GLBP (Gateway Load Balancing Protocol)
September 6, 2008 4 Comments
After HSRP and VRRP it is time to discover GLBP, my favorite because unlike the others, GLBP is a native First hop/gateway load balancer.
Let’s take a brief look at GLBP main characteristics:
Router’s roles
– Active AVG (Active Virtual Gateway): There is only one AVG (with the highest priority) in a GLBP group with the following responsibilities:
– Assign a virtual MAC ( vMAC) address for itself and for each member of the group.
– Respond to ARP requests from clients with vMAC of other group member, the method used for selecting vMAC determine the load balancing algorithm.
– Standby AVG: The router with the highest priority among those remaining will be elected the standby AVG and will take the place of the active AVG if it is down.
– AVF (Active Virtual Forwarder):Up to four AVF in a group, Active AVG and Standby AVG are also AVF:
– Each AVF is active and responsible for forwarding traffic destined to its vMAC.
– Each AVF listens to others, if one AVF can no more forward traffic, all listening AVF will compete to take the responsibility of the failed AVF vMAC along with its own (AVF with higher weighting wins).
Timers
– Holdtime: Used to monitor the presence of a group member If for the holdtime for a particular member expires, the owner of the timer can consider that member unavailable and send its hello packet to participate to the election of who will be responsible for its vMAC.
– Redirect timer: if expires the AVG will no more consider the vMAC of the failed AVF, even if there is still an AVF forwarding traffic destined to that vMAC.
– Secondary holdtimer :if this one expires all AVF will drop that vMAC and no one will be responsible for it.
Tracking: can be configured to monitor interface conditions like line-protocol and ip routing, if a tracked interface fails to maintain the configured condition the weighting will be reduced by a configured penality, and if the weight is below the lower threshold the routers stop being AVF.
Preempt
Whether it is an AVG or AVF, after recover from failure, the router is capable to claim back its status after a configured time period.
Protocol
GLBP group member use the multicast address 224.0.0.102 udp 3222 to communicate between each others.
Load Balancing algorithm
Round-Robin: the default LB algorithm, the AVG will alternate available vMAC in ARP reply messages.
Weighted: the weight of each AVF is an indicator of the percentage of clients that will use its vMAC.
Host-dependent: each client will always have the same vMAC.
Recommendations
All efforts of GLBP (also HSRP and VRRP by the way) are concentrated to provide redundancy and load balancing upstream from clients to the gateways, you have to take into consideration that the return or downstream traffic is asymmetric and will depend on the routing protocol decision, and this can create some issues with CAM table aging on multilayer switches used as gateways, therefore it is recommended to match CAM table MAC aging with ARP timeout.
For optimal utilization of GLBP, it is recommended to match GLBP client-cache timeout with ARP timeout.
Figure 1 illustrates the lab topology used with R4 a multilayer switch configured with an upstream interface Fa0/0 as routed interface (tracked by GLBP) and an SVI (switch virtual interface) VLAN10 configured for GLBP.
Figure1: Lab topology
The lab is organized as follow:
-I- GLBP configuration
Verification
-II- Testing
Primary AVG failure
Primary AVG recovery
Active AVF failure
AVF tracked interface failure
AVF tracked interface recovery
GLBP configuration
R2:
track 1 interface FastEthernet0/0 line-protocol interface FastEthernet1/0 ip address 10.20.20.2 255.255.255.0 speed auto full-duplex glbp 10 ip 10.20.20.1 glbp 10 preempt glbp 10 weighting 70 glbp 10 weighting track 1 decrement 50 |
R3:
track 1 interface FastEthernet0/0 line-protocol interface FastEthernet1/0 ip address 10.20.20.3 255.255.255.0 speed auto full-duplex glbp 10 ip 10.20.20.1 glbp 10 priority 200 glbp 10 preempt glbp 10 weighting track 1 decrement 50 |
R4:
track 1 interface FastEthernet0/0 line-protocol interface Vlan10 ip address 10.20.20.4 255.255.255.0 glbp 10 ip 10.20.20.1 glbp 10 priority 50 glbp 10 preempt glbp 10 weighting 30 |
Verification
#sh track 1 Track 1 Interface FastEthernet0/0 line-protocol Line protocol is Up 1 change, last change 02:30:20 Tracked by: GLBP FastEthernet1/0 10 |
The same interface is tracked in all routers R2, R3 and R4.
R2:
R2#sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Fa1/0 10 – 100 Standby 10.20.20.1 10.20.20.3 local Fa1/0 10 1 7 Listen 0007.b400.0a01 10.20.20.3 – Fa1/0 10 2 7 Active 0007.b400.0a02 local – Fa1/0 10 3 7 Listen 0007.b400.0a03 10.20.20.4 – R2# |
R2#sh glbp FastEthernet1/0 – Group 10
1 state change, last state change 02:30:47 Virtual IP address is 10.20.20.1 Hello time 3 sec, hold time 10 sec Next hello sent in 0.912 secs Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec
Priority 100 (default) Weighting 70 (configured 70), thresholds: lower 1, upper 70 Track object 1 undefined Load balancing: round-robin Group members: cc00.026c.0010 (10.20.20.2) local cc01.026c.0010 (10.20.20.3) cc02.1514.0000 (10.20.20.4) There are 3 forwarders (1 active)
MAC address is 0007.b400.0a01 (learnt) Owner ID is cc01.026c.0010 Time to live: 14398.920 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec
1 state change, last state change 02:30:55 MAC address is 0007.b400.0a02 (default) Owner ID is cc00.026c.0010 Preemption enabled, min delay 30 sec
MAC address is 0007.b400.0a03 (learnt) Owner ID is cc02.1514.0000 Time to live: 14399.268 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec
R2# |
R2 is the standby AVG with priority=100, the active AVG is R3 with a priority=200.
The group members contains the list of real MAC addresses of routers participating in the GLBP group
All three routers R2, R3 and R4 are AVF, forwarders for traffic destined to their virtual MAC addresses:
R2 virtual MAC = 0007.b400.0a01
R3 virtual MAC = 0007.b400.0a02
R4 virtual MAC = 0007.b400.0a03
R2, R3 and R4 AVFs are in listening state because they are all ready to take care of each other virtual MAC in case one AVF is down and the priority is givne to the AVF with the highest weight first.
this information is confirmed in all routers R3 and R4.
R3:
R3#sh glbp brief
Interface Grp Fwd Pri State Address Active router Standby route Fa1/0 10 – 200 Active 10.20.20.1 local 10.20.20.2 Fa1/0 10 1 7 Active 0007.b400.0a01 local – Fa1/0 10 2 7 Listen 0007.b400.0a02 10.20.20.2 – Fa1/0 10 3 7 Listen 0007.b400.0a03 10.20.20.4 – R3# |
R3#sh glbp
FastEthernet1/0 – Group 10 State is Active 2 state changes, last state change 02:45:37 Virtual IP address is 10.20.20.1 Hello time 3 sec, hold time 10 sec Next hello sent in 0.860 secs Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec Active is local Standby is 10.20.20.2, priority 100 (expires in 8.556 sec) Priority 200 (configured) Weighting 100 (default 100), thresholds: lower 1, upper 100 Track object 1 state Up decrement 50 Load balancing: round-robin Group members: cc00.026c.0010 (10.20.20.2) cc01.026c.0010 (10.20.20.3) local cc02.1514.0000 (10.20.20.4) There are 3 forwarders (1 active) Forwarder 1 State is Active 1 state change, last state change 02:45:27 MAC address is 0007.b400.0a01 (default) Owner ID is cc01.026c.0010 Redirection enabled Preemption enabled, min delay 30 sec Active is local, weighting 100 Forwarder 2 State is Listen MAC address is 0007.b400.0a02 (learnt) Owner ID is cc00.026c.0010 Redirection enabled, 597.784 sec remaining (maximum 600 sec) Time to live: 14397.784 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec Active is 10.20.20.2 (primary), weighting 70 (expires in 7.788 sec) Forwarder 3 State is Listen MAC address is 0007.b400.0a03 (learnt) Owner ID is cc02.1514.0000 Redirection enabled, 597.512 sec remaining (maximum 600 sec) Time to live: 14397.512 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec Active is 10.20.20.4 (primary), weighting 30 (expires in 7.512 sec) R3# |
R4:
R4#sh glbp brief
