If you’ve been diving into advanced routing or enterprise-level WAN designs, you may have come across a fascinating protocol called LISP (Locator/ID Separation Protocol). When I first encountered LISP while working on inter-DC communication and traffic engineering use cases, I realized it offered something most routing protocols didn’t — mobility, scalability, and abstraction of addressing.
Whether you’re preparing for CCIE, working in enterprise multi-site environments, or want to learn how modern routing decouples identity from location, this article is for you.
Table of Contents
Theory in Brief
What is LISP?
LISP stands for Locator/ID Separation Protocol, an experimental protocol developed by Cisco to improve scalability and mobility in large IP networks. It separates the identity (EID) of a device from its location (RLOC) in the IP topology.
Why Was LISP Created?
Traditional IP routing uses a single IP address to identify and locate devices. This works well at small scale but causes problems in mobility and massive growth (like IoT, data center overlays, and edge computing). LISP solves this by giving devices two roles:
- EID (Endpoint ID) – Who you are
- RLOC (Routing Locator) – Where you are
How LISP Works
- Endpoints use EIDs (like 192.168.1.10)
- RLOCs are public IP addresses on routers (e.g., 203.0.113.1)
- A Map-Resolver and Map-Server keep track of EID-to-RLOC mappings
- Ingress and Egress Tunnel Routers (xTRs) encapsulate/decapsulate packets
Key Benefits
- Improved Multihoming: One EID can map to multiple RLOCs
- Mobility: Devices can change locations without changing their identity
- Overlay Networking: Supports virtualized networks on top of IP fabric
LISP Protocol Summary
Feature | LISP Protocol | Traditional IP Routing |
---|---|---|
Address Role | EID and RLOC (separated) | Single IP acts as identity + locator |
Mobility Support | High (no renumbering) | Poor (requires address update) |
Multihoming | Built-in with weighted RLOCs | Manual with BGP or HSRP |
Encapsulation | IP-in-IP or LISP header | Native IP |
Mapping System | Map-Server / Map-Resolver | Routing Tables |
Complexity | Medium | Low |
Pros and Cons
Pros | Cons |
Enables seamless mobility | Requires LISP-compatible routers |
Ideal for inter-DC overlays | Not widely supported on all platforms |
Decouples routing from identity | Adds encapsulation overhead |
Scales better in large environments | Learning curve for traditional engineers |
Essential CLI Commands
Task | Command Example | Description |
Enable LISP globally | feature lisp | Enables LISP on a device (NX-OS/IOS-XE) |
Define Locator and EID space | lisp eid-table default | Starts LISP EID space config |
Set Map-Server | map-server 10.10.10.1 key cisco123 | Set up Map-Server for LISP |
Configure xTR (Tunnel Router) | router lisp + locator-set and map-resolver | Core tunnel configuration |
Verify LISP mappings | show lisp eid-table or show lisp site | Display mappings and states |
Debug LISP tunnels | debug lisp | View LISP encapsulation activity |
Real-World Use Cases
Use Case | Description | Benefit |
Inter-DC Layer 3 Overlays | Using LISP to stretch network identities across DCs | No need to renumber or re-IP |
Mobile User/VM Environments | Seamless mobility of VMs or users across WAN | Consistent addressing and policy control |
IoT Network Scalability | Assign stable EIDs, move devices freely | Simplifies management at scale |
Multi-homing Small Sites | Use weighted RLOCs with LISP for dual WAN | Faster failover and smarter routing |
EVE-NG Lab: Mini LISP Simulation
Topology Overview

Lab Devices:
- Use Cisco IOSv or IOS-XE with LISP support (15.x or XE 16+)
- Configure Router1 and Router2 as xTRs
- Use loopbacks to simulate EIDs and RLOCs
Sample Configuration (Router1):
feature lisp router lisp locator-set RLOC-SET interface Loopback0 priority 1 weight 100 map-server 10.10.10.1 key cisco123 map-resolver 10.10.10.1 interface Loopback0 ip address 192.168.1.1 255.255.255.255 lisp eid-table default ipv4 192.168.1.1/32
Router2 Configuration: (mirror with different EID)
feature lisp router lisp locator-set RLOC-SET interface Loopback0 priority 1 weight 100 map-server 10.10.10.1 key cisco123 map-resolver 10.10.10.1 interface Loopback0 ip address 192.168.2.1 255.255.255.255 lisp eid-table default ipv4 192.168.2.1/32
Additional Sample Configurations
# Define an instance-id and enable dynamic EID instance-id 101 dynamic-eid SITE1-EID interface Loopback0 map-notify # Register with a second Map-Server for redundancy map-server 10.10.10.2 key cisco123 # Use multiple RLOCs with weighted priorities locator-set RLOC-SET interface Loopback0 priority 1 weight 80 interface GigabitEthernet0/0 priority 2 weight 20 # Configure database mapping for EID prefix database-mapping 192.168.3.0/24 locator-set RLOC-SET # Register EID statically (without dynamic EID) eid-table default instance-id 101 ipv4 192.168.3.1/32 map-server 10.10.10.1 key cisco123 # Enable LISP on EID-facing interfaces interface GigabitEthernet0/1 lisp mobility ip address 192.168.10.1 255.255.255.0
Verifications
show lisp eid-table show lisp site ping 192.168.2.1 source 192.168.1.1
Troubleshooting Tips
Problem | Command / Tool | Resolution |
No EID learning | show lisp eid-table | Verify EID config and mapping registration |
Tunnel not coming up | show lisp site | Check locator interface and reachability |
No response to LISP Ping | debug lisp , ping | Verify encapsulation, RLOC IP, Map-Server status |
RLOC Unreachable | traceroute | Confirm IP routing to RLOC across WAN |
Frequently Asked Questions (FAQs)
