Gateway Load Balancing Protocol GLBP Tutorial
The main disadvantage of HSRP and VRRP is that only one gateway is elected to be the active gateway and used to forward traffic whilst the rest are unused until the active one fails. Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol and performs the similar function to HSRP and VRRP but it supports load balancing among members in a GLBP group. In this tutorial, we will learn how GLBP works.
| Note: Although we can partially configure load balancing via HSRP or VRRP using multiple groups but we have to assign different default gateways on the hosts. If one group fails, we must reconfigure the default gateways on the hosts, which results in extra administrative burden. |
GLBP Election
When the routers are configured to a GLBP group, they first elect one gateway to be the Active Virtual Gateway (AVG) for that group. The election is based on the priority of each gateway (highest priority wins). If all of them have the same priority then the gateway with the highest real IP address becomes the AVG. The AVG, in turn, assigns a virtual MAC address to each member of the GLBP group. Each gateway which is assigned a virtual MAC address is called Active Virtual Forwarder (AVF). A GLBP group only has a maximum of four AVFs. If there are more than 4 gateways in a GLBP group then the rest will become Standby Virtual Forwarder (SVF) which will take the place of a AVF in case of failure. The virtual MAC address in GLBP is 0007.b400.xxyy where xx is the GLBP group number and yy is the different number of each gateway (01, 02, 03…).
| Note: + In this tutorial, the words “gateway” and “router” are use interchangeable. In fact, GLBP can run on both router and switch so the word “gateway”, which can represent for both router and switch, is better to describe GLBP. + For switch, GLBP is supported only on Cisco 4500 and 6500 series. |
The gateway with the highest priority among the remaining ones is elected the Standby AVG (SVG) which will take the role of the AVG in the case it is down.
For example in the topology above suppose all of the gateways have the same priority and GLBP is turned on at the same time on all gateways (or they are configured with the preempt feature), R4 will be elected AVG because of its highest IP address 10.10.10.4. R3 will be elected SVG because of its second highest IP address (10.10.10.3). The AVFs are elected based on the weight so the four highest weight values would win for the four AVFs. In this case we only have four gateways so surely they are all elected AVFs. With GLBP, there is still one virtual IP address which is assigned by the administrator via the “glbp
How GLBP works
After the election ends, R4 is both the AVG and AVF; R3 is SVG and AVF; R2 & R1 are pure AVFs. R4 assigned the MAC addresses of 0007.b4000101, 0007.b4000102, 0007.b4000103, 0007.b4000104 to R1, R2, R3, R4 respectively; we will abbreviate the MAC addresses as 01, 02, 03 and 04. Let’s see how GLBP works!
The default gateway of PC1, PC2 and PC3 were set to 10.10.10.100 so if they want to send traffic outside they have to send ARP Request first to their default gateway. They broadcast an ARP Request to ask “Hey, I need to know the MAC address of the guy 10.10.10.100!”. R4, which is the AVG, is responsible for answering the ARP Request. But the trick here is it does not always give the same answer to that question:
For PC1, R4 will answer “The MAC address of the guy 10.10.10.100 is 01!”.
For PC2, R4 will answer “The MAC address of the guy 10.10.10.100 is 02!”.
For PC3, R4 will answer “The MAC address of the guy 10.10.10.100 is 03!”.
For PC4, R4 will answer “The MAC address of the guy 10.10.10.100 is 04!”.
As the result of this, PC1 will send the traffic to R1; PC2 will send traffic to R2; PC3 will send traffic to R3 and PC4 will send traffic to R4! And load balancing is achieved!
When AVG fails
Everything is working smoothly then suddenly R4 (AVG) is down. What will happen now?
As we know R3 was chosen as SVG because of its second highest priority so when R4 is down, R3 becomes the new AVG and is responsible for forwarding traffic sent to the virtual MAC address of R4. In other words, R3 is now responsible for traffic from PC3 & PC4 with two MAC addresses 03, 04. Communication between R4 continues without disruption or change at the host side.
