR) to use a TTL of 120 minutes in IPv6 map-reply messages:

Router(config)# router lisp
Router(config)# ipv6 etr map-cache-ttl 120

Related Commands

Command	Description
ipv6 etr	Configures the router to act as an IPv6 LISP ETR.

ipv6 etr map-server

To configure the IPv4 or IPv6 locator address of the Locator/ID Separation Protocol (LISP) map server to be used by the Egress Tunnel Router (ETR) when registering for IPv6 endpoint identifiers (EIDs), use the ipv6 etr map-server command in LISP configuration mode. To remove the configured locator address of the LISP map server, use the no form of this command.

ipv6 etr map-server map-server-address{ key { 0 | 6 } authentication-key| proxy-reply}

no ipv6 etr map-server map-server-address{ key { 0 | 6 } authentication-key| proxy-reply}

Syntax Description

map-server-address	Specifies the IPv4 or IPv6 locator addresses of the map server.
key	Specifies the key-type.
0	Indicates that the password is entered as cleartext.
6	Indicates that the password is in the AES encrypted form.
authentication-key	Specifies the password used for computing the SHA-1 HMAC hash that is included in the header of the Map-Register message.
proxy-reply

Command Default

No LISP map server locator addresses are configured by default.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use the ipv6 etr map-server command to configure the IPv4 or IPv6 locator of the map server to which the ETR will register for its IPv6 EIDs. A password used for a SHA-1 HMAC hash that is included in the header of the Map-Register message is provided with the key keyword. You can configure the ETR to register with at most two map servers. Once the ETR registers with the map servers, the map servers will begin to advertise the IPv6 EID-prefix blocks and RLOCs for the LISP site.

The password used for the SHA-1 HMAC may be entered in unencrypted (cleartext) form or encrypted form. To enter an unencrypted password, specify 0. To enter an AES encrypted password, specify 6.

Caution

Map server authentication keys entered in cleartext form will remain in cleartext form and be displayed in the configuration in cleartext form unless the Cisco IOS Encrypted Preshared Key feature is enabled. The Encrypted Preshared Key feature allows you to securely store plain text passwords in type 6 (AES) encryption format in NVRAM. To enable this feature, use the key config-key password-encryption and password encryption aescommands. For additional information on the Encrypted Preshared Key feature and its usage see: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801f2336.shtml .

Caution

If you enable the Encrypted Preshared Key feature and then remove it, all type 6 encrypted keys immediately become unusable because the master key is deleted—type 6 passwords cannot be unencrypted and used by the router. A warning message displays that details this and confirms the master key deletion.

Note

The map server must be preconfigured with IPv6 EID prefixes that match the IPv6 EID prefixes configured on this ETR using the database-mapping command, and a password matching the one provided with the key keyword on this ETR.

Examples

The following example configures the ETR to register to two map servers, one with the locator 2001:DB8:0A::1 and another with the locator 2001:DB8:0B::1:

Router(config)# router lisp
Router(config-router-lisp)# ipv6 etr map-server 2001:DB8:0A::1 key 0 s3cr3t-k3y
Router(config-router-lisp)# ipv6 etr map-server 2001:DB8:0B::1 key 0 s3cr3t-k3y

Related Commands

Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv6 etr	Configures the router to act as an IPv6 LISP ETR.
key config-key password-encryption	Enables storage of a type 6 encryption key in private NVRAM.
password encryption aes	Enables a type 6 encrypted preshared key.

ipv6 itr

To configure a router to act as an IPv6 Locator/ID Separation Protocol (LISP) Ingress Tunnel Router (ITR), use the ipv6 itr command in LISP configuration mode. To remove LISP ITR functionality, use the no form of this command.

ipv6 itr

no ipv6 itr

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide ITR functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv6 LISP ITR functionality.

When a router is configured as an ITR, if a packet is received for which no IPv6 destination address prefix match exists in the routing table and for which the source address of the packet matches an IPv6 EID-prefix block configured using the database-mapping or map-cache command, then the packet is a candidate for LISP routing. In this case, the ITR sends LISP map request to the map resolver configured by the ipv6 itr map-resolver command. Next, the ITR caches the resultant IPv6 endpoint identifier-to-routing locator (EID-to-RLOC) mapping information returned by the associated map-reply in its map-cache. Subsequent packets destined to the same IPv6 EID-prefix block are then LISP-encapsulated according to this IPv6 EID-to-RLOC mapping entry.

Note

Devices are often configured as an ITR and as an Egress Tunnel Router (ETR). However, the LISP architecture does not require this and the functionality can occur in a different device.

Examples

The following example shows how to configure IPv6 LISP ITR functionality on the router.

Router(config)# router lisp
Router(config-router-lisp)# ipv6 itr

Related Commands

Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
ipv6 alt-vrf	Configures which VRF supporting the IPv4 address family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.
ipv6 itr map-resolver	Configures the IPv6 locator address of the LISP map resolver to which the ITR sends IPv6 map-request messages.
map-cache	Configures a static IPv6 EID-prefix to locator map-cache entry.

ipv6 itr map-resolver

To configure the IPv6 locator address of the Locator/ID Separation Protocol (LISP) map resolver to be used by the Ingress Tunnel Router (ITR) when sending map requests for IPv6 endpoint identifier-to-routing locator (EID-to-RLOC) mapping resolution, use the ipv6 itr map-resolver command in LISP configuration mode. To remove the configured locator address of the LISP map resolver, use the no form of this command.

ipv6 itr map-resolver map-resolver-address

no ipv6 itr map-resolver map-resolver-address

Syntax Description

map-resolver-address

The IPv6 locator addresses of the map resolver.

Command Default

No LISP map resolver locator address is configured by default.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

This command configures the locator to be used by a LISP ITR to reach the configured map resolver when sending a map request for IPv6 EID-to-RLOC mapping resolution.

When a LISP ITR needs to resolve an IPv6 EID-to-RLOC mapping for a destination EID, it can be configured to send a map request message either to a map resolver configured using the ipv6 itr map-resolver command, or directly over the LISP Alternative Logical Topology (ALT) using the ipv6 alt-vrf command. When a map resolver is used, map requests are sent to the map resolver with the additional LISP Encapsulated Control Message (ECM) header that includes the map resolver RLOC as its destination address. When the ALT is used, map requests are sent directly over the ALT without the additional LISP ECM header (the destination of the map request is the EID being queried).

Examples

The following example shows how to configure an ITR to use the map resolver located at 2001:DB8:0A::1 when sending its map-request messages:

Router(config)# router lisp
Router(config)# ipv6 itr map-resolver 2001:DB8:0A::1

Related Commands

Command	Description
ipv6 itr	Configures the router to act as an IPv6 LISP ITR.
ipv6 map-request-source	Configures the source IPv6 address to be used in IPv6 LISP map-request messages.

ipv6 map-cache-limit

To configure the maximum number of IPv6 Locator/ID Separation Protocol (LISP) map-cache entries allowed to be stored by the router, use the ipv6 map-cache-limit command in LISP configuration mode. To remove the configured map-cache limit, use the no form of this command.

ipv6 map-cache-limit cache-limit [ reserve-list list ]

no ipv6 map-cache-limit cache-limit [ reserve-list list ]

Syntax Description

cache-limit	The maximum number of IPv6 LISP map-cache entries allowed to be stored on the router. The valid range is from 0 to 10000.
reserve-list list	(Optional) Specifies a set of IPv6 endpoint identifier (EID) prefixes in the referenced prefix list for which dynamic map-cache entries will always be stored.

Command Default

The default map-cache limit is 1000 entries.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to control the maximum number of IPv6 LISP map-cache entries allowed to be stored on the router. The optional reserve-list keyword can be configured to guarantee that the referenced IPv6 EID prefixes are always stored by the router.

LISP map-cache entries are added dynamically or statically. Dynamic entries are added when a valid map-reply message is returned for a map-request message generated in response to a cache-miss lookup. Static IPv6 entries are added via the map-cache command. Whether a new map-cache entry is stored depends on the following conditions.

Dynamic map-cache entries are always added until the default or configured cache-limit is reached. After the default or configured cache-limit is reached, unless the optional reserve-list is configured, no further dynamic entries are added and no further map requests are generated in response to cache-miss lookups until a free position is available. Existing dynamic IPv6 map-cache entries can time out due to inactivity or can be removed by the administrator via the clear ipv6 lisp map-cache command to create a free position in the map-cache. When the optional reserve-list is configured, a map request will be generated and a new dynamic map-cache entry will be added for IPv6 EID-prefixes found in the prefix-list referenced by the reserve-list keyword. In this case, a new entry will replace an existing dynamic entry such that the cache-limit is maintained. The dynamic entry deleted will be either a non-reserve idle map-cache entry, non-reserve active map-cache entry, reserve idle map-cache entry, or reserve active map-cache entry (in that order, whichever is available first for deletion). Idle map-cache entries are those that have seen no activity in the last 10 minutes.

Static map-cache entries are always added, even if the addition of the static entry exceeds the default or configured cache-limit. If the current map-cache contains dynamic entries, the addition of a new static entry will replace an existing dynamic entry so that the cache-limit is maintained. The dynamic entry deleted will be either a non-reserve idle map-cache entry, non-reserve active map-cache entry, reserve idle map-cache entry, or reserve active map-cache entry (in that order, whichever is available first for deletion). Idle map-cache entries are defined as having no activity in the last 10 minutes.

Caution

Static map-cache entries count against the default or configured cache-limit. Since static entries are always added, static entries can be added beyond the default or configured cache limit. If the number of static entries configured exceeds the default or configured cache-limit, no dynamic entries can be added.

Note

If you enter the reserve-list keyword, be sure that the prefix list includes entries that match all entries for which you expect to receive a map reply, including the “more-specifics”. This can be ensured by appending "le 128" to the end of all prefix-list entries for IPv6 prefixes. For example, if you want to match on any “more specific”s to 2001:DDB8:BB::/48, you specify ipv6 prefix-list lisp-list seq 5 permit 2001:DB8:BB::/48 le 128 in order to cover all replies within this range.

Note

Theshow ipv6 lisp map-cache detail command provides additional details about the EID-to-RLOC mapping entries stored in the LISP map-cache, including whether the prefix is covered by the reserve list prefix list.

Examples

The following example shows how to configure a LISP cache limit of 2000 entries and a reserve list referencing the IPv6 prefix-list LISP-v6-always:

Router(config)# router lisp
Router(config-router-lisp)# ipv6 map-cache-limit 2000 reserve-list LISP-v6-always
Router(config-router-lisp)# ip prefix-list LISP-always seq 10 permit 2001:DB8:B8::/46 le 128

Related Commands

Command	Description
clear ipv6 lisp map-cache	Clear the LISP IPv6 map cache on the local router.
ipv6 prefix-list lisp-list
map-cache	Configures a static IPv6 EID prefix to a locator map-cache entry.
how ipv6 lisp map-cache detail

ipv6 map-cache-persistent

To configure how often, in minutes, that an Ingress Tunnel Router (ITR) should save its dynamically learned map-cache entries to a file in flash, use the ipv6 map-cache-persistent command in Locator/ID Separation Protocol (LISP) configuration mode. To return to the default save interval setting, use the default form of the command. To disable this automatic save of dynamically-learned map-cache entries, use the no form of this command.

ipv6 map-cache-persistent interval minutes

no ipv6 map-cache-persistent interval minutes

default ipv6 map-cache-persistent

Syntax Description

interval minutes

Specifies how often, in minutes, the ITR should save its dynamically learned map-cache entries to a file in flash memory. Default is 60 minutes, range is 1-1440).

