Friday, September 30, 2016

GLBP Operation

We have talked about couple of “First Hop Redundancy Protocol” already in this module. Here is another one for you.
                          GLBP (Gateway Load Balancing Protocol) and its name suggests one of the big benefits, It’s bring to the table is the ability to do Load-Balancing easier than we could do otherwise.
              For Example, think about HSRP, with HSRP we had an “Active Router”, we had “Standby Router”, and the “Active Router” which actively forwarding traffic, but the Standby Router was not. It was just sitting around waiting for the Active Router to fail, and if we did want to use that Router not just have sit their dormant. What we could do, is do some manual load-balancing. We can have traffic from “One Vlan or One Subnet treat that Standby Router as the Active Router for that Vlan” and have “Another Vlan use the other Router is the Active Router for that Vlan”, But that was administrative overhead. We had the manually configured Load-Balancing. We get Load-Balancing automatically with GLBP, With GLBP we can have all of our “Routers forwarding traffic” without the need to go in and says” This Vlan uses this Router, and this Vlan uses that Router”, and the couple of terms we need to know when we talking about GLBP.
We gonna have one Router that’s the “Active Virtual Gateway” or the “AVG”.
              The AVG is going to respond to “ARP Requests” that coming from the Host, and wanna Hosts says” Hey! What’s the Mac-Address for let’s say 10.1.1.1, if that’s are “Virtual IP Address” The AVG is gonna respond and say “Here’s the mac-address for that Virtual IP Address” and the Virtual mac-address that’s it hands out, is the mac-address corresponding to an AVF an “Active Virtual Forwarder”.
              And this “AVF’s” going to do job of like actually forwarding traffic of the local subnet, and we can have as many as “4 AVF’s” within group. We can have some other Virtual forwarders that are not currently active. They standing by, but we can have as many as many “4 Active Virtual forwarders” they are simultaneously able to send traffic of its subnet, and to demonstrate how it works. Consider PC1 on Picture, it is going to send a “ARP Request”.
                 Up to Router R1 because Router R1 is in this examples Acting as the “AVG the Active Virtual Gateway”, and that ARP Request.
                “Going to say “what is the mac-address corresponding to 10.1.1.1”, that’s the PC1 default gateway and R1 Acting as “Active Virtual Gateway” going to respond and say.

                          “The Mac-Address for 10.1.1.1 is 1111.1111.1111”.
  
                      Obviously that the mac-address i just made up to make this easier to visualize. But it’s gonna respond with the mac-address that corresponds to an “Active Virtual Forwarder and AVF”. In this case R1 in addition to being AVG, it’s also an AVF. It’s saying “Here is my mac-address is an AVF” send your frames to me, and PC1 now has a Mac-Address corresponding to its default gateway IP Address.it can now send traffic of its local subnet, now PC2 needs to know how to get off this subnet.

                               PC2 its configured with a default gateway of 10.1.1.1, just like PC1 was. It also sends an “ARP Request” which just gonna be handled by Router R1 acting as the Active Virtual Gateway, and its asking the same question that PC1 did, its asking “What is the mac-address corresponding to 10.1.1.1”.

                           But this time, the “Active Virtual Gateway” says “The mac-address corresponding to 10.1.1.1 is this all 2222.2222.2222 mac-address”.
                             It gave a different answer to PC2, then gave to PC1, and who has that Virtual Mac-address. It’s the different AVF, its R2. R2 has the all 22222.2222.2222 Virtual mac-address assigned it, and how did R2 get that Virtual mac-address. Well as an “Active Virtual Forwarder”, Router R2 discovered that Virtual mac-address form the AVG based on “Hello Message”, and now when PC2 attempts to send traffic of the local subnet, it’s going to the same default gateway IP Address, that PC1 is using. However it’s gonna be using different router. Because the “Mac-Address” in Layer2 header of that Ethernet frame. It’s destined for R2 instead of R1. This is how we get Load-Balancing without doing any administrative work. We get load-balancing automatically.
           By the way we do more than Load-Balancing. We also get Redundancy, if Router R2 were to go down, that would be detected by Router R1, and R1 would become Active for the all 2222.2222.2222’s Virtual Mac-Address, and there are some timers that says “How! Long the AVG will continue giving out that Virtual Mac-Address and response to “ARP Queries”. How long Router R1 in this case is going to continue servicing that mac-address”. We will talk about timers in our Next Topic. When we get into the Configuration.
                   But realize we are getting Load-Balance and we getting Redundancy, thanks to GLBP. But there is a big design Cavour that we need to know about and it deal with STP.
               Can you see that we were using multilayer switches instead of these Router, if those multilayer switches were connected, in a Layer 2 Spanning Tree topology, where one of them were root, in case like that, since we were doing load-balancing across many as 4 multilayer switches or 4 Routers at the same time. With Spanning Tree Protocol, we might have some optimal patting, because STP might be forcing us to go to another path. If you are using multilayer switches with GLBP and those switches part of Layer 2 STP, you might consider HSRP instead of GLBP, because of this suboptimal patting you can get, if you are using router like we showing in this topology this is a great way to do Load-Balancing, infect we can go and tweak? How the load-balancing works.
                Let’s talk about 3 different options that GLBP has
    1.      The Default load-balancing option is “Round-robin”.

