Cisco Nexus 7000 Series Command Reference Manual

Nx-os lisp command reference
Hide thumbs Also See for Nexus 7000 Series:
Table of Contents
S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m .
Cisco Nexus 7000 Series NX-OS LISP
Command Reference
July 2011
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-25345-01
Table of Contents
loading

Summary of Contents for Cisco Nexus 7000 Series

  • Page 1 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Cisco Nexus 7000 Series NX-OS LISP...
  • Page 2 OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.
  • Page 3: Table Of Contents

    LSP-38 ip lisp hardware-forwarding LSP-40 ip lisp itr LSP-41 ip lisp itr map-resolver LSP-43 ip lisp itr send-data-probe LSP-45 ip lisp itr-etr LSP-47 ip lisp locator-down LSP-49 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 4 LSP-105 ipv6 lisp map-cache-limit LSP-107 ipv6 lisp map-request-source LSP-109 ipv6 lisp map-resolver LSP-111 ipv6 lisp map-server LSP-113 ipv6 lisp nat-transversal LSP-115 ipv6 lisp proxy-etr LSP-117 pv6 lisp proxy-itr LSP-119 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 5 LSP-176 show ipv6 lisp map-cache LSP-178 show ipv6 lisp statistics LSP-180 show ipv6 lisp translation-cache LSP-182 show lisp dynamic-eid LSP-183 show lisp proxy-itr LSP-185 show lisp site LSP-186 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 6 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Cisco Nexus 7000 Series NX-OS LISP Command Reference...
  • Page 7: Preface

    S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Preface This preface describes the audience, organization, and conventions of the Cisco Nexus 7000 Series NX-OS LISP Command Reference. It also provides information on how to obtain related documentation.
  • Page 8: Related Documentation

    Cisco Nexus 7000 Series NX-OS FabricPath Configuration Guide Configuring Feature Set for FabricPath Cisco NX-OS FCoE Configuration Guide for Cisco Nexus 7000 and Cisco MDS 9500 Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide, Release 5.x Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide, Release 5.x Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x...
  • Page 9 Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x Cisco Nexus 7000 Series NX-OS Getting Started with Virtual Device Contexts, Release 5.x NX-OS Command References Cisco Nexus 7000 Series NX-OS Command Reference Master Index, Release 5.x...
  • Page 10: Obtaining Documentation And Submitting A Service Request

    Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html...
  • Page 11: Cisco Nexus 7000 Series Lisp Commands

    S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Cisco Nexus 7000 Series LISP Commands This chapter describes the Cisco Nexus 7000 Series NX-OS Locator/ID Separation Protocol (LISP) commands.
  • Page 12: Allowed-Locator Lsp-2

    Map Server within the LISP site configuration must also appear in the Map-Register message sent by the ETR for it to be accepted. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-2...
  • Page 13 Related Commands Command Description Configures a LISP site and enters site configuration mode on a Map Server. lisp site Displays registered LISP sites on a Map Server. show lisp site Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-3...
  • Page 14: Authentication-Key Lsp-4

    0. To enter a 3DES-encrypted password, specify a key-type value of 3. To enter a Cisco-encrypted password, specify a key-type value of 7. Map-Server authentication keys entered in cleartext form automatically are converted to Type 3 Caution (encrypted) form.
  • Page 15 Configures the IPv4 or IPv6 locator address of the LISP Map Server to ipv6 lisp etr which an ETR should register for its IPv6 EID prefixes. map-server Displays registered LISP sites on a Map Server. show lisp site Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-5...
  • Page 16: Clear Ip Lisp Data-Cache Lsp-6

    This example shows how to clear the LISP IPv4 data cache: Examples switch# clear ip lisp data-cache Related Commands Command Description Displays the LISP IPv4 EID-to-RLOC data-cache mapping on an ITR. show ip lisp data-cache Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-6...
  • Page 17: Clear Ip Lisp Map-Cache Lsp-7

    LISP IP Mapping Cache for VRF "default", 2 entries 153.16.1.0/24, uptime: 00:00:06, expires: 23:59:53, via map-reply, auth Locator Uptime State Priority/ Data Control Weight in/out in/out 129.250.1.255 00:00:06 254/0 129.250.26.242 00:00:06 1/100 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-7...
  • Page 18 153.16.12.0/24, uptime: 00:00:46, expires: 23:59:13, via map-reply, self Locator Uptime State Priority/ Data Control Weight in/out in/out 128.223.156.23 00:00:46 1/100 switch# Related Commands Command Description show ip lisp map-cache Displays current dynamic and static IPv4 EID-to-RLOC map-cache entries. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-8...
  • Page 19: Clear Ip Lisp Statistics Lsp-9

    This example shows how to clear the LISP ITR and ETR IPv4 address-family packet count statistics: Examples switch# clear ip lisp statistics switch# Related Commands Command Description Displays LISP IPv4 address-family statistics. show ip lisp statistics Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-9...
  • Page 20: Clear Ipv6 Lisp Data-Cache Lsp-10

    This example shows how to clear the LISP IPv6 data-cache: Examples switch# clear ipv6 lisp data-cache Related Commands Command Description Displays the LISP IPv6 EID-to-RLOC data-cache mapping on an ITR. show ipv6 lisp data-cache Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-10...
  • Page 21: Clear Ipv6 Lisp Map-Cache Lsp-11

    LISP IP Mapping Cache for VRF "default", 2 entries 153.16.1.0/24, uptime: 00:00:06, expires: 23:59:53, via map-reply, auth Locator Uptime State Priority/ Data Control Weight in/out in/out 129.250.1.255 00:00:06 254/0 129.250.26.242 00:00:06 1/100 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-11...
  • Page 22 LISP IPv6 Mapping Cache for VRF "default", 0 entries switch# Related Commands Command Description Displays current dynamic and static IPv6 EID-to-RLOC map-cache entries. show ipv6 lisp map-cache Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-12...
  • Page 23: Clear Ipv6 Lisp Statistics Lsp-13

    This example shows how to clear the LISP ITR and ETR IPv6 address-family packet count statistics: Examples switch# clear ipv6 lisp statistics switch# Related Commands Command Description Displays LISP IPv6 address-family statistics. show ipv6 lisp statistics Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-13...
  • Page 24: Clear Lisp Dynamic-Eid Lsp-14

