GLBP Load Balancing
We could use HSRP or VRRP to have a redundant default gateway for our PC/server networks. Although this works well we now have hardware powered-on and just sitting around waiting for its counterpart to fail, we are not actively using it. We could split up networks or use multiple default gateways within the same network but who does that? Well if your router or layer three switch happens to have that Cisco logo on it and a software release of at least 12.2(14)S, please welcome and "slow clap" the Gateway Load Balancing protocol, who has been around since 2002!
So the way this protocol works is you must have at least two devices (makes sense) in a GLBP group. The GLBP group has one AVG (Active Virtual Gateway) and multiple AVFs (Active Virtual Forwarders) if you have more than two devices. The AVG is the master of the group and assigns virtual MAC address to each AVF member. Remember each AVF is responsible for forwarding packets sent to their virtual MAC address, they act independently from the AVG.
Note: The AVG is also an AVF When a PC/server makes an ARP request to reach the default gateway each router in the GLBP group share the load by default one client will get a MAC address from one router, while the other client will get an address from another router but both clients point to the same IP address for the default gateway.
In this example I have two different GLBP networks, the 192.168.1.0/24 and the 192.168.2.0/24 with three routers in each LAN. I also have a routing protocol running between the routers (Named EIGRP) to better handle the multiple paths as well as recover from failed links.
To configure GLBP let's start on the 192.168.1.0/24 network, we have to configure the following on each router that belongs to the 192.168.1.0/24, which would be R1, R2, and R3, this configuration is under the interface that belongs to the 192.168.1.0/24 network. (Gigabit0/1)
1glbp 1 ip 192.168.1.1 glbp 1 preempt glbp 1 authentication md5 key-string cisco123
If we care which router is the AVG and which one is in succession we would have to configure the priority, higher is better. In this example we want R1 the AVG, R2 and R3 are backup AVGs. We also want to do the same thing for R4, R5, and R6 with R4 the AVG, R5 and R6 backup AVGs. On R1 and R4 under interface (Gigabit0/1):
1glbp 1 priority 200
On R2 and R5 under interface (Gigabit0/1):
1glbp 1 priority 175
On R3 and R6 under interface (Gigabit0/1):
1glbp 1 priority 150
We can verify if everything works by issuing the command show glbp brief
1R1#show glbp brief 2Interface Grp Fwd Pri State Address Active router Standby router 3Gi0/1 1 - 200 Active 192.168.1.1 local 192.168.1.12 4Gi0/1 1 1 - Active 0007.b400.0101 local - 5Gi0/1 1 2 - Listen 0007.b400.0102 192.168.1.12 - 6Gi0/1 1 3 - Listen 0007.b400.0103 192.168.1.13 - 7 8R4#show glbp brief 9Interface Grp Fwd Pri State Address Active router Standby router 10Gi0/1 1 - 200 Active 192.168.2.1 local 192.168.2.15 11Gi0/1 1 1 - Active 0007.b400.0101 local - 12Gi0/1 1 2 - Listen 0007.b400.0102 192.168.2.15 - 13Gi0/1 1 3 - Listen 0007.b400.0103 192.168.2.16 -
If we look at PC1 we can ping PC3 which tells us routing is working as well as GLBP. Looking at the ARP table on PC1 we notice that the default gateway MAC address is 00:07:b4:00:01:01
1C:\Documents and Settings\VIRL>ping 192.168.1.21 2Pinging 192.168.1.21 with 32 bytes of data: 3 4Reply from 192.168.1.21: bytes=32 time=1ms TTL=126 5Reply from 192.168.1.21: bytes=32 time=1ms TTL=126 6Reply from 192.168.1.21: bytes=32 time<1ms TTL=126 7Reply from 192.168.1.21: bytes=32 time<1ms TTL=126 8Ping statistics for 192.168.1.21: 9 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 10Approximate round trip times in milli-seconds: 11 Minimum = 0ms, Maximum = 1ms, Average = 0ms 12 13C:\Documents and Settings\VIRL>arp -a 14Interface: 192.168.2.22 --- 0x10003 15 Internet Address Physical Address Type 16 192.168.2.1 00-07-b4-00-01-01 dynamic
Looking on PC2 we can ping PC4, looking at the ARP table notice that MAC address is different from what PC1 has, which is exactly how GLBP works :)
1C:\Documents and Settings\VIRL>ping 192.168.1.22 2Pinging 192.168.1.22 with 32 bytes of data: 3 4Reply from 192.168.1.22: bytes=32 time=1ms TTL=126 5Reply from 192.168.1.22: bytes=32 time=1ms TTL=126 6Reply from 192.168.1.22: bytes=32 time=1ms TTL=126 7Reply from 192.168.1.22: bytes=32 time=1ms TTL=126 8 9Ping statistics for 192.168.1.22: 10 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 11Approximate round trip times in milli-seconds: 12 Minimum = 1ms, Maximum = 1ms, Average = 1ms 13 14C:\Documents and Settings\VIRL>arp -a 15Interface: 192.168.2.21 --- 0x10003 16 Internet Address Physical Address Type 17 192.168.2.1 00-07-b4-00-01-03 dynamic 18 192.168.2.22 fa-16-3e-2d-9c-a5 dynamic 19 20C:\Documents and Settings\VIRL>
Here is a traceroute from PC3 going to PC1 notice the hops.
1C:\Documents and Settings\VIRL>tracert 192.168.2.21 2Tracing route to 192.168.2.21 over a maximum of 30 hops 3 4 1 <1 ms <1 ms <1 ms 192.168.1.12 5 2 <1 ms <1 ms <1 ms 172.16.0.18 6 3 1 ms <1 ms <1 ms 192.168.2.21 7 8Trace complete.
Here is a traceroute from PC4 going to PC2 notice the hops, a little different from PC3.
1C:\Documents and Settings\VIRL>tracert 192.168.2.22 2Tracing route to 192.168.2.22 over a maximum of 30 hops 3 4 1 <1 ms <1 ms <1 ms 192.168.1.13 5 2 1 ms <1 ms <1 ms 172.16.0.34 6 3 4 ms 1 ms <1 ms 192.168.2.22 7 8Trace complete.
That's all I got for this one, if you want to continue reading about GLBP you go right to source GLBP - Gateway Load Balancing Protocol. This is a pretty simple and personally a neat little protocol and with the added benefit of using all of your hardware. Like always I hope this helps. - Ryan