Command Default

By default, map-cache persistence is enabled with a default time of 60 minutes.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB3	This command was introduced.
Cisco IOS XE 2.5.1XC	This command was integrated into Cisco IOS XE Release 2.5.1XC.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

An ITR forwards LISP packets based on endpoint identifier-to-routing locator (EID-to-RLOC) mapping policy data obtained from destination Egress Tunnel Routers (ETRs) and stored in its local map cache. If the map cache does not contain an entry for the destination prefix, the map resolution process is executed in order to build the map-cache entry. Even though this process takes a small amount of time, upon router reload it may be undesirable to wait for data-driven events to cause map-cache entries to be built.

The LISP map-cache persistence feature periodically stores dynamically learned remote EID map-cache entries to a file located in flash. When the router reloads, it checks for these files and uses the list of remote EIDs to prime the map cache after reboot. This ensures that packet loss after an xTR comes up is minimal because data-driven triggers are not required to re-populate the map-cache for previously active EID prefixes.

Note

The remote EID prefixes listed in the stored file are used to trigger map requests. The map replies that return based on these map-requests are what prime the map cache. In this way, the map-cache always contains fresh information upon reload.

Use the ipv4 map-cache-persistent command to control how often, in minutes, the ITR or PITR should save dynamically learned IPv6 map-cache entries to a file in flash. By default, map-cache persistence is set at 10 minutes. Use the no form of the command to disable LISP map-cache persistence. Alternatively, if the default value is changed, you can use the default form of this command to return the save interval setting to the default value.

Note

Use show run | include persistent command to determine the current state of this feature. If this command returns nothing, then map-cache persistence is enabled and set to the default value. Other output results are self explanatory.

Examples

The following example shows how to configure the ipv6 map-cache-persistent command to save dynamically learned EID prefixes every 30 minutes.

Router(config)# router lisp
Router(config-router-lisp)# ipv6 map-cache-persistent interval 30

Related Commands

Command	Description
clear ip lisp map-cache	Clears the LISP IPv4 or IPv6 map cache on the local router.
map-cache	Configures a static IPv4 or IPv6 EID prefix to a locator map-cache entry.

ipv6 map-request-source

To configure an IPv6 address to be used as the source address for Locator/ID Separation Protocol (LISP) IPv6 map-request messages, use the ipv6 map-request-source command in LISP configuration mode. To remove the configured map-request source address, use the no form of this command.

ipv6 map-request-source source-address

no ipv6 map-request-source source-address

Syntax Description

source-address

The IPv6 source address to be used in LISP IPv6 map-request messages.

Command Default

The router uses one of the locator addresses configured with the database-mapping command as the default source address for LISP map-request messages.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to configure the IPv6 source address to be used by the Ingress Tunnel Router (ITR) for LISP IPv6 map-request messages. Typically, a locator address configured using the database-mapping command is used as the source address for LISP IPv6 map-request messages. There are cases, however, where you may want to configure the specified source address for these map-request messages. For example, when the ITR is behind a network address translation (NAT) device, you should specify a source address that matches the NAT configuration to properly allow for return traffic.

Examples

The following example shows how to configure an ITR to use the source IPv6 address 2001:DB8:0A::1 in its IPv6 map-request messages:

Router(config)# router lisp
Router(config)# ipv6 map-request-source 2001:DB8:0A::1

Related Commands

Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.

ipv6 map-resolver

To configure a router to act as an IPv6 Locator/ID Separation Protocol (LISP) map-resolver (MR), use the ipv6 map-resolver command in LISP configuration mode. To remove LISP map-resolver functionality, use the no form of this command.

ipv6 map-resolver

no ipv6 map-resolver

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide map-resolver functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB2	This command was introduced .
Cisco IOS XE Release 2.5.1XB	This command was integrated into Cisco IOS XE Release 2.5.1XB.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv6 LISP map-resolver functionality. A LISP map-resolver is deployed as a LISP infrastructure component.

A map-resolver receives LISP encapsulated control messages (ECMs) containing map requests from LISP Ingress Tunnel Routers (ITRs) directly over the underlying locator-based network. The map resolver decapsulates these messages and forwards them on the LISP Alternative Logical Topology (ALT) topology, where they are then delivered either to an Egress Tunnel Router (ETR) that is directly connected to the LISP ALT and that is authoritative for the endpoint identifier (EID) being queried by the map request, or to the map server that is injecting EID-prefixes into the LISP ALT on behalf of the authoritative ETR.

Map-resolvers also send negative map replies directly back to an Ingress Tunnel Router (ITR) in response to queries for non-LISP addresses.

Note

For a router configured as an IPv6 map resolver, you must configure the ipv6 alt-vrf command regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone map resolver. Refer to the ipv6 alt-vrf command for related configuration information.

Examples

The following example shows how to configure IPv6 LISP map-resolver functionality on the router.

Router (config)# router lisp
Router(config)# ipv6 map-resolver

Related Commands

Command	Description
ipv6 alt-vrf	Configures which VRF supporting the IPv6 address-family LISP should use when sending map requests for an IPv6 EID-to-RLOC mapping directly over the ALT.

ipv6 map-server

To configure a router to act as an IPv6 Locator/ID Separation Protocol (LISP) map server, use the ipv6 map-server command in LISP configuration mode. To remove LISP map-server functionality, use the no form of this command.

ipv6 map-server

no ipv6 map-server

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide map-server functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB2	This command was introduced.
Cisco IOS XE Release 2.5.1XB	This command was integrated into Cisco IOS XE Release 2.5.1XB.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable the router to perform IPv6 LISP map-server functionality. A LISP map server is deployed as a LISP Infrastructure component. LISP site commands are configured on the map server for a LISP Egress Tunnel Router (ETR) that registers to the map server. The authentication key on the map server must match the one configured on the ETR. A map server receives map-register control packets from ETRs. A map server configured with a service interface to the LISP Alternative Logical Topology (ALT) injects aggregates for the registered EID prefixes into the LISP ALT.

