Network Administrators and Engineers need to obtain statistics for their network infrastructure, while SNMP does a great job at this it by providing us broad information such as packet count, interface changes, and device health, it cannot provide us granular information about our networks. This is why Cisco introduced NetFlow, a tool that works alongside SNMP by letting us obtain information and statistics for the unique types and characteristics of data flowing through interfaces. In this post I will discuss how to fundamentally implement NetFlow and concepts revolving around it.

IPsec (Internet Protocol Security) is a suite of protocols that secures IP communications by providing encryption, authentication, and integrity directly at the network layer. IPsec requires both peers to agree on how to secure traffic, it uses a management framework called ISAKMP (Internet Security Association and Key Management Protocol), which defines how peers negotiate and manage Security Associations (SAs) the policies and keys used to protect control plane traffic to continue negotiation to secure data plane traffic. ISAKMP provides the structure, IKEv1 performs the key exchange and negotiation for the control plane, and IPsec enforces the security for the data plane.

IPsec with Crypto Maps provides a method for securing IP communication between networks through encryption and authentication commonly referred to as site-to-site. ISAKMP (Internet Security Association and Key Management Protocol) establishes the IKE Phase 1 tunnel used to authenticate peers and negotiate the parameters for further communication. Crypto Maps act as the policy framework that binds IPsec/IKE Phase 2 settings such as peers, transform sets, and access lists to a physical (sub)interface. When traffic matches the defined crypto ACL, it is encrypted according to the transform set and sent to the specified peer through an IPsec tunnel.

Advantages and benefits LISP provides highlighted in this post are simplified traffic engineering, multihoming, overlay tunnel, and AF over AF.

Locator/ID Separation Protocol (LISP) is an IP in UDP tunnel protocol that separates the identity of a device from its location on the network. It allows sites to create tunnels between them and identifies devices using Endpoint Identifiers (EIDs). Traffic then enters and exits the network through Routing Locators (RLOCs).