GLBP questions

pipsadmin · ‎08-26-2008

Hi,

I have setup GLPB like this on 2 routers, 1 is a 3845 the other is a 3640:

3640:

interface FastEthernet0/0.2

description CAMPPRO230

encapsulation dot1Q 230

ip address 216.24.230.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

no cdp enable

glbp 230 ip 216.24.230.4

glbp 230 priority 50

glbp 230 weighting 50

glbp 230 load-balancing weighted

end

3845:

interface GigabitEthernet0/1

description Link to CAMPPRO VLAN230

ip address 216.24.230.3 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

duplex full

speed 100

media-type rj45

no cdp enable

glbp 230 ip 216.24.230.4

glbp 230 weighting 50

glbp 230 load-balancing weighted

end

My problem is that the traffic is not weighted 50/50 between the 2 routers, it seems to go from 1 router to the other about every 30 seconds... so it spikes, from one side to the other...

Why is this, and can it be weighted equaly between the 2?

Giuseppe Larosa · ‎08-26-2008

Nelson,

GLBP bases its work on ARP and high number of clients.

Actually what the AVG does is to answer to ARP request for the VIP address with the MAC address of the AVF (virtual forwarder) in a round robin fashion.

A single user device traffic is always sent to only one router.

How many clients are using the GLBP VIP as their default gateway ?

Said this, do you see in the log messages continuos GLBP activity with routers changing roles with the same frequency of 30 seconds?

Or is GLBP stable ?

May you check which router has the better route to the destination of traffic: I mean both routers have their own outgoing interface for sending traffic ?

GLBP reference

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_glbp.html

Hope to help

Giuseppe

pipsadmin · ‎08-26-2008

only 1 device is connected to the 2 internal router interfaces...and it's a firewall.

Basically,

10.10.10.1 router 1

10.10.10.2 router 2

10.10.10.3 GLBP address

10.10.10.4 Foriwall.

I dont see in the logs that GLBP is switching every 30 seconds, but when looking at my monitoring app, it looks like it does...

pipsadmin · ‎08-26-2008

so can I put 1 router as Primary and the other as a secondary?

Because we are seing spykes of traffic upwards of 60Mb, and one of the router is a 3640 which is limited to about 30Mb throughput. But the other is a 3845 which is alot better.

So How can I send more traffic out through the 3845 ?

tdrais · ‎08-26-2008

You could just remove the load-balancing and it will run like HSRP. All traffic will follow a single path until it fails.

Calling this "load balancing" is not the best name. Host balancing may be a little better.

All this does is control which mac address it responds to a users ARP with. The weight is just a number as related to other members of the group it does not actually look at traffic passing the router.

Now in you case I can't see how this will work. There is only a single host, your firewall, it would only do the ARP once and then should continue to use that mac for hours. Unless the ARP timeout is set very short on the firewall it should only send traffic to one or the other and only change maybe every coupld of hours

Giuseppe Larosa · ‎08-26-2008

Hello Nelson,

in this case I would consider to move back to HSRP so that it is a clear Active / Standby situation.

You have only one client the FW there's no sense in using GLBP here as explained by Tim.

In GLBP you may provide a weighted load balancing:

have a weight of 80 on 3845 and a weight of 20 on 3640.

In this way 4 of 5 flows should be serviced by the 3845 and only 1 of 5 by 3640.

But be aware that a single IP flow will go through only one router at a given time.

I think you shouldn't expect a per packet load-balancing. So the percentages are true on long time windows but in a few seconds it depends which router is serving the alive flows and if they are high volume.

Hope to help

Giuseppe