Redundancy and Load Balancing Protocol- GLBP (Gateway Load Balancing Protocol) - NetwaxLab

Breaking

Facebook Popup

BANNER 728X90

Friday, December 12, 2014

Redundancy and Load Balancing Protocol- GLBP (Gateway Load Balancing Protocol)

Download
GLBP (Gateway Load Balancing Protocol) is a Cisco proprietary protocol that attempts to overcome the limitations of existing redundant router protocols by adding basic load balancing functionality. GLBP is a virtual gateway protocol similar to HSRP and VRRP.

However, unlike its little brothers, GLBP is capable of using multiple physical gateways at the same time. As we know, a single HSRP or VRRP group represents one virtual gateway, with single virtual IP and MAC addresses. Only one physical gateway in a standby/redundancy group is responsible for packet forwarding, others remain inactive in standby/backup state. If you have R1, R2, R3 sharing the segment 174.X.123.0/24 with the physical IP addresses 174.X.123.1, 174.X.123.2 and 174.X.123.3 you may configure them to represent one single virtual gateway with an IP address 174.X.123.254. The physical gateway priority settings will determine which physical gateway takes the role of the active packet forwarder. The hosts on the segment will set their default gateway to 174.X.123.254, staying isolated of the physical gateway failures.

GLBP Terminology

GLBP brings this idea to new level, by allowing multiple physical gateways to participate in packet forwarding simultaneously. Consider this example, Imagine you need the hosts on the segments to fully utilize all existing physical gateways, yet provide recovery from a gateway failure. For instance, you may want 50% of outgoing packets to be sent up to R1, 30% to R2 and 20% to R3. At the same time, you want to ensure, that hosts using either of the gateways will automatically switch to another if their gateway fails. On top of that, all hosts in the segment should reference to the virtual gateway using the same IP address 174.X.123.254. This is a complicated task, which has being addressed by GLBP protocol design.

By default GLBP load balances in Round-Robin fashion.

GLBP elects one AVG (Active Virtual Gateway) for each group. Other group members act as backup in case of AVG failure. In case there are more than two members, the second best AVG is placed in the Standby state and all other members are placed in the Listening state. This is monitored using hello and holdtime timers, which are 3 and 10 seconds by default. The elected AVG then assigns a virtual MAC address to each member of the GLBP group, including itself, thus enabling AVFs (Active Virtual Forwarders). Each AVF assumes responsibility for forwarding packets sent to its virtual MAC address. There could be up to four AVFs at the same time.

By default, GLBP routers use the local multicast address 224.0.0.102 to send hello packets to their peers every 3 seconds over UDP 3222 (source and destination).

Cisco implemented IPv6 support for GLBP in IOS release 12.2(33)SXI.

GLBP (Gateway Load Balancing Protocol) Points to Remember:


1. Cisco Proprietary (2005)
2. It uses UDP Port 3222
3. It sends Multicast Hello 224.0.0.102
4. Default Priority 100
5. Default weight 100
6. Default Preempt disable
7. Default decrement in weight using track = 10
8. GLBP Load Balancing Algorithm
    (i) Round Robin
    (ii) Weighted
    (iii) Host Dependent
9. Default load balancing algorithm – Round robin.
10. Hello – 3 sec
11. Hold – 10 sec
12. There is no default in built track command
13. In GLBP we configure external track.
14. It supports authentication MD-5 & Plain Txt.

GLBP Roles

  1. AVG (Active Virtual Gateway)
  2. AVF (Active Virtual Forwarder)

AVG– A router which gives the reply of ARP request of clients for gateway based on load balancing algorithm. Default algorithm is Round Robin. AVG is also responsible to assign MAC to AVF.

AVF– In GLBP all router act as an AVF. AVF would be responsible for forward the data.