Interface Grp Fwd Pri State Address Active router Standby route Vl10 10 – 50 Listen 10.20.20.1 10.20.20.3 10.20.20.2 Vl10 10 1 7 Listen 0007.b400.0a01 10.20.20.3 – Vl10 10 2 7 Listen 0007.b400.0a02 10.20.20.2 – Vl10 10 3 7 Active 0007.b400.0a03 local – R4# |
R4#sh glbp Vlan10 – Group 10
Virtual IP address is 10.20.20.1 Hello time 3 sec, hold time 10 sec Next hello sent in 1.640 secs Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec
Priority 50 (configured) Weighting 30 (configured 30), thresholds: lower 1, upper 30 Load balancing: round-robin Group members: cc00.026c.0010 (10.20.20.2) cc01.026c.0010 (10.20.20.3) cc02.1514.0000 (10.20.20.4) local There are 3 forwarders (1 active)
MAC address is 0007.b400.0a01 (learnt) Owner ID is cc01.026c.0010 Time to live: 14398.188 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec
MAC address is 0007.b400.0a02 (learnt) Owner ID is cc00.026c.0010 Time to live: 14398.212 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec
1 state change, last state change 02:34:56 MAC address is 0007.b400.0a03 (default) Owner ID is cc02.1514.0000 Preemption enabled, min delay 30 sec
R4# |
Figure 2 resumes GLBP states:
Figure2: GLBP states
Virtual MAC assignment:
R22:
R22#ping 10.20.20.1
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.1, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 32/62/88 ms R22#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.20.20.1 0 0007.b400.0a01 ARPA FastEthernet0/0 Internet 10.20.20.4 37 cc02.1514.0000 ARPA FastEthernet0/0 Internet 10.20.20.22 – cc03.1514.0000 ARPA FastEthernet0/0 R22# |
Note: generally the first ping after a clear ARP table will cause the first ICMP message to fail, this corresponds to the ARP operations to learn the MAC of the destination IP.
As the result of ARP request R22 has received from the virtual gateway, the AVG R2, the virtual MAC of R2, so all traffic from R22 is forwarded to R2 as confirmed by output of the trace command:
R22#trace 10.10.10.1
Type escape sequence to abort. Tracing the route to 10.10.10.1
1 10.20.20.3 68 msec 64 msec 96 msec 2 10.10.10.1 68 msec 76 msec 36 msec R22# |
R33:
R33#ping 10.20.20.1
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.1, timeout is 2 seconds: ..!!! Success rate is 60 percent (3/5), round-trip min/avg/max = 28/64/120 ms R33#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.20.20.2 0 cc00.026c.0010 ARPA FastEthernet0/0 Internet 10.20.20.1 0 0007.b400.0a02 ARPA FastEthernet0/0 Internet 10.20.20.4 37 cc02.1514.0000 ARPA FastEthernet0/0 Internet 10.20.20.33 – cc04.1514.0000 ARPA FastEthernet0/0 R33# |
As the result of ARP request R33 has received from the virtual gateway, the AVG R2, the virtual MAC of R3, so all traffic from R33 is forwarded to R3 as confirmed by output of the trace command:
R33#trace 10.10.10.1
Type escape sequence to abort. Tracing the route to 10.10.10.1
1 10.20.20.2 76 msec 108 msec 32 msec 2 10.10.10.1 64 msec 36 msec 72 msec R33# |
R44:
R44#ping 10.20.20.1
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.1, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 20/45/76 ms R44#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.20.20.1 0 0007.b400.0a03 ARPA FastEthernet0/0 Internet 10.20.20.4 37 cc02.1514.0000 ARPA FastEthernet0/0 Internet 10.20.20.44 – cc05.1514.0000 ARPA FastEthernet0/0 R44# |
As the result of ARP request R44 has received from the virtual gateway, the AVG R2, the virtual MAC of R4, so all traffic from R44 is forwarded to R4 as confirmed by output of the trace command:
R44#trace 10.10.10.1
Type escape sequence to abort. Tracing the route to 10.10.10.1
1 10.20.20.4 40 msec 80 msec 28 msec 2 10.10.10.1 212 msec 76 msec 104 msec R44# |
TESTING
Primary AVG failure
At this point se stop the active AVG R3.
R2:
*Mar 1 00:02:30.759: %SYS-5-CONFIG_I: Configured from console by admin on console *Mar 1 00:03:08.003: GLBP: Fa1/0 10 Standby: g/Active timer expired (10.20.20.3) *Mar 1 00:03:08.007: GLBP: Fa1/0 10 Active router IP is local, was 10.20.20.3 *Mar 1 00:03:08.007: GLBP: Fa1/0 10 Standby router is unknown, was local *Mar 1 00:03:08.011: GLBP: Fa1/0 10 Standby -> Active *Mar 1 00:03:08.011: %GLBP-6-STATECHANGE: FastEthernet1/0 Grp 10 state Standby -> Active |
R2#sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Fa1/0 10 – 100 Active 10.20.20.1 local 10.20.20.4 Fa1/0 10 1 7 Listen 0007.b400.0a01 10.20.20.4 – Fa1/0 10 2 7 Active 0007.b400.0a02 local – Fa1/0 10 3 7 Listen 0007.b400.0a03 10.20.20.4 – R2# |
10.20.20.1 (R4) is now honoring the memory of the defunct R3 🙂 by forwarding all traffic destined to R3 vitual MAC (0007.b400.0a01).
R4:
*Mar 1 05:30:33.074: GLBP: Vl10 10 Listen: g/Active timer expired (10.20.20.3) *Mar 1 05:30:33.078: GLBP: Vl10 10 Active router IP is unknown, was 10.20.20.3 *Mar 1 05:30:33.082: GLBP: Vl10 10 Listen -> Speak *Mar 1 05:30:33.086: GLBP: Vl10 10.1 Listen: g/Active timer expired *Mar 1 05:30:33.090: GLBP: Vl10 10.1 Listen -> Active *Mar 1 05:30:33.094: %GLBP-6-FWDSTATECHANGE: Vlan10 Grp 10 Fwd 1 state Listen -> Active *Mar 1 05:30:33.110: GLBP: Vl10 10 Active router IP is 10.20.20.2 *Mar 1 05:30:33.114: GLBP: Vl10 10 Standby router is unknown, was 10.20.20.2 *Mar 1 05:30:33.118: GLBP: Vl10 10.1 Active: j/Hello rcvd from lower pri Active router (135/10.20.20.2) *Mar 1 05:30:43.078: GLBP: Vl10 10 Speak: f/Standby timer expired (unknown) *Mar 1 05:30:43.082: GLBP: Vl10 10 Standby router is local *Mar 1 05:30:43.082: GLBP: Vl10 10 Speak -> Standby |
R4#sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Vl10 10 – 50 Standby 10.20.20.1 10.20.20.2 local Vl10 10 1 7 Active 0007.b400.0a01 local – Vl10 10 2 7 Listen 0007.b400.0a02 10.20.20.2 – Vl10 10 3 7 Active 0007.b400.0a03 local – R4# |
R4 became the standby AVG for the new active AVG R2.
And during this time R33 still pointing toward R3 virtual MAC, but traffic is forwarded through R2.
To see if R3 vMAC is still present in the AVG vMAC list, we cleared R33 ARP table to renew the vMAC of 10.20.20.1
R33#clear arp |
R33#ping 10.10.10.1
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 44/75/112 ms R33#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.20.20.2 0 cc00.026c.0010 ARPA FastEthernet0/0 Internet 10.20.20.1 0 0007.b400.0a01 ARPA FastEthernet0/0 Internet 10.20.20.4 0 cc02.1514.0000 ARPA FastEthernet0/0 Internet 10.20.20.33 – cc04.1514.0000 ARPA FastEthernet0/0 R33# |
And the result is that vMAC of R3 still used by the AVG to respond to ARP requests.
