GLBP Gateway Load Balancing Protocol

GLBP

Gateway Load

Balancing Protocol

By MEDDANE Redouane

Cisco Instructor

GLBP works by making use of a single virtual IP address, which is configured as the default

gateway on the hosts.

The different routers that assume the forwarding role use different virtual MAC addresses for

the same virtual IP address which is used to forward packets.

Unlike HSRP and VRRP, GLBP does not use a single virtual MAC address for the entire group.

Instead, the AVG assigns different virtual MAC addresses to each of the physical routers in the

group.

There are two types of routers in a GLBP group use in redundancy and load balancing:

Active Virtual Gateway(AVG):

Within a GLBP group,one virtual router (gateway) is elected as the Active Virtual

Gateway(AVG), and its responsible for the operation of the protocol. This AVG router has the

highest priority value or IP address in the group, it responds to all ARP requests for MAC

addresses which it send to the virtual router IP address.

Active Virtual Forwarder (AVF)

A router within a GLBP group is elected as Active Virtual Forwarder (AVF) This AVF is

responsible for forwarding packets sent to the mac address returned by the AVG router.

Multiple active virtual forwarders can exist for each GLBP group.

So, when a client needs to send packet to known default gateway (AVG) with configured IP

address, it requests for the MAC address by sending an ARP (address resolution protocol)

request on the subnet.

The AVG will respond to these ARP requests with the virtual MAC address of each "active"

virtual forwarders, based on a configured load sharing algorithm.

The topology uses The Hosts have two Routers to access the outside network, two hosts in

VLAN 10 and two Hosts in VLAN 20.

The GLBP protocol will be configured to allow redundancy.

The requirements:

VLAN 10:

-The Group number is 1.

-R1 is the Active router.

-R2 is the standby router.

VLAN 20:

-The Group number is 2.

-R2 is the Active router.

-R1 is the standby router.

-The Virtual ip Address is 10.0.10.254

-load-balancing is round-robin which means Each AVF in turn is included in address resolution

replies for the virtual IP address.

R1(config)#interface fastEthernet 0/0 R1(config-if)#no shutdown R1(config)#interface fastEthernet 0/0.10 R1(config-subif)#encapsulation dot1Q 10 R1(config-if)#ip address 10.0.10.1 255.255.255.0 R1(config-if)#glbp 1 ip 10.0.10.254 R1(config-if)#glbp 1 priority 150 R1(config-if)#glbp 1 preempt

R1(config-if)#glbp 1 load-balancing round-robin

R2(config)#interface fastEthernet 0/0 R2(config-if)#no shutdown R2(config)#interface fastEthernet 0/0.10 R2(config-subif)#encapsulation dot1Q 10 R2(config-if)#ip address 10.0.10.2 255.255.255.0 R2(config-if)#glbp 1 ip 10.0.10.254 R2(config-if)#glbp 1 preempt

The first Part of the following output dislayed below concerns the AVG R1

So R1 is the AVG and it is in active state because it has a higher priority than R2 which is in the

standby state.

The second part concerns the AVFs.

We can see that there are two AVF:

-R1 is the AVF 1 and it has the Active state, R2 is in the Listen state

-R2 is the AVF 2 and it has the Active state, R1 is in the Listen state

R1#show glbp

FastEthernet0/0.10 - Group 1 State is Active

2 state changes, last state change 00:00:47 Virtual IP address is 10.0.10.254

Hello time 3 sec, hold time 10 sec Next hello sent in 0.716 secs

Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec

Active is local

Standby is 10.0.10.2, priority 100 (expires in 9.728 sec) Priority 150 (configured)

Weighting 100 (default 100), thresholds: lower 1, upper 100 Load balancing: round-robin

Group members:

c000.1714.0000 (10.0.10.1) local c001.1714.0000 (10.0.10.2)

There are 2 forwarders (1 active) Forwarder 1

State is Active

1 state change, last state change 00:00:37 MAC address is 0007.b400.0101 (default) Owner ID is c000.1714.0000

Redirection enabled

Preemption enabled, min delay 30 sec Active is local, weighting 100

Forwarder 2

State is Listen

MAC address is 0007.b400.0102 (learnt) Owner ID is c001.1714.0000

Redirection enabled, 598.224 sec remaining (maximum 600 sec) Time to live: 14398.220 sec (maximum 14400 sec)

Preemption enabled, min delay 30 sec

Active is 10.0.10.2 (primary), weighting 100 (expires in 8.216 sec)

Before doing the test of GLBP operation ,we will simulate a hosts with a routers ,I disable the

routing and i configure the default gateway and the ip addresses of each PC in the VLAN 10 as

follow:

Test of the connectivity:

PC1#ping 10.0.10.254

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.10.254, timeout is 2 seconds: !!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/43/64 ms PC1#

PC2#ping 10.0.10.254

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.10.254, timeout is 2 seconds: !!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/37/68 ms PC2#

Let's verify which AVF is used to forward the ICMP Packets by looking the ARP table:

0007.b400.0101 is the MAC Address of the AVF 1 (R1).

0007.b400.0102 is the MAC Address if the AVF 2 (R2).