The map server also receives map-request control packets from the LISP ALT, which it then forwards as a LISP encapsulated control messages (ECMs) to the registered ETR that is authoritative for the EID prefix being queried. The ETR returns a map-reply message directly back to the Ingress Tunnel Router (ITR).

Note

For a router configured as an IPv6 map server, you must configure the ipv6 alt-vrf command regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone map server. Refer to the ipv6 alt-vrf command for related configuration information.

Examples

The following example shows how to configure IPv6 LISP map-server functionality on the router:

Router(config)# router lisp
Router(config)# ipv6 map-server

Related Commands

Command	Description
ipv6 alt-vrf	Configures which VRF supporting the IPv6 address-family LISP should use when sending map requests for an IPv6 EID-to-RLOC mapping directly over the ALT.

ipv6 path-mtu-discovery

To configure upper and lower bounds to be considered by IPv6 path maximum transmission unit (MTU) discovery (PMTUD), use the ipv6 path-mtu-discovery command in Locator/ID Separation Protocol (LISP) configuration mode. To return the IPv6 PMTUD parameters to their default settings, use the ipv6 path-mtu-discovery form of the command without additional parameters. IPv6 PMTUD cannot be disabled.

ipv 6 path-mtu-discovery { minbytes| maxbytes }

Syntax Description

min bytes	(Optional) Specifies the lower bound on path MTU accepted, in bytes. Valid range is 1280 to 65535.
max bytes	(Optional) Specifies the upper bound on path MTU accepted. Valid range is 1280 to 65535.

Command Default

By IPv6 standards requirements, IPv6 always participates in PMTUD and hence, so LISP is capable of adjusting the MTU used on a per-destination locator basis. The default minimum and maximum MTU boundaries are 1280 bytes and 65,535 bytes respectively.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

By IPv6 standards requirements, LISP always participates in IPv6 PMTUD and LISP is capable of adjusting the MTU used on a per-destination locator basis. Incoming IPv6 ICMP “Packet Too Big” messages are processed and maintained by LISP on a per-destination locator basis. The MTU setting for a destination locator will be updated according to the ICMP message as long as the requested new MTU is lower than the existing MTU but is still within the configured min and max MTU boundaries.

Note

IPv6 PMTUD cannot be disabled for LISP.

Examples

The following example modifies IPv6 PMTUD for LISP to accept only ICMP “Packet Too Big” messages requesting an MTU of at least 1300 bytes (the maximum of 65,535 bytes remains unchanged).

Router(config)# router lisp
Router(config)# ipv6 path-mtu-discovery min 1300

Related Commands

Command	Description
ipv6 itr	Configures the router to act as an IPv6 LISP ITR.

ipv6 proxy-etr

To configure a router to act as an IPv6 Locator/ID Separation Protocol (LISP) Proxy Egress Tunnel Router (PETR), use the ipv6 proxy-etr command in LISP configuration mode. To remove LISP PETR functionality, use the no form of this command.

ipv6 proxy-etr

no ipv6 proxy-etr

Syntax Description

This command has no arguments or keywords.

Command Default

By default, the router does not provide PETR functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable IPv6 LISP PETR functionality on the router. PETR functionality is a special case of Egress Tunnel Router (ETR) functionality where the router accepts LISP-encapsulated packets from an Ingress Tunnel Router (ITR) or PITR that are destined to non-LISP sites, decapsulates them, and then forwards them natively toward the non-LISP destination.

PETR services may be necessary in several cases. For example, by default, when a LISP site forwards packets to a non-LISP site natively (not LISP encapsulated), the source IP address of the packet is that of a site endpoint identifiers (EIDs). If the provider side of the access network is configured with strict unicast reverse path forwarding (uRPF) the packets are considered to be spoofed and dropped because EIDs are not advertised in the provider default free zone (DFZ).

Instead of natively forwarding packets intended for non-LISP sites, the ITR encapsulates the packets (using the site locator as the source address and the PETR as the destination address) so that packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR. As a second example, suppose a LISP IPv6 (EID) site wants to communicate with a non-LISP IPv6 site and some portion of the intermediate network does not support an IPv6 (it is IPv4 only). Assuming that the PETR has both IPv4 and IPv6 connectivity, the ITR can LISP-encapsulate the ipv6 proxy-etr 63 Cisco IOS LISP Command Reference IPv6 EIDs with IPv4 locators destined for the PETR, which decapsulates the packets and forwards them natively to the non-LISP IPv6 site over its IPv6 connection. That is, the use of the PETR effectively allows the LISP sites packets to traverse (hop over) the IPv4 portion of the network using the LISP mixed protocol encapsulation support.

Note

A Cisco IOS or Cisco IOS XE router cannot be configured to perform ETR and PETR functions at the same time. It must be configured for one or the other purpose. A router that is configured as an ETR performs a check to verify that the LISP packet inner header destination address is within the address range of a local EID prefix, whereas a router configured as a PETR does not perform this check. If a router is configured as an ETR using the ipv6 etr command and an attempt is made to also configure PETR functionality, an error indicating that ITR functionality must first be disabled will be issued.

Note

An ITR or PITR that requires the use of IPv6 PETR services must be configured to forward IPv6 EID packets to the PETR using the ipv6 use-petr command.

Examples

The following example shows how to configure IPv6 LISP PETR functionality on the router.