    30.1.110.104, Ethernet2/5, uptime: 00:08:06, last activity: 0.998355 This example shows how to remove all dynamically learned dynamic EIDs that are associated with the configured dynamic-EID policy: switch# clear lisp dynamic-eid bc4 switch# Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-14...
  • Page 25 Configures a LISP site and enters site configuration mode on a Map-Server. lisp site Configures an interface on an ITR to support LISP VM-mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-15...
  • Page 26: Clear Lisp Proxy-Itr Lsp-16

    This example shows how to clear the list of PITR locators that have been discovered through Examples Map-Requests: switch# clear lisp proxy-itr Related Commands Command Description Displays a list of PITRs discovered through Map-Requests. show lisp proxy-tir Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-16...
  • Page 27: Clear Lisp Site Lsp-17

    This example shows how to clear the registration data for the specified LISP site: Examples switch# clear lisp site Customer-1 switch# Related Commands Command Description Displays LISP site information. This command is applicable only for the show lisp site Map-Server. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-17...
  • Page 28: Database-Mapping Lsp-18

    Both the dynamic-EID-prefix and locator can be either an IPv4 or IPv6 address. All database-mapping dynamic-EID subcommands must be consistent on all LISP-VM switches that Note support the same roaming dynamic-EID. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-18...
  • Page 29 Configures a LISP site and enters site configuration mode on a Map Server. lisp site Configures an interface on an ITR to participate in LISP VM mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-19...
  • Page 30: Description

    Customer-1 Site Information Related Commands Command Description Configures a LISP site and enters site configuration mode on a Map Server. lisp site Displays registered LISP sites on a Map Server. show lisp site Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-20...
  • Page 31: Eid-Prefix

    Map Server compares the EID-prefixes within the Map Register message against those configured on the Map Server for the LISP site. If they agree, the Map Register Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 32 This example shows how to configure the IPv4 EID-prefix 192.168.1.0/24 with the instance ID of 123 for the LISP site Customer-2: switch# configuration terminal switch(config)# lisp site Customer-2 switch(config-lisp-site)# eid-prefix instance-id 123 192.168.1.0/24 route-tag 123 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-22...
  • Page 33 Configures a LISP site and enters site configuration mode on a Map Server. lisp site Configures the LISP dynamic-EID roaming policy. lisp dynamic-eid Associates a LISP dynamic-EID roaming policy to an interface. lisp mobility Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-23...
  • Page 34: Instance-Id

    This command does not require a license. This example shows how to configure an instance ID for the dynamic-EID policy Roamer-1: Examples switch# configuration terminal switch(config)# lisp dynamic-eid Roamer-1 switch(config-lisp-dynamic-eid)# instance-id 123 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-24...
  • Page 35 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Enters the LISP Map-Server site configuration mode subcommand for eid-prefix configuring the EID-prefix and associated instance ID for a LISP site. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-25...
  • Page 36: Ip Lisp Alt-Vrf

    • need not use the ip lisp alt-vrf command. When you configure a Cisco NX-OS device as a LISP PITR, you can use the ip lisp alt-vrf • command if you are using the ALT for EID-to-RLOC mapping resolution. You can configure PITRs to send a Map-Request to a configured Map-Resolver for EID-to-RLOC mapping resolution as an alternative to sending a Map-Request directly over the LISP ALT.
  • Page 37 Configures the IPv4 or IPv6 locator address of the LISP Map-Resolver to which the ITR sends IPv4 Map-Request messages. Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp it Router (ITR).
  • Page 38: Ip Lisp Database-Mapping

    IPv4 EID-prefix block, including its associated locator, priority and weight. The IPv4 EID-prefix is the LISP IPv4 EID-prefix block that is associated with the site that the Cisco NX-OS Series device registers as being authoritative with a Map-Server. The locator is typically the IPv4 or IPv6 address of a loopback interface but can be the IPv4 or IPv6 address of any interface used as the Routing Locator (RLOC) address for the EID-prefix assigned to the site.
  • Page 39 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . When you configure a Cisco NX-OS Series device is as an egress tunnel router (ETR), these LISP database-mapping parameters are advertised within a Map-Reply message to indicate the ingress traffic preferences of the site for the associated EID-prefix block.
  • Page 40 Configures an ETR with a private locator that is sited behind a NAT device to dynamically determine its NAT-translated public globally routed locator address for the applied interface. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-30...
  • Page 41 5.0(1.13) This command was introduced. Use the ip lisp etr command to enable the Cisco NX-OS device to perform IPv4 LISP Egress Tunnel Usage Guidelines Router (ETR) functionality. When you configure a Cisco NX-OS device as an IPv4 ETR, also use ip lisp database-mapping command so that the ETR knows what EID-prefix blocks and corresponding locators are used for the LISP site.
  • Page 42 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . This example shows how to configure the IPv4 LISP ETR functionality on the Cisco NX-OS device:...
  • Page 43: Ip Lisp Etr Accept-Map-Request-Mapping

    Map-cache entries can remain in the tentative state for up to one minute; therefore, you might want to clear these entries manually when this command is removed. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-33...
  • Page 44 Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip lisp etr Router (ETR). clear ip lisp map-cache Clears the LISP IPv4 map-cache on the local Cisco NX-OS device. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-34...
  • Page 45: Ip Lisp Etr Glean-Mapping

    Map-Reply. The gleaned locator will then be used. When you specify the verify keyword, the locator is used to forward traffic and all packets are dropped until the Map-Reply is returned. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 46 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip lisp etr Router (ETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-36...
  • Page 47: Ip Lisp Etr Map-Cache-Ttl

    120 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip list etr Router (ETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 48: Ip Lisp Etr Map-Server

    You can enter the SHA-1 HMAC password in unencrypted (cleartext) form or encrypted form. To enter an unencrypted password, specify a key-type value of 0. To enter a 3DES-encrypted password, specify a key-type value of 3. To enter a Cisco-encrypted password, specify a key-type value of 7. Cisco Nexus 7000 Series NX-OS LISP Command Reference...
  • Page 49 Configures an IPv4 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip lisp etr Router (ETR). Configures an interface on an ITR to participate in LISP VM-mobility lisp mobility (dynamic-EID roaming).
  • Page 50: Ip Lisp Hardware-Forwarding

    Cisco NX-OS device hardware. This command does not require a license. This example shows how to disables IPv4 LISP hardware forwarding on the Cisco Nexus 7000 Series Examples switch: switch# configure terminal...
  • Page 51 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . ip lisp itr To configure a Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel Router (ITR), use the ip lisp itr command. To remove LISP ITR functionality, use the no form of this command.
  • Page 52 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . This command does not require a license. This example shows how to configure the IPv4 LISP ITR on the Cisco NX-OS device: Examples...
  • Page 53: Ip Lisp Itr Map-Resolver

