LISP Network, The: Evolution to the Next-Generation of Data Networks
- By Dino Farinacci, Victor Moreno,
- Published Apr 24, 2019 by Cisco Press. Part of the Networking Technology series.
Safari PTG
- Your Price: $59.99
Also available in other formats.
- Copyright 2019
- Dimensions: 7-3/8" x 9-1/8"
- Edition: 1st
- Safari PTG
- ISBN-10: 0-13-454187-1
- ISBN-13: 978-0-13-454187-7
The complete guide to seamless anytime/anywhere networking with LISP
In an era of ubiquitous clouds, virtualization, mobility, and the Internet of Things, information and resources must be accessible anytime, from anywhere. Connectivity to devices and workloads must be seamless even when people move, and their location must be fully independent of device identity. The Locator/ID Separation Protocol (LISP) makes all this possible.
The LISP Network is the first comprehensive, in-depth guide to LISP concepts, architecture, techniques, behavior, and applications. Co-authored by LISP co-creator Dino Farinacci and Victor Moreno–co-developer of the Cisco LISP implementation–it will help you identify the opportunities and benefits of deploying LISP in any data center, campus and branch access, WAN edge, or service provider core network.
This largely implementation-agnostic guide will be valuable to architects, engineers, consultants, technical sales professionals, and senior IT professionals in any largescale network environment. The authors show how LISP overcomes key problems in large-scale networking, thoroughly introduce its key applications, guide you through designing real-world solutions, and present detailed deployment case studies based on their pioneering experience.
· Understand LISP’s core principles, history, motivation, and applications
· Explore LISP’s technical architecture, components, mechanisms, and workflows
· Use LISP to seamlessly deliver diverse network services and enable major advances in data center connectivity
· Improve mobility, network segmentation, and policy management
· Leverage software-defined WANs (SD-WANs) to efficiently move traffic from access to data center
· Evolve access networks to provide pervasive, mega-scale, high-density modern connectivity
· Integrate comprehensive security into the networking control and data plane, and learn how LISP infrastructure is protected against attacks
· Enforce access control policies, connection integrity, confidentiality for data in flight, and end-point anonymity
· Discover how LISP mobility mechanisms anticipate tomorrow’s application use cases
Table of Contents
Introduction xv
Chapter 1 LISP and the Future of Networking 1
A Brief History of LISP: Motivation, Base Premises, Evolution 5
LISP in the Standards and Open Community 6
Use Cases for LISP: Supporting Future Trends 7
Chapter 2 LISP Architecture 9
Seminal Idea: Location-Identity Separation 9
Map and Encapsulate 11
Demand-Based Routing and Caching 12
LISP Roles 14
Tunnel Routers 14
Ingress Tunnel Routers 14
Egress Tunnel Routers 15
Proxy Tunnel Routers 15
Proxy Ingress Tunnel Routers 16
Proxy Egress Tunnel Routers 16
Mapping Database System 17
An Asset-Controlled Mapping Database 21
Networking Beyond Traditional Address Types 22
The LISP Data Plane 23
Tunnel Entropy 24
Segmentation 24
Locator Status Validation 25
Path Reliability 26
Confidentiality and Authentication 27
Alternative Data Plane Formats 27
NAT Traversal 29
Summary 30
Chapter 3 Data Center Trends 31
A Brief History of Application Virtualization 31
Multitiered Applications, Virtualization, and the Network 34
Evolving Switching Fabrics 37
Optimizing Connectivity to the Data Center with LISP 39
Mobility: Subnets Really Don’t Work 42
Segmentation: 32 Bits Needed 46
Device Segmentation 48
Control Plane Segmentation 49
Data Plane Segmentation 50
Extranet VPNs 50
Policy: The Network as an Enforcer 51
The Hybrid Cloud and Carrier Neutrality 54
Summary 56
Chapter 4 The Wide-Area Network: Bringing Traffic from Access to the Data Center 57
Modern WAN Services 57
Hybrid WAN: Efficient xTR Multihoming 60
Scale Considerations 65
Logical Topologies: Peer-to-Peer Connectivity and Service Insertion 67
Security: Connection Integrity and Confidentiality 70
Segmentation 71
The Access Network: Multisite Considerations 72
Manageability 76
Summary 77
Chapter 5 Mega-Scale Access Networks: LISP, User Access, and the Internet of Things 79
Access Networks Using LISP 81
LISP Access Network Design 81
Connecting to External Networks 85
Mobility and Wireless Integration 87
Segmentation 90
Zero Configuration Networking: Service Discovery 91
Situational Policy (Beyond Just Location) 92
Applications 92
Optimized Campus and Branch Access 92
Connected Home 93
Campus Dormitory Rooms: A Virtual Home 94
LISP-Based Air-to-Ground Network 95
Endpoint Tracking Applications: Geo-location 96
The Internet of Things 97
Security and Integrity 98
Sensors: Mega-Scale Aggregation of Very Little Data 99
A Protocol Fitted for Low-Power, Light-Footprint Applications 102
A Lightbulb for Utopia 103
Summary 104
Chapter 6 Security 105
Attack Surfaces, Lateral Moves, and Bot-nets 105
Policy, Segmentation, and the Virtual Perimeter 106
Macro-segmentation 109
Micro-segmentation 111
Process-Level Segmentation 113
How to Integrate the Control Plane into the Assurance Loop 116
Traffic Steering and Service Chains 117
Cryptography in LISP 117
Public-Key Cryptography 117
Symmetric Cryptography 119
Integrated Key Exchange 120
How the LISP Control Plane Is Secured 123
Enhanced Control Plane Security 124
LISP-SEC 124
Threats Addressed by LISP-SEC 126
LISP Elliptic Curve Digital Signature Algorithm (ECDSA) Authentication and Authorization 127
Anonymity in LISP 129
Summary 130
Chapter 7 LISP and the Next-Generation Mobile Network 131
LISP EID Mobility and LISP Mobile Node 131
LISP EID Mobility 132
LISP EID Mobility Mechanics 133
LISP Mobile Node 136
LISP Mobile Node Mechanics 137
Mobility Convergence Optimization 138
Redirection 138
Pub-Sub 139
Predictive RLOCs 141
Use Cases 143
Use Case: High Rate Mobility 143
Use Case: Aeronautical Telecommunications Network (ATN) 148
Use Case: Next-Generation Cellular Networks 150
Network Slicing 151
Ultra-Low Latency 152
High Endpoint Density 153
Fixed-Mobile Convergence (FMC) Multihoming 153
Security 153
Use Case: Mobile Environment for Media Broadcasting 153
Use Case: Blockchain Network 154
Summary 155
9781587144714 TOC 12/17/2019