GLBP MAC

0007. B4xx.xxyy

Xxxx – Group ID
YY – Forwarder ID

Max Group No - 0 to 1023

Important Points

  • IP uses Protocol Numbers. (1 to 255)
  • TCP/UDP uses Port Numbers. (0 t0 65535)


Load balancing algorithm

GLBP load sharing is done in one of three ways:

  • Round-robin load-balancing Algorithm: Each router MAC is used sequentially to respond to ARP requests. This is the default load balancing mode in GLBP and is suitable for any number of end hosts.
  • Weighted load-balancing Algorithm: Traffic is balanced proportional to a configured weight. Each GLBP router in the group will advertise its weighting and assignment; the AVG will act based on that value. For example, if there are two routers in a group and R1 has double the forwarding capacity of router B, the weighting value of router A should be configured to be double the amount of R2.
  • Host-dependent load-balancing Algorithm: A given host always uses the same router.

GLBP over HSRP & VRRP

The main disadvantage of HSRP and VRRP is that only one gateway is elected to be the active gateway and used to forward traffic whilst the rest are unused until the active one fails. Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol and performs the similar function to HSRP and VRRP but it supports load balancing among members in a GLBP group
.

Prerequisites for Gateway Load Balancing Protocol

Before configuring the GLBP feature, ensure that the routers can support multiple MAC addresses on the physical interfaces. For each GLBP forwarder to be configured, an additional MAC address is used.

Supported Platforms
Cisco 1700 series, Cisco 2600 series, Cisco 3620, Cisco 3631, Cisco 3640, Cisco 3660, Cisco 3725, Cisco 3745, Cisco 7100 series, Cisco 7200 series, Cisco 7400 series, Cisco 7500 series

GLBP Active Virtual Gateway

Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address.

The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses.

Router A is the AVG for a GLBP group, and is responsible for the virtual IP address 10.21.8.10. Router A is also an AVF for the virtual MAC address 0007.b400.0101. Router B is a member of the same GLBP group and is designated as the AVF for the virtual MAC address 0007.b400.0102. Client 1 has a default gateway IP address of 10.21.8.10 and a gateway MAC address of 0007.b400.0101. Client 2 shares the same default gateway IP address but receives the gateway MAC address 0007.b400.0102 because Router B is sharing the traffic load with Router A.
If Router A becomes unavailable, Client 1 will not lose access to the WAN because Router B will assume responsibility for forwarding packets sent to the virtual MAC address of Router A, and for responding to packets sent to its own virtual MAC address. Router B will also assume the role of the AVG for the entire GLBP group. Communication for the GLBP members continues despite the failure of a router in the GLBP group.

GLBP Virtual MAC Address Assignment

A GLBP group allows up to four virtual MAC addresses per group. The AVG is responsible for assigning the virtual MAC addresses to each member of the group. Other group members request a virtual MAC address after they discover the AVG through hello messages. Gateways are assigned the next MAC address in sequence. A virtual forwarder that is assigned a virtual MAC address by the AVG is known as a primary virtual forwarder. Other members of the GLBP group learn the virtual MAC addresses from hello messages. A virtual forwarder that has learned the virtual MAC address is referred to as a secondary virtual forwarder.

GLBP Virtual Forwarder Redundancy

Virtual forwarder redundancy is similar to virtual gateway redundancy with an AVF. If the AVF fails, one of the secondary virtual forwarders in the listen state assumes responsibility for the virtual MAC address.

The new AVF is also a primary virtual forwarder for a different forwarder number. GLBP migrates hosts away from the old forwarder number using two timers that start as soon as the gateway changes to the active virtual forwarder state. GLBP uses the hello messages to communicate the current state of the timers.

The redirect time is the interval during which the AVG continues to redirect hosts to the old virtual forwarder MAC address. When the redirect time expires, the AVG stops redirecting hosts to the virtual forwarder, although the virtual forwarder will continue to forward packets that were sent to the old virtual forwarder MAC address.

The secondary holdtime is the interval during which the virtual forwarder is valid. When the secondary holdtime expires, the virtual forwarder is removed from all gateways in the GLBP group. The expired virtual forwarder number becomes eligible for reassignment by the AVG.

GLBP Gateway Priority

GLBP gateway priority determines the role that each GLBP gateway plays and what happens if the AVG fails.

Priority also determines if a GLBP router functions as a backup virtual gateway and the order of ascendancy to becoming an AVG if the current AVG fails. You can configure the priority of each backup virtual gateway with a value of 1 through 255 using the glbp priority command.