    When you use the ip lisp itr map-resolver command, the ITR or PITR does not run the LISP-ALT. All Note commands related to the ALT-VRF are ignored (and may be removed). This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-43...
  • Page 54 Configures which VRF that LISP should use when sending Map Requests ip lisp alt-vrf for an IPv4 EID-to-RLOC mapping directly over the ALT. Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp itr Router (ITR).
  • Page 55: Ip Lisp Itr Send-Data-Probe

    LISP-ALT. The LISP-ALT is intended to function solely as a control plane mechanism for LISP and its use subjects it to denial of service attacks. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-45...
  • Page 56 Map Requests for an IPv4 EID-to-RLOC mapping directly over the ALT. ip lisp itr map-resolver Configures the IPv4 or IPv6 locator address of the LISP Map-Resolver to which the ITR sends IPv4 Map-Request messages. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-46...
  • Page 57: Ip Lisp Itr-Etr

    S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . ip lisp itr-etr To configure a Cisco NX-OS device to act as both an IPv4 LISP Ingress Tunnel Router (ITR) and Egress Tunnel Router (ETR), use the ip lisp itr-etr command. To remove the LISP ITR functionality, use the no form of this command.
  • Page 58 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip lisp etr Router (ETR). Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp itr Router (ITR).
  • Page 59: Ip Lisp Locator-Down

    (up), remove the configuration using the no form of this command. ip lisp locator-down EID-prefix/prefix-length locator no ip lisp locator-down EID-prefix/prefix-length locator IPv4 EID prefix and length advertised by the Cisco NX-OS device. Syntax Description EID-prefix/prefix-length IPv4 or IPv6 Routing Locator (RLOC) associated with this EID-prefix.
  • Page 60 Configures an IPv4 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp itr Router (ITR). Configures a static IPv4 EID-prefix to locator map-cache entry.
  • Page 61: Ip Lisp Locator-Vrf

    When you configure mixed address families (for example, IPv4 EIDs and IPv6 locators or IPv6 EIDs Note and IPv4 locators), use the ip lisp locator-vrf command. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-51...
  • Page 62 ETR should register for its IPv4 EID prefixes. ip lisp itr map-resolver Configures the locator address of the LISP Map-Resolver to which the ITR sends Map-Request messages. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-52...
  • Page 63: Ip Lisp Map-Cache

    Optional) Forwards packets natively that match this map-cache entry. native-forward None Defaults Global configuration mode Command Modes network-admin Supported User Roles vdc-admin Command History Release Modification 5.0(1.13) This command was introduced. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-53...
  • Page 64 Configures an IPv4 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp itr Router (ITR). ip lisp map-cache-limit Configures the maximum number of IPv4 LISP map-cache entries allowed to be stored by the Cisco NX-OS device.
  • Page 65: Ip Lisp Map-Cache-Limit

    To configure the maximum number of IPv4 Locator/ID Separation Protocol (LISP) map-cache entries allowed to be stored by the Cisco NX-OS device, use the ip lisp map-cache-limit command. To remove the configured map-cache limit, use the no form of this command.
  • Page 66 Related Commands Command Description Configures a static IPv4 EID-prefix to locator map-cache entry. ip lisp map-cache clear ip lisp map-cache Clears the LISP IPv4 map-cache on the local Cisco NX-OS device. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-56...
  • Page 67: Ip Lisp Map-Request-Source

    IPv4 or IPv6 source address to be used in LISP IPv4 Map-Request messages. Syntax Description source-address The Cisco NX-OS device uses one of the locator addresses that you configure by using the ipv6 lisp Defaults database-mapping command as the default source address for LISP Map-Request messages.
  • Page 68 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures an IPv4 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-58...
  • Page 69: Ip Lisp Map-Resolver

    Release Modification 5.0(1.13) This command was introduced. Use the ip lisp map-resolver command to enable the Cisco NX-OS device to perform the IPv4 LISP Usage Guidelines Map-Resolver (MR) functionality. A LISP Map-Resolver is deployed as a LISP Infrastructure component. A Map-Resolver receives a LISP Encapsulated Control Message (ECM) that contains a Map-Request from a LISP ITR directly over the underlying locator-based network.
  • Page 70 The Map-Resolver can only query EID-tables that are maintained by the concurrent Map-Server for EID-to-RLOC mapping resolution in a virtualized LISP deployment. This command does not require a license. This example shows how to configure the IPv4 LISP Map-Resolver functionality on the Cisco NX-OS Examples device:...
  • Page 71: Ip Lisp Map-Server

    Modification 5.0(1.13) This command was introduced. Use the ip lisp map-server command to enable the Cisco NX-OS device to perform IPv4 LISP Usage Guidelines Map-Server (MS) functionality. A LISP Map-Server is deployed as a LISP Infrastructure component. LISP site commands are configured on the Map Server for a LISP egress tunnel router (ETR) that registers to it, including an authentication key, which must match the one also configured on the ETR.
  • Page 72 The Map-Resolver can only query EID-tables that are maintained by the concurrent Map-Server for EID-to-RLOC mapping resolution in a virtualized LISP deployment. This command does not require a license. This example shows how to configure the IPv4 LISP Map-Server functionality on the Cisco NX-OS Examples device:...
  • Page 73: Ip Lisp Nat-Transversal

    This example shows how to configure the ETR to dynamically determine its public global routing locator Examples when it is behind a NAT device: switch# configuration terminal switch(config)# interface Ethernet 2/0 switch(config-if)# ip lisp nat-transversal Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-63...
  • Page 74 Description Configures an IPv6 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Configures the switch to act as an IPv4 LISP Egress Tunnel Router (ETR). ip lisp etr Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-64...
  • Page 75: Ip Lisp Proxy-Etr

    S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . ip lisp proxy-etr To configure the Cisco NX-OS device to act as the IPv4 Locator/ID Separation Protocol (LISP) Proxy Egress Tunnel Router (PETR), use the ip lisp proxy-etr command. To remove the LISP PETR functionality, use the no form of this command.
  • Page 76 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . This example shows how to configure the Cisco NX-OS device to act as an IPv4 LISP PETR:...
  • Page 77: Ip Lisp Proxy-Itr

