After HSRP and VRRP, it is time to
introduce the next generation of Protocol that supports redundancy of gateways:
GLBP...
As its name suggests, not only it can manage the management of redundant gateways, but moreover it allows to balance traffic between them, there or HSRP and VRRP simply use one and leave the other standby!
As its name suggests, not only it can manage the management of redundant gateways, but moreover it allows to balance traffic between them, there or HSRP and VRRP simply use one and leave the other standby!
The Technology
The topology is similar to the
articles on HSRP and VRRP. The only difference is the presence of two hosts in
order to test the load balance.
We will here put in place, again, a redundancy between R1 and R2 and then see how the two guests behave.
We will here put in place, again, a redundancy between R1 and R2 and then see how the two guests behave.
A few explanations on GLBP
First thing to note, GLBP is a
proprietary Cisco (probably his only real flaw) Protocol.
The general concept is pretty close to what we have already seen. It's always the ARP protocol, which is at the heart of the magic. Gateways are configured to be part of a GLBP group which is assigned a virtual IP (10.0.0.254 in this case).
When one of the guests must use the default gateway to communicate outside its broadcast domain, it emits an ARP request for the MAC for 10.0.0.254 address... This is where things get complicated... or at least get richer.
In the case of GLBP routers will be the AVG (Active Virtual Gateway), one who will have the highest priority (or the largest IP set to equal priority). Other routers will be the AVF (Active Virtual Forwarders).
The AVG's mission is to distribute the load between different gateways (himself and the different AVF). To get there, it will take care to answer ARP queries by varying the response, indicating his own, that of an AVF, of the following AVF etc.
This is possible by the fact that each router in a same GLBP group will support an address MAC GLBP different but part of the same group. The structure of the MAC address is the following: 0007.b40X.XXYY (where X symbolize ranging 1 to 1023 group number and Y the increment of one gateway to the other).
Routers communicate with each other by multicast (224.0.0.102) by exchanging messages HELLO. If one of them is missing it disappears from the rotation at the level of the ARP responses and if the AVG that disappears, it's the best FTA which will take his place.
The general concept is pretty close to what we have already seen. It's always the ARP protocol, which is at the heart of the magic. Gateways are configured to be part of a GLBP group which is assigned a virtual IP (10.0.0.254 in this case).
When one of the guests must use the default gateway to communicate outside its broadcast domain, it emits an ARP request for the MAC for 10.0.0.254 address... This is where things get complicated... or at least get richer.
In the case of GLBP routers will be the AVG (Active Virtual Gateway), one who will have the highest priority (or the largest IP set to equal priority). Other routers will be the AVF (Active Virtual Forwarders).
The AVG's mission is to distribute the load between different gateways (himself and the different AVF). To get there, it will take care to answer ARP queries by varying the response, indicating his own, that of an AVF, of the following AVF etc.
This is possible by the fact that each router in a same GLBP group will support an address MAC GLBP different but part of the same group. The structure of the MAC address is the following: 0007.b40X.XXYY (where X symbolize ranging 1 to 1023 group number and Y the increment of one gateway to the other).
Routers communicate with each other by multicast (224.0.0.102) by exchanging messages HELLO. If one of them is missing it disappears from the rotation at the level of the ARP responses and if the AVG that disappears, it's the best FTA which will take his place.
Configuration Of R1
R1(config)#interface
FastEthernet 0/0
R1(config-if)#glbp
10 ip 10.0.0.254
R1(config-if)#glbp
10 preempt
R1(config-if)#glbp
10 priority 150
*Mar
1 00:27:32.447: %GLBP-6-STATECHANGE: FastEthernet0/0 Grp 10 state Standby ->
Active
*Mar
1 00:27:42.451: %GLBP-6-FWDSTATECHANGE: FastEthernet0/0 Grp 10 Fwd 1 state
Listen -> Active
Interface Fa0/0 of R1 is so
configured here to participate in the 10 of the GLBP group. We activate the
right of first refusal (to allow R1 to regain his place as appropriate), we set
a higher priority than the default (which is 100) in order to force R1 to
become the AVG.