Primary AVG recovery
Now we bring R3 back to live:
R2:
*Mar 1 01:25:00.195: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.10.10.3 (FastEthernet0/0) is up: new adjacency *Mar 1 01:25:00.199: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.20.20.3 (FastEthernet1/0) is up: new adjacency *Mar 1 01:25:14.175: GLBP: Fa1/0 Grp 10 Hello in 10.20.20.3 VG Active pri 200 vIP 10.20.20.1 hello 3000, hold 10000 *Mar 1 01:25:14.179: GLBP: Fa1/0 10 Active router IP is 10.20.20.3, was local *Mar 1 01:25:14.183: GLBP: Fa1/0 10 Active: k/Hello rcvd from higher pri Active router (200/10.20.20.3) *Mar 1 01:25:14.183: GLBP: Fa1/0 10 Active -> Speak *Mar 1 01:25:14.187: %GLBP-6-STATECHANGE: FastEthernet1/0 Grp 10 state Active -> Speak *Mar 1 01:25:24.183: GLBP: Fa1/0 10 Speak: f/Standby timer expired (10.20.20.4) *Mar 1 01:25:24.187: GLBP: Fa1/0 10 Standby router is local, was 10.20.20.4 *Mar 1 01:25:24.187: GLBP: Fa1/0 10 Speak -> Standby |
R2# sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Fa1/0 10 – 100 Standby 10.20.20.1 10.20.20.3 local Fa1/0 10 1 7 Listen 0007.b400.0a01 10.20.20.3 – Fa1/0 10 2 7 Active 0007.b400.0a02 local – Fa1/0 10 3 7 Listen 0007.b400.0a03 10.20.20.4 – R2# |
As soon as R3 is back to business, it took over the active AVG state using its highest priority 200.
The ARP information on R33 is still using R4 vMAC because ARP information didn’t timeout yet, let’s help it by clearing ARP table:
R33#clear arp R33# R33#ping 10.20.20.1
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.1, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 28/71/128 ms R33# |
After the new requests, R33 has received R3 vMAC and now traffic destined to 0007.b400.0a01 (R3 vMAC) is forwarded by R3 itself.
R33#sh arp | i 10.20.20.1 Internet 10.20.20.1 1 0007.b400.0a01 ARPA FastEthernet0/0 R33#
R33#trace 10.10.10.1
Type escape sequence to abort. Tracing the route to 10.10.10.1
1 10.20.20.3 36 msec 88 msec 60 msec 2 * 10.10.10.1 188 msec 92 msec R33# |
Active AVF failure
First, lets’ take a look at the actual distrubution of vMAC by the active AVG:
R22:
R22#sh arp | i 10.20.20.1 Internet 10.20.20.1 0 0007.b400.0a02 ARPA FastEthernet0/0 R22# |
R33:
R33#sh arp | i 10.20.20.1 Internet 10.20.20.1 0 0007.b400.0a03 ARPA FastEthernet0/0 R33# |
R44:
R44#sh arp | i 10.20.20.1 Internet 10.20.20.1 0 0007.b400.0a01 ARPA FastEthernet0/0 R44# |
R22 uses R2 vMAC as gateway MAC
R33 uses R4 vMAC as gateway MAC
R44 uses R3 vMAC as gateway MAC
Now let’s shutdown R4:
R3:
*Mar 1 00:38:14.503: GLBP: Fa1/0 10.3 Listen: g/Active timer expired *Mar 1 00:38:14.507: GLBP: Fa1/0 10.3 Listen -> Active *Mar 1 00:38:14.507: %GLBP-6-FWDSTATECHANGE: FastEthernet1/0 Grp 10 Fwd 3 state Listen -> Active *Mar 1 00:38:14.587: GLBP: Fa1/0 10.3 Active: j/Hello rcvd from lower pri Active router (135/10.20.20.2) |
R4 was responsible for its vMAC 0007.b400.0a03, now R3 is the new responsible for it (R2 has lower priority)
R33#sh arp | i 10.20.20.1 Internet 10.20.20.1 16 0007.b400.0a03 ARPA FastEthernet0/0 R33# |
Still uses R4 vMAC but traffic is forwarded through R3.
