Introduction xv Chapter 1 LISP and the Future of Networking 1 A Brief History of LISP: Motivation, Base Premises, Evolution 5 LISP in the Standards and Open Community 6 Use Cases for LISP: Supporting Future Trends 7 Chapter 2 LISP Architecture 9 Seminal Idea: Location-Identity Separation 9 Map and Encapsulate 11 Demand-Based Routing and Caching 12 LISP Roles 14 Tunnel Routers 14 Ingress Tunnel Routers 14 Egress Tunnel Routers 15 Proxy Tunnel Routers 15 Proxy Ingress Tunnel Routers 16 Proxy Egress Tunnel Routers 16 Mapping Database System 17 An Asset-Controlled Mapping Database 21 Networking Beyond Traditional Address Types 22 The LISP Data Plane 23 Tunnel Entropy 24 Segmentation 24 Locator Status Validation 25 Path Reliability 26 Confidentiality and Authentication 27 Alternative Data Plane Formats 27 NAT Traversal 29 Summary 30 Chapter 3 Data Center Trends 31 A Brief History of Application Virtualization 31 Multitiered Applications, Virtualization, and the Network 34 Evolving Switching Fabrics 37 Optimizing Connectivity to the Data Center with LISP 39 Mobility: Subnets Really Don''t Work 42 Segmentation: 32 Bits Needed 46 Device Segmentation 48 Control Plane Segmentation 49 Data Plane Segmentation 50 Extranet VPNs 50 Policy: The Network as an Enforcer 51 The Hybrid Cloud and Carrier Neutrality 54 Summary 56 Chapter 4 The Wide-Area Network: Bringing Traffic from Access to the Data Center 57 Modern WAN Services 57 Hybrid WAN: Efficient xTR Multihoming 60 Scale Considerations 65 Logical Topologies: Peer-to-Peer Connectivity and Service Insertion 67 Security: Connection Integrity and Confidentiality 70 Segmentation 71 The Access Network: Multisite Considerations 72 Manageability 76 Summary 77 Chapter 5 Mega-Scale Access Networks: LISP, User Access, and the Internet of Things 79 Access Networks Using LISP 81 LISP Access Network Design 81 Connecting to External Networks 85 Mobility and Wireless Integration 87 Segmentation 90 Zero Configuration Networking: Service Discovery 91 Situational Policy (Beyond Just Location) 92 Applications 92 Optimized Campus and Branch Access 92 Connected Home 93 Campus Dormitory Rooms: A Virtual Home 94 LISP-Based Air-to-Ground Network 95 Endpoint Tracking Applications: Geo-location 96 The Internet of Things 97 Security and Integrity 98 Sensors: Mega-Scale Aggregation of Very Little Data 99 A Protocol Fitted for Low-Power, Light-Footprint Applications 102 A Lightbulb for Utopia 103 Summary 104 Chapter 6 Security 105 Attack Surfaces, Lateral Moves, and Bot-nets 105 Policy, Segmentation, and the Virtual Perimeter 106 Macro-segmentation 109 Micro-segmentation 111 Process-Level Segmentation 113 How to Integrate the Control Plane into the Assurance Loop 116 Traffic Steering and Service Chains 117 Cryptography in LISP 117 Public-Key Cryptography 117 Symmetric Cryptography 119 Integrated Key Exchange 120 How the LISP Control Plane Is Secured 123 Enhanced Control Plane Security 124 LISP-SEC 124 Threats Addressed by LISP-SEC 126 LISP Elliptic Curve Digital Signature Algorithm (ECDSA) Authentication and Authorization 127 Anonymity in LISP 129 Summary 130 Chapter 7 LISP and the Next-Generation Mobile Network 131 LISP EID Mobility and LISP Mobile Node 131 LISP EID Mobility 132 LISP EID Mobility Mechanics 133 LISP Mobile Node 136 LISP Mobile Node Mechanics 137 Mobility Convergence Optimization 138 Redirection 138 Pub-Sub 139 Predictive RLOCs 141 Use Cases 143 Use Case: High Rate Mobility 143 Use Case: Aeronautical Telecommunications Network (ATN) 148 Use Case: Next-Generation Cellular Networks 150 Network Slicing 151 Ultra-Low Latency 152 High Endpoint Density 153 Fixed-Mobile Convergence (FMC) Multihoming 153 Security 153 Use Case: Mobile Environment for Media Broadcasting 153 Use Case: Blockchain Network 154 Summary 155 9781587144714 TOC 12/17/2019.