    S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . ip lisp proxy-itr To configure a Cisco NX-OS device to act as an IPv4 Locator/ID Separation Protocol (LISP) Proxy Ingress Tunnel Router (PITR), use the ip lisp proxy-itr command. To remove the LISP PITR functionality, use the no form of this command.
  • Page 78 NX-OS you can configure a Cisco NX-OS device to support both ITR and PITR functionality at the same time. If you configure a Cisco NX-OS device as an ITR and as a PITR, preference goes to PITR functionality for packet processing.
  • Page 79: Ip Lisp Shortest-Eid-Prefix-Length

    Map-Request, if also configured. That is, if the EID-prefix mask length is less than the configured value, the verifying Map-Request is not sent and the mapping data is not accepted. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-69...
  • Page 80 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . This example shows how to configure the Cisco NX-OS device to accept a minimum IPv4 EID-prefix...
  • Page 81: Ip Lisp Source-Locator

    Modification 5.0(1.13) This command was introduced. When sending a LISP-encapsulated packet (data or control message), Cisco NX-OS device performs a Usage Guidelines destination lookup to determine the appropriate outgoing interface. By default, the IPv4 address of this outgoing interface is used as the source locator for the outbound LISP encapsulated packet.
  • Page 82 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . switch(config-if)# ip lisp source-locator Loopback0 Related Commands Command Description Configures the switch to act as an IPv4 LISP Ingress Tunnel Router (ITR). ip lisp itr Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-72...
  • Page 83: Ip Lisp Translate

    In the opposite direction when acting as an ETR, it replaces the routable EID referred to by the outside keyword with the no-routable EID referred to by the inside keyword. The outside EID address can be assigned to the Cisco NX-OS device itself, in which case it responds to Note ARP requests, ICMP echo-requests (ping) and any other packet sent to this address.
  • Page 84 192.168.10.1 outside 10.1.10.1 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip lisp etr Router (ETR). Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp itr Router (ITR).
  • Page 85: Ip Lisp Use-Petr

    To configure a Cisco NX-OS device to use an IPv4 LISP Proxy Egress Tunnel Router (PETR), use the ip lisp use-petr command. To remove the use of a LISP PETR, use the no form of this command.
  • Page 86 10.1.1.1 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv4 LISP Proxy Egress ip lisp proxy-etr Tunnel Router (PETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-76...
  • Page 87: Ipv6 Lisp Alt-Vrf

    • need not use the ipv6 lisp alt-vrf command. When you configure a Cisco NX-OS device as a LISP PITR, you can use the ip lisp alt-vrf • command if you are using the ALT for EID-to-RLOC mapping resolution. You can configure PITRs to send a Map-Request to a configured Map-Resolver for EID-to-RLOC mapping resolution as an alternative to sending a Map-Request directly over the LISP ALT.
  • Page 88 Configures the locator address of the LISP Map-Resolver to which the ITR ipv6 lisp itr sends Map-Request messages. map-resolver Configures the Cisco NX-OS device to act as a LISP Ingress Tunnel Router ipv6 lisp itr (ITR). Configures the Cisco NX-OS device to act as a LISP Proxy Ingress Tunnel ipv6 lisp pitr Router (PITR).
  • Page 89: Ipv6 Lisp Database-Mapping

    IPv4 EID-prefix block, including its associated locator, priority and weight. The IPv6 EID-prefix is the LISP IPv6 EID-prefix block that is associated with the site that the Cisco NX-OS Series device registers as being authoritative with a Map-Server. The locator is typically the IPv4 or IPv6 address of a loopback interface but can be the IPv4 or IPv6 address of any interface used as the Routing Locator (RLOC) address for the EID-prefix assigned to the site.
  • Page 90 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . When you configure a Cisco NX-OS Series device is as an egress tunnel router (ETR), these LISP database-mapping parameters are advertised within a Map-Reply message to indicate the ingress traffic preferences of the site for the associated EID-prefix block.
  • Page 91 Configures an ETR with a private locator that is sited behind a NAT device ipv6 lisp to dynamically determine its NAT-translated public globally routed locator nat-transversal address for the applied interface. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-81...
  • Page 92: Ipv6 Lisp Etr

    5.0(1.13) This command was introduced. Use the ipv6 lisp etr command to enable the Cisco NX-OS device to perform IPv4 LISP Egress Tunnel Usage Guidelines Router (ETR) functionality. When you configure a Cisco NX-OS device as an IPv4 ETR, also use ipv6 lisp database-mapping command so that the ETR knows what EID-prefix blocks and corresponding locators are used for the LISP site.
  • Page 93 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . This example shows how to configure IPv6 LISP ETR functionality on the Cisco NX-OS device:...
  • Page 94: Ipv6 Lisp Etr Accept-Map-Request-Mapping

    Map-cache entries can remain in the tentative state for up to one minute; therefore, you might want to clear these entries manually when this command is removed. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-84...
  • Page 95 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv6 LISP Egress Tunnel ipv6 lisp etr Router (ETR). Clears the LISP IPv6 map cache on the local Cisco NX-OS device.
  • Page 96: Ipv6 Lisp Etr Glean-Mapping

    Map-Reply. The gleaned locator will then be used. When you specify the verify keyword, the locator is used to forward traffic and all packets are dropped until the Map-Reply is returned. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-86...
  • Page 97 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv6 LISP Egress Tunnel ipv6 lisp etr Router (ETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01...
  • Page 98: Ipv6 Lisp Etr Map-Cache-Ttl

    120 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv6 LISP Egress Tunnel ipv6 lisp etr Router (ETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-88...
  • Page 99: Ipv6 Lisp Etr Map-Server

    You can enter the SHA-1 HMAC password in unencrypted (cleartext) form or encrypted form. To enter an unencrypted password, specify a key-type value of 0. To enter a 3DES-encrypted password, specify a key-type value of 3. To enter a Cisco-encrypted password, specify a key-type value of 7. Cisco Nexus 7000 Series NX-OS LISP Command Reference...
  • Page 100 Configures an IPv6 EID-to-RLOC mapping relationship and its associated ipv6 lisp traffic policy. database-mapping Configures the Cisco NX-OS device to act as an IPv6 LISP Egress Tunnel ipv6 lisp etr Router (ETR). Configures a LISP site and enters site configuration mode on a Map Server.
  • Page 101: Ipv6 Lisp Hardware-Forwarding

    S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . ipv6 lisp hardware-forwarding To enable hardware-forwarding specifically on the Cisco Nexus 7000 Series switch when at least one 32x10GE line card is installed, use the ipv6 lisp hardware-forwarding command. To disable this functionality, use the no form of this command.
  • Page 102 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Enables LISP functionality on the Cisco NX-OS device. lisp beta Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-92...
  • Page 103: Ipv6 Lisp Itr

