03-22-2010 01:16 AM - edited 03-04-2019 07:52 AM
Dear Friends,
we have planned to impliment GLBP between outside interface of firewall and beween two Routers. My query is when i was tested by configuring GLBP it was not shared load between these two Routers. Kindly help me on this
03-22-2010 01:50 AM
How did you determine that the load wasn't shared?
James
03-22-2010 02:03 AM
there is no traffic flowing through interface i.e i/p&o/p trafic value is equal to Zero
03-22-2010 02:08 AM
OK. To be clear are we talking about Cisco's GLBP? If so, are your
Firewalls(s) capable of running this protocol?
Please post your GLBP configs and the output from "sh glbp"
James
On Mon, Mar 22, 2010 at 5:03 AM, md.farook <
03-22-2010 02:19 AM
interface GigabitEthernet0/0
ip address 10.X.X.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
duplex full
speed 100
no mop enabled
glbp 1 ip 10.X.X.1
glbp 1 priority 110
glbp 1 weighting track 1 decrement 10
glbp 1 weighting track 2 decrement 10
end
interface GigabitEthernet0/0
ip address 10.X.X.3 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
media-type rj45
no mop enabled
glbp 1 ip
glbp 1 priority 150
glbp 1 preempt
glbp 1 weighting track 1 decrement 50
glbp 1 weighting track 2 decrement 50
end
03-22-2010 02:12 AM
Hi Farook,
Would you be able to share configuration/Diagram? Will be easy to under stand scenario with Diagram and config.
03-22-2010 02:25 AM
Hi Farook,
Below command would help you for load balancing.
glbp
group load-balancing [host-dependent |round-robin| weighted]Rate if you find it useful.
03-22-2010 02:28 AM
already Loadbalance is applied on them
3825#sh glbp
GigabitEthernet0/0 - Group 1
State is Active
1 state change, last state change 04:48:11
Virtual IP address is .1
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.492 secs
Redirect time 600 sec, forwarder timeout 14400 sec
Preemption enabled, min delay 0 sec
Active is local
Standby is .2, priority 110 (expires in 9.472 sec)
Priority 150 (configured)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Track object 1 state Up decrement 50
Track object 2 state Up decrement 50
Load balancing: round-robin
Group members:
0024.c4b0.7640 (.2)
0024.c4bc.7df0 (.3) local
There are 2 forwarders (1 active)
Forwarder 1
State is Active
1 state change, last state change 04:47:33
MAC address is 0007.b400.0101 (default)
Owner ID is 0024.c4bc.7df0
Redirection enabled
Preemption enabled, min delay 30 sec
Active is local, weighting 100
Client selection count: 1
Forwarder 2
State is Listen
MAC address is 0007.b400.0102 (learnt)
Owner ID is 0024.c4b0.7640
Redirection enabled, 597.976 sec remaining (maximum 600 sec)
Time to live: 14397.976 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is .2 (primary), weighting 100 (expires in 7.976 sec)
03-22-2010 03:31 AM
Hi,
do I understand correctly you have your FW WAN interface connected to an Ethernet segment together with two Cisco routers and expect the traffic sent from the FW to the routers to load balance between those two routers?
If yes, GLBP will not help you at all :-(
As it's based on two (or more) routers replying to the virtual IP address ARP requests.
In your case, the FW will send an ARP request for the vitrual IP address. One of the routers will reply.
So the FW will use that router to send ALL the traffic out.
When the virtual IP address ARP cache entry expires on the FW (after 4 hours on most devices by default), it will send another ARP request.
And again one (possibly the second) router replies.
Again, the FW will send ALL traffic to the router which replied.
So it has no sense using GLBP in this topology.
It's useful in case of a huge LAN with many PCs sharing two routers as default GW, e.g. But not in this case.
HTH,
Milan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: