GLBP Load Balancing

We could use HSRP or VRRP to have a redundant default gateway for our PC/server networks. Although this works well we now have hardware powered-on and just sitting around waiting for its counterpart to fail, we are not actively using it. We could split up networks or use multiple default gateways within the same network but who does that? Well if your router or layer three switch happens to have that Cisco logo on it and a software release of at least 12.2(14)S, please welcome and “slow clap” the Gateway Load Balancing protocol, who has been around since 2002!

So the way this protocol works is you must have at least two devices (makes sense) in a GLBP group. The GLBP group has one AVG (Active Virtual Gateway) and multiple AVFs (Active Virtual Forwarders) if you have more than two devices. The AVG is the master of the group and assigns virtual MAC address to each AVF member. Remember each AVF is responsible for forwarding packets sent to their virtual MAC address, they act independently from the AVG.

❗ Note: The AVG is also an AVF

When a PC/server makes an ARP request to reach the default gateway each router in the GLBP group share the load by default one client will get a MAC address from one router, while the other client will get an address from another router but both clients point to the same IP address for the default gateway.

In this example I have two different GLBP networks, the 192.168.1.0/24 and the 192.168.2.0/24 with three routers in each LAN. I also have a routing protocol running  between the routers (Named EIGRP) to better handle the multiple paths as well as recover from failed links.

GLBP
GLBP network with three routers

To configure GLBP let’s start on the 192.168.1.0/24 network, we have to configure the following on each router that belongs to the 192.168.1.0/24, which would be R1, R2, and R3, this configuration is under the interface that belongs to the 192.168.1.0/24 network. (Gigabit0/1)

glbp 1 ip 192.168.1.1
glbp 1 preempt
glbp 1 authentication md5 key-string cisco123

If we care which router is the AVG and which one is in succession we would have to configure the priority, higher is better. In this example we want R1 the AVG, R2 and R3 are backup AVGs. We also want to do the same thing for R4, R5, and R6 with R4 the AVG, R5 and R6 backup AVGs.

On R1 and R4 under interface (Gigabit0/1):

glbp 1 priority 200

On R2 and R5 under interface (Gigabit0/1):

glbp 1 priority 175

On R3 and R6 under interface (Gigabit0/1):

glbp 1 priority 150

We can verify if everything works by issuing the command show glbp brief

R1#show glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Gi0/1       1    -   200 Active   192.168.1.1     local           192.168.1.12
Gi0/1       1    1   -   Active   0007.b400.0101  local           -
Gi0/1       1    2   -   Listen   0007.b400.0102  192.168.1.12    -
Gi0/1       1    3   -   Listen   0007.b400.0103  192.168.1.13    -

R4#show glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Gi0/1       1    -   200 Active   192.168.2.1     local           192.168.2.15
Gi0/1       1    1   -   Active   0007.b400.0101  local           -
Gi0/1       1    2   -   Listen   0007.b400.0102  192.168.2.15    -
Gi0/1       1    3   -   Listen   0007.b400.0103  192.168.2.16    -

If we look at PC1 we can ping PC3 which tells us routing is working as well as GLBP. Looking at the ARP table on PC1 we notice that the default gateway MAC address is 00:07:b4:00:01:01

C:\Documents and Settings\VIRL>ping 192.168.1.21
Pinging 192.168.1.21 with 32 bytes of data:

Reply from 192.168.1.21: bytes=32 time=1ms TTL=126
Reply from 192.168.1.21: bytes=32 time=1ms TTL=126
Reply from 192.168.1.21: bytes=32 time<1ms TTL=126
Reply from 192.168.1.21: bytes=32 time<1ms TTL=126 Ping statistics for 192.168.1.21:      Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:      Minimum = 0ms, Maximum = 1ms, Average = 0ms C:\Documents and Settings\VIRL>arp -a
Interface: 192.168.2.22 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.2.1           00-07-b4-00-01-01     dynamic   

C:\Documents and Settings\VIRL>

Looking on PC2 we can ping PC4, looking at the ARP table notice that MAC address is different from what PC1 has, which is exactly how GLBP works 🙂

C:\Documents and Settings\VIRL>ping 192.168.1.22
Pinging 192.168.1.22 with 32 bytes of data:

Reply from 192.168.1.22: bytes=32 time=1ms TTL=126
Reply from 192.168.1.22: bytes=32 time=1ms TTL=126
Reply from 192.168.1.22: bytes=32 time=1ms TTL=126
Reply from 192.168.1.22: bytes=32 time=1ms TTL=126

Ping statistics for 192.168.1.22:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms

C:\Documents and Settings\VIRL>arp -a
Interface: 192.168.2.21 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.2.1           00-07-b4-00-01-03     dynamic
  192.168.2.22          fa-16-3e-2d-9c-a5     dynamic   

C:\Documents and Settings\VIRL>

Here is a traceroute from PC3 going to PC1 notice the hops.

C:\Documents and Settings\VIRL>tracert 192.168.2.21
Tracing route to 192.168.2.21 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.12
  2    <1 ms    <1 ms    <1 ms  172.16.0.18
  3     1 ms    <1 ms    <1 ms  192.168.2.21  Trace complete. 

Here is a traceroute from PC4 going to PC2 notice the hops, a little different from PC3.

C:\Documents and Settings\VIRL>tracert 192.168.2.22
Tracing route to 192.168.2.22 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.13
  2     1 ms    <1 ms    <1 ms  172.16.0.34
  3     4 ms     1 ms    <1 ms  192.168.2.22 

Trace complete.

That’s all I got for this one, if you want to continue reading about GLBP you go right to source GLBP – Gateway Load Balancing Protocol. This is a pretty simple and personally a neat little protocol and with the added benefit of using all of your hardware. Like always I hope this helps. – Ryan

Advertisements

Leave a Reply...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s