Friday 2 November 2018

What is Gateway Load-Balancing protocol (GLBP) and how to implement the configuration?




Gateway Load-Balancing protocol (GLBP)

Let’s take a look of HSRP and VRRP both provide gateway resiliency with per-subnet load balancing, the upstream bandwidth of the standby members
Gateway Load-balancing Protocol GLBP is Cisco proprietary protocol, GLBP allow dynamic selection and simultaneous use of multiple available routers gateways, and also permit automatic failover between those gateways. Multiple routers share the load of frames that, from a client perspective, are sent to a single default gate way address, with GLBP you can fully utilize resources.

(In short)

GLBP Gateway load-balancing protocol is providing redundancy gateway and true load balancing. GLBP allow a mechanism of four routers in each forwarding group. By default, the active router directs the traffic from host to each successive router in the group using Round-Robin algorithm.

GLBP Functions

·       

      Active Virtual Gateway (AVG): Member of a group elects one gateway to be the AVG for the group, and the other group member provide backup for the AVG in the event of AVG failure. AVG assign a different virtual MAC addresses to each member of the GLBP group.






·          
      Active Virtual Forwarder Each gateway assume to the responsibility for forwarding packets that are sent to the virtual MAC address assigned to that gateway AVG. these gateways are called AVF for their virtual MAC address.
·         
      GLBP communication GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 224.0.0.102, User Datagram Protocol (UDP) port 3222.

GLBP provides upstream load-sharing by utilizing the redundant uplinks simultaneously. It uses link capacity efficiently, thus providing solid peak-load traffic coverage. By making use of multiple available paths upstream from router or layer 3 switch running GLBP, you can reduce output queues.

GLBP Features
·         Load-sharing we can configure GLBP so that traffic from LAN client is shared by multiple routers. Load sharing distributes the traffic load among available routers.
·         Multiple virtual routers GLBP supports up to 1.024 virtual routers as GLBP groups on each routers physical interface and up to four virtual forwarders per group.
·         Preemption GLBP allow us to preempt an AVG router with a higher-priority backup virtual gateway that has become available. Forwarder preemption works in a similar way, except weighting instead of priority and is enabled by default.
·         Efficient resource utilization: GLBP makes it possible for any router in a group to serve as a backup, which eliminates the need for a dedicated backup router because all available routers can support network traffic.

GLBP Balancing host traffic

GLBP balances the traffic using the round –robin algorithm:
  • ·         When a host send an ARP message for the gateway IP address, the AVG return the virtual MAC address of one of the AVFS.
  • ·         When a second host sends an ARP message, the AVG return the next virtual MAC address from list.



Remember that each GLBP router will be the designated AVF for the specific virtual MAC address that’s been assigned to it.


GLBP configuration:


Topology

GOAL:

·         Configure the basic IP addressing on routers as per the diagram and test connectivity
·         Configure default route on R1/R3 to reach routes on internet
·         Configure router 4 assume PC for verification in the LAN
·         Configure static Route on R2-ISP back to LAN network on both sides
·         Configure GLBP on R1 and R2 under F0/0
·         Make sure that R1 become AVG and R2 as AVF
·         Active Virtual Gateway priority 120 and the other gateway is left at the default
·         Authentication between both switch MD5 password “internetwork”
·         The AVG should have the ability to resume the Primary role once Primary router or track interface is reachable (preempt)





R1(config)#interface serial 3/0
R1(config-if)#ip address 10.1.1.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.1.100 255.0.0.0
R1(config-if)#no shutdown

R2(config)#interface serial 3/1
R2(config-if)#ip address 11.1.1.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface serial 3/0
R2(config-if)#ip address 10.1.1.2 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface loopback 0
R2(config-if)#ip address 12.0.0.1 255.255.255.0
R2(config-if)#exit
R2(config)#interface loopback 1
R2(config-if)#ip address 12.0.1.1 255.255.255.0

R3(config)#interface serial 3/1
R3(config-if)#ip address 11.1.1.2 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface fastEthernet 0/0
R3(config-if)#ip address 192.168.1.200 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit

R4(config)#hostname client-R4
client-R4(config)#no ip routing
client-R4(config)#interface fastEthernet 0/0
client-R4(config-if)#ip address 192.168.1.1 255.255.255.0
client-R4(config-if)#no shutdown

R1(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.2

R2(config)#ip route 192.168.1.0 255.255.255.0 10.1.1.1
R2(config)#ip route 192.168.1.0 255.255.255.0 11.1.1.2

R3(config)#ip route 0.0.0.0 0.0.0.0 11.1.1.1

R3#ping 192.168.1.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/58/96 ms
R1(config)#interface fastEthernet 0/0
R1(config-if)#glbp 1 authentication md5 key-string internetwork
R1(config-if)#glbp 1 preempt
R1(config-if)#glbp 1 timers 1 3
R1(config-if)#glbp 1 priority 120
R1(config-if)#glbp 1 ip 192.168.1.150



