Blog

:: Protocol details

Gateway Load-Balancing Protocol: Used over Layer-2 segments to provide redundant gateway functionality for IPv4 and IPv6
Cisco Proprietary: Other vendors don’t/cannot use this protocol
Functions: Gateway redundancy and load-sharing* capabilities
Roles: AVG (Active Virtual Gateway) and AVF (Active Virtual Forwarder)
Entities: Virtual IP(vIP) and vMAC (virtual MAC)
Communication: uses multicast address 224.0.0.102 and source and destination port 3222 on L4 UDP.
Active/standby: Has an active and standby AVG. All other AVF’s are in listening state ready to take on the rol of the backup AVG when the active AVG fails. Hello and holdtime timers are resp. 10 and 30 seconds between all members.
Preempt: Yes. configurable, not default
Authentication: Yes. configurable, not default
Tracking: Yes, configurable, not default

Control plane: AVG
Ensure election process per group, responds to ARP request for the vIP. Makes sure the correct vMAC is send back of the appropriate AVF

Data plane: AVF
Routes receiving traffic from hosts. Their vMAC is assigned by the AVG. ARP replies are in unicast to prevent other to reply, in case of Proxy ARP.

Details:
Support for 4 active AVF’s and 1 AVG per group.
In total GLBP support 1024 groups per interface.
AVG can hold both the role of AVG and AVF. In case of failure a standby AVG takes over without disruption and also takes over the vMAC of the failing AVF on that AVG.

Load-balancing options:

• Round Robin (default)
• Weighted
• Host dependent

:: Configuration

Configuration between two routers of MLS switches:

Switch1(conf)#
Interface VLAN xx
ip address x.x.x.x x.x.x.x
glbp 10 ip x.x.x.x
glbp 10 preempt
! >> 10 is the GLBP group or instance id
!
Switch2(conf)#
Interface VLAN xx
ip address x.x.x.x x.x.x.x
glbp 10 ip x.x.x.x
glbp 10 preempt
!

Optional config:

Switch1#(conf)
Interface VLAN xx
glbp 10 load-balancing Weighted
glbp 10 weighted 30
!
Switch2#(conf)
Interface VLAN xx
glbp 10 load-balancing Weighted
glbp 10 weighted 70
!

Tracking options:
“track object-number interface type number {line-protocol | ip routing}”

OR

“glbp 10 weighting track 2 decrement 5”

:: Lab

I’ve setup a basic lab of the maximum of 4 AVF’s in one GLBP group. Purpose is to check how ARP works with GLBP and what the result are on client level.

Client1:

VPCS> ip 172.18.1.10 255.255.255.0 172.18.1.1
Checking for duplicate address...
PC1 : 172.18.1.10 255.255.255.0 gateway 172.18.1.1
VPCS> ping 172.18.1.1

84 bytes from 172.18.1.1 icmp_seq=1 ttl=255 time=1.254 ms
84 bytes from 172.18.1.1 icmp_seq=2 ttl=255 time=1.427 ms
84 bytes from 172.18.1.1 icmp_seq=3 ttl=255 time=1.636 ms
84 bytes from 172.18.1.1 icmp_seq=4 ttl=255 time=1.179 ms
84 bytes from 172.18.1.1 icmp_seq=5 ttl=255 time=1.452 ms

VPCS> arp

00:07:b4:00:0a:03  172.18.1.1 expires in 113 seconds 

Client2:

VPCS> ip 172.18.1.11 255.255.255.0 172.18.1.1
Checking for duplicate address...
PC1 : 172.18.1.11 255.255.255.0 gateway 172.18.1.1
VPCS> ping 172.18.1.1

84 bytes from 172.18.1.1 icmp_seq=1 ttl=255 time=1.572 ms
84 bytes from 172.18.1.1 icmp_seq=2 ttl=255 time=1.560 ms
84 bytes from 172.18.1.1 icmp_seq=3 ttl=255 time=1.456 ms
84 bytes from 172.18.1.1 icmp_seq=4 ttl=255 time=1.534 ms
84 bytes from 172.18.1.1 icmp_seq=5 ttl=255 time=1.377 ms

