Saturday, August 27, 2011

GLBP with GNS3

It's time to start GLBP using the same topology that I uploaded in my previous posts.

Here is the lab topology diagram.

Download the completed GNS3 file from https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0B889ogd4ltI2ZjdkYTg4YjMtMDU1My00MjI1LWFiYmUtOTYyMWVmYzAxNmM3&hl=en





Let's see the how it works.

- R1 and R2 will be running GLBP in interface fa0/0
- R3 will be PC as usual with gateway to virtual IP of 192.168.1.10
- R4 is the destination PC enabled with loopback IP 4.4.4.4. 
- Goal is to reach the loopback 4.4.4.4 from Router3 (PC).
- Network is running EIGRP routing to reach to other networks, 192.168.1.0, 172.16.1.0 and 172.16.2.0.
- To test, I have created two loopback interfaces; lo0, lo1 in R1 to track two interfaces with different weighting values.
- Shutting down lo0 in R1 will not release AVF role because of upper and lower value "glbp 1 weighting 110 lower 95 upper 103"
- To have authentication, use MD5 with string name "test123"

Configure in R1 as follow;

 glbp 1 ip 192.168.1.10
 glbp 1 priority 200
 glbp 1 preempt
---------------
 glbp 1 weighting 110 lower 95 upper 103
 glbp 1 authentication md5 key-string test123
 glbp 1 weighting track 1 decrement 10
 glbp 1 weighting track 2 decrement 10
 glbp 1 forwarder preempt delay minimum 2

The first three lines configure the AVG status whether it will be AVG or not. It depends upon the priority. As like HSRP and VVRP, it will release AVG to other routers.

The second part of the lines are weighting and tracking interfaces for AVF status. Changes in these lines effect the status of AVF.

In R2, configure as follow;


 glbp 1 ip 192.168.1.10
 glbp 1 preempt
 glbp 1 authentication md5 key-string test123
---------------
 glbp 1 forwarder preempt delay minimum 2

As nothing mention about priority and weighting value, R2 will get the default value of priority 100 and weighting "lower 1, upper 100" automatically.
---------------------------------------------------
Let's check GLBP status in both routers.
In R1,

FastEthernet0/0 - Group 1
  State is Active
    8 state changes, last state change 00:04:10
  Virtual IP address is 192.168.1.10
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.192 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Authentication MD5, key-string "test123"
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is 192.168.1.2, priority 100 (expires in 8.448 sec)
  Priority 200 (configured)
  Weighting 110 (configured 110), thresholds: lower 95, upper 103
    Track object 1 state Up decrement 10
    Track object 2 state Up decrement 10
  Load balancing: round-robin
  Group members:
    c201.07e8.0000 (192.168.1.1) local
    c202.07e8.0000 (192.168.1.2) authenticated
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Active
      9 state changes, last state change 00:17:12
    MAC address is 0007.b400.0101 (default)
    Owner ID is c201.07e8.0000
    Redirection enabled
    Preemption enabled, min delay 2 sec
    Active is local, weighting 110
    Client selection count: 3
  Forwarder 2
    State is Listen
    MAC address is 0007.b400.0102 (learnt)
    Owner ID is c202.07e8.0000
    Redirection enabled, 597.368 sec remaining (maximum 600 sec)
    Time to live: 14397.364 sec (maximum 14400 sec)
    Preemption enabled, min delay 2 sec
    Active is 192.168.1.2 (primary), weighting 100 (expires in 7.360 sec)
    Client selection count: 2

As you seen, Local router is active for Group1 and it's also "Forwarder1" .
One thing to note is default forwarder min delay is 30 sec and I have change to 2 sec" using "glbp 1 forwarder preempt delay minimum 2" to change the forwarder status as soon as there is status change in forwarder states.

What are the two MAC addresses in Forwarder 1 and 2. Noticed that R1 is local, it's MAC address is marked as "(default)" and Forwarder 2 MAC address is noted as "(learnt)", because it's learnt from R2.

