本文介绍GLBP网关负载均衡协议,不仅提供冗余网关功能,还实现了负载均衡。通过实例展示如何配置Cisco路由器实现GLBP,验证其有效性及故障自动切换。
GLBP(Gateway Load Balance Protocol)网关负载均衡协议<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
GLBP(Gateway Load Balance Protocol)也是cisco的专有协议,不仅提供冗余网关功能,还在各网关之间提供负载均衡.
GLBP Functions
? GLBP active virtual gateway (AVG): Members of a GLBP group elect one gateway to be the AVG for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group.
GLBP组中选举一个AVG作为活动的网关,组内其他路由器作为主网关的backup,AVG路由器为没一个GLBP组内成员分配虚拟的MAC地址。
? GLBP active virtual forwarder (AVF): Each gateway assumes responsibility for forwarding packets that are sent to the virtual MAC address assigned to that gateway by the AVG. These gateways are known as AVFs for their virtual MAC address.
? GLBP communication: GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 224.0.0.102, User Datagram Protocol (UDP) port 3222.
GLBP组成员交互HEELO信息,时间间隔为3S,组播地址为224.0.0.102,使用UDP3222端口。
GLBP Features
? Load sharing负载均衡: You can configure GLBP in such a way that traffic from LAN clients can be shared by multiple routers, thereby sharing the traffic load more equitably among available routers.
? Multiple virtual routers多路由虚拟: GLBP supports up to 1024 virtual routers (GLBP groups) on each physical interface of a router and up to four virtual forwarders per group.
? Preemption抢占特性: The redundancy scheme of GLBP enables you to preempt an AVG with a higher priority backup virtual gateway that has become available. Forwarder preemption works in a similar way, except that forwarder preemption uses weighting instead of priority and is enabled by default.
? Efficient resource utilization有效的资源利用: GLBP makes it possible for any router in a group to serve as a backup, which eliminates the need for a dedicated backup router because all available routers can support network traffic.
GLBP provides upstream load sharing by utilizing the redundant uplinks simultaneously. It uses link capacity efficiently, thus providing peak-load traffic coverage. By making use of multiple available paths upstream from the routers or Layer 3 switches running GLBP, output queues may also be reduced.
Only a single path is used with HSRP or VRRP, while others are idle, unless multiple groups and gateways are configured. The single path may encounter higher output queue rates during peak times, which leads to lower performance from higher jitter rates. The impact of jitter is lessened and over performance is increased because more upstream bandwidth is available, and additional upstream paths are used.
配置详解:
Switch(config-if)#glbp group-number ip virtual-gateway-addr
设置group-number及其虚拟网关的IP地址
Switch(config-if)# glbp group-number priority priority_value
设定当前路由器的优先级
Switch(config-if)# glbp group-number timers hello-value holdtime-value
设定GLBP的时间
配置示例:
<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />
基本配置:全网的接口依照拓扑图配置IP地址,其中R5充当PC,默认网关指向虚拟网关地址192.168.2.254,此外,R1起环回口1.1.1.1,并且全网启用RIP保证全网的底层可达。
下面配置GLBP:
R2:interface Ethernet0/1
ip address 192.168.2.2 255.255.255.0
full-duplex
glbp 10 ip 192.168.2.254----------------设置GLBP组的虚拟网关地址为192.168.2.254
glbp 10 priority 105---------------------设置R2的优先级为105
glbp 10 preempt-------------------------开启R2的抢占功能
glbp 10 authentication md5 key-string ccie------开启md5验证,密文为ccie
R3:interface Ethernet0/1
ip address 192.168.2.3 255.255.255.0
full-duplex
glbp 10 ip 192.168.2.254
glbp 10 preempt
glbp 10 authentication md5 key-string ccie
R4:interface Ethernet0/1
ip address 192.168.2.4 255.255.255.0
full-duplex
glbp 10 ip 192.168.2.254
glbp 10 preempt
glbp 10 authentication md5 key-string ccie
验证:
R2#sh glbp
Ethernet0/1 - Group 10
State is Init (interface down)
3 state changes, last state change 00:16:42
Virtual IP address is 192.168.2.254
Hello time 3 sec, hold time 10 sec
Redirect time 600 sec, forwarder time-out 14400 sec
Authentication MD5, key-string "ccie"
Preemption enabled, min delay 0 sec
Active is unknown
Standby is unknown
Priority 105 (configured)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
cc00.1264.0001 (192.168.2.2) local
There are 3 forwarders (0 active)
Forwarder 1
State is Init
2 state changes, last state change 00:16:42
MAC address is 0007.b400.0a01 (default)
Owner ID is cc00.1264.0001
Preemption enabled, min delay 30 sec
Active is unknown
Arp replies sent: 5
Forwarder 2
State is Init
MAC address is 0007.b400.0a02 (learnt)
Owner ID is cc00.177c.0001
Time to live: 13393.776 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is unknown
Arp replies sent: 5
Forwarder 3
State is Init
MAC address is 0007.b400.0a03 (learnt)
Owner ID is cc00.143c.0001
Time to live: 13392.628 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is unknown
Arp replies sent: 5
此时在PC(R5)上PING 1.1.1.1,可见虚拟网关有效,PING包成功到达。1.1.1.1
R5#p 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/114/244 ms
这时查看R5的ARP表:
R5#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.2.5 - cc00.11e8.0001 ARPA Ethernet0/1
Internet 192.168.2.254 0 0007.b400.0a01 ARPA Ethernet0/1
可见,PC从AVG获得的虚拟网关的MAC地址为0a01,这代表第一台主网关对应的虚拟MAC地址。
执行clear arp-cache
然后再次PING1.1.1.1后,查看arp表:
R5#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.2.5 - cc00.11e8.0001 ARPA Ethernet0/1
Internet 192.168.2.254 0 0007.b400.0a02 ARPA Ethernet0/1
此举措模拟此网络中第二台计算机获得虚拟网关MAC地址的现象,可见虚拟网关之间获得了负载均衡的效果,即主备网关之间执行轮循的均衡原则,极大限度的利用了设备,为下一台PC分配0a03,为再下一台分配0a04…….以此类推,从而实现GLBP的负载均衡效果。
再验证主网关DOWN掉之后的现象:shutdown R2的E0/1端口后:
R5#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.2.5 - cc00.11e8.0001 ARPA Ethernet0/1
Internet 192.168.2.254 0 0007.b400.0a02 ARPA Ethernet0/1
发现依然自动切换到R3这个备份的网关上。
写在试验后面:
GLBP的作用有别于HSRP VRRP,是网关的负载均衡,既做到了网关的冗余备份,也完成了对传统冗余设备中备份设备的利用,利用轮询负载的特性使组内每一台网关都能得到充分的利用,并且在发生故障时能够得到更快的备份。
Vanyoung 02:14, 19th,Jan,2009,@Beijing
转载于:https://blog.51cto.com/reboot/127810
扫一扫
487
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
