How can I use the Cisco CSR1000V to extend L2 network from on-premises to AWS?


How can I use the Cisco CSR1000V to extend L2 network from on-premises to AWS, e.g. to support migration use cases with hardcoded IP addresses?

1 Answer
Accepted Answer

Cisco provides a guide for using a Cisco CSR1000v within AWS along with an corresponding on-premises device to use LISP with an IPSec between the two devices. L2 extension functionality is provided via LISP. What this article does not mention is how to setup the VPC network to make this work.

It’s important to understand that the VPC does not support transport of ARP traffic on L2. Instead such traffic is intercepted by the VPC. Therefore we need to ensure that an ARP request from an EC2 instance attempting to communicate with an on-premises instance is received by the CSR1000v instance within AWS. Only this way, LISP can do it’s job and provide L2 extension capability.

This is done by allocating the IP addresses from within the extended subnet that are used on-premises as secondary IP addresses to the LAN interface of the CSR1000v within AWS. This way the VPC will answer ARP requests for these IP addresses correctly and steer frames to the CSR1000v.

Refer also to for a more detailed video.

profile picture
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions