GLBP

發佈日期: 作者:

GLBP(Gateway Load Balancing Protocol)
a Cisco-proprietary protocol
designed to overcome the limitations of existing redundant router protocols
Some of the concepts are the same as with HSRP/VRRP
more dynamic and robust than HSRP/VRRP
ps:
支援至少Cisco IOS Software Release 12.2(14)S for routers以上


優點
1. allows for the automatic selection and simultaneous use of multiple available gateways as well as automatic failover between those gateways
2. none of the clients has to be pointed toward a specific gateway address; they can all have the same default gateway set to the virtual router IP address.

原理
Single virtual IP address and multiple virtual MAC addresses
1. As a client sends an ARP request looking for the virtual router ip address,
2. GLBP sends back an ARP reply with the virtual MAC address of a selected router in the group.
3. The result is that all clients use the same gateway ip address but have differing MAC addresses for it.

…..

GLBP group
GLBP group numbers range from 0-1023.

GLBP AVG priority
1. The router priority can be 1 to 255 (255 is the highest priority), defaulting to 100
2. One router is elected the AVG when this router has the highest priority value, or the highest IP address in the group if there is no highest priority

AVG(active virtual gateway)
1. The AVG answers all ARP requests for the virtual router address
Which MAC address it returns depends on which load-balancing algorithm it is configured to use
2. The AVG also assigns the necessary virtual MAC addresses(Up to 4 virtual MAC-addr) to each of the routers(AVF) participating in the GLBP group.
ps:Other routers in the group serve as backup or secondary virtual forwarders, if the AVF fails.
3. The AVG also assigns secondary roles.

AVF(active virtual forwarder)
1. forwarding traffic received on its virtual MAC address.
2. Each router participating in the GLBP group can become an AVF, if the AVG assigns it that role, along with a virtual MAC address

virtual MAC addresses
the form is 0007.b4xx.xxyy.
The 16-bit xx.xx represents 6 zero bits + 10-bit GLBP group number
The 8-bit yy value is the virtual forwarder number

hello time
By default, GLBP uses the periodic hello messages to detect AVF failures
if hellos from the AVF are not received by the AVG before its holdtime timer expires, the AVG assumes that the current AVF has failed. The AVG then assigns the AVF role to another router.
ps:
GLBP routers communicate using the multicast IP address 224.0.0.102 and UDP port 3222.

AVF failed
該AVF之old virtual mac address會被複製到另一台AVF
因此另一台AVF此時就有2個virtual mac address,讓使用該mac的client不會被中斷
AVG根據redirect及timeout timer會決定old virtual mac address的處理方式
redirect timer(default 10min)
used to determine when the AVG will stop using the old virtual MAC address in ARP replies.
timeout timer(default 4 hours)
the old MAC address and the virtual forwarder using it are flushed from all the GLBP peers.
ps:
clients still using the old MAC address in their ARP caches must refresh the entry to obtain the new virtual MAC address.

…..

assign a virtual IP address
Switch(config-if)# glbp < group > ip [ ip-address [secondary]]
< ip-address [secondary]> : assign a virtual IP address in the AVG
1. the ip-address is not given in the command, it is learned from another router in the group
2. if this router is to be the AVG, you must explicitly configure the IP address;otherwise, no other router knows what the value should be

ex:
設定3台L3devic做round robin的load-balance,
網段為192.168.1.0/24,指定gateway為192.168.1.1
L3devic_A做為AVG,L3devic_B做為standby AVG
方式如下
L3devic_A設定如下
先任意配一ip,指定priority為200,並指定該網段gateway為192.168.1.1
L3devic_A(config)# interface vlan 50
L3devic_A(config-if)# ip address 192.168.1.10 255.255.255.0
L3devic_A(config-if)# glbp 1 priority 200
L3devic_A(config-if)# glbp 1 preempt
L3devic_A(config-if)# glbp 1 ip 192.168.1.1
L3devic_B設定如下
先任意配一ip,指定priority為150,並指定該網段gateway為192.168.1.1
L3devic_B(config)# interface vlan 50
L3devic_B(config-if)# ip address 192.168.1.11 255.255.255.0
L3devic_B(config-if)# glbp 1 priority 150
L3devic_B(config-if)# glbp 1 preempt
L3devic_B(config-if)# glbp 1 ip 192.168.1.1
L3devic_C設定如下
先任意配一ip,並指定該網段gateway為192.168.1.1
L3devic_C(config)# interface vlan 50
L3devic_C(config-if)# ip address 192.168.1.12 255.255.255.0
L3devic_C(config-if)# glbp 1 ip 192.168.1.1


………………………………….

其他設定

GLBP Load Balancing algorithm
The AVG establishes load balancing by handing out virtual router MAC addresses to clients in a deterministic fashion.
the AVG first must inform the AVFs in the group of the virtual MAC address that each should use.
Up to four virtual MAC addresses, assigned in sequential order, can be used in a group.

load-balancing methods
Round robin(default)
Each new ARP request for the virtual router address receives the next available virtual MAC address in reply
Weighted
The GLBP group interface’s weighting value determines the proportion of traffic that should be sent to that AVF
Host dependent
Each client that generates an ARP request for the virtual router address always receives the same virtual MAC address in reply

define the load-balancing method
(config-if)# glbp < group> load-balancing [round-robin | weighted | host-dependent]

AVG preempt
GLBP does allow a router to preempt and become the AVG if it has a higher priority than the current AVG.
ps:As with HSRP, another router cannot take over an active role until the current active router fails.

to enable preempting and to set a time delay before preempting begins
Switch(config-if)# glbp < group> preempt [delay minimum < seconds>]

To set the priority
Switch(config-if)# glbp < group> priority < 0-255>
priority=0時不加入選擇