Router(config)# router lisp
Router(config)# ipv6 proxy-etr

Related Commands

Command	Description
ipv6 etr	Configures the router to act as an IPv6 LISP ETR.
ipv6 use-petr	Configures an ITR or PITR to use the PETR for traffic destined to non-LISP IPv6 destinations.

ipv6 proxy-itr

To configure a router to act as an IPv6 Locator/ID Separation Protocol (LISP) Proxy Ingress Tunnel Router (PITR), use the ipv6 proxy-itr command in LISP configuration mode. To remove LISP PITR functionality, use the no form of this command.

ipv6 proxy-itr ipv6-local-locator [ ipv4-local-locator ]

no ipv6 proxy-itr ipv6-local-locator [ ipv4-local-locator ]

Syntax Description

ipv6-local-locator	The IPv6 locator address used as a source address for encapsulation of data packets, a data probe, or a map-request message.
ipv4-local-locator	(Optional) The IPv6 locator address used to as a source address for encapsulation of data packets, a data probe, or a map-request message when the locator-hash function returns a destination (RLOC) in the IPv4 address-family.

Command Default

By default, the router does not provide PITR functionality.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
15.1(1)XB2	This command was modified.
Cisco IOS XE Release 2.5.1XA	This command was integrated into Cisco IOS XE Release 2.5.1XA.
Cisco IOS XE Release 2.5.1XB	This command was modified.
Cisco IOS XE Release 3.3.0S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.

Usage Guidelines

Use this command to enable IPv6 LISP Proxy Ingress Tunnel Router (PITR) functionality on the router. PITR functionality is a special case of Ingress Tunnel Router (ITR) functionality where the router receives native packets from non-LISP sites that are destined for LISP sites, encapsulates them, and forwards them to the Egress Tunnel Router (ETR) that is authoritative for the destination LISP site endpoint identifier (EID).

PITR services are required to provide interconnectivity between non-LISP sites and LISP sites. For example, when connected to the Internet, a PITR acts as a gateway between the legacy Internet and the LISP enabled network. To accomplish this, the PITR must advertise one or more highly aggregated EID prefixes on behalf of LISP sites into the underlying DFZ (i.e. Internet) and act as an ITR for traffic received from the public Internet.

If you configure the ipv6 proxy-itr command to enable PITR services, the PITR creates LISP-encapsulated packets when it sends a data packet to a LISP site, sends a data probe, or sends a map-request message. The outer (LISP) header address-family and source address are determined as follows:

When the locator-hash function returns a destination (RLOC) in the following ways:
- When a destination RLOC is returned within the IPv6 address family, then the address ipv6-local-locator value is used as the source address from the locator namespace.
- When a destination RLOC is returned within the IPv4 address-family (assuming the optional address ipv4-local-locator is entered), it will be used as a source locator for encapsulation.
When configuring a router as a LISP PITR, you must configure the ipv6 alt-vrf command (or ipv4 alt-vrf command for IPv4 EID mapping) regardless whether the device is connected to an ALT for the exchange of map requests or is configured as a standalone PITR on the same device as a LISP MS/MR.

Note

A router cannot be configured to perform ITR and PITR functions at the same time. It must be configured for one or the other purpose. A router that is configured as an ITR performs a check to verify that the source of any packet intended for LISP encapsulation is within the address range of a local EID prefix, whereas a router configured as a PITR does not perform this check. If a router is configured as an ITR using the ipv6 itr command and an attempt is made to also configure PITR functionality, an error indicating that ITR functionality must first be disabled is issued.

Note

When a device is configured as a non-ALT-connected PITR, it must also be configured with information defining the extent of the LISP EID space it is proxying for. This can be done using either static map-cache entries incorporating the map-request keyword, or by importing RIB routes using the ipv6 route-import map-cache command. The use of either method provides information to the non-ALT-connected PITR that allows it to send Map-Requests for destinations in order to determine their IPv4 EID-to-RLOC mappings, or negative-mapping results.

Examples

The following example shows how to configure LISP PITR functionality on the router and to encapsulate packets using a source locator of 2001:db8:bb::1.

Router(config)# router lisp
Router(config)# ipv6 proxy-itr 2001:db8:bb::1

The following example configures a router to act as a PITR but without using the LISP ALT. In this example, the PITR is configured to use the Map-Resolver with the locator 2001:db8:cc::1, and to provide proxy-ITR services for the EID-prefix 2001:db8:a::/48 with encapsulation using an IPv6 source locator of 2001:db8:bb::1 and an IPv4 source locator of 10.1.1.1.

Router(config)# router lisp
Router(config-router-lisp)# ipv6 proxy-itr 2001:db8:bb::1 10.1.1.1
Router(config-router-lisp)# ipv6 itr map-resolver 2001:db8:cc::1
Router(config-router-lisp)# map-cache 2001:db8:a::/48 map-request
Router(config-router-lisp)# exit

Related Commands

Command	Description
ipv4 alt-vrf	Configures which VRF supporting the IPv4 address-family LISP should use when sending map requests for an IPv4 EID-to-RLOC mapping directly over the ALT.
ipv6 alt-vrf	Configures which VRF supporting the IPv6 address-family LISP should use when sending map requests for an IPv6 EID-to-RLOC mapping directly over the ALT.
ipv6 itr	Configures the router to act as an IPv6 LISP ITR.
ipv4 route-import map-cache	Configure a Proxy-ITR to dynamically import IPv6 LISP EID space for which it is proxying.

ipv6 route-import map-cache

To configure a Proxy Ingress Tunnel Router (PITR) to dynamically import IPv6 Locator/ID Separation Protocol (LISP) endpoint identifier (EID) space for which it is proxying, use the ipv6 route-import map-cache command in LISP EID table configuration mode. To remove dynamic import for IPv6 LISP EID space, use the no form of this command.

ipv6 route-import map-cache { bgp as-number | static } [ route-map route-map-name ]

no ipv6 route-import map-cache { bgp bgp-as | static } [ route-map route-map-name ]

Syntax Description

bgp as-number	Specifies that IPv6 prefixes known to the local BGP process autonomous system (AS) number should be imported to dynamically define the EID address space for which it is proxying.
static	Specifies that IPv6 prefixes known via static routes should be imported to define the EID address space for which it is proxying.
route-map route-map-name	(Optional) Specifies that imported IPv6 prefixes should be filtered according to the specified route-map name.

