LISP Tackles Device Identity Head-On

Carl Niger, Senior Consulting Engineer, Presidio
09/22/14 at 07:54 am

Sometimes new protocols or technologies come about and fly under the radar, other times they burst onto the scene. LISP, or Locator Identifier Separation Protocol, seems to have fallen firmly into the former of those categories. LISP has been around in IETF draft form since mid 2009, and is really an incredible protocol that solves a LOT of problems across a wide variety of applications. Presidio was fortunate enough to have a Cisco LISP expert present at the Presidio Exchange conference. 

At its core, LISP is about the separation of location from the identity of a device. Today we associate an IP address with a device, and when that device moves, it will almost certainly get a new address. In reality though, that device is exactly the same device, so why does it have a new identity? IP addresses are essentially a one dimensional identifier with no built-in provision to handle other aspects that also lead to the overall identity of a device. LISP addresses this seemingly simple problem, by allowing a device to retain their identity across any LISP enabled location. This fundamentally changes how user mobility, virtual machine mobility, and multihoming works across the greater internet, or within a private network. 

Interestingly LISP wasn’t necessarily developed to solve these Enterprise-centric mobility problems, instead its focus was the separation of location from identity in the constraints of the global routing table. If you’ve been following along, you have no doubt seen the explosion of the Internet route table in the last few years. This problem has some people very worried, and has even as of late caused some serious problems for providers. The big concern is of course the exhaustion of precious (and very expensive) TCAM space on these massive routers that run the internet. LISP tackles these problems head on.

LISP could drastically reduce the number of subnets that must be advertised into the Internet, by only requiring a single public facing subnet for any company. The rest of the publicly routable space, could be hidden behind these public “resource locator” (RLOC) addresses, helping to alleviate some of the stress the public routing table is placing on internet routers worldwide. Whats more, LISP is not constrained by the same TCAM (money/hardware) limitations that we are facing now; in fact, LISP is more akin to DNS as a whole than it is to the traditional routing that we know and love. 

These foundational pieces of LISP make it a flexible protocol that can not only handle the altruistic goal of Internet scalability, but also provide virtual machine mobility, mechanisms for IPv6 transition, incredibly simple multihoming, and multicast transport (no more tunnels or BGP VPNs required!). While the install base may not (yet?) be very large, Presidio is working to help clients understand all their options in LISP and many other technologies to ensure that we help deliver the best possible user experience.