Let's check in R2

R2#sh glbp
FastEthernet0/0 - Group 1
  State is Standby
    7 state changes, last state change 00:11:48
  Virtual IP address is 192.168.1.10
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.164 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Authentication MD5, key-string "test123"
  Preemption enabled, min delay 0 sec
  Active is 192.168.1.1, priority 200 (expires in 8.840 sec)
  Standby is local
  Priority 100 (default)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    c201.07e8.0000 (192.168.1.1) authenticated
    c202.07e8.0000 (192.168.1.2) local
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Listen
      8 state changes, last state change 00:25:00
    MAC address is 0007.b400.0101 (learnt)
    Owner ID is c201.07e8.0000
    Time to live: 14398.160 sec (maximum 14400 sec)
    Preemption enabled, min delay 2 sec
    Active is 192.168.1.1 (primary), weighting 110 (expires in 8.152 sec)
  Forwarder 2
    State is Active
      1 state change, last state change 02:45:20
    MAC address is 0007.b400.0102 (default)
    Owner ID is c202.07e8.0000
    Preemption enabled, min delay 2 sec
    Active is local, weighting 100
    Client selection count: 1

Notice that it's in "Standby" and Forwarder 1 is in "listen" state but Forwarder2 of R2 is active and it's itself.
-------------------------------------------------------------------------------
Let's start change the loopback0 of the R1 down. Even though you shutdown loopback 0, nothing changed but interface track status console message appear as follow.
R1(config-if)#
*Mar  1 02:50:24.463: %TRACKING-5-STATE: 2 interface Lo0 line-protocol Up->Down

Check GLBP status in R1.

  Priority 200 (configured)
  Weighting 100 (configured 110), thresholds: lower 95, upper 103
    Track object 1 state Up decrement 10
    Track object 2 state Down decrement 10
----------
Noted that weighting change from 110 to 100 because of the decrements value of "Track object 1" is 10.
But, AVF status of the router won't be changed because of the lower value is "95".

Let's shutdown loopback 1 again. Look the console message.

R1(config-if)#
*Mar  1 02:56:31.787: %TRACKING-5-STATE: 1 interface Lo1 line-protocol Up->Down
R1(config-if)#
*Mar  1 02:56:33.787: %LINK-5-CHANGED: Interface Loopback1, changed state to administratively down
*Mar  1 02:56:34.787: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to down
R1(config-if)#
*Mar  1 02:56:37.543: %GLBP-6-FWDSTATECHANGE: FastEthernet0/0 Grp 1 Fwd 1 state Active -> Listen

AVF 1 will release it's active state to LISTEN because of the weighting value will now be 90. As the lower value is configured as "95", 90 is less than 95 and it' release AVF and R2 will be the active AVF. Check in both routers.
In R2's console, you will see as follow.
R2#
*Mar  1 02:56:25.455: %GLBP-6-FWDSTATECHANGE: FastEthernet0/0 Grp 1 Fwd 1 state Listen -> Active

Here is latest status of GLBP in R1,

FastEthernet0/0 - Group 1
  State is Active
    8 state changes, last state change 00:25:21
  Virtual IP address is 192.168.1.10
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.420 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Authentication MD5, key-string "test123"
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is 192.168.1.2, priority 100 (expires in 9.848 sec)
  Priority 200 (configured)
  Weighting 90, low (configured 110), thresholds: lower 95, upper 103
    Track object 1 state Down decrement 10
    Track object 2 state Down decrement 10
  Load balancing: round-robin
  Group members:
    c201.07e8.0000 (192.168.1.1) local
    c202.07e8.0000 (192.168.1.2) authenticated
  There are 2 forwarders (0 active)
  Forwarder 1
    State is Listen
      10 state changes, last state change 00:03:00
    MAC address is 0007.b400.0101 (default)
    Owner ID is c201.07e8.0000
    Redirection enabled
    Preemption enabled, min delay 2 sec
    Active is 192.168.1.2 (secondary), weighting 100 (expires in 8.912 sec)
    Client selection count: 3
  Forwarder 2
    State is Listen
    MAC address is 0007.b400.0102 (learnt)
    Owner ID is c202.07e8.0000
    Redirection enabled, 598.912 sec remaining (maximum 600 sec)
    Time to live: 14398.908 sec (maximum 14400 sec)
    Preemption enabled, min delay 2 sec
    Active is 192.168.1.2 (primary), weighting 100 (expires in 8.908 sec)
    Client selection count: 2
---------------
Here is R2's GLBP status.

