""David C Prall"" wrote in message ... > GLBP would be used where you have two live WAN links, and wish to use both > of them. As with HSRP and VRRP you would have a standby interface configured > and use this as the default gateway. Based on an ARP request for the Default > Gateway, the two systems will hash the requesting MAC Address and one of > them will answer the ARP request. Thus half of the clients will use one > router and the other half will use the other. Based on load on each, who > answers will be dynamically updated. I don't believe GLBP is currently > available in a release posted to CCO. One of my customers was on the Early > Field Trials and it worked well.
It sounds most useful when you have core switches in an internet data center (e.g. Catalyst 6500/MSFC), especially when you have 4 cores (or 6/8/etc cores). Also might be useful when using CatOS/MSFC IOS hybrid with dual SUP's on just two core switches (because then you have 4 routers participating). Since SupIOS has pretty much taken over, I don't think you would see too many of these environments, unless they are implementing it because of the redundancy features (or CWDM features) of CatOS. Some of the key engineers inside Cisco specialized on the Catalyst 6500 platform have been recommending against CatOS for Layer-3 anything recently on some mailing-lists like cisco-nsp. I would also tend to concur with these statements. The WAN situation doesn't make any sense to me. That's what BGP-4 is for. I assume GLBP will probably have a track feature like HSRP for WAN related failover. I don't find that all too useful, but I guess it's nice for some people. You say that the two systems (routers?) hash the MAC address and then one answers? I thought that GLBP worked by having the main (primary) router respond with the other router's virtual MAC address (like HSRP but with 2 virtual MAC's instead of one). Which is true? I believe that the problem GLBP is trying to solve is ease of organizational ability plus redundancy/load-balancing in IDC environments. Instead of setting up VLAN's so that every other VLAN is STP/HSRP primary (staggered odd and evens, for example), you can use GLBP to balance client connections to their gateways. I'm sure it has plenty of other uses, as well. I also wonder if it suffers from the horrific security problems that HSRP has (and that VRRP has as well, but fortunately, RFC 2338 specifies "IP authentication with MD5 HMAC"). Luckily, there are two fixes to the HSRP problem: 1) Run IPSec from one control plane to another (e.g. between MSFC's), and 2) Set all HSRP participating router's priorities to 255 and allocate gateway addresses from the most significant bits of your prefixes (e.g. a /24's VIP would be 255, active HSRP - 254, standby - 253, etc). Yet another reason to standarize using your most significant bits as the infrastructure addresses instead of the customer/user addresses (the other one being the fact that most users instinctively choose the least significant bit and you end up with IP collisions). -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56106&t=56050 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]