Command Default

Dynamic import for IPv6 LISP EID space is not configured.

Command Modes

LISP EID table configuration (config-router-lisp-eid-table)

Command History

Release	Modification
15.2(3)T	This command was introduced.

Usage Guidelines

When a device is configured as a PITR, it must be informed about the extent of the IPv6 LISP EID space for which it is proxying to provide a means for signaling the LISP control plane process (map-request generation) for populating the PITR IPv6 LISP map cache when it receives traffic.

If the PITR is configured to connect to an ALT infrastructure (see the ipv6 alt-vrf command), it will have full knowledge of the LISP IPv6 EID address space for which it is proxying. However, when a PITR is configured to use a map resolver for map-cache resolution, the LISP EID space for which it is proxying must be defined for the PITR to send map request messages for destinations needed to determine IPv6 EID-to-RLOC mappings or negative mapping results.

The ipv6 route-import map-cache command provides a simple mechanism to define the extent of IPv6 LISP EID space for the PITR by taking advantage of the existing static or BGP-based routing infrastructure. (Prior to the ipv6 route-import map-cache command, static map-cache entries with the map-request keyword were required in order to drive the LISP control plane.)

The type of the IPv6 LISP EID space can be configured using the ipv6 route-import map-cache command using the bgp as-number keyword and argument or static keyword to import all appropriate IPv6 EID prefixes. In both cases, an optional route-map keyword can be added to provide filtering to selective import appropriate EID prefixes. The route-map keyword can match on any useful criteria such as community, tag, or local preference.

Note

If the ipv6 route-import map-cache command is configured to use BGP and then BGP is removed (using the no router bgp autonomous-system-number command), the corresponding ipv6 route-import map-cache bgp configuration is not automatically removed.

Note

See the clear ipv6 lisp route-import command for information about reimporting prefixes.

Examples

In the following example, a PITR is configured to import IPv6 static routes representing EID prefixes to be used for signaling the LISP control plane to send a Map Request message for EID-to-RLOC mapping resolution. A route map called static-lisp is also configured to filter on static routes only matching the tag 123. The resultant imported static routes are then shown using the show ipv6 lisp route-import command, illustrating that only those static prefixes that match tag 123 are imported.

Router(config)# route-map static-lisp permit 10
Router(config-route-map)# match tag 123
Router(config-route-map)# exit
Router(config)# ipv6 route 2001:db8:a::/48 null0 tag 123
Router(config)# ipv6 route 2001:db8:b::/48 null0 tag 123
Router(config)# ipv6 route 2001:db8:c::/48 null0 tag 123
Router(config)# ipv6 route 2001:db8:d::/48 null0 tag 456
Router(config)# router lisp
Router(config-router-lisp)# eid-table default instance-id 0
Router(config-router-lisp-eid-table)# ipv6 route-import map-cache static route-map static-lisp
Router(config-router-lisp-eid-table)# Ctrl-Z
Router# show ipv6 lisp route-import
LISP IPv6 imported routes for EID-table default (IID 0)
Config: 1, Entries: 3
Prefix             Uptime      Source    Map-cache State
2001:DB8:A::/48    00:02:35    static    installed
2001:DB8:B::/48    00:02:35    static    installed
2001:DB8:C::/48    00:02:35    static    installed
Router#

In the following example, a PITR is configured to import IPv6 BGP routes representing EID prefixes to be used for signaling the LISP control plane to send a Map-Request message for EID-to-RLOC mapping resolution. A route map called bgp-lisp is also configured to filter on BGP routes matching the tag 123. The resultant imported BGP routes are then shown using the show ipv6 lisp route-import command.

Router(config)# route-map bgp-lisp permit 10
Router(config-route-map)# match tag 123
Router(config-route-map)# exit
Router(config)# route lisp 
Router(config-router-lisp)# eid-table default instance-id 0
Router(config-router-lisp-eid-table)# ipv6 route-import map-cache bgp 123 route-map bgp-lisp
Router(config-router-lisp-eid-table)# Ctrl-Z
Router# show ipv6 lisp route-import
LISP IPv6 imported routes for EID-table default (IID 0)
Config: 1, Entries: 3
Prefix             Uptime    Source    Map-cache State
2001:DB8:A::/48    4d12h     bgp       installed
2001:DB8:B::/48    4d12h     bgp       installed
2001:DB8:C::/48    4d12h     bgp       installed
Router#

Related Commands

Command	Description
clear ipv6 lisp route-import	Clears the current IPv6 Routing Information Base (RIB) routes imported into LISP.
ipv6 route-import maximum-prefix	Configures the maximum number of IPv6 prefixes permitted to be dynamically imported into the PITR map cache for use in defining proxy EID space.
map-cache	Configures a static IPv4 or IPv6 EID-to-RLOC mapping relationship and its associated traffic policy, or statically configures the packet handling behavior associated for a specified destination IPv4 or IPv6 EID prefix.
show ipv6 lisp route-import	Displays the current IPv6 RIB routes imported into LISP.

ipv6 route-import maximum-prefix

To configure a limit to the number of IPv6 Locator ID Separation Protocol (LISP) endpoint identifier (EID) prefixes that a Proxy Ingress Tunnel Router (PITR) can dynamically import, use the ipv6 route-import maximum-prefix command in LISP EID table configuration mode. To remove this limit, use the no form of this command.

ipv6 route-import maximum-prefix max-limit [ threshold ] [ warning-only ]

no ipv6 route-import maximum-prefix max-limit [ threshold ] [ warning-only ]

Syntax Description

max-limit	Specifies the maximum number of IPv6 prefixes that can be imported to define EID address space in the map cache.
threshold	(Optional) Specifies the threshold value (in percent) at which to generate a warning message while importing IPv6 prefixes.
warning-only	(Optional) Specifies that only a warning message is given and entries are not limited.