    Tunnel Router (ITR) functionality. When a Cisco NX-OS device is configured as an ITR, if a packet is received for which no IPv6 destination address prefix match exists in the routing table or which matches a default route (you can...
  • Page 104 Configures the IPv4 or IPv6 locator address of the LISP Map-Resolver to ipv6 lisp itr which the ITR sends IPv6 Map-Request messages map-resolver Configures a static IPv6 EID-prefix to locator map-cache entry. ipv6 lisp map-cache Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-94...
  • Page 105: Ipv6 Lisp Itr Map-Resolver

    When you use the ipv6 lisp itr map-resolver command, the ITR or PITR does not run the LISP-ALT. Note All commands related to the ALT-VRF are ignored (and can be removed). This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-95...
  • Page 106 Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). ipv6 lisp itr Configures the source IPv4 or IPv6 address to be used in IPv6 LISP ipv6 lisp Map-Request messages. map-request-source Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-96...
  • Page 107: Ipv6 Lisp Itr Send-Data-Probe

    LISP-ALT. The LISP-ALT is intended to function solely as a control plane mechanism for LISP and its use subjects it to denial of service attacks. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-97...
  • Page 108 IPv6 EID-to-RLOC mapping directly over the ALT. Configured the IPv4 or IPv6 locator address of the LISP Map-Resolver to ipv6 lisp itr which the ITR sends IPv6 Map-Request messages. map-resolver Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-98...
  • Page 109: Ipv6 Lisp Itr-Etr

    Modification 5.0(1.13) This command was introduced. Use the ipv6 lisp itr-etr command to enable the Cisco NX-OS device to perform both IPv6 LISP Ingress Usage Guidelines Tunnel Router (ITR) and Egress Tunnel Router (ETR) functionality simultaneously, by using a single command.
  • Page 110 Configures the switch to act as an IPv6 LISP Egress Tunnel Router (ETR). ipv6 lisp etr Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). ipv6 lisp itr Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-100...
  • Page 111: Ipv6 Lisp Locator-Down

    (down) and the LISP site includes multiple ITRs, you must enter the ip lisp locator-down command on all ITRs at the site to ensure that the site consistently tells remote sites that the configured locator is not reachable. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-101...
  • Page 112 Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). ipv6 lisp itr Configures a static IPv6 EID-prefix to locator map-cache entry. ipv6 lisp map-cache Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-102...
  • Page 113: Ipv6 Lisp Locator-Vrf

    When you configure mixed address families (for example, IPv4 EIDs and IPv6 locators or IPv6 EIDs Note and IPv4 locators), use the ipv6 lisp locator-vrf command. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-103...
  • Page 114 ETR should register for its IPv6 EID prefixes map-server Configures the locator address of the LISP Map-Resolver to which the ITR ipv6 lisp itr sends Map-Request messages map-resolver Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-104...
  • Page 115: Ipv6 Lisp Map-Cache

    Optional) Forwards packets natively that match this map-cache entry. native-forward None Defaults Global configuration mode Command Modes network-admin Supported User Roles vdc-admin Command History Release Modification 5.0(1.13) This command was introduced. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-105...
  • Page 116 Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). ipv6 lisp itr Configures the maximum number of IPv6 LISP map-cache entries allowed ipv6 lisp to be stored by the switch. map-cache-limit Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-106...
  • Page 117: Ipv6 Lisp Map-Cache-Limit

    Use the ip lisp map-cache-limit command to control the maximum number of IPv6 LISP map-cache Usage Guidelines entries that are allowed to be stored on the Cisco NX-OS device. An optional reserve-list can be configured to guarantee that the Cisco NX-OS device always stores the referenced IPv6 EID-prefixes.
  • Page 118 Clears the LISP IPv6 map-cache on the local switch. clear ipv6 lisp map-cache Displays logs for Map-Request, Map-Reply, and other LISP IPv6 mapping debug ipv6 lisp activities mapping control Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-108...
  • Page 119: Ipv6 Lisp Map-Request-Source

    IPv4 or IPv6 source address to be used in LISP IPv6 Map-Request messages. Syntax Description ource-address The Cisco NX-OS device uses one of the locator addresses that you configure by using the ipv6 lisp Defaults database-mapping command as the default source address for LISP Map-Request messages.
  • Page 120 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures an IPv6 EID-to-RLOC mapping relationship and its associated ipv6 lisp traffic policy. database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-110...
  • Page 121: Ipv6 Lisp Map-Resolver

    Release Modification 5.0(1.13) This command was introduced. Use the ipv6 lisp map-resolver command to enable the Cisco NX-OS device to perform the IPv6 LISP Usage Guidelines Map-Resolver (MR) functionality. A LISP Map-Resolver is deployed as a LISP Infrastructure component. A Map-Resolver receives a LISP Encapsulated Control Message (ECM) that contains a Map-Request from a LISP ITR directly over the underlying locator-based network.
  • Page 122 Related Commands Command Description Configures which VRF that LISP should use when sending Map Requests ipv6 lisp alt-vrf for an IPv4 EID-to-RLOC mapping directly over the ALT. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-112...
  • Page 123: Ipv6 Lisp Map-Server

    Modification 5.0(1.13) This command was introduced. Use the ipv6 lisp map-server command to enable the Cisco NX-OS device to perform IPv6 LISP Usage Guidelines Map-Server (MS) functionality. A LISP Map-Server is deployed as a LISP Infrastructure component. LISP site commands are configured on the Map Server for a LISP egress tunnel router (ETR) that registers to it, including an authentication key, which must match the one also configured on the ETR.
  • Page 124 Related Commands Command Description Configure which VRF supporting the IPv6 address-family LISP should use ipv6 lisp alt-vrf when sending Map Requests for an IPv6 EID-to-RLOC mapping directly over the ALT. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-114...
  • Page 125: Ipv6 Lisp Nat-Transversal

    This example shows how to configure the ETR to dynamically determine its public global routing locator Examples when it is behind a NAT device: switch# configuration terminal switch(config)# interface Ethernet2/0 switch(config-if)# ipv6 lisp nat-transversal Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-115...
  • Page 126 Description Configures an IPv6 EID-to-RLOC mapping relationship and its associated ipv6 lisp traffic policy. database-mapping Configures the switch to act as an IPv4 LISP Egress Tunnel Router (ETR). ipv6 lisp etr Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-116...
  • Page 127: Ipv6 Lisp Proxy-Etr