VPCS> arp

00:07:b4:00:0a:04  172.18.1.1 expires in 114 seconds

CSW01#show glbp
Vlan10 - Group 10
  State is Listen
    4 state changes, last state change 00:51:56
  Virtual IP address is 172.18.1.1
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.984 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Preemption enabled, min delay 0 sec
  Active is 172.18.1.5, priority 100 (expires in 10.368 sec)
  Standby is 172.18.1.4, priority 100 (expires in 7.488 sec)
  Priority 100 (default)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    aabb.cc80.0100 (172.18.1.2) local
    aabb.cc80.0200 (172.18.1.3)
    aabb.cc80.0400 (172.18.1.4)
    aabb.cc80.0500 (172.18.1.5)
  There are 4 forwarders (1 active)
  Forwarder 1
    State is Listen
      4 state changes, last state change 00:51:56
    MAC address is 0007.b400.0a01 (learnt)
    Owner ID is aabb.cc80.0500
    Time to live: 14400.000 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 172.18.1.5 (primary), weighting 100 (expires in 11.616 sec)
  Forwarder 2
    State is Listen
    MAC address is 0007.b400.0a02 (learnt)
    Owner ID is aabb.cc80.0200
    Time to live: 14399.072 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 172.18.1.3 (primary), weighting 100 (expires in 9.920 sec)
  Forwarder 3
    State is Active
      1 state change, last state change 00:51:43
    MAC address is 0007.b400.0a03 (default)
    Owner ID is aabb.cc80.0100
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100
  Forwarder 4
    State is Listen
    MAC address is 0007.b400.0a04 (learnt)
    Owner ID is aabb.cc80.0400
    Time to live: 14397.504 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 172.18.1.4 (primary), weighting 100 (expires in 7.808 sec

What do we see?

CSW04 is the active AVG (172.18.1.5). We see member MAC addresses (aabb.ccxx.xxxx) which are generated by the Cisco IOL image and the Cisco AVF Mac address (0007.b400.0axx). Preemption is enabled by configuration and load-balancing method is “Round-Robin” which is the default.

The clients ARP table depict both the same IP address, but with a different MAC binding. Respectively Client1 and Client2 are tied to AVF CSW01 and CSW03:

CSW01# sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  172.18.1.1              -   0007.b400.0a03  ARPA   Vlan10
Internet  172.18.1.2              -   aabb.cc80.0100  ARPA   Vlan10
Internet  172.18.1.3             75   aabb.cc80.0200  ARPA   Vlan10
Internet  172.18.1.4             60   aabb.cc80.0400  ARPA   Vlan10
Internet  172.18.1.5             25   aabb.cc80.0500  ARPA   Vlan10
Internet  172.18.1.10            13   0050.7966.6806  ARPA   Vlan10
Internet  172.18.1.11            12   0050.7966.6807  ARPA   Vlan10

CSW03#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  172.18.1.1              -   0007.b400.0a04  ARPA   Vlan10
Internet  172.18.1.4              -   aabb.cc80.0400  ARPA   Vlan10
Internet  172.18.1.5             26   aabb.cc80.0500  ARPA   Vlan10
Internet  172.18.1.10            13   0050.7966.6806  ARPA   Vlan10
Internet  172.18.1.11            12   0050.7966.6807  ARPA   Vlan10

:: Resources

• https://community.cisco.com/t5/networking-documents/glbp-overview-and-features/ta-p/3131567
• https://packetlife.net/captures/protocol/glbp/
• https://en.wikipedia.org/wiki/Gateway_Load_Balancing_Protocol
• https://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html
• http://njrusmc.net/jobaid/jobaid.html
• https://www.ciscopress.com/store/ccnp-and-ccie-enterprise-core-encor-350-401-official-9781587145230
• https://github.com/jschlooz/glbp

:: Conclusion

Obviously there is much more to learn with the optional features and standby AVG. Let this be a good starting point to learn more.