                    With Round-Robin our “Active Virtual Gateway” is going to be Responding to “ARP Queries”, by giving out the Virtual Mac-Addresses of all of the Active Virtual Forwarder’s and equal times of amount, with Round-robin in this example, that Active Virtual Gateway is going to respond “One ARP Request” by saying “The Mac-Address for 10.1.1.1 is the all 1111.1111.1111’s Mac-Address”, and it will respond to the next “ARP Request” by saying “it’s all 2222.2222.2222’s Mac-Address”. Then it will go back to the all 1111.1111.1111’s then the all 2222.2222.2222’s, maybe we had 4 Routers, maybe we had 4 Multilayer switches. It would give out the mac-address for each of those AVF’s and equal amount of times. With Round-robin we doing equal load-balancing across all over the AVF’s.
                             And i say we doing equal Load-Balancing realize that, the traffic is not gonna be perfectly Load-Balanced because some of clients actually send more traffic than other clients But at least we equally dispersing the different AVF Mac-Addresses.
     2.      Another Load-Balancing Option is “Host-Dependent”.

                      We probably not going to use this option that much but if you do have a design requirement that says “A Particular PC or A Particular Host needs to always point to a specific Mac-Address” as it’s Default Gateway Mac-Address. You can configure that. You can link together a specific host to always get the same “ARP Reply” to always get a ‘Reply” to saying “The Mac-Address for this default Gateway is, whatever you want the Mac-Address to be” and Remember “Round-Robin” is the default. With Round-Robin we were giving each of our AVF’s, and equal “Weighting”. We giving out their Mac-Addresses in equal amount of times.
                                                    However, we might not want that, we might have higher Powered Router or we might have a higher Powered Multilayer Switch, and we want that switch or that router, to get the bulk of the traffic. We wanna give out it’s “Virtual Mac-Address” more often, than we give out Virtual Mac-Address, of an older Router that might be part of this GLBP group, and we can do that using the “Weighted Load-Balancing Option”.      
      3.      With the “Weighted Load-Balancing Option” we can associate a “Weight” with different “Active Virtual Forwarder’s”.
                      For example, let’s say, do we gave R1 ‘Weight of 50”, and we gave R2 a “Weight of 100”. Well in that example for everyone time we gave out R1’s “Virtual Mac-Address”, we would give out Router R2’s “Virtual Mac-Address” twice because 100 is 2 times 50.

                               That’s the way we can adjust the Weight. There is another way we could use this “Weighting”, we could use with a “Tracking”, Remember with, HSRP we had “Interface Tracking” and “Object Tracking”, In with VRRP we had just “Object Tracking”, But even with that we could still track the “Line-Protocol” state of an interface.
                               So essentially we did have an “Interface Tracking”. Well with GLBP we don’t technically have “Interface Tracking”, But we do have “Object Tracking” and what we can do with Object tracking is say “I want to track, may be the state of a particular interface, and if that interface goes down, or maybe we are tracking whether or not a route is in the IP Routing table and if that router disappears”. We could say, we want to reduce the “Weight” by certain amount, suddenly this Router or this Multilayer switch becomes less attractive. It has lower “Weight”, its start handling lower percentage of traffic and infect we can have some “Threshold Set”.
                                 And we can say “if you drop below the threshold”, if your “Weight” get down to 20 is an example, then AVG could temporarily stop handing out that Active Virtual Forwarder’s (Virtual Mac-Address). In response to “ARP Queries”, and then may be that Route came back up, maybe that interface came back up and then that case, if the Weight got backed for a certain level. We can set high “Watermark Router Threshold”, if it gets back to certain level than, the AVF can start the accepting traffic again and the AVG, will once to start handing out that AVF’s “Virtual Mac-Address” and responds for “ARP Queries” and before we get to the configuration in our next topic, just a few extra things I want you to know about GLBP.

Ø  We know that HSRP is Cisco Proprietary, and VRRP is an open standard. Well GLBP is also Cisco Proprietary, we know that HSRP cannot have the Virtual ip address, be the same as interfaces ip address, then VRRP does allow a Virtual IP Address to match an interfaces IP Address. Well GLBP is like HSRP in that respect, you cannot have a Virtual IP Address match an interfaces IP Address.
Ø  And GLBP is gonna use the same multicast group to send messages that used by HSRP Version 2 which is 224.0.0.102
Ø  And GLBP by default also has the same timers that HSRP has. Specifically, it has a Hello time of 3 Seconds and “Hold Time” Timer of 10 Seconds.
Ø  And Cisco does support GLBP Authentication. Both “Plain Text” and “MD5” Authentication.
But Please keep in your mind, your knowledge may vary, you may or may not have GLBP Support based on Your Model of Cisco Catalyst or Router
 Now with this better understanding of GLBP Operation. Let’s set it up in out Next Topic.





If You Like the Post. Don’t forget to “Subscribe/Share/Comment”. Thank You.

               

0 comments:

Post a Comment