    Use the ipv6 lisp proxy-etr command to enable the IPv4 LISP Proxy Egress Tunnel Router (PETR) Usage Guidelines functionality on the Cisco NX-OS device. The Cisco NX-OS device accepts LISP-encapsulated packets from an ingress tunnel router (ITR) or Proxy ITR (PITR) that are destined to non-LISP sites, deencapsulates them, and then forwards them natively toward the non-LISP destination.
  • Page 128 Configures the switch to act as an IPv6 LISP Egress Tunnel Router (ETR) ipv6 lisp etr Configures an ITR or PITR to use the PETR for traffic destined to non-LISP ipv6 lisp use-petr IPv6 destinations. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-118...
  • Page 129: Pv6 Lisp Proxy-Itr

    Use the ipv6 lisp proxy-itr command to enable IPv4 LISP Proxy Ingress Tunnel Router (PITR) Usage Guidelines functionality on the Cisco NX-OS device. The Cisco NX-OS device receives native packets from non-LISP sites that are destined for LISP sites, encapsulates them, and forwards them to the ETR that is authoritative for the destination LISP site EID.
  • Page 130 NX-OS you can configure a Cisco NX-OS device to support both ITR and PITR functionality at the same time. If you configure a Cisco NX-OS device as an ITR and as a PITR, preference goes to PITR functionality for packet processing.
  • Page 131: Ipv6 Lisp Shortest-Eid-Prefix-Length

    Map-Request is not sent and the mapping data is not accepted. This example shows how to configure the NX-OS device to accept a minimum IPv6 EID-prefix length: Examples switch# configuration terminal switch(config)# ipv6 lisp shortest-eid-prefix-length 40 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-121...
  • Page 132 Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). ipv6 lisp itr Configures the switch to act as an IPv6 LISP Proxy Ingress Tunnel Router ipv6 lisp proxy-itr (PITR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-122...
  • Page 133: Ipv6 Lisp Source-Locator

    Modification 5.0(1.13) This command was introduced. When sending a LISP-encapsulated packet (data or control message), Cisco NX-OS device performs a Usage Guidelines destination lookup to determine the appropriate outgoing interface. By default, the IPv6 address of this outgoing interface is used as the source locator for the outbound LISP encapsulated packet.
  • Page 134 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . switch(config-if)# ipv6 lisp source-locator Loopback0 Related Commands Command Description ipv6 lisp itr Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-124...
  • Page 135: Ipv6 Lisp Translate

    EID referred to by the outside keyword with the no-routable EID referred to by the inside keyword. The outside EID address can be assigned to the Cisco NX-OS device itself, in which case it responds to Note ARP requests, ICMP echo-requests (ping) and any other packet sent to this address. When you do not assign the outside EID to the device, the address does not answer ARP requests.
  • Page 136 Configures the switch to act as an IPv6 LISP Ingress Tunnel Router (ITR). ipv6 lisp itr Configures the switch to act as an IPv6 LISP Proxy Ingress Tunnel Router ipv6 lisp proxy-itr (PITR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-126...
  • Page 137: Ipv6 Lisp Use-Petr

    Modification 5.0(1.13) This command was introduced. Use ipv6 lisp use-petr command to enable the Cisco NX-OS device to use IPv6 Proxy Egress Tunnel Usage Guidelines Router (PETR) services. When the use of PETR services is enabled, instead of natively forwarding packets destined to non-LISP sites, these packets are LISP-encapsulated and forwarded to the PETR, where these packets are then deencapsulated and forwarded natively toward the non-LISP destination.
  • Page 138 This example assumes that the PETR supports dual-stack connectivity. Note switch# configuration terminal switch(config)# ipv6 lisp use-petr 10.1.1.1 Related Commands Command Description Configures the switch to act as an IPv6 LISP Proxy Egress Tunnel Router ipv6 lisp proxy-etr (PETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-128...
  • Page 139 When a LIG self query is initiated, the router’s local EID-prefix is substituted in place of the destination EID when the router sends a Map-Request to the configured Map-Resolver. The following operational attributes apply to LIG: Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-129...
  • Page 140 This example shows how to display all LISP map-cache entries, and then uses lig to test for the remote IPv6 EID-prefix: switch# show ipv6 lisp map-cache LISP IPv6 Mapping Cache for VRF "default", 0 entries This example show to to configure LIG to test for the remote IPv6 EID-prefix: Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-130...
  • Page 141 Command Description show ip lisp map-cache Displays the current dynamic and static IPv4 EID-to-RLOC map-cache entries. Displays the current dynamic and static IPv6 EID-to-RLOC map-cache show ipv6 lisp entries. map-cache Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-131...
  • Page 142: Lisp Beta

    The lisp beta command is only applicable to the Cisco NX-OS device. Usage Guidelines In order to run LISP on the Cisco Nexus 7000 Series switch, the functionality must be enabled by using the lisp beta command. When enabled, hardware forwarding of LISP packets is automatically enabled, assuming that at least one 32x10GE line card is installed.
  • Page 143 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . This command does not require a license. This example shows how to enable LISP on the Cisco Nexus 7000 Series switch: Examples...
  • Page 144: Lisp Dynamic-Eid

    When a dynamic-EID is roaming across subnets, you must configure it with a /32 IP address and an interface route to the default switch. For example, for a Linux or UNIX host, the following configuration will be used: Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-134...
  • Page 145 Roamer-1 switch(config-lisp-dynamic-eid)# Related Commands Command Description Configures an interface on an ITR to participate in LISP VM-mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-135...
  • Page 146: Lisp Extend-Subnet-Mode

    /24, when you enter the lisp mobility dyn-eid-name command, the EID-prefix for dynamic-EID dyn-eid-name must be /25 or greater This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-136...
  • Page 147 Configures a LISP site and enters site configuration mode on a Map-Server. lisp site Configures the LISP dynamic-EID roaming policy. lisp dynamic-eid Configures an interface on an ITR to participate in LISP VM mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-137...
  • Page 148: Lisp Instance Id

    LISP PITRs. This command does not require a license. This example shows how to configure an instance ID on this xTR: Examples switch# configuration terminal switch(config)# lisp xtr instance-id 123 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-138...
  • Page 149 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures a list of EID-prefixes that are allowed in a Map-Register eid-prefix message sent by an ETR when registering to the Map-Server. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-139...
  • Page 150: Lisp Loc-Reach-Algorithm

    ACKs-seen are zero, the ITR assumes the locator is no longer reachable; the locator is marked to the down status and a switchover is made to another locator if one is available. After 3 minutes, the locator is brought back up and counting resumes. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-140...
  • Page 151 Related Commands Command Description Configures the Cisco NX-OS device to act as an IPv4 LISP Egress Tunnel ip lisp etr Router (ETR). Configures the Cisco NX-OS device to act as an IPv4 LISP Ingress Tunnel ip lisp itr Router (ITR).
  • Page 152: Lisp Mobility

    You can apply multiple lisp mobility commands that refer to different dynamic-EID-policy-name instances to the same interface. Packets received on the interface are compared against all policies until a match is found or the packet discarded. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-142...
  • Page 153 Configures an interface to create dynamic-EID state for hosts attached on lisp their own subnet to track EID movement from one part of the subnet to extended-subnet-mode another part of the same subnet. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-143...
  • Page 154: Lisp Site

    This command does not require a license. This example shows how to configure the LISP site and enter the site command mode: Examples switch# configuration terminal switch(config)# lisp site Customer-1 switch(config-lisp-site)# Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-144...
  • Page 155 Configured the IPv4 or IPv6 locator address of the LISP Map Server to ipv6 lisp etr which an ETR should register for its IPv6 EID prefixes. map-server Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-145...
  • Page 156: Map-Notify-Group

    This example shows how to configure the LISP dynamic-EID policy, enter the dynamic-EID Examples configuration mode, and configure the map notify group: switch# configuration terminal switch(config)# lisp dynamic-eid Roamer-1 switch(config-lisp-dynamic-eid)# map-notify-group 239.1.1.254 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-146...
  • Page 157 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures an interface on an ITR to participate in LISP VM-mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-147...
  • Page 158: Map-Server

    Type (3) indicates that a 3DES encrypted key follows, and Type (7) indicates that a Cisco Type 7 encrypted password follows. Password used to create the SHA-1 HMAC hash when authenticating the password Map-Register message sent by the ETR.
  • Page 159 Configures a LISP site and enters site configuration mode on a Map-Server. lisp site Configures an interface on an ITR to participate in LISP VM mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-149...
  • Page 160: Redistribute Lisp Route-Map

    This command does not require a license. This example shows how to configure redistribution of registered LISP site EID-prefixes, according to Examples the rules of the route-map Valid-LISP: Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-150...
  • Page 161 IPv4 EID-to-RLOC mapping directly over the ALT. Configures which VRF that LISP should use when sending Map Requests ipv6 lisp alt-vrf for an IPv6 EID-to-RLOC mapping directly over the ALT. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-151...
  • Page 162: Register-Database-Mapping

    Examples enter the dynamic-EID configuration mode, and configure the policy to register the entire dynamic-EID prefix instead of individual dynamic host EIDs: switch# configuration terminal switch(config)# lisp dynamic-eid Roamer-1 switch(config-lisp-dynamic-eid)# register-database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-152...
  • Page 163 Configures a LISP site and enters site configuration mode on a Map-Server. lisp site Configures an interface on an ITR to participate in LISP VM mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-153...
  • Page 164: Roaming-Eid-Prefix

    Note is discovered and registered. The EID referenced by the roaming-eid-prefix command can be either an IPv4 or IPv6 address in the EID space. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-154...
  • Page 165 Configures a LISP site and enters site configuration mode on a Map Server. lisp site Configures an interface on an ITR to participate in LISP VM mobility lisp mobility (dynamic-EID roaming). Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-155...
  • Page 166: Show Ip Lisp

    172.22.156.35, 172.22.132.89 Last Map-Register sent to MS: 00:00:45 ETR glean mapping: disabled, verify disabled ETR accept mapping data: disabled, verify disabled ETR map-cache TTL: 24 hours Shortest EID-prefix allowed: Use Proxy-ETRs: 172.16.2.1 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-156...
  • Page 167 ETR accept mapping Indicates whether the ETR is configured to cache the mapping data data contained in a Map-Request. For more information, see the ip lisp etr accept-map-request-mapping command. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-157...
  • Page 168 Configures a source locator to be used for an IPv4 LISP encapsulated ip lisp source- locator packets. Configures the router to act as an IPv4 LISP Proxy Egress Tunnel Router ip lisp proxy-etr (PETR). Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-158...
  • Page 169 Configures the router to act as an IPv4 LISP Proxy Ingress Tunnel Router ip lisp proxy-itr (PITR). Configures an ITR or PITR to use the PETR for traffic destined to non-LISP ip lisp use-petr IPv4 destinations. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-159...
  • Page 170: Show Ip Lisp Data-Cache

    Complete entries removed after 15-second period: 0 Incomplete entries removed after 1-minute period: 0 switch# Related Commands Command Description Displays the current dynamic and static IPv4 EID-to-RLOC map-cache ip lisp map-cache entries. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-160...
  • Page 171: Show Ip Lisp Database

    LISP ETR IP Mapping Database for VRF "default" (iid 0), global LSBs: 0x00000001 EID-prefix: 192.168.12.0/24, instance-id: 0, LSBs: 0x00000001 Locator: 172.22.156.23, priority: 1, weight: 100 Uptime: 10:36:59, state: up, local switch# Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-161...
  • Page 172 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures an IPv4 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-162...
  • Page 173: Show Ip Lisp Locator-Hash

    This example shows how to display source and destination locators that are used for a given IPv4 source Examples and destination EID pair: switch# show ip lisp database LISP ETR IP Mapping Database for VRF "default", global LSBs: 0x00000001 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-163...
  • Page 174 RLOCs 128.223.156.23 -> 67.169.7.150 Address hash: 0x07 (7), hash bucket: 7, RLOC index: 0 switch# Related Commands Command Description Configures an IPv4 EID-to-RLOC mapping relationship and its associated ip lisp traffic policy. database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-164...
  • Page 175: Show Ip Lisp Map-Cache

    LISP IP Mapping Cache for VRF "default", 4 entries 153.16.1.0/24, uptime: 04:41:40, expires: 19:18:19, via map-reply, auth Locator Uptime State Priority/ Data Control Weight in/out in/out 129.250.1.255 04:41:40 254/0 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-165...
  • Page 176 Last data packet in/out: 00:00:14/00:00:14 Last control packet in/out: 00:45:23/00:45:23 Last priority/weight change: never/never switch# Related Commands Command Description Displays the IPv4 LISP configuration status for the local device. show ip lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-166...
  • Page 177: Show Ip Lisp Statistics