Command Default

An IPv6 route-import maximum-prefix limit is not configured.

Command Modes

LISP EID table configuration (config-router-lisp-eid-table)

Command History

Release	Modification
15.2(3)T	This command was introduced.

Usage Guidelines

When the ipv6 route-import map-cache command is configured, it may also be desired to configure a limit on the number of EID prefixes that can be imported by the PITR. This can be accomplished by configuring the ipv6 route-import maximum-prefix command. When the optional threshold value is specified, expressed as a percentage of the maximum limit, a warning message is generated when the number of IPv6 prefixes exceeds the threshold percentage. The warning-only keyword permits all prefixes to be imported but alerts the user when the threshold is exceeded.

Examples

In the following example, a PITR is configured to import IPv6 BGP routes representing EID prefixes to be used for signaling the LISP control plane to send a Map Request message for EID-to-RLOC mapping resolution. A route map called bgp-lisp is also configured to filter on BGP routes matching the tag 123. In addition, a limit is placed on the number of IPv6 prefixes that can be imported using the ipv6 route-import maximum-prefix command. In the example below, a limit of two is specified. The resultant imported BGP routes are then shown using the show ipv6 lisp route-import command.

Router(config)# route-map bgp-lisp permit 10
Router(config-route-map)# match tag 123
Router(config-route-map)# exit
Router(config)# router lisp
Router(config-router-lisp)# eid-table default instance-id 0
Router(config-router-lisp-eid-table)# ipv6 route-import map-cache bgp 123 route-map bgp-lisp
Router(config-router-lisp-eid-table)# ipv6 route-import maximum-prefix 2
Router(config-router-lisp-eid-table)# Ctrl-Z
Router# show ipv6 lisp route-import
LISP IPv6 imported routes for EID-table default (IID 0)
Config: 1, Entries: 2
Prefix             Uptime    Source    Map-cache State
2001:DB8:A::/48    4d12h     bgp       installed
2001:DB8:B::/48    4d12h     bgp       installed
Router#

Related Commands

Command	Description
clear ipv6 lisp route-import	Clears the current IPv6 Routing Information Base (RIB) routes imported into LISP.
ipv6 route-import map-cache	Configures a Proxy ITR to dynamically import IPv6 LISP EID space for which it is proxying.
map-cache	Configures a static IPv4 or IPv6 EID-to-RLOC mapping relationship and its associated traffic policy, or statically configures the packet handling behavior for a specified destination IPv4 or IPv6 EID-prefix.
show ipv6 lisp route-import	Displays the current IPv6 RIB routes imported into LISP.

ipv6 solicit-map-request ignore

To configure an Ingress Tunnel Router (ITR) to ignore an IPv6 map-request message that has the solicit-map-request (SMR) bit set, use the ipv6 solicit-map-request ignore command in Locator/ID Separation Protocol (LISP) configuration mode. To disable the ignore setting for this feature, use the no form of this command.

ipv6 solicit-map-request ignore

no ipv6 solicit-map-request ignore

Syntax Description

This command has no arguments or keywords.

Command Default

A LISP ITR will respond to an IPv6 map-request message that has the SMR bit set when it has an existing IPv6 map-cache entry for the endpoint identifier (EID) in the SMR map-request.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
Cisco IOS XE Release 3.3.0S	This command was introduced.
15.1(4)M	This command was integrated into Cisco IOS Release 15.1(4)M.

Usage Guidelines

When a change occurs on an Egress Tunnel Router (ETR) for some attribute of an IPv6 EID prefix configured using the database-mapping command such as an associated RLOC, priority, or weight, the ETR will automatically attempt to inform all LISP sites with which it has recently been communicating of this change. The ETR informs the other xTRs (with which it has recently been communicating) by sending a map request with the SMR bit in the header set to on to the RLOC addresses of those other xTRs. The ETR obtains the RLOC addresses by reviewing its own IPv6 LISP map cache, which contains these entries for the most recent conversations.

When an xTR receives the SMR map-request message from the ETR, the default response of the xTRs is to send a new map-request message with the SMR bit cleared through the Mapping System (such as through the configured map resolver) to get an up-to-date mapping for the EID indicated in the SMR map request.

After the map reply is received by the ETR for the new map request, the xTR has an updated cache entry representing the changed state of the ETR that initially sent the SMR map request (as will all other xTRs that completed the SMR map-request process).

By default, xTRs process and respond to any map-request message that has the SMR bit set to on. Use the ipv6 solicit-map-request ignore command to disable this behavior, causing xTRs to ignore all map-request messages that have the SMR bit set to on. To restore SMR map-request handling capabilities, use the no form of this command.

Note

A LISP ITR responds to an SMR map request only when it has an existing IPv4 map-cache entry for the EID in the SMR map request. If it does not have an entry, the SMR map request is ignored.

Examples

The following example shows how to configure the xTR to ignore map-request messages that have the SMR bit set:

Router(config)# router lisp
Router(config-router-lisp)# ipv6 solicit-map-request ignore

Related Commands

Command	Description
database-mapping	Configures an IPv6 EID-to-RLOC mapping relationship and its associated traffic policy.
IPv6 etr	Configures the router to act as an IPv6 LISP ETR.
IPv6 itr	Configures the router to act as an IPv6 LISP ITR.

ipv6 use-petr

To configure a router to use an IPv6 Locator/ID Separation Protocol (LISP) Proxy Egress Tunnel Router (PETR), use the ipv6 use-petr command in LISP configuration mode. To remove the use of a LISP PETR, use the no form of this command.

ipv6 use-petr locator-address [ priority priority weight weight ]

no ipv6 use-petr locator-address [ priority priority weight weight ]

Syntax Description

locator-address	IPv6 locator address of the PETR.
priority priority	(Optional) Specifies the priority (value between 0 and 255) assigned to this PETR. A lower value indicates a higher priority.
weight weight	(Optional) Specifies the percentage of traffic to be load-shared (value between 0 and 100).

