We have talked about couple of “First
Hop Redundancy Protocol” already in this module. Here is another one for
you.
GLBP (Gateway
Load Balancing Protocol) and its name suggests one of the big benefits, It’s
bring to the table is the ability to do Load-Balancing easier
than we could do otherwise.
For Example,
think about HSRP, with HSRP we had an “Active Router”,
we had “Standby Router”, and the “Active Router” which actively forwarding traffic, but
the Standby Router was not. It was just sitting around waiting for the Active
Router to fail, and if we did want to use that Router not just have sit their
dormant. What we could do, is do some manual load-balancing. We can have
traffic from “One Vlan or One Subnet treat that Standby
Router as the Active Router for that Vlan” and have “Another Vlan use the other Router is the Active Router for
that Vlan”, But that was administrative overhead. We had the manually
configured Load-Balancing. We get Load-Balancing automatically with GLBP, With
GLBP we can have all of our “Routers forwarding traffic”
without the need to go in and says” This Vlan uses this
Router, and this Vlan uses that Router”, and the couple of terms we need
to know when we talking about GLBP.
We gonna have one Router that’s the “Active
Virtual Gateway” or the “AVG”.
The AVG is going to respond to “ARP Requests” that coming from the Host,
and wanna Hosts says” Hey! What’s the Mac-Address for let’s say 10.1.1.1, if
that’s are “Virtual IP Address” The AVG is gonna
respond and say “Here’s the mac-address for that
Virtual IP Address” and the Virtual mac-address that’s it hands out, is
the mac-address corresponding to an AVF an “Active
Virtual Forwarder”.
And this “AVF’s”
going to do job of like actually forwarding traffic of the local subnet, and we
can have as many as “4 AVF’s” within group. We
can have some other Virtual forwarders that are not currently active. They standing
by, but we can have as many as many “4 Active Virtual
forwarders” they are simultaneously able to send traffic of its subnet,
and to demonstrate how it works. Consider PC1 on Picture, it is going to send a
“ARP Request”.
Up to Router R1 because Router R1 is in this examples Acting as the “AVG the Active Virtual Gateway”, and that ARP Request.
“Going to say “what is the mac-address corresponding to 10.1.1.1”,
that’s the PC1 default gateway and R1 Acting as “Active
Virtual Gateway” going to respond and say.
“The Mac-Address for 10.1.1.1 is 1111.1111.1111”.
Obviously
that the mac-address i just made up to make this easier to visualize. But it’s
gonna respond with the mac-address that corresponds to an “Active Virtual Forwarder and AVF”. In this case R1 in
addition to being AVG, it’s also an AVF. It’s saying “Here
is my mac-address is an AVF” send your frames to me, and PC1 now has a
Mac-Address corresponding to its default gateway IP Address.it can now send
traffic of its local subnet, now PC2 needs to know how to get off this subnet.
PC2 its configured with a default gateway of 10.1.1.1, just like PC1 was.
It also sends an “ARP Request” which just gonna
be handled by Router R1 acting as the Active Virtual Gateway, and its asking
the same question that PC1 did, its asking “What is the
mac-address corresponding to 10.1.1.1”.
But this time, the “Active
Virtual Gateway” says “The mac-address corresponding to
10.1.1.1 is this all 2222.2222.2222 mac-address”.
It gave a different answer to
PC2, then gave to PC1, and who has that Virtual Mac-address. It’s the different
AVF, its R2. R2 has the all 22222.2222.2222 Virtual mac-address assigned it,
and how did R2 get that Virtual mac-address. Well as an “Active Virtual Forwarder”, Router R2 discovered that
Virtual mac-address form the AVG based on “Hello Message”, and now when PC2
attempts to send traffic of the local subnet, it’s going to the same default
gateway IP Address, that PC1 is using. However it’s gonna be using different
router. Because the “Mac-Address” in Layer2
header of that Ethernet frame. It’s destined for R2 instead of R1. This is how
we get Load-Balancing without doing any administrative work. We get
load-balancing automatically.
By the way we do more than Load-Balancing. We
also get Redundancy, if Router R2 were to go down, that would be detected by
Router R1, and R1 would become Active for the all 2222.2222.2222’s Virtual Mac-Address, and there are some timers that
says “How! Long the AVG will continue giving out that Virtual Mac-Address and response
to “ARP Queries”. How long Router R1 in this
case is going to continue servicing that mac-address”. We will talk about
timers in our Next Topic. When we get into the Configuration.
But realize we are getting
Load-Balance and we getting Redundancy, thanks to GLBP. But there is a big
design Cavour that we need to know about and it deal with STP.
Can you
see that we were using multilayer switches instead of these Router, if those
multilayer switches were connected, in a Layer 2 Spanning Tree topology, where one
of them were root, in case like that, since we were doing load-balancing across
many as 4 multilayer switches or 4 Routers at the same time. With Spanning Tree
Protocol, we might have some optimal patting, because STP might be forcing us to
go to another path. If you are using multilayer switches with GLBP and those
switches part of Layer 2 STP, you might consider HSRP instead of GLBP, because
of this suboptimal patting you can get, if you are using router like we showing
in this topology this is a great way to do Load-Balancing, infect we can go and
tweak? How the load-balancing works.