    Packets with SMRs in/out: Loc-reach-bit changes local/remote: Control Packets: Data-Probes in/out: Map-Requests in/out: 654/90 Encapsulated Map-Requests in/out: 0/90 RLOC-probe Map-Requests in/out: 607/0 Map-Replies in/out: 73/654 Authoritative in/out: 4/654 Non-authoritative in/out: 69/0 Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-167...
  • Page 178 Total number of RLOCs in map-cache: Number of best-priority RLOCs: Average RLOCs per EID-prefix: switch# Related Commands Command Description Displays the IPv4 LISP configuration status for the local device. show ip lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-168...
  • Page 179: Show Ip Lisp Translation-Cache

    Inside: 10.1.1.1 outside: 172.16.1.1, ingress/egress count: 0/0 Last ingress packet: never, last egress packet: never switch# Related Commands Command Description Displays the IPv4 LISP configuration status for the local device. show ip lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-169...
  • Page 180: Show Ipv6 Lisp

    Last Map-Register sent to MS: 00:00:20 ETR glean mapping: disabled, verify disabled ETR accept mapping data: disabled, verify disabled ETR map-cache TTL: 24 hours Send IP Map-Reply: enabled Shortest EID-prefix allowed: Use Proxy-ETRs: 172.16.2.1 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-170...
  • Page 181 Map Request. For more information, see the ipv6 lisp etr accept-map-request-mapping command. ETR map-cache TTL Current ETR map-cache TTL. For more information, see the ipv6 lisp etr map-cache-ttl command. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-171...
  • Page 182 Configures the router to act as an IPv4 LISP Proxy Ingress Tunnel Router ip lisp proxy-itr (PITR). Configures an ITR or PITR to use the PETR for traffic destined to non-LISP ip lisp use-petr IPv4 destinations. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-172...
  • Page 183: Show Ipv6 Lisp Data-Cache

    Complete entries removed after 15-second period: 0 Incomplete entries removed after 1-minute period: 1 switch# Related Commands Command Description Displays the current dynamic and static IPv6 EID-to-RLOC map-cache ipv6 lisp map-cache entries. Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-173...
  • Page 184: Show Ipv6 Lisp Database

    LISP ETR IPv6 Mapping Database for VRF "default" (iid 0), global LSBs: 0x0000000f EID-prefix: 2001:db8:1209::/48, instance-id: 0, LSBs: 0x0000000f 172.22.156.222, priority: 1, weight: 100, state: up, local switch# Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-174...
  • Page 185 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Related Commands Command Description Configures an IPv6 EID-to-RLOC mapping relationship and its associated ipv6 lisp traffic policy. database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-175...
  • Page 186: Show Ipv6 Lisp Locator-Hash

    25 different flow hash buckets. When you use the vrf keyword, IPv4 EIDs are resolved within the specified VRF in order to display the locator-hash. This command does not require a license. Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-176...
  • Page 187 2610:d0:210f::/48 RLOC Hash Indexes for EID-prefix 2610:d0:210f::/48: [00000-00000-00000-00000-00000] switch# Related Commands Command Description Configures an IPv6 EID-to-RLOC mapping relationship and its associated ipv6 lisp traffic policy. database-mapping Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-177...
  • Page 188: Show Ipv6 Lisp Map-Cache

    LISP IPv6 Mapping Cache for VRF "default", 1 entries 2610:d0:210f::/48, uptime: 04:48:44, expires: 19:11:15, via map-reply, auth Locator Uptime State Priority/ Data Control Weight in/out in/out 85.184.2.10 04:48:44 0/100 2001:6e0:4:2::2 04:48:44 0/100 ------ switch# Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-178...
  • Page 189 Last data packet in/out: never/never Last control packet in/out: never/never Last priority/weight change: never/never switch# Command Description Related Commandss Displays the IPv6 LISP configuration status for the local device. show ipv6 lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-179...
  • Page 190: Show Ipv6 Lisp Statistics

    Packets with SMRs in/out: Loc-reach-bit changes local/remote: Control Packets: Data-Probes in/out: Map-Requests in/out: 1219/1280 Encapsulated Map-Requests in/out: 0/1280 RLOC-probe Map-Requests in/out: Map-Replies in/out: 1243/1217 Authoritative in/out: 1243/1219 Non-authoritative in/out: Negative Map-Replies in/out: Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-180...
  • Page 191 Total number of RLOCs in map-cache: Number of best-priority RLOCs: Average RLOCs per EID-prefix: switch# Related Commands Command Description Displays the IPv6 LISP configuration status for the local device. show ipv6 lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-181...
  • Page 192: Show Ipv6 Lisp Translation-Cache

    Inside: 2001:db8:aa::1 outside: 2001:db8:bb::1, ingress/egress count: 0/0 Last ingress packet: never, last egress packet: never switch# Related Commands Command Description Displays the IPv6 LISP configuration status for the local device. show ipv6 lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-182...
  • Page 193: Show Lisp Dynamic-Eid

    Use the show lisp dyanmic-eid command on LISP VM routers to display information related to LISP Usage Guidelines dynamic-EIDs configured and discovered on the Cisco NX-OS device. The displayed output includes the number of roaming dynamic-EIDs configured, associated database-mapping information, and the number of roaming dynamic-EIDs.
  • Page 194 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Locator: 173.8.188.25, priority: 1, weight: 50, local Locator: 173.8.188.26, priority: 1, weight: 50, local Map-Server(s): 204.69.200.7 Number of roaming dynamic-EIDs discovered: 0 switch# Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-184...
  • Page 195: Show Lisp Proxy-Itr

    This command does not require a license. This example shows how to display a list of PITRs that have been discovered through Map-Requests: Examples switch# show lisp proxy-itr Discovered Proxy-ITRs (PITRs) in VRF "default" 10.20.10.60 switch# Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-185...
  • Page 196: Show Lisp Site

    LISP Site Registration Information for VRF "default" * = truncated IPv6 address Site Name Last Actively Who last EID-prefix Registered Registered Registered cisco-it-xtr 00:00:47 172.16.81.170 2001:db8:110c::/48 00:00:18 172.17.81.170 192.168.5.0/24 dmm-xtr-1 00:00:56 172.30.156.134 2001:db8:1200::/48 Cisco Nexus 7000 Series NX-OS LISP Command Reference LSP-186...
  • Page 197 (up), priority: 1, weight: 50 Registration errors: Authentication failures: 0 Allowed locators mismatch: 0 switch# Related Commands Command Description Displays the IPv4 LISP configuration status for the local device. show ip lisp Cisco Nexus 7000 Series NX-OS LISP Command Reference OL-25345-01 LSP-187...
  • Page 198 S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m . Cisco Nexus 7000 Series NX-OS LISP Command Reference...

Table of Contents