Introduced in the Cisco IOS Release 12.2(15), Gateway Load Balancing Protocol (GLBP) is supported by Cisco 1700, 2600, 3620, 3631, 3640, 3660, 3725, 3745, 7100, 7200, 7400, 7500 series. GLBP is a Cisco proprietary protocol that attempts to overcome the limitations of existing redundant router protocols (HSRP, VRRP, …) by adding basic load balancing functionality.
GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets. GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 188.8.131.52, User Datagram Protocol (UDP) port 3222 (source and destination).
- Load Sharing: You can configure GLBP in such a way that traffic from LAN clients can be shared by multiple routers, thereby sharing the traffic load more equitably among available routers. The load sharing available are:
- host-dependent: Specifies a load balancing method based on the MAC address of a host where the same forwarder is always used for a particular host while the number of GLBP group members remains unchanged.
- round-robin: Specifies a load balancing method where each virtual forwarder in turn is included in address resolution replies for the virtual IP address. This method is the default.
- weighted: Specifies a load balancing method that is dependent.
- Multiple Virtual Routers: GLBP supports up to 1024 virtual routers (GLBP groups) on each physical interface of a router, and up to 4 virtual forwarders per group.
- Preemption: The redundancy scheme of GLBP enables you to preempt an active virtual gateway with a higher priority backup virtual gateway that has become available. Forwarder preemption works in a similar way, except that forwarder preemption uses weighting instead of priority and is enabled by default.
- Authentication: You can use a simple text password authentication scheme between GLBP group members to detect configuration errors. A router within a GLBP group with a different authentication string than other routers will be ignored by other group members.
- Tracking: Different interfaces can be tracked to decrement the GLBP weighting by varying amounts.
- Active Virtual Gateway (AVG): One virtual gateway within a GLBP group is elected as the active virtual gateway, and is responsible for the operation of the protocol. This router has the highest priority value, or the highest IP address in the group, if there is no highest priority. The AVG answers all ARP requests for the virtual router address. Which MAC address it returns depends on which load-balancing algorithm it is configured to use.
- Active Virtual Forwarder (AVF): One virtual forwarder within a GLBP group is elected as active virtual forwarder for a specified virtual MAC address, and is responsible for forwarding packets sent to that MAC address. Multiple active virtual forwarders can exist for each GLBP group.
For a virtual gateway the state can be one of the following:
- Disabled: Indicates that the virtual IP address has not been configured or learned yet, but other GLBP configuration exists.
- Initial: The virtual IP address has been configured or learned but virtual gateway configuration is not complete. An interface must be up and configured to route IP, and an interface IP address must be configured.
- Listen: Virtual gateway is receiving hello packets and is ready to change to the “speak” state if the active or standby virtual gateway becomes unavailable.
- Speak: Virtual gateway is attempting to become the active or standby virtual gateway.
- Standby: Indicates that the gateway is next in line to be the active virtual gateway (AVG).
- Active: Indicates that this gateway is the AVG, and that it is responsible for responding to Address Resolution Protocol (ARP) requests for the virtual IP address.
For a virtual forwarder the state can be one of the following:
- Disabled: Indicates that the virtual MAC address has not been assigned or learned. This is a transitory state because a virtual forwarder changing to a disabled state is deleted.
- Initial: The virtual MAC address is known but virtual forwarder configuration is not complete. An interface must be up and configured to route IP, an interface IP address must be configured, and the virtual IP address must be known.
- Listen: Virtual forwarder is receiving hello packets and is ready to change to the “active” state if the active virtual forwarder (AVF) becomes unavailable.
- Active: Indicates that this gateway is the AVF, and that it is responsible for forwarding packets sent to the virtual forwarder MAC address.
Suppose to have two multilayer switches (Ciscozine_1 and Ciscozine_2) and you would create a GLBP group number 1 between the two switches.
The configuration could be:
Ciscozine_1(config)#interface vlan10 Ciscozine_1(config-if)#ip address 172.16.1.11 255.255.255.0 Ciscozine_1(config-if)#glbp 1 ip 172.16.1.1 Ciscozine_1(config-if)#glbp 1 preempt Ciscozine_1(config-if)#glbp 1 load-balancing round-robin Ciscozine_1(config-if)#glbp 1 priority 150
Ciscozine_2(config)#interface vlan10 Ciscozine_2(config-if)#ip address 172.16.1.12 255.255.255.0 Ciscozine_2(config-if)#glbp 1 ip 172.16.1.1 Ciscozine_2(config-if)#glbp 1 load-balancing round-robin
As you can see, the GLBP configuration is similar to the HSRP configuration.