AVG timers
adjust the GLBP AVG timers
Switch(config-if)# glbp < group> timers <[msec] hellotime> < [msec] holdtime>
[mesc] 使用milliseconds
< hellotime >
 default 3 seconds, The hellotime can range from 1-60 sec or from 50-60,000 mesc
< holdtime >
 default 10 seconds, up to 180sec or 180,000msec
The holdtime must be greater than the hellotime
ps:
the holdtime at least three times greater than the hellotime to give some tolerance to missed or delayed hellos from a functional peer
ps:
to configure the GLBP timers on each peer router, it is not necessary
The AVG will advertise the timer values it is using, and every other peer will learn those values if they have not already been explicitly set.

adjust redirect and timeout timers
Switch(config-if)# glbp < group> timers redirect < redirect> < timeout>
< redirect >the timer defaults to 600 seconds (10 minutes) and can range from 0 to 3600 seconds (1 hour)
< timeout > the timer defaults to 14,400 seconds (4 hours) and can range from 700 to 64,800 seconds (18 hours).

weighting function for decide AVF
GLBP also can use a weighting function to determine which router becomes the AVF for a
virtual MAC address in a group
步驟如下
1. Each router begins with a maximum weight value.
2. As specific interfaces go down, the weight is decreased by a configured amount
3. GLBP uses thresholds to determine when a router can and cannot be the AVF
If the weight falls below the lower threshold, the router must give up its AVF role.
When the weight rises above the upper threshold, the router can resume its AVF role

1.
define an interface as a tracked object
(config)# track < object-number> interface < interface > < line-protocol | ip routing>
< object-number >
 an arbitrary index (1 to 500) that is used for weight adjustment.
< line-protocol | ip routing >
 The condition that triggers an adjustment can be:
  line-protocol (the interface line protocol is up)
  ip routing. (IP routing is enabled, the interface has an IP address, and the interface is up.)
2.
define the weighting thresholds for the interface
(config-if)# glbp < group> weighting < maximum> [lower < lower>] [upper < upper>]
< maximum> the weight can range from 1 to 254 (default 100)
[upper < upper>]The thresholds(default maximum) define when the router can be the AVF
[lower < lower>] The thresholds(default 1) define when the router cannot be the AVF
3.
binding specified interface and tracked object
(config-if)# glbp < group> weighting track < object-number>  [decrement < value>]
[decrement < value>] When the tracked object fails, the weighting is decremented by value (1-254, default 10)


…………………………………………………………………………..


display glbp status
# show glbp [brief]
ps:
L3devic_A# show glbp brief為例,輸出畫面如下
Interface Grp Fwd Pri State Address Active router Standby router
Vl50 1 – 200 Active 192.168.1.1 local 192.168.1.11
Vl50 1 1 7 Active 0007.b400.0101 local –
Vl50 1 2 7 Listen 0007.b400.0102 192.168.1.11 –
Vl50 1 3 7 Listen 0007.b400.0103 192.168.1.12 –
ps:
L3devic_B# show glbp brief 為例,輸出畫面如下
Interface Grp Fwd Pri State Address Active router Standby router
Vl50 1 – 150 Standby 192.168.1.1 192.168.1.10 local
Vl50 1 1 7 Listen 0007.b400.0101 192.168.1.10 –
Vl50 1 2 7 Active 0007.b400.0102 local –
Vl50 1 3 7 Listen 0007.b400.0103 192.168.1.12 –
ps:
L3devic_C# show glbp brief 為例,輸出畫面如下
Interface Grp Fwd Pri State Address Active router Standby router
Vl50 1 – 100 Listen 192.168.1.1 192.168.1.10 192.168.1.11
Vl50 1 1 7 Listen 0007.b400.0101 192.168.1.10 –
Vl50 1 2 7 Listen 0007.b400.0102 192.168.1.11 –
Vl50 1 3 7 Active 0007.b400.0103 local –
ps:
L3deviceA# show glbp 為例,輸出畫面如下
Vlan50 – Group 1
 State is Active
  7 state changes, last state change 03:28:05
 Virtual IP address is 192.168.1.1
 Hello time 3 sec, hold time 10 sec
  Next hello sent in 1.672 secs
 Redirect time 600 sec, forwarder time-out 14400 sec
 Preemption enabled, min delay 0 sec
 Active is local
 Standby is 192.168.1.11, priority 150 (expires in 9.632 sec)
 Priority 200 (configured)
 Weighting 100 (default 100), thresholds: lower 1, upper 100
 Load balancing: round-robin
 There are 3 forwarders (1 active)
 Forwarder 1
  State is Active
   3 state changes, last state change 03:27:37
  MAC address is 0007.b400.0101 (default)
  Owner ID is 00d0.0229.b80a
  Redirection enabled
  Preemption enabled, min delay 30 sec
  Active is local, weighting 100
 Forwarder 2
  State is Listen
  MAC address is 0007.b400.0102 (learnt)
  Owner ID is 0007.b372.dc4a
  Redirection enabled, 598.308 sec remaining (maximum 600 sec)
  Time to live: 14398.308 sec (maximum 14400 sec)
  Preemption enabled, min delay 30 sec
  Active is 192.168.1.11 (primary), weighting 100 (expires in 8.308 sec)
 Forwarder 3
  State is Listen
  MAC address is 0007.b400.0103 (learnt)
  Owner ID is 00d0.ff8a.2c0a
  Redirection enabled, 599.892 sec remaining (maximum 600 sec)
  Time to live: 14399.892 sec (maximum 14400 sec)
  Preemption enabled, min delay 30 sec
  Active is 192.168.1.12 (primary), weighting 100 (expires in 9.892 sec)