GLBP Gateway Weighting and Tracking

GLBP uses a weighting scheme to determine the forwarding capacity of each router in the GLBP group. The weighting assigned to a router in the GLBP group determines whether it will forward packets and, if so, the proportion of hosts in the LAN for which it will forward packets. Thresholds can be set to disable forwarding when the weighting falls below a certain value, and when it rises above another threshold, forwarding is automatically reenabled.

The GLBP group weighting can be automatically adjusted by tracking the state of an interface within the router. If a tracked interface goes down, the GLBP group weighting is reduced by a specified value. Different interfaces can be tracked to decrement the GLBP weighting by varying amounts.

GLBP Benefits

  • Load Sharing

You can configure GLBP in such a way that traffic from LAN clients can be shared by multiple routers, thereby sharing the traffic load more equitably among available routers.
  • Multiple Virtual Routers

GLBP supports up to 1024 virtual routers (GLBP groups) on each physical interface of a router, and up to 4 virtual forwarders per group.
  • Preemption

The redundancy scheme of GLBP enables you to preempt an active virtual gateway with a higher priority backup virtual gateway that has become available. Forwarder preemption works in a similar way, except that forwarder preemption uses weighting instead of priority and is enabled by default.
  • Authentication

You can use a simple text password authentication scheme between GLBP group members to detect configuration errors. A router within a GLBP group with a different authentication string than other routers will be ignored by other group members.

Customizing GLBP

Customizing the behavior of GLBP is optional. Be aware that as soon as you enable a GLBP group, that group is operating. It is possible that if you first enable a GLBP group before customizing GLBP, the router could take over control of the group and become the AVG before you have finished customizing the feature. Therefore, if you plan to customize GLBP, it is a good idea to do so before enabling GLBP.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. interface type number
  4. ip address ip-address mask [secondary]
  5. glbp group authentication text string
  6. glbp group forwarder preempt [delay minimum seconds]
  7. glbp group load-balancing [host-dependent | round-robin | weighted]
  8. glbp group preempt [delay minimum seconds]
  9. glbp group priority level
  10. glbp group timers [msec] hellotime [msec] holdtime
  11. glbp group timers redirect redirect timeout
  12. exit


Configuring GLBP Weighting Values and Object Tracking

GLBP weighting is used to determine whether a router can act as a virtual forwarder. Initial weighting values can be set and optional thresholds specified. Interface states can be tracked and a decrement value set to reduce the weighting value if the interface goes down. When the GLBP router weighting drops below a specified value, the router will no longer be an active virtual forwarder. When the weighting rises above a specified value, the router can resume its role as an active virtual forwarder.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. track object-number interface type number {line-protocol | ip routing}
  4. interface type number
  5. glbp group weighting maximum [lower lower] [upper upper]
  6. glbp group weighting track object-number [decrement value]
  7. exit


Enabling and Verifying GLBP

This task explains how to enable GLBP on an interface and verify its configuration and operation. GLBP is designed to be easy to configure. Each gateway in a GLBP group must be configured with the same group number, and at least one gateway in the GLBP group must be configured with the virtual IP address to be used by the group. All other required parameters can be learned.

Prerequisites

If VLANs are in use on an interface, the GLBP group number must be different for each VLAN.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. interface type number
  4. ip address ip-address mask [secondary]
  5. glbp group ip [ip-address [secondary]]
  6. exit
  7. show glbp [interface-type interface-number] [group] [state] [brief]      


GLBP Authentication

GLBP has three authentication types:
  • No authentication
  • MD5 authentication
  • Plain text authentication

MD5 is the most security method so far. With this method, the same keys are configured on both ends. One end will send the encrypted key (called hash, using MD5) to the other. At the other side, the same key is also encrypted and compared with the receiving encrypted key. If the two encrypted keys are the same then authentication is approved. The advantage of this method is only the encrypted key is sent through the link. The key for the MD5 hash can either be given directly in the configuration using a key string or supplied indirectly through a key chain.