Wait! Maybe you have a question to ask here. So how about the Switch? How can the switch forward the frames to the new SVG on another port? Remember that Switch saved the MAC 04 for the port connecting to R4. Well, the answer here is when the standby becomes the active it will send a gratuitous ARP reply to flush the CAM tables of the switches and the ARP cache of the hosts. So the switch will learn the new port for MAC 04.
Each AVF listens to others, if one AVF can no more forward traffic, all listening AVFs will compete to take the responsibility of the failed AVF vMAC along with its own (AVF with higher weighting wins).
To detect a gateway failure, GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 224.0.0.102, User Datagram Protocol (UDP) port 3222.
GLBP supports up to 1024 virtual routers (GLBP groups) per physical interface of a router.
Load balancing algorithm
GLBP load sharing is done in one of three ways:
Round-robin load-balancing algorithm: Each router MAC is used sequentially to respond to ARP requests. This is the default load balancing mode in GLBP and is suitable for any number of end hosts.
Weighted load-balancing algorithm: Traffic is balanced proportional to a configured weight. Each GLBP router in the group will advertise its weighting and assignment; the AVG will act based on that value. For example, if there are two routers in a group and R1 has double the forwarding capacity of router B, the weighting value of router A should be configured to be double the amount of R2.
Host-dependent load-balancing algorithm: A given host always uses the same router.
Interface Tracking
Like HSRP, GLBP can be configured to track interfaces. For example, if the WAN link from Router R4 is lost, GLBP detects the failure and decrements the router priority (when a tracked interface fails). The second router then becomes primary. This transition is transparent for the hosts.
GLBP Authentication
GLBP has three authentication types:
+ No authentication
+ MD5 authentication
+ Plain text authentication
MD5 is the most security method so far. With this method, the same keys are configured on both ends. One end will send the encrypted key (called hash, using MD5) to the other. At the other side, the same key is also encrypted and compared with the receiving encrypted key. If the two encrypted keys are the same then authentication is approved. The advantage of this method is only the encrypted key is sent through the link. The key for the MD5 hash can either be given directly in the configuration using a key string or supplied indirectly through a key chain.
nice explanation…
Very nice, clear and Mucil explanation.. thnks 9tut
Fantastic explanation! 9tut is the best place for CCNA students.
best explanation…
Wonderful Explanation. Thanks for 9tut.
Excellent, very precise with no extra unnecessary information, just what one would need to understand the concept how GLBP works, hours earlier I was CLUELESS as to how this protocol works, heck I had even forgotten what the acronyms stands for, but with this summary I was able to refresh my mind and now I posses a solid concept, that I will use when answering the questions once I take the ICDN – 200 120, Now moving on to the commands…
Thanks You 9Tut.
I swear to God i had my ccna 2 years ago but each time i come here to study stuff about my work or when i have an interview
Excellent easy explanation!!
Will be studying 9tut to prepare for a phone interview this week. Thanks 9tut.
awesome explanation
Thanks alot 9tut
really really good explanation…..you deserved to write a mini-book of these tutorials you write…as it is made so simple to understand. To al ccna students, if you want to pass your CCNA, learn proper CCNA concepts and you’ll be able to work any questions…..learn concept is the best way, even for interviews it will be useful to you, as once you remember it, get the logic, it will stay forever.
Its a total sumary anyone can ask for. Thanks to 9tut and sucess to all preparing for CCNA.
thanks 9tut…
Thanks 9tut, very good explanation
Excellent explanation ever!
thanks a lot 9tut
Great. Thanks
Does anyone know such (9tut like) site for vmware VCP?
Thanks Everyone.
I want to thank to all of you 9tut for your extraordinary job, and also say to you that your work is excelent. Your Tutorials are the best so far!! Thanks!
Nice Explanation with a Good examples. Thank U..
