Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1216
Views
0
Helpful
19
Replies

GLBP issues

richard.priest
Level 1
Level 1

‎02-09-2020 07:04 AM

Hi,

 

I have a setup where x3 routers are connected to a core of x2 stacked Huawei chassis switches.

 

For redundancy & to fully utilise all x3 routers I want to use GLBP, however it doesn't seem to be working correctly.

 

Setup is extremely simple, on each interface directly connected to the switches I've enabled GLBP with VIP address as the 1st IP in the subnet i.e:

 

R1

Interface Gi01/0

IP address 172.30.1.2 255.255.255.0

GLBP 1 IP 172.30.1.1

 

R2

Interface Gi01/0

IP address 172.30.1.3 255.255.255.0

GLBP 1 IP 172.30.1.1

 

R3

Interface Gi01/0

IP address 172.30.1.4 255.255.255.0

GLBP 1 IP 172.30.1.1

 

 

Huawei Switch

VLAN 10

ip address 172.30.1.5 255.255.255.0

 

Interface range Gi0/1 - 3

port link-type access
port default vlan 10

 

 

The GLBP group comes up perfectly, all the routers can ping each other without issue, and can ping the Huawei stack. As you'd expect the Huawei switch can ping each router without issue.

 

However when trying to ping the VIP, if the issued VIP by the AVG isn't the AVG i.e. it's just a forwarder in the listen state then there is no response. I end up deleting the GLBP group member, then clearing the ARP cache on the Huawei and hope the AVG issues a a response from the AVG

 

Any thoughts on what the issue might be? 

 

Cheers

Labels:
0 Helpful
19 Replies 19

richard.priest
Level 1
Level 1

‎02-09-2020 07:24 AM

I should add with the config setup as HSRP it works perfectly, I can bump the priority to any of the Routers and can ping the VIP without issue
0 Helpful

paul driver
VIP
VIP

‎02-09-2020 07:58 AM - edited ‎02-09-2020 08:19 AM

Hello
Preemption by default is disabled in glbp so if you disable the AVG then the other rtrs in the group(AVFs) without any preemption may not work as expected as the next suitable (higher priority) AVG shouldnt failover correctly, I would also suggest manually specify the AVG and enable preemption..


Example:
R1
interface x/x
ip address 172.30.1.2 255.255.255.0
glbp 1 ip 172.30.1.1
glbp 1 priority 120
glbp 1 preempt

R2
interface x/x
ip address 172.30.1.3 255.255.255.0
glbp 1 ip 172.30.1.1
glbp 1 priority 115
glbp 1 preempt

R3
interface x/x
ip address 172.30.1.4 255.255.255.0
glbp 1 ip 172.30.1.1
glbp 1 priority 100
glbp 1 preempt


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

richard.priest
Level 1
Level 1
In response to paul driver

‎02-09-2020 08:06 AM

Hi Paul,

 

Even with preemption configured on the interfaces, the same issue persisits.

 

Looking at the ARP table on the switch I can see it's issued a MAC for the next hop device, but L3 traffic is never returned from the AVF

0 Helpful

paul driver
VIP
VIP
In response to richard.priest

‎02-09-2020 08:22 AM - edited ‎02-09-2020 08:24 AM

Hello

@richard.priest wrote:

Hi Paul,

 

Even with preemption configured on the interfaces, the same issue persisits.

 

Looking at the ARP table on the switch I can see it's issued a MAC for the next hop device, but L3 traffic is never returned from the AVF

Try the following:
glbp 1 timers msec 50 msec 70

glbp 1 timers redirect 600 14400

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

richard.priest
Level 1
Level 1
In response to paul driver

‎02-09-2020 09:22 AM

Hi Paul,

 

I'll certainly try the timers, but I'm not sure how they'll help. AIUI they're for tuning the time it takes for a dropped router to be replaced by the AVG with all 3 routers active i get issued a vMAC by the AVG and it's pot luck whether it's of an AVF that will respond.

 

All the routers have a direct connection to the switch, and all the routers can ping the SVI on the switch and the switch can ping all the interface IPs at all times.

 

Cheers

0 Helpful

paul driver
VIP
VIP
In response to richard.priest

‎02-09-2020 10:21 AM

Hello

@richard.priest wrote:

Hi Paul,

 

I'll certainly try the timers, but I'm not sure how they'll help. AIUI they're for tuning the time it takes for a dropped router to be replaced by the AVG with all 3 routers active i get issued a vMAC by the AVG and it's pot luck whether it's of an AVF that will respond.

 

All the routers have a direct connection to the switch, and all the routers can ping the SVI on the switch and the switch can ping all the interface IPs at all times.

 

Cheers

Tbh - now i am not so sure i am understanding you issue here 

so you have reachability to all rtrs even after failover correct ?

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

richard.priest
Level 1
Level 1
In response to paul driver

‎02-09-2020 10:34 AM

Hi Paul,

 

I have reachability via the interface address, but not via the VIP which is on the same subnet....

0 Helpful

paul driver
VIP
VIP
In response to richard.priest

‎02-09-2020 10:37 AM - edited ‎02-09-2020 10:40 AM

Hello

okay and this is via a host attached to the switch  on the same subnet as the glbp vip and not the switch itself correct


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

richard.priest
Level 1
Level 1
In response to paul driver

‎02-09-2020 10:42 AM

This is either from a host on the same subnet or the switch.

0 Helpful

paul driver
VIP
VIP
In response to richard.priest

‎02-09-2020 10:49 AM - edited ‎02-09-2020 10:51 AM

Hello

Okay at this point on a cisco switch I would now recommend to disable ip routing and make the switch a host switch however i cannot comment on how this would be accomplished on the huawei device.

try 

no ip routing ?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

richard.priest
Level 1
Level 1
In response to paul driver

‎02-09-2020 01:23 PM

I can't really disable routing on the switch as it's future use will be as a core switch, it'll need to route traffic.

0 Helpful

Georg Pauwen
VIP
VIP
In response to richard.priest

‎02-10-2020 12:19 AM

Hello,

 

on a side note, as far as I recall, GLBP is Cisco proprietary, so I am not sure how and if it interacts with Huawei switches. Then again, HSRP is as well...

 

Does VRRP work ? That is standards based on supported on both...

0 Helpful

Georg Pauwen
VIP
VIP
In response to Georg Pauwen

‎02-10-2020 01:06 AM

To add to that, I looked around and found the document linked below, which seems to confirm that GLBP does not work with Huawei switches, and the recommendation is to use VRRP. Check section 2.1.

 

https://actfornet.com/ueditor/php/upload/file/20181224/1545595324796861.pdf

0 Helpful

paul driver
VIP
VIP
In response to Georg Pauwen

‎02-10-2020 02:27 AM

Hello

@Georg Pauwen That document just shows how Huawei switches using vrrp can interoperate with cisco glbp, GLBP as you stated is cisco proprietary and as the rtrs are cisco then glbp should work, but i do think at this time the issue the OP is experiencing points to the Huawei switch


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card