Cisco Blogs

Cisco Blog > Government

LISP – Locator ID Separation Protocol & IPv6

April 26, 2011 at 5:12 pm PST

Cisco Locator/ID Separation Protocol (LISP) is routing architecture that provides new semantics for IP addressing. The current IP routing and addressing architecture uses a single numbering space, the IP address, to express two pieces of information:

  • Device identity
  • The way the device attaches to the network

The LISP routing architecture design separates the device identity, or endpoint identifier (EID), from its location, or routing locator (RLOC), into two different numbering spaces. Splitting EID and RLOC functions yields several advantages.

Check out this video for a quick review of LISP.

Although LISP was designed to deal with the route scalability problem in the Internet, it turns out is has the capability to help with the transition to IP Version 6 (IPv6), the next-generation Internet protocol.

The transition to IPv6 is an immediate challenge facing Public Sector, and specifically Federal customers today due to Government mandates and impending IPv4 address exhaustion for consumers of Government services.

Because IPv6 is not backward compatible with IPv4, and because its deployment and operation are different from that of IPv4, development and implementation of an IPv6 transition strategy is imperative. Many techniques exist to ease the transition to IPv6, and the network-based IPv6 transition techniques can be divided generally into three categories: dual-stack IPv4 and IPv6, IPv6 tunneling, and IPv6 translation.

Each approach has its features, benefits, and limitations; they are not all equivalent in terms of cost, complexity, or capabilities. Most likely, a combination of these techniques will provide the best solution. The role that the Locator/ID Separation Protocol (LISP) being developed by Cisco and the IETF can play in IPv6 transition strategies is documented in this Whitepaper.

Incorporating LISP into an IPv6 transition strategy can simplify the initial rollout of IPv6 by taking advantage of the LISP mechanisms to encapsulate IPv6 host packets within IPv4 headers (or IPv4 host packets within IPv6 headers). For example, you can build IPv6 islands and connect them with existing IPv4 Internet connectivity.

LISP is a Cisco innovation that is being promoted as an open standard. Cisco participates in standards bodies such as the IETF LISP Working Group to develop the LISP architecture.

For further information, check the Cisco site on LISP.

Tags: , , , , , ,

IPV6: Asia-Pacific APNIC Zero Day

On April 15, 2011 the Asia Pacific Region ran out of IPv4 addresses.

“Wait a minute,” I hear you say, “Didn’t we already run out of IPv4 addresses?”

Yes, you have a good memory:  The IPv4 address pool was exhausted in February 2011.  The doomsayers and pundits all bemoaned the gloom and doom of the day, and experts gravely predicted the horrors of things to come.  IT publications were filled with articles, Twitter exploded with witty remarks about the coming “ARPAgeddon,” and even the mainstream media ran semi-accurate sensationalist articles on the topic.

But then something funny happened.  Nothing.  The Internet kept working.  IPv4 blocks continued to be handed out.  The dust settled and most folks went happily about their business.  How could this be so? Was it all a bunch of media hype and false alarms?  No.  February was really the early warning of the problems to come.

Read More »

Tags: ,

IPv6 Security Testing

In the previous installment of our series of IPv6 security posts, we covered some of the basic things you need to consider when securing your IPv6 network. In this post, we’ll talk about some of the things to consider when performing security testing on your IPv6 product or network. This testing is useful whether you are developing an IPv6 application or simply deploying IPv6 on your network.

Increased Setup Time

Start with an IPv6 environment in which most people do not have a lot of experience. Next throw in the typical dual stack configurations, and it is almost guaranteed that any IPv6 security testing that you perform is likely to take longer than it took you in your IPv4 environment. With dual stack configurations, both IPv4 and IPv6 are viable traffic paths. Therefore, just making sure that your test traffic is actually using IPv6 is one of the first hurdles you will face. So when developing your schedules for performing IPv6 security testing, always allow a little extra time to account for those problems that will almost certainly appear.

Read More »

Tags: , ,

New Advancements in Borderless Networks: Connect from Anywhere, at Anytime

Remember the days when going to work meant being stuck at your desk, working on a desktop PC? Thankfully, the proliferation of laptops, tablets, and mobile devices, along with a robust network to support connectivity, has enabled all of us to be on the go and working, at the same time.

With new innovations in Borderless Networks, which are being announced today, an organization’s ability to securely connect anyone, anywhere, with their preferred device, while delivering a high quality experience even to the most resource-intensive multimedia applications, has become even stronger.

So how will these new innovations change the workplace even more? Watch this video to find out, and to learn more details on the enhancements.

Luckily, most of us don’t have a boss like that one in the video. And using our smartphones, we can get some work done on the beach! (Ok, maybe).

As for how the new the Borderless Networks innovations will have an impact—they will deliver solutions in three areas: Security, Management, and Multimedia.

Here are the details, and what the new innovations will mean for our partners: Read More »

Tags: , , , , , , , ,

Business Case for IPv6 – The Network Effect

Mark Townsley opened the inaugural V6 World Congress 2011, a 3-day conference on IPv6 Internetworking, with a keynote discussion on the business case for IPv6. One of his key messages was to do with the fact that there is strength in numbers, according to the Network Effect. Thus critical mass is required for the transition to begin in earnest and for the eventual switch to IPv6 to come to true fruition.

Theodore Vail of Bell Telephone discovered and learned how to harness the powers of a mathematical equation that describes “The Network Effect” more than 100 years ago as evidenced by the world wide telephony network. In simple terms, the Network Effect states that the more connections (or people) working together in a network, the more robust and more valuable it becomes. Extrapolating this information to the modern day Internet and further the IPv6 Internet we, indeed, believe the future of the Internet is in our hands and it is up to us to join together as a network of participants to keep it going. Such was the spirit of the participants at V6 World Congress, one of realization in how they are all working together to ensure the continued growth and success of the Internet.

The heart of the Internet is technological growth. With IPv4 on the way out, this growth is prone to being stunted. The basis of a study by Dimitri Zenghelis from Cisco IBSG, finds that “network technology has the potential to boost economic growth, sustainably enriching poorer societies.” If the Internet lacks the ability to expand and grow, a likely outcome will be that the innovation we have come to expect will become more and more difficult to achieve, potentially causing the world economy to lose the monetary sustenance it derives from the Network Effect.

Read More »

Tags: ,