1. What is LISP in Cisco Networking?
Answer:
LISP (Locator/ID Separation Protocol) is a network architecture and protocol that separates the identity (EID) of a device from its location (RLOC). Traditional IP addressing combines both identity and location into a single IP address. LISP separates these functions, allowing for greater mobility, scalability, and multihoming, especially in large-scale and cloud environments.
2. What are EIDs and RLOCs in LISP?
Answer:
- EID (Endpoint Identifier): The IP address assigned to a host (e.g., 192.168.1.10).
- RLOC (Routing Locator): The IP address of the router that connects the EID to the LISP network, typically the edge router.
This separation allows hosts to retain their IP addresses (EIDs) even as they move between different physical locations (with different RLOCs).
3. What problem does LISP solve?
Answer:
LISP solves scalability and mobility challenges in traditional IP networks by allowing devices to roam across networks without IP renumbering. It also reduces routing table size in the core by keeping endpoint identity and location mapping localized. It’s widely used in multi-site enterprise, SD-WAN, and cloud integration.
4. How does LISP work in simple terms?
Answer:
When a packet is sent, the LISP Ingress Tunnel Router (ITR) queries a Mapping System to resolve the EID to its RLOC. It then encapsulates the packet and forwards it to the Egress Tunnel Router (ETR), which decapsulates it and delivers it to the host. This mechanism hides the actual host location from the core network.
5. What are the main components of a LISP deployment?
Answer:
- ITR (Ingress Tunnel Router): Encapsulates packets from EID to RLOC.
- ETR (Egress Tunnel Router): Decapsulates packets and delivers them to the local EID.
- MR (Map Resolver): Accepts EID-to-RLOC mapping requests and forwards them.
- MS (Map Server): Stores and distributes EID-to-RLOC mappings registered by ETRs.
Together, these components enable efficient and secure forwarding.
6. Can LISP be used with IPv6 and NAT?
Answer:
Yes. LISP supports both IPv4 and IPv6 addressing. It also works well with NAT traversal, making it suitable for complex hybrid cloud or remote branch deployments. Cisco routers running LISP can encapsulate IPv6 inside IPv4 (or vice versa), providing flexibility in dual-stack environments.
7. What are some use cases of LISP in enterprise networks?
Answer:
- Data Center Interconnect (DCI) without extending Layer 2.
- User mobility across branches while retaining IP addresses.
- Simplifying SD-WAN deployments with endpoint mobility.
- Virtual Machine (VM) mobility across multiple hypervisors or locations.
- IoT device tracking and security segmentation.
8. What CLI commands are used to verify LISP configuration?
Answer:
Common Cisco IOS commands include:
show lisp site
– View site and EID information.show lisp instance-id <id>
– Inspect specific LISP instance.show lisp eid-table
– List EID-to-RLOC mappings.debug lisp
– For real-time troubleshooting of LISP control plane.
These help you monitor registrations, lookups, and data path encapsulation.
9. Is LISP compatible with legacy (non-LISP) networks?
Answer:
Yes. LISP-enabled routers can interact with non-LISP networks using proxy ITR/ETR functions. This ensures smooth communication with traditional IP endpoints. For example, a proxy-ETR receives traffic from the legacy domain and forwards it into the LISP network by encapsulating it.
10. Is LISP secure? Can it be used over the internet?
Answer:
LISP includes built-in security features such as Map-Server authentication, RLOC reachability checks, and dynamic EID mapping. While LISP does not encrypt traffic by default, it can be used with IPSec or other VPN mechanisms to ensure secure tunneling over the internet.
YouTube Link
Watch the Complete CCNP Enterprise: Cisco LISP Protocol Explained with CLI, Labs, and Use Cases Lab Demo & Explanation on our channel:
Final Note
Understanding how to differentiate and implement Cisco LISP Protocol Explained with CLI, Labs, and Use Cases in Modern Networks is critical for anyone pursuing CCNP Enterprise (ENCOR) certification or working in enterprise network roles. Use this guide in your practice labs, real-world projects, and interviews to show a solid grasp of architectural planning and CLI-level configuration skills.
If you found this article helpful and want to take your skills to the next level, I invite you to join my Instructor-Led Weekend Batch for:
CCNP Enterprise to CCIE Enterprise – Covering ENCOR, ENARSI, SD-WAN, and more!
Get hands-on labs, real-world projects, and industry-grade training that strengthens your Routing & Switching foundations while preparing you for advanced certifications and job roles.
Email: info@networkjourney.com
WhatsApp / Call: +91 97395 21088
Upskill now and future-proof your networking career!