Example for GLBP

GLBP Topology

R1 (config) #int fa0/0
R1 (config-if) #ip add 192.168.101.2 255.255.255.0
R1 (config-if) #no shut
R1 (config-if) #int s0/0
R1 (config-if) #ip add 192.168.1.1 255.255.255.0
R1 (config-if) #no shut
R1 (config-if) #int s0/1
R1 (config-if) #ip add 192.168.2.1 255.255.255.0
R1 (config-if) #no shut

R3 (config) #int fa0/0
R3 (config-if) #ip add 192.168.102.1 255.255.255.0
R3 (config-if) #no shut
R3 (config-if) #int S0/0
R3 (config-if) #ip add 192.168.1.2 255.255.255.0
R3 (config-if) #no shut
R3 (config-if) #int S0/1
R3 (config-if) #ip add 192.168.2.2 255.255.255.0
R3 (config-if) #no shut
R3 (config-if) #int S0/2
R3 (config-if) #ip add 192.168.3.1 255.255.255.0
R3 (config-if) #no shut

R2 (config) #int fa0/0
R2 (config-if) #ip add 192.168.101.3 255.255.255.0
R2 (config-if) #no shut
R2 (config) #int S0/0
R2 (config-if) #ip add 192.168.3.2 255.255.255.0
R2 (config-if) #no shut

R1 (config) #router ei 100
R1 (config-router) # network 0.0.0.0
R1 (config-router) # no auto summary

R2 (config) #router ei 100
R2 (config-router) # network 0.0.0.0
R2 (config-router) # no auto summary

R3 (config) #router ei 100
R3 (config-router) # network 0.0.0.0
R3 (config-router) # no auto summary

R1 (config) #int fa0/0
R1 (config-if) #glbp?
0 to 1023
R1 (config-if) #glbp 1 ip 192.168.101.1

R2 (config) #int fa0/0
R2 (config-if) #glbp?
0 to 1023
R2 (config-if) #glbp 1 ip 192.168.101.1

Comp# ip add 192.168.101.10
Comp# default gateway 192.168.101.1
Comp# tracert –d 192.168.102.1 Via 192.168.101.2
Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.3
Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.2
Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.3

Here we can see one Arp request will forward to R1 and second will forward to R2.

R2# sh glbp
Hello – 3 sec, Hold – 10 sec
By default preemption is disabled

Default load balancing is Round Robin

R1 (config) #int fa0/0
R1 (config-if) glbp 1 load – balancing?
R1 (config-if) glbp 1 load – balancing weighted

R2 (config) #int fa0/0
R2 (config-if) glbp 1 load – balancing?
R2 (config-if) glbp 1 load – balancing weighted

By default weighted is 100

Right now on both the router weight is equal so it will perform load balancing Round Robin.

Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.2
Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.3

Now we will increase the weight of R1

R1 (config) #int fa0/0
R1 (config-if) #glbp 1 weighting?
R1 (config-if) #glbp 1 weighting 200

Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.3
Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.2
Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.2

Here we can see two packets are going via R1 and one packet are going via R2

R1 (config) #int s0/0
R1 (config-if) #shut
Comp# tracert –d 192.168.102.1 Via 192.168.168.102.1

Here we can see requests first come on R1 and then move to R2.

Now we will use track Command

R1 (config) #track 1 int s0/0 line-protocol
R1 (config-track) #track 2 int s0/1 line protocol
R1 (config) #int fa0/0
R1 (config-if) #glbp 1 weighting track 1 decrement 100
R1 (config-if) #glbp 1 weighting track 2 decrement 100
R1#sh glbp
R1 (config) #int s0/0
R1 (config-if) #shut
R1 #sh glbp
R1 (config) #int s0/0
R1 (config-if) #no shut
R1#sh glbp
R1 (config) #int fa0/0
R1 (config-if) #glbp 1 load-balancing host-dependent

R2 (config) #int fa0/0
R2 (config-if) #glbp 1 load-balancing host-dependent

Comp# Arp –d
Comp# tracert –d 192.168.102.1 Via 192.168.101.3


All packets will go via 192.168.101.3

----
@NetwaxLab
Read more
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)