R33#trace 10.10.10.1
Type escape sequence to abort. Tracing the route to 10.10.10.1
1 10.20.20.3 124 msec 128 msec 64 msec 2 10.10.10.1 120 msec 88 msec 32 msec R33# |
AVF tracked interface failure
Next, starting with the following configuration:
R2:
R2#sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Fa1/0 10 – 100 Standby 10.20.20.1 10.20.20.3 local Fa1/0 10 1 7 Listen 0007.b400.0a01 10.20.20.3 – Fa1/0 10 2 7 Listen 0007.b400.0a02 10.20.20.4 – Fa1/0 10 3 7 Active 0007.b400.0a03 local – R2# |
R2 plays the following roles:
– the standby AVG.
– the Active AVF for its vMAC 0007.b400.0a03.
– Listenning AVF for R3 vMAC 0007.b400.0a01 and R4 vMAC 0007.b400.0a02.
R3:
R3(config-if)#do sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Fa1/0 10 – 200 Active 10.20.20.1 local 10.20.20.2 Fa1/0 10 1 7 Active 0007.b400.0a01 local – Fa1/0 10 2 7 Listen 0007.b400.0a02 10.20.20.4 – Fa1/0 10 3 7 Listen 0007.b400.0a03 10.20.20.2 – R3(config-if)# |
R3 plays the following roles:
– the Active AVG.
– the Active AVF for its vMAC 0007.b400.0a01.
– Listenning AVF for R2 vMAC 0007.b400.0a03 and R4 vMAC 0007.b400.0a02.
R4:
R4(config)#do sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Vl10 10 – 50 Listen 10.20.20.1 10.20.20.3 10.20.20.2 Vl10 10 1 7 Listen 0007.b400.0a01 10.20.20.3 – Vl10 10 2 7 Active 0007.b400.0a02 local – Vl10 10 3 7 Listen 0007.b400.0a03 10.20.20.2 – R4(config)# |
R4 plays the following roles:
– Listen to AVG.
– the Active AVF for its vMAC 0007.b400.0a02.
– Listenning AVF for R2 vMAC 0007.b400.0a03 and R3 vMAC 0007.b400.0a01.
R4(config)#do sh glbp Vlan10 – Group 10 State is Listen 2 state changes, last state change 00:11:20 Virtual IP address is 10.20.20.1 Hello time 3 sec, hold time 10 sec Next hello sent in 1.016 secs Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec Active is 10.20.20.3, priority 200 (expires in 7.012 sec) Standby is 10.20.20.2, priority 100 (expires in 8.180 sec) Priority 50 (configured)
Load balancing: round-robin Group members: cc00.097c.0010 (10.20.20.2) cc01.097c.0010 (10.20.20.3) cc02.15e8.0000 (10.20.20.4) local There are 3 forwarders (1 active) Forwarder 1 State is Listen 2 state changes, last state change 00:10:43 MAC address is 0007.b400.0a01 (learnt) Owner ID is cc01.097c.0010 Time to live: 14398.316 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec Active is 10.20.20.3 (primary), weighting 100 (expires in 8.308 sec) Forwarder 2 State is Active 1 state change, last state change 00:26:38 MAC address is 0007.b400.0a02 (default) Owner ID is cc02.15e8.0000 Preemption enabled, min delay 30 sec Active is local, weighting 30 Forwarder 3 State is Listen MAC address is 0007.b400.0a03 (learnt) Owner ID is cc00.097c.0010 Time to live: 14399.508 sec (maximum 14400 sec) Preemption enabled, min delay 30 sec Active is 10.20.20.2 (primary), weighting 70 (expires in 9.504 sec) R4(config)# |
Note that R4 has a weight of 30 and in penality of -30 if the tracked interface line-protocol is down, also note the lower threshold of 1 under which the router will not even be the AVF for its own vMAC.
