Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2283
Views
30
Helpful
11
Replies

GLBP with 2x MPLS?

Go to solution
louis_m
Level 1
Level 1

‎06-23-2021 11:18 AM

We have a site that has:

1x 1G link (via Telco A) to our ISP private MPLS circuit (via Router A)

1x 1G link (via Telco B) to our ISP private MPLS circuit (via Router B)

2nd circuit above (Telco B) has just gone in.
So I was thinking of using GLBP to provide redundancy/load balance. Now I can control the data going out but what about it coming back?

eg data could leave via router A but return via router B ie asymmetrical routing. Would this be an issue?

There is no natting involved here as it is a private MPLS network with no internet breakout.

Any pointers would be great.

Thank you.

Lou

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-23-2021 11:23 PM - edited ‎06-23-2021 11:24 PM

Hello @louis_m ,

>> There is no natting involved here as it is a private MPLS network with no internet breakout.

if there are no firewalls involved or the firewalls are downstream the CE routers RA and RB asymmetric routing is not an issue at all.

 

However, if want to perform some per prefix traffic engineering/control you can use the suggestions from @inderdeeps to choice for a given path ISP A or ISP B for outgoing and incoming direction.

I just would like to add that to be able to perform this you will need an iBGP session between RA and RB so that you can be sure that whatever edge CE router receives outgoing traffic the desired ISP ISPA or ISPB is used.

At this point for outgoing traffic to make ISP A more preferred for a prefix it is appropriate to increase local preference as an alternative way to use MED.

 

Final note on GLBP: it is effective only if RA and RB connect directly to user facing VLANs because GLBP load balancing is actually based on the AVG answering with different MAC addresses representing the forwarders for different ARP requests for the default gateway in each user facing VLAN.

So GLBP is not effective in load balancing if RA and RB are connecting to another L3 device firewall or multilayer switch as this device(s) will perform an ARP request and then send all traffic to the received MAC until the entry expires. ( this is platform dependent 4 hours on Cisco routers and cisco IOS/IOS XE swiches , 5 minutes on Nexus)

 

Hope to help

Giuseppe

 

View solution in original post

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to louis_m

‎06-24-2021 12:45 PM - edited ‎06-24-2021 12:46 PM

Hello @louis_m ,

when you add the iBGP session the two border routers RA and RB will exchange BGP routes and can choice the same best path for a prefix for an higher local preference or for a lower MED so what happens is that iBGP allows  to control what exit link is used based on destination address.

 

Again if ISP A has a full 1 Gbps and ISP B has 500 Mbps you can have more prefixes with exit point RA / ISPA then those with exit point ISPB/RB

 

Hope to help

Giuseppe

View solution in original post

11 Replies 11

Go to solution
inderdeeps
Level 4
Level 4

‎06-23-2021 11:59 AM

@louis_m : Are you using BGP with your service Provider, If yes i would say either to use to use MED or AS-PATH Prepend to get the traffic on the same circuit.

 

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)

Go to solution
louis_m
Level 1
Level 1
In response to inderdeeps

‎06-23-2021 01:36 PM - edited ‎06-23-2021 02:06 PM

Yes, it's BGP. Not 100% sure what you mean. Can you give an example?

Say for:

R1

router bgp 100
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 66666 
neighbor 1.1.1.1 next-hop-self
network 10.1.1.0 mask 255.255.255.0

 

R2

router bgp 200
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 66666 
neighbor 2.2.2.2 next-hop-self
network 10.1.1.0 mask 255.255.255.0

Go to solution
inderdeeps
Level 4
Level 4
In response to inderdeeps

‎06-23-2021 02:15 PM - edited ‎06-23-2021 02:18 PM

@louis_m: There is no issue with the return path is different but if  you want the same then you can do some tweeks. The incoming and outgoing traffic is based on the path selection creteria. For incoming there are two things you can do. Either tell service provide to change the value of MED or you can use AS-PATH prepend to add dummy AS-Path.

https://www.thenetworkdna.com/2021/05/bgp-bgp-deterministic-med-and-bgp.html

https://www.thenetworkdna.com/2020/07/bgp-attribute-as-path-manipulation-as.html 

 

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎06-23-2021 02:15 PM

Look at some examples of BGP LB, yes you can do asymmetric routing. ( make sure FW aware if you have any some FW do not like spoofing).

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-23-2021 11:23 PM - edited ‎06-23-2021 11:24 PM

Hello @louis_m ,

>> There is no natting involved here as it is a private MPLS network with no internet breakout.

if there are no firewalls involved or the firewalls are downstream the CE routers RA and RB asymmetric routing is not an issue at all.

 

However, if want to perform some per prefix traffic engineering/control you can use the suggestions from @inderdeeps to choice for a given path ISP A or ISP B for outgoing and incoming direction.

I just would like to add that to be able to perform this you will need an iBGP session between RA and RB so that you can be sure that whatever edge CE router receives outgoing traffic the desired ISP ISPA or ISPB is used.

At this point for outgoing traffic to make ISP A more preferred for a prefix it is appropriate to increase local preference as an alternative way to use MED.

 

Final note on GLBP: it is effective only if RA and RB connect directly to user facing VLANs because GLBP load balancing is actually based on the AVG answering with different MAC addresses representing the forwarders for different ARP requests for the default gateway in each user facing VLAN.

So GLBP is not effective in load balancing if RA and RB are connecting to another L3 device firewall or multilayer switch as this device(s) will perform an ARP request and then send all traffic to the received MAC until the entry expires. ( this is platform dependent 4 hours on Cisco routers and cisco IOS/IOS XE swiches , 5 minutes on Nexus)

 

Hope to help

Giuseppe

 

Go to solution
louis_m
Level 1
Level 1
In response to Giuseppe Larosa

‎06-24-2021 12:40 AM

Great answers from all.

Yes, the routers are CE routers. Both go back to a stacked switch. Although the links to the ISP are 1G, R2 has only 500mb whereas R1 has 1gb so I was thinking of using GLBP in 2:1 ratio but was unsure how the return traffic would fit with this.

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to louis_m

‎06-24-2021 06:12 AM

Hello @louis_m ,

you can tune GLBP so that two clients every three are served by one forwarder and the other by forwarder 2.

 

However, there is no capabiity to discriminate very big traffic flows in terms of traffic volume.

A synchronizaton between two databases can take several GB in a single flow that can count as hundreds of small flows.

 

Depending on your address plan you may have the capability to prefer one path when reaching a specific prefix at BGP level

 

Hope to help

Giuseppe

 

Go to solution
louis_m
Level 1
Level 1
In response to Giuseppe Larosa

‎06-24-2021 07:55 AM

iBGP was mentioned earlier. What would be the effect of using GLBP with iBGP? For instance, as above I am sending my lan traffic to R1 for two out of three clients (as above example)

If R1 was using iGBP with R2, could R1 prefer R2's route as opposed to it's own ie traffic going to R1 could then be routed to R2 instead of exiting via R1?

 

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to louis_m

‎06-24-2021 12:45 PM - edited ‎06-24-2021 12:46 PM

Hello @louis_m ,

when you add the iBGP session the two border routers RA and RB will exchange BGP routes and can choice the same best path for a prefix for an higher local preference or for a lower MED so what happens is that iBGP allows  to control what exit link is used based on destination address.

 

Again if ISP A has a full 1 Gbps and ISP B has 500 Mbps you can have more prefixes with exit point RA / ISPA then those with exit point ISPB/RB

 

Hope to help

Giuseppe

Go to solution
louis_m
Level 1
Level 1
In response to Giuseppe Larosa

‎06-24-2021 01:15 PM

Thank you very much for your very helpful replies.

Has given me plenty to think about and work on.

Really appreciated.

0 Helpful

Go to solution
inderdeeps
Level 4
Level 4

‎06-24-2021 01:22 PM

@louis_m : Happy to see you get your answer, Good Luck buddy !

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)

0 Helpful
Customers Also Viewed These Support Documents