Let’s talk about 3 different options that GLBP has
1. The Default
load-balancing option is “Round-robin”.
With
Round-Robin our “Active Virtual Gateway” is
going to be Responding to “ARP Queries”, by
giving out the Virtual Mac-Addresses of all of the Active Virtual Forwarder’s
and equal times of amount, with Round-robin in this example, that Active Virtual
Gateway is going to respond “One ARP Request” by
saying “The Mac-Address for 10.1.1.1 is the all 1111.1111.1111’s
Mac-Address”, and it will respond to the next “ARP
Request” by saying “it’s all 2222.2222.2222’s
Mac-Address”. Then it will go back to the all 1111.1111.1111’s then the
all 2222.2222.2222’s, maybe we had 4 Routers, maybe we had 4 Multilayer switches.
It would give out the mac-address for each of those AVF’s and equal amount of
times. With Round-robin we doing equal load-balancing across all over the AVF’s.
And i say we doing equal Load-Balancing realize that, the traffic is not
gonna be perfectly Load-Balanced because some of clients actually send more traffic
than other clients But at least we equally dispersing the different AVF Mac-Addresses.
2. Another
Load-Balancing Option is “Host-Dependent”.
We probably not going to
use this option that much but if you do have a design requirement that says “A
Particular PC or A Particular Host needs to always point to a specific
Mac-Address” as it’s Default Gateway Mac-Address. You can configure that. You
can link together a specific host to always get the same “ARP Reply” to always get a ‘Reply”
to saying “The Mac-Address for this default Gateway is,
whatever you want the Mac-Address to be” and Remember “Round-Robin” is the default. With Round-Robin we were
giving each of our AVF’s, and equal “Weighting”.
We giving out their Mac-Addresses in equal amount of times.
However, we might not want that, we might have higher Powered Router or
we might have a higher Powered Multilayer Switch, and we want that switch or
that router, to get the bulk of the traffic. We wanna give out it’s “Virtual Mac-Address” more often, than we give out
Virtual Mac-Address, of an older Router that might be part of this GLBP group,
and we can do that using the “Weighted Load-Balancing Option”.
3. With the “Weighted Load-Balancing Option” we can associate a “Weight” with different “Active
Virtual Forwarder’s”.
For
example, let’s say, do we gave R1 ‘Weight of 50”,
and we gave R2 a “Weight of 100”. Well in that
example for everyone time we gave out R1’s “Virtual Mac-Address”, we would give
out Router R2’s “Virtual Mac-Address” twice
because 100 is 2 times 50.
That’s the way we can adjust the Weight. There is another way we could
use this “Weighting”, we could use with a “Tracking”,
Remember with, HSRP we had “Interface Tracking”
and “Object Tracking”, In with VRRP we had just “Object
Tracking”, But even with that we could still track the “Line-Protocol” state of an interface.
So essentially we
did have an “Interface Tracking”. Well with GLBP
we don’t technically have “Interface Tracking”, But
we do have “Object Tracking” and what we can do
with Object tracking is say “I want to track, may be
the state of a particular interface, and if that interface goes down, or maybe
we are tracking whether or not a route is in the IP Routing table and if that
router disappears”. We could say, we want to reduce the “Weight” by certain amount, suddenly this Router or this
Multilayer switch becomes less attractive. It has lower “Weight”, its start handling lower percentage of
traffic and infect we can have some “Threshold Set”.
And we can say
“if you drop below the threshold”, if your “Weight” get down to 20 is an
example, then AVG could temporarily stop handing out that Active Virtual Forwarder’s
(Virtual Mac-Address). In response to “ARP Queries”, and then may be that Route came back up,
maybe that interface came back up and then that case, if the Weight got backed
for a certain level. We can set high “Watermark Router Threshold”, if it gets
back to certain level than, the AVF can start the accepting traffic again and
the AVG, will once to start handing out that AVF’s “Virtual
Mac-Address” and responds for “ARP Queries”
and before we get to the configuration in our next topic, just a few extra things
I want you to know about GLBP.
Ø We know
that HSRP is Cisco Proprietary, and VRRP is an open standard. Well GLBP is also
Cisco Proprietary, we know that HSRP cannot have the Virtual ip address, be the
same as interfaces ip address, then VRRP does allow a Virtual IP Address to
match an interfaces IP Address. Well GLBP is like HSRP in that respect, you
cannot have a Virtual IP Address match an interfaces IP Address.
Ø And GLBP is
gonna use the same multicast group to send messages that used by HSRP Version 2
which is 224.0.0.102
Ø And GLBP by
default also has the same timers that HSRP has. Specifically, it has a Hello
time of 3 Seconds and “Hold Time” Timer of 10 Seconds.
Ø And Cisco
does support GLBP Authentication. Both “Plain Text”
and “MD5” Authentication.
But Please keep in your mind, your knowledge may vary, you
may or may not have GLBP Support based on Your Model of Cisco Catalyst or
Router
Now with this better
understanding of GLBP Operation. Let’s set it up in out Next Topic.
If You Like the Post. Don’t forget to “Subscribe/Share/Comment”. Thank You.