PC1#show arp | include 10.0.10.254

Internet 10.0.10.254 3 0007.b400.0101 ARPA FastEthernet0/0 PC1#

PC2#show arp | include 10.0.10.254

Internet 10.0.10.254 3 0007.b400.0102 ARPA FastEthernet0/0 PC2#

Let's confirms the result by issuing a telnet from PC1 and PC2 toward the Virtual IP address

10.0.10.254 :

We can see that:

-R1 responds to the Telnet request of the PC1

-R2 responds to the telnet request of the PC2

PC1#telnet 10.0.10.254 Trying 10.0.10.254 ... Open R1> PC2#telnet 10.0.10.254 Trying 10.0.10.254 ... Open R2>

Before configuring the down test ,we need to configure the GLBP for th VLAN 20 , R2 is in the

Active state (AVG) with the priority 150 while R1 is in Listen state with the default priority

100 as follow:

standby state.

The second part concerns the AVFs.

We can see that there are two AVF:

-R1 is the AVF 1 and it has the Active state, R2 is in the Listen state

-R2 is the AVF 2 and it has the Active state, R1 is in the Listen state

R2#show glbp | begin FastEthernet0/0.20 FastEthernet0/0.20 - Group 2

State is Active

1 state change, last state change 00:04:41 Virtual IP address is 10.0.20.254

Hello time 3 sec, hold time 10 sec Next hello sent in 0.624 secs

Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec

Active is local

Standby is 10.0.20.1, priority 100 (expires in 8.676 sec) Priority 150 (configured)

Weighting 100 (default 100), thresholds: lower 1, upper 100 Load balancing: round-robin

Group members:

c000.1714.0000 (10.0.20.1)

c001.1714.0000 (10.0.20.2) local There are 2 forwarders (1 active) Forwarder 1

State is Listen

MAC address is 0007.b400.0201 (learnt) Owner ID is c000.1714.0000

Redirection enabled, 598.676 sec remaining (maximum 600 sec) Time to live: 14398.676 sec (maximum 14400 sec)

Preemption enabled, min delay 30 sec

Active is 10.0.20.1 (primary), weighting 100 (expires in 7.564 sec) Forwarder 2

State is Active

1 state change, last state change 00:04:29 MAC address is 0007.b400.0202 (default) Owner ID is c001.1714.0000

Redirection enabled

Preemption enabled, min delay 30 sec Active is local, weighting 100

Let's configure PC3 and PC4:

PC3(config)#no ip routing PC3(config)#ip default-gateway 10.0.20.254 PC3(config)#interface fastEthernet 0/0 PC3(config-if)#no shutdown PC3(config-if)#ip address 10.0.20.10 255.255.255.0 PC4(config)#no ip routing PC4(config)#ip default-gateway 10.0.20.254

PC1#ping 10.0.20.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.20.10, timeout is 2 seconds: !!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 56/69/92 ms PC1#

Remember that PC1 uses R1 to forward the traffic therefore it uses the MAC Address of R1

(0007.b400.0101):

We can confirm the result by launching a traceroute toward the PC3 from PC1 as follow:

Notice that the packets go through R1 (10.0.10.1):

PC1#traceroute 10.0.20.10

Type escape sequence to abort. Tracing the route to 10.0.20.10

1 10.0.10.1 76 msec 24 msec 32 msec 2 10.0.20.10 68 msec * 48 msec PC1#

Now we launch a ping from PC1 toward PC3 while disabling the interface fa0/0 of R1:

R1(config)#int fa0/0 R1(config-if)#shu R1(config-if)#shutdown

PC1#ping 10.0.20.10 repeat 140

Type escape sequence to abort.

Sending 140, 100-byte ICMP Echos to 10.0.20.10, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate is 96 percent (135/140), round-trip min/avg/max = 36/53/92 ms PC1#

Let's verify which Gateway is used by PC1:

Now it uses R2 instead of R1 used previously:

PC1#telnet 10.0.10.254 Trying 10.0.10.254 ... Open

R2>

PC1 uses the MAC Address of R2 (0007.b400.0102) but it's R1 which responds to the ARP

request of PC1 because it is an AVG:

PC1#traceroute 10.0.20.10

Type escape sequence to abort. Tracing the route to 10.0.20.10

1 10.0.10.2 104 msec 32 msec 28 msec 2 10.0.20.10 88 msec * 64 msec PC1#

Finally PC1 does not see the changes.

To reduce the timers in order to have a fastest...

R1(config)#interface FastEthernet0/0.10

R1(config-subif)#glbp 1 timers msec 150 msec 500 R1(config-subif)#interface FastEthernet0/0.20 R1(config-subif)#glbp 2 timers msec 150 msec 500

R2(config)#interface FastEthernet0/0.10

R2(config-subif)#glbp 1 timers msec 150 msec 500 R2(config-subif)#interface FastEthernet0/0.20 R2(config-subif)#glbp 2 timers msec 150 msec 500

Now we launch the ping from PC1 toward PC3 while activating the interface fa0/0 of R1:

R1(config-subif)#int fa0/0 R1(config-if)#no shu

R1(config-if)#no shutdown

PC1#ping 10.0.20.10 repeat 140

Type escape sequence to abort.

Sending 140, 100-byte ICMP Echos to 10.0.20.10, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate is 99 percent (139/140), round-trip min/avg/max = 40/56/92 ms PC1#