Command Default

The router does not use PETR services.

Command Modes

LISP configuration (config-router-lisp)

Command History

Release	Modification
15.1(1)XB1	This command was introduced.
Cisco IOS XE Release 3.3S	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
15.1(4)M	This command was modified. Support for this command was removed at the global configuration level and added for LISP configuration mode. Also, the lisp keyword was removed from the command syntax.
Cisco IOS XE Release 3.6S	This command was modified. The priority priority and weight weight keywords and arguments were added.
15.2(3)T	This command was modified. The priority priority and weight weight keywords and arguments were added.

Usage Guidelines

Use the ipv6 use-petr command to enable an Ingress Tunnel Router (ITR) or Proxy Ingress Tunnel Router (PITR) to use IPv6 PETR services. When the use of PETR services is enabled, instead of natively forwarding LISP endpoint identifier (EID) (source) packets destined to non-LISP sites, these packets are LISP-encapsulated and forwarded to the PETR. Upon receiving these packets, the PETR de-encapsulates them and then forwards them natively toward the non-LISP destination. An ITR or PITR can be configured to use PETR services.

PETR services may be necessary in several cases:

By default when a LISP site forwards packets to a non-LISP site natively (not LISP encapsulated), the source IP address of the packet is that of an EID. When the provider side of the access network is configured with strict unicast reverse path forwarding (uRPF) or an anti-spoofing access list, it may consider these packets to be spoofed and drop them since EIDs are not advertised in the provider core network. In this case, instead of natively forwarding packets destined to non-LISP sites, the ITR encapsulates these packets using its site locator(s) as the source address and the PETR as the destination address. (Note that packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR as normal.)

Note

The use of the ipv6 use-petr command does not change LISP-to-LISP or non-LISP-to-non-LISP forwarding behavior. LISP EID packets destined for LISP sites will follow normal LISP forwarding processes and be sent directly to the destination ETR as normal. Non-LISP-to-non-LISP packets are never candidates for LISP encapsulation and are always forwarded natively according to normal processes.

When a LISP IPv4 (EID) site needs to connect to a non-LISP IPv4 site and the ITR locators or some portion of the intermediate network does not support IPv4 (it is IPv6 only), the PETR can be used to traverse (hop over) the address family incompatibility, assuming that the PETR has both IPv4 and IPv6 connectivity. The ITR in this case can LISP-encapsulate the IPv4 EIDs with IPv6 locators destined for the PETR, which de-encapsulates the packets and forwards them natively to the non-LISP IPv4 site over its IPv4 connection. In this case, the use of the PETR effectively allows the LISP device to traverse the IPv6 portion of a network using the LISP mixed protocol encapsulation support.

Note
Because LISP supports mixed protocol encapsulations, the locator specified for the PETR in this case can either be an IPv4 or IPv6 address.

Up to eight PETR locators can be entered per address family. When multiple entries are made, the packet forwarding behavior is as follows:

When multiple PETRs are configured using the ipv6 use-petr command by itself (that is, without the optional priority and weight configurations), packets are sent to each PETR based on hash-based load sharing.
When multiple PETRs are configured using the ipv6 use-petr command and including the optional priority and weight configurations, packets are sent to each PETR according the normal LISP priority and weight load sharing algorithms. The priority configuration is used to determine load-sharing among PETR resources when multiple PETRs are specified. The weight configuration is used to determine how to loadshare traffic between multiple PETRs of identical priority when multiple PETRs are specified. The value represents the percentage of traffic to be load-shared.

Note

The use of the ipv6 use-petr command by itself (that is, without the optional priority and weight configurations) and with the optional priority and weight configurations at the same time is not permitted. Only one method may be used. If the ipv6 use-petr command is already configured without priority and weight, adding an additional PETR entry that includes priority and weight is not permitted. All entries that do not include priority and weight must first be removed prior to adding any entries that include priority and weight.

Examples

The following example shows how to configure an ITR to use the PETR with the IPv4 locator of 10.1.1.1. In this case, LISP site IPv6 EIDs destined for IPv6 non-LISP sites will be encapsulated in an IPv4 LISP header to the PETR located at 10.1.1.1. When it receives these packets, the PETR will strip the IPv4 LISP encapsulation and natively forward the IPv6 packets toward their IPv6 non-LISP destination. (This assumes that the PETR supports dual-stack connectivity.)

Router(config)# router lisp
Router(config-router-lisp)# ipv6 use-petr 10.1.1.1

The following example configures an ITR to use two PETRs: one has an IPv4 locator of 10.1.1.1 and is configured as the primary PETR (priority 1 weight 100), and the other has an IPv4 locator of 10.1.2.1 and is configured as the secondary PETR (priority 2 weight 100). In this case, LISP site IPv6 EIDs destined to non-LISP IPv6 sites will be encapsulated in an IPv4 LISP header to the primary PETR located at 10.1.1.1 unless it fails, in which case the secondary will be used.

Router(config-router-lisp)# ipv6 use-petr 10.1.1.1 priority 1 weight 100
Router(config-router-lisp)# ipv6 use-petr 10.1.2.1 priority 2 weight 100

Related Commands

Command	Description
ipv4 use-petr	Configures a router to use an IPv4 LISP PETR.
ipv6 proxy-etr	Configures the router to act as an IPv6 LISP PETR.