Thanks a lot
Thanks 9tut for sharing learning resources and providing very good tutorials !
pls share recent dumps ! anojhsna@gmail.com
very clear to understand, should have basic configuration also .
thanks to 9tut
very good info.
very good info
GLBP is explained very nicely.
GLBP is explained very nicely.
nice explenation thanks!!!!!!!!!!
good & understandable info
Excellent and easy explanation. There is nothing one can not understand. Love you 9tut.
Not bad
9tut does a great job of simplifying the topic at hand. Thank you.
A special tanx from all member of 9tut solo thank u
gut!
Excellent explanation, great job 9tut!
You have been always very helpful 9tut. you explained the info. to a level that can understand easily.
whoever behind 9tut
We thank you so much. :)
If there is anything i ever looked for soooooooooooooo much in life, it was what to do for our default gateway since we have four links to the internet but when i landed on this, i got a salary increment because all my predecessors had failed to do this they could be flipping DHCP settings to accommodate the available links!!!!!!!!!!!!!! am a pro now. thumbs up to 9tut….
************Big up from Uganda**************
Wonderful explanation, its very easy to understand
Well done 9tut…..
Very nice Explanation.. thanks for that
Thanks for sharing perfect information related to the topices.
Thanks to all 9tut team…..
Hi 9tut,
Plz explain how to configure the same
@Vivek…this is just the basic…
(config-if)#glbp 1 ip 192.168.1.7
###the 1 in the command is the Group #. The ip address is the virtual gateway###
(config-if)#glbp 1 priority 110
###priority is default at 100 but you can configure it to be a higher or lower number###
There are other commands for authentication, preemption, weighting and tracking…
also, use “#sh glbp” to see the resulting output:
R1#sh glbp
Ethernet0/0 – Group 1
State is Active
2 state changes, last state change 00:04:19
Virtual IP address is 192.168.1.7
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.317 secs
Redirect time 600 sec, forwarder time-out 14400 sec
Preemption disabled
Active is local
Standby is 192.168.1.2, priority 100 (expires in 8.273 sec)
Priority 110 (configured)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
c801.5a44.0000 (192.168.1.1) local
c802.4618.0000 (192.168.1.2)
c803.5a9c.0000 (192.168.1.3)
c804.50fc.0000 (192.168.1.4)
There are 4 forwarders (1 active)
Forwarder 1
State is Active
1 state change, last state change 00:04:09
MAC address is 0007.b400.0101 (default)
Owner ID is c801.5a44.0000
Redirection enabled
Preemption enabled, min delay 30 sec
Active is local, weighting 100
Forwarder 2
State is Listen
MAC address is 0007.b400.0102 (learnt)
Owner ID is c802.4618.0000
Redirection enabled, 599.355 sec remaining (maximum 600 sec)
Time to live: 14399.355 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 192.168.1.2 (primary), weighting 100 (expires in 9.351 sec)
Forwarder 3
State is Listen
MAC address is 0007.b400.0103 (learnt)
Owner ID is c803.5a9c.0000
Redirection enabled, 597.228 sec remaining (maximum 600 sec)
Time to live: 14397.228 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 192.168.1.3 (primary), weighting 100 (expires in 7.228 sec)
Forwarder 4
State is Listen
MAC address is 0007.b400.0104 (learnt)
Owner ID is c804.50fc.0000
Redirection enabled, 597.504 sec remaining (maximum 600 sec)
Time to live: 14397.504 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 192.168.1.4 (primary), weighting 100 (expires in 7.500 sec)
Great tutorial. Thanks :)
it’s really easy way to explain the main protocol concepts and functionality
thanks a lot
Hi, a good article on GLBP is on this website also ;)
http://ipcisco.com/redundancy-protocols-%E2%80%93-part-5-glbp/
enjoy! ;)
Where is VRRP tut?
this is most amazing and helpfull thanks 9tut