R3(config)#interface fastEthernet 0/0
R3(config-if)#glbp 1 authentication md5 key-string internetwork
R3(config-if)#glbp 1 preempt
R3(config-if)#glbp 1 timers 1 3
R3(config-if)#glbp 1 ip 192.168.1.150

R3#show glbp
FastEthernet0/0 - Group 1
  State is Standby
    1 state change, last state change 00:04:53
  Virtual IP address is 192.168.1.150
  Hello time 1 sec, hold time 3 sec
    Next hello sent in 0.512 secs
  Redirect time 600 sec, forwarder time-out 14400 sec
  Authentication MD5, key-string
  Preemption enabled, min delay 0 sec
  Active is 192.168.1.100, priority 120 (expires in 2.560 sec)
  Standby is local
  Priority 100 (default)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    ca01.1ec4.0000 (192.168.1.100) authenticated
    ca03.33a8.0000 (192.168.1.200) local
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Listen
    MAC address is 0007.b400.0101 (learnt)
    Owner ID is ca01.1ec4.0000
    Time to live: 14399.424 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 192.168.1.100 (primary), weighting 100 (expires in 2.656 sec)
  Forwarder 2
    State is Active
      1 state change, last state change 00:04:55
    MAC address is 0007.b400.0102 (default)
    Owner ID is ca03.33a8.0000
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100


R1#show glbp
FastEthernet0/0 - Group 1
  State is Active
    1 state change, last state change 00:09:31
  Virtual IP address is 192.168.1.150
  Hello time 1 sec, hold time 3 sec
    Next hello sent in 0.800 secs
  Redirect time 600 sec, forwarder time-out 14400 sec
  Authentication MD5, key-string
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is 192.168.1.200, priority 100 (expires in 2.912 sec)
  Priority 120 (configured)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    ca01.1ec4.0000 (192.168.1.100) local
    ca03.33a8.0000 (192.168.1.200) authenticated
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Active
      1 state change, last state change 00:09:28
    MAC address is 0007.b400.0101 (default)
    Owner ID is ca01.1ec4.0000
    Redirection enabled
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100
  Forwarder 2
    State is Listen
    MAC address is 0007.b400.0102 (learnt)
    Owner ID is ca03.33a8.0000
    Redirection enabled, 599.936 sec remaining (maximum 600 sec)
    Time to live: 14399.936 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 192.168.1.200 (primary), weighting 100 (expires in 3.136 sec)




R1#show glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Fa0/0       1    -   120 Active   192.168.1.150   local           192.168.1.200
Fa0/0       1    1   -   Active   0007.b400.0101  local           -
Fa0/0       1    2   -   Listen   0007.b400.0102  192.168.1.200   -


R3#show glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Fa0/0       1    -   100 Standby  192.168.1.150   192.168.1.100   local
Fa0/0       1    1   -   Listen   0007.b400.0101  192.168.1.100   -
Fa0/0       1    2   -   Active   0007.b400.0102  local           -


client-R4#show ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.1             -   ca04.3054.0000  ARPA   FastEthernet0/0

client-R4#clear arp-cache

client-R4#ping 192.168.1.150
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.150, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/222/1016 ms

client-R4#show ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.1             -   ca04.3054.0000  ARPA   FastEthernet0/0
Internet  192.168.1.150           0   0007.b400.0101  ARPA   FastEthernet0/0

client-R4#traceroute 12.0.0.1
Type escape sequence to abort.
Tracing the route to 12.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.1.100 112 msec 44 msec 36 msec
  2 10.1.1.2 76 msec 116 msec 124 msec

Now shutdown R-2  F0/0 interface to check the redundancy 

R1(config)#interface fastEthernet 0/0
R1(config-if)#shutdown

client-R4#traceroute 12.0.0.1
Type escape sequence to abort.
Tracing the route to 12.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.1.200 12 msec 44 msec 44 msec
  2 11.1.1.1 60 msec 80 msec 68 msec

R3#show glbp
FastEthernet0/0 - Group 1
  State is Active
    2 state changes, last state change 00:04:17
  Virtual IP address is 192.168.1.150
  Hello time 1 sec, hold time 3 sec
    Next hello sent in 0.320 secs
  Redirect time 600 sec, forwarder time-out 14400 sec
  Authentication MD5, key-string
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is unknown
  Priority 100 (default)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    ca03.33a8.0000 (192.168.1.200) local
  There are 2 forwarders (2 active)
  Forwarder 1
    State is Active
      1 state change, last state change 00:04:17
    MAC address is 0007.b400.0101 (learnt)
    Owner ID is ca01.1ec4.0000
    Redirection enabled, 338.912 sec remaining (maximum 600 sec)
    Time to live: 14138.912 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100
  Forwarder 2
    State is Active
      1 state change, last state change 00:19:57
    MAC address is 0007.b400.0102 (default)
    Owner ID is ca03.33a8.0000
    Redirection enabled
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100










 


 


Instagram

Facebook


Twitter



LINKEDIN








No comments:

What is layer 3 etherchannel? How to configure layer 3 etherchannel?

EtherChannel technology allows us to bundle multiple physical links into one logical link. It is used to increase the bandwidth and provide ...