- glbp [n] ip [ip_address]: Enables GLBP on an interface and identifies the primary IP address of the virtual gateway.
- glbp [n] preempt: Configures the router to take over as AVG for a GLBP group if it has a higher priority than the current AVG.
- glbp [n] priority [m]: GLBP gateway priority determines the role that each GLBP gateway plays and what happens if the AVG fails. Priority also determines if a GLBP router functions as a backup virtual gateway and the order of ascendancy to becoming an AVG if the current AVG fails.
- glbp [n] load-balancing [method]: Specifies the method of load balancing used by the GLBP AVG.
Other useful commands can be: glbp [n] track ?, glbp [n] load-balancing ?, glbp [n] timers ?
Other useful commands can be: glbp [n] track ?, glbp [n] load-balancing ?, glbp [n] timers ?
How does it work?
After the GLBP group is established, the PC_Client 1 and PC_Client 2 send to the AVG router an ARP request.
The AVG, in this case Ciscozine_1 because it has the higher priority (150), responds to the ARP request with an ARP reply to the PC clients using the round-robin method:
- PC_Client 1 receives the ARP 0007.b400.0101
- PC_Client 1 receives the ARP 0007.b400.0102
PC_Client A and PC_Client B have each resolved a different MAC address for the default gateway, so they send their routed traffic to separate routers, although they both have the same default gateway address configured. Each GLBP router is an AVF for the virtual MAC address to which it has been assigned.
But what happen if the AVG goes down? The GLBP protocol informs the router, with the highest priority or the highest ip address, to replace the AVG that is down. The new AVG (in this case Ciscozine_2) will forward the packet sent to the 0007.b400.0101 virtual mac address, so the client sees no disruption of service nor does it need to resolve a new MAC address for the default gateway.
To view the current status of the GLBP group type the command “show glbp”.
I m doing my CCNP and I wd like to give this doc as ” FIVE STAR ” and its really cooool stuff on Cisco redundancy protocol.
My concern is this, think of layer 2:
Imagine you have 4 routers connected to a switch, every router to a different port on the switch, when the AVG responds to ARP requests with the virtual MAC of the AVF, the switch port that is connected to the AVG update its MAC table, and the switch thinks that this MAC address is associated with the port where the ARP response was received, in this case, the port where is connected the AVG, and not where it really is the AVF, it happens beacuse the switches associates the source MAC address of frames with the ports where they are received.
So, what am i missing? How does the AVG do for the switch to forward frames to ports which AVF are connected to?
The AVG manage the AVF MAC address. “The AVG answers all ARP requests for the virtual router address. Which MAC address it returns depends on which load-balancing algorithm it is configured to use.”
The AVF are routers that forward the IP packet.
Remeber that the AVG is also an AVF!
great article, tks you.
Can we use GLBP in a site to site VPN to agregare bandwidth. Site A has 2 internet connection & site B has 1 or 2 connection
How do you know in which traffic does the PC goes to? Can you monitor the traffic for each of the links? What happens when there’s a loop? How will you react?
my concern what is the use of Glbp is incoming traffis is high.
i have two router on both configured the glbp but at time only one is working because my incoming traffic is high.is any way to share the incoming traffic on two links?
@Prabhakant: check this link: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6600/product_data_sheet0900aecd803a546c.html
Still i am not getting your solution, i read you links but my doubt is i congifured load balancing but when i am taking report utilazation is showing very high for one router and approx null in second router.
router 1#ip address 172.16.1.2 255.255.255.0
router1#glbp 1 ip 172.16.1.1
router1(config-if)#glbp 1 preempt
router1(config-if)#glbp 1 priority 150
router 2#ip address 172.16.1.3 255.255.255.0
router2#glbp 1 ip 172.16.1.1
router2(config-if)#glbp 1 preempt
but still load balancing not happening.
i would like to know if i can use this protocol in a core switch 4506 and 4507??
Please I want to know how many numbers of router can I put in the same Group, for example if I have sex routers can I put them in the same group ?
Can u plz explain how can i use track option with round robin mode ??