Sunday, December 31, 2017

Cisco CCNP:300-115 - 3.0 Infrastructure Services: 3.1 Configure and verify first-hop redundancy protocols: 3.1.c GLBP

Recently I needed to renew my Cisco CCNPs, that is both CCNP Routing and Switching as well as CCNP Security. While working with Cisco products (well now they own SourceFire, so exclude these) is not within my daily duties, I still thought it was important for me to maintain these two credentials. As a result, I've put together my notes below focusing on the key points I used to study. I believe that someone else may find them useful.

    -    does load sharing over multiple router gateways
    -    Uses a single Virtual IP but multiple virtual MAC addresses
    -    The forwarding load is shared amongst all routers in the GLBP group
    -    All hosts are configured with the same virtual IP
    -    All host in the group forward packets
    -    Hello messages sent every 3 seconds
    -    Multicast address is 224.0.0.102:3222
    -    One group member is elected to be the Active Virtual Gateway (AVG)
    -    Other group members act as backup if the AVG fails
    -    The AVG assigns a virtual mac-address to each member of the group
    -    Each gateway assumes responsibility for traffic sent to its mac-address. These are known as active virtual forwarders
    -    AVG is responsible for answer ARP Request for the virtual IP
    -    Load sharing is achieved by the AVG responding with a different MAC address for the virutal IP
    -    If the AVG does not have an active Virtual Forwarder it responds with the MAC address of the first listening virtual forwarder. This causes traffic to route via another gateway until the Virtual Forwarder once again becomes the current AVG
    -    Important to note is that GLBP does load sharing
    -    GLBP allows up to 4 virtual MAC addresses per group
    -    The AVG is responsible for assigning the virtual mac addresses
    -    Group members request a virtual MAC address from the AVG via hello messages
    -    Gateways are assigned the next mac-address in the sequence
    -    A virtual forwarder that is assigned a virtual mac-address by the AVG is called a primary virtual forwarder
    -    Virtual forwarders that learns their virtual mac address via hello messages are known as a secondary virtual forwarder
    -    One device is elected AVG, another gateway is elected as standby other devices place in listening state
    -    after AVG fails, the standby takes overs  and a new standby is elected
    -    The "Redirect Time" is the time while hosts are being continued to be redirected to the old MAC address
    -    When the "Redirect Time" expires, the AVG stops using the old forwarder MAC address in ARP replies.
    -    "Secondary" hold time is the interval for which the virtual router is valid.
    -    When secondary holdtime expires, the virtual router is removed from all gateways in the group
    -    The expired virtual forwarder number becomes eligible for reassignment
    -    Router with higher priority is elected as AVG
    -    After Priority, Higher IP wins
    -    Backup gateway can only become the AVG if the current AVG fails, regardless of priorities
    -    Can use thresholding can be used to control forwarding
    -    Default delay is 30 seconds
    -    Uses a client cache which contains hosts that are using the GLBP group as the default gateway
    -    Entries are added based on ARP request or IPv6 neighbor discovery
    -    Information is host that sent the ARP and which forwarder was assigned to it. Also the protocol address and time elapsed since the host was updated
    - Client cache can store information for up to 2000 hosts for a GLBP group
    -    Expected normal configuration is 1000 hosts
    -    Cache is cleared based on least updated address
    -    For each host at least 20 bytes is required
    -    Supports in service software upgrades. Meaning that the devices can operate on two different software versions
    -    Each gateway in a group must be configured with the same group number
    -    At least one device must be configured with the virtual IP address
    -    All other required parameters can be learned
    -    Default Hello Time 3 seconds
    -    Default Hold Time 10     

References:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/12-4/fhp-12-4-book/fhp-glbp.html

2 comments:

  1. I have read it all for about three times and I still can not understand anything. I would be grateful, if someone, who knows, explained me.

    ReplyDelete
    Replies
    1. What is the challenge you are having?
      This was meant to be my notes.

      Delete