let’s shutdown the upstream tracked interface of R4 (AVF):
R4:
R4(config)#int fa 0/0 R4(config-if)#sh *Mar 1 00:43:09.359: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down *Mar 1 00:43:10.359: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down *Mar 1 00:43:42.827: %GLBP-6-FWDSTATECHANGE: Vlan10 Grp 10 Fwd 2 state Active -> Listen R4(config-if)# |
R4(config-if)#do sh glbp Vlan10 – Group 10 State is Listen 2 state changes, last state change 00:31:31 Virtual IP address is 10.20.20.1 Hello time 3 sec, hold time 10 sec Next hello sent in 2.772 secs Redirect time 600 sec, forwarder time-out 14400 sec Preemption enabled, min delay 0 sec Active is 10.20.20.3, priority 200 (expires in 8.488 sec) Standby is 10.20.20.2, priority 100 (expires in 9.668 sec) Priority 50 (configured)
Track object 1 state Down decrement 30 Load balancing: round-robin … |
The initial weight of 30 is decremented by 30, therefore with a priority of 0 lower that the lower threshold of 1, R4 glbp status change from active AVF for its own vMAC to listenning AVF.
R3:
*Mar 1 00:27:12.595: GLBP: Fa1/0 10.2 Preemption delayed, 30 secs remaining *Mar 1 00:27:24.627: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.10.10.4 (FastEthernet0/0) is down: holding time expired *Mar 1 00:27:45.607: GLBP: Fa1/0 10.2 Listen: k/Hello rcvd from lower pri Active router (39/10.20.20.4) *Mar 1 00:27:45.611: GLBP: Fa1/0 10.2 Listen -> Active *Mar 1 00:27:45.611: %GLBP-6-FWDSTATECHANGE: FastEthernet1/0 Grp 10 Fwd 2 state Listen -> Active *Mar 1 00:27:45.623: GLBP: Fa1/0 10.2 Active: j/Hello rcvd from lower pri Active router (135/10.20.20.2) |
R3 and R2 have been informed by the new status of R4, compete with each other and R3 win because of its higher priority, so R3 become responsible for forwarding R4 vMAC 0007.b400.0a02
let’s check this from R33:
R33#sh arp | i 10.20.20.1 Internet 10.20.20.1 141 0007.b400.0a02 ARPA FastEthernet0/0 R33# |
R33#trace 10.10.10.1
Type escape sequence to abort. Tracing the route to 10.10.10.1
1 *
2 * 10.10.10.1 108 msec 132 msec R33# |
traffic send by R33 to the gateway virtual IP 10.20.20.1 with the virtual MAC 0007.b400.0a02 (R4) is forwarded by R3.
AVF tracked interface recovery
*Mar 1 01:02:08.971: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.10.10.3 (FastEthernet0/0) is up: new adjacency *Mar 1 01:02:09.619: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Mar 1 01:02:12.627: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up *Mar 1 01:02:13.827: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.10.10.2 (FastEthernet0/0) is up: new adjacency *Mar 1 01:02:38.523: %GLBP-6-FWDSTATECHANGE: Vlan10 Grp 10 Fwd 2 state Listen -> Active |
30 seconds (the default AVF preempt time) after R4 interface is back to live, the weight is incremented by 30 and the router can take back its AVF status for its vMAC.
R4(config-if)#do sh glbp brief Interface Grp Fwd Pri State Address Active router Standby route Vl10 10 – 50 Listen 10.20.20.1 10.20.20.3 10.20.20.2 Vl10 10 1 7 Listen 0007.b400.0a01 10.20.20.3 – Vl10 10 2 7 Active 0007.b400.0a02 local – Vl10 10 3 7 Listen 0007.b400.0a03 10.20.20.2 – R4(config-if)# |
GLBP is more optimal solution for gateway (first hop) loadbalancing than HSRP or VRRP, for more information about differences between these protocols, refer to the post entitled “First Hop Redundancy protocol comparison”: https://cciethebeginning.wordpress.com/2008/08/23/router-high-availability-protocol-comparison-2/