Verification's …
R2#show glbp
FastEthernet0/0 - Group 10
State is Active
2 state changes, last state change 00:04:25
Virtual IP address is 10.0.0.254
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.052 secs
Redirect time 600 sec, forwarder timeout 14400 sec
Preemption enabled, min delay 0 sec
Active is local
Standby is unknown
Priority 150 (configured)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
c000.116c.0000 (10.0.0.1) local <== MAC réelle
There is 1 forwarder (1 active)
Forwarder 1
State is Active
1 state change, last state change 00:04:15
MAC address is 0007.b400.0a01 (default) <== MAC Virtuelle
Owner ID is c000.116c.0000
Redirection enabled
Preemption enabled, min delay 30 sec
Active is local, weighting 100
R1#
Configuration of R2
R2(config)#int FastEthernet 0/0
R2(config-if)#glbp 10 ip 10.0.0.254
Nothing more simple... here was just
assigned the interface of R2 GLBP group and of course with the same virtual IP
address.
Verification
R2#show glbp
FastEthernet0/0 - Group 10
State is Standby
1 state change, last state change 00:01:55
Virtual IP address is 10.0.0.254
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.120 secs
Redirect time 600 sec, forwarder timeout 14400 sec
Preemption disabled
Active is 10.0.0.1, priority 150 (expires in 8.380 sec)
Standby is local
Priority 100 (default)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
c000.116c.0000 (10.0.0.1)
c001.116c.0000 (10.0.0.2) local
There are 2 forwarders (1 active)
Forwarder 1
State is Listen
MAC address is 0007.b400.0a01 (learnt)
Owner ID is c000.116c.0000
Time to live: 14398.376 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 10.0.0.1 (primary), weighting 100 (expires in 9.192 sec)
Forwarder 2
State is Active
1 state change, last state change 00:02:05
MAC address is 0007.b400.0a02 (default)
Owner ID is c001.116c.0000
Preemption enabled, min delay 30 sec
Active is local, weighting 100
R2#
The Forwarder 1 is none other than
R1, who has the role of AVG since it has a better priority. The Forwarder 2 is
R2. For each there is his real MAC address and its virtual MAC address.
Also note the balancing method: round-robin, which means basically to each turn! It is possible to change, for example based on the MAC address of the host (1 host = always the same forwarder) or on the basis of a proportion (20% on one side and 80% of the other, for example).
Also note the balancing method: round-robin, which means basically to each turn! It is possible to change, for example based on the MAC address of the host (1 host = always the same forwarder) or on the basis of a proportion (20% on one side and 80% of the other, for example).
Test for the hosts...
On C1...
C1#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/21/48 ms
C1#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.254 2 0007.b400.0a01 ARPA FastEthernet0/0
C1#
On C2...
C2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/25/40 ms
C2#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.254 1 0007.b400.0a02 ARPA FastEthernet0/0
C2#
The shade provided by GLBP is
located at the level of the content of the tables of ARP of C1 and C2. As you
can see, for C1 10.0.0.254 is associated with 0007.b400.0a01... While on C2
this virtual ip is associated with 0007.b400.0a02.
The AVG distributes so much traffic between the different forwarders (included AVG).
Note: In this topology I used two routers to replace GNS3 virtual hosts to ensure a natural behavior at the level of the ARP protocol. So they behave like a PC, I've disabled routing (no ip routing), set up their interface Fa0/0 and set up a default gateway (ip default-gateway 10.0.0.254) which is possible only if you have disabled routing beforehand.
The AVG distributes so much traffic between the different forwarders (included AVG).
Note: In this topology I used two routers to replace GNS3 virtual hosts to ensure a natural behavior at the level of the ARP protocol. So they behave like a PC, I've disabled routing (no ip routing), set up their interface Fa0/0 and set up a default gateway (ip default-gateway 10.0.0.254) which is possible only if you have disabled routing beforehand.
Conclusion
GLBP brings a decisive element, allowing do
not leave equipment "sleep." Not only the redundancy is present (if a
forwarder disappears, it is simply removed from the rotation) but increasingly
take advantage of resources!
It is of course possible to get a configuration further, by adjusting the timers for example to improve the responsiveness of the Protocol etc... This will be the subject of a future article!
It is of course possible to get a configuration further, by adjusting the timers for example to improve the responsiveness of the Protocol etc... This will be the subject of a future article!
0 comments:
Post a Comment