R2#sh glbp
FastEthernet0/0 - Group 1
  State is Standby
    7 state changes, last state change 00:26:46
  Virtual IP address is 192.168.1.10
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.552 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Authentication MD5, key-string "test123"
  Preemption enabled, min delay 0 sec
  Active is 192.168.1.1, priority 200 (expires in 7.128 sec)
  Standby is local
  Priority 100 (default)
  Weighting 100 (default 100), thresholds: lower 1, upper 100
  Load balancing: round-robin
  Group members:
    c201.07e8.0000 (192.168.1.1) authenticated
    c202.07e8.0000 (192.168.1.2) local
  There are 2 forwarders (2 active)
  Forwarder 1
    State is Active
      9 state changes, last state change 00:04:35
    MAC address is 0007.b400.0101 (learnt)
    Owner ID is c201.07e8.0000
    Time to live: 14122.908 sec (maximum 14400 sec)
    Preemption enabled, min delay 2 sec
    Active is local, weighting 100
  Forwarder 2
    State is Active
      1 state change, last state change 03:00:19
    MAC address is 0007.b400.0102 (default)
    Owner ID is c202.07e8.0000
    Preemption enabled, min delay 2 sec
    Active is local, weighting 100
    Client selection count: 1

Group status is still "Active" but, when you tracerroute from PC1 to 4.4.4.4, it will select 192.168.1.2 path.
Check in PC as follow.

First, clear APR cache in PC 
PC#clear arp-cache
Ping to 4.4.4.4 to update the latest gateway
PC#ping 4.4.4.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/237/1092 ms
PC#
--------
Then, traceroute to 4.4.4.4 and check APR table.

PC#traceroute 4.4.4.4

Type escape sequence to abort.
Tracing the route to 4.4.4.4

  1 192.168.1.2 68 msec 28 msec 8 msec
  2 172.16.2.4 36 msec *  100 msec

PC is using 192.168.1.2 (R2) is next hop instead of going from 192.168.1.1. Confirm the APR table whether it's using AVF of R2's MAC address as follow.

PC#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.3             -   c203.07e8.0000  ARPA   FastEthernet0/0
Internet  192.168.1.10            1   0007.b400.0102  ARPA   FastEthernet0/0

As you seen, MAC address of 192.168.1.10 is changed from 0007.b400.0101 to 0007.b400.0102

Let's check the status of each router's GLBP status in brief.
You can see all router's glbp status, forwarding and MAC addresses as well.

R1#sh glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Fa0/0       1    -   200 Active   192.168.1.10    local           192.168.1.2
Fa0/0       1    1   -   Listen   0007.b400.0101  192.168.1.2     -
Fa0/0       1    2   -   Listen   0007.b400.0102  192.168.1.2     -

R2#sh glbp brief
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Fa0/0       1    -   100 Standby  192.168.1.10    192.168.1.1     local
Fa0/0       1    1   -   Active   0007.b400.0101  local           -
Fa0/0       1    2   -   Active   0007.b400.0102  local           -

In above test, noted that group's state "Active/Standby" will not be change as R1's priority is 200 higher than the R2's default priority 100.

You can test by changing the priority to 230 or R2 and see what happened.
----------------
Finally, change loopback0 and 1 from R1 up again. Monitor the console message in R1


R1(config)#int lo0
R1(config-if)#no shut
R1(config-if)#int lo1
*Mar  1 03:14:57.199: %TRACKING-5-STATE: 2 interface Lo0 line-protocol Down->Up
R1(config-if)#int lo1
R1(config-if)#no shut
R1(config-if)#
*Mar  1 03:14:59.199: %LINK-3-UPDOWN: Interface Loopback0, changed state to up
*Mar  1 03:15:00.199: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R1(config-if)#
*Mar  1 03:15:00.371: %TRACKING-5-STATE: 1 interface Lo1 line-protocol Down->Up
R1(config-if)#
*Mar  1 03:15:02.367: %LINK-3-UPDOWN: Interface Loopback1, changed state to up
*Mar  1 03:15:03.367: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R1(config-if)#
*Mar  1 03:15:05.167: %GLBP-6-FWDSTATECHANGE: FastEthernet0/0 Grp 1 Fwd 1 state Listen -> Active

Let's traceroute again from PC to 4.4.4.4. Make sure to clean apr-cache and ping 4.4.4.4 first.

PC#traceroute 4.4.4.4

Type escape sequence to abort.
Tracing the route to 4.4.4.4

  1 192.168.1.1 68 msec 20 msec 12 msec
  2 172.16.1.4 44 msec *  72 msec

PC will be use the original path using R1 as above to reach to 4.4.4.4.
Posted by Myo Gyi at 2:22 PM
Labels:

1 comment:

  1. UnknownJuly 8, 2014 at 2:56 PM

    What kind of personal computer configuration do I need to use GNS3 software ?
    I have read your full post and i think it is very effective for me as well as others. Great job buddy thanks for your post.
    telephony leased line

    ReplyDelete

Subscribe to: Post Comments (Atom)