Friday 21 December 2012

HA Routers.

I recently had to build a new POP. As part of the build I needed to configure two 10G WAN links in a HA configuration.

I have a pair of Nexus 7k's at one end (A) and a pair of Nexus 5k's at the other (B). The idea is to provide a low latency L3 connection for database replication as well as all the other trappings of Windows hosting... The databases will eventually be BIG hence the 10G links.

So I wanted HA across the two links, ideally  I would like to use both links at the same time and not active passive.

Fist off I wanted to use OTV, no that is not quite right, I really wanted to use OTV. I was excited about the possibilities of what we could do with VMWARE and the Nexus 1000v. VMotion a virtual machine to either DC and the 1000v would handle it.  YES PLEASE I said.

Then I found out you need to have Nexus 7000 at each end, so that idea was scrapped.

Etherchannel is out because while the fibre it trying to be Ethernet its not real Ethernet and I have been down that road before without success. That and the WAN link supplier said no.

So I was back to the old faithful, HSRP or VRRP, then by luck I came across GLBP.

"GLBP provides path redundancy for IP by sharing protocol and Media Access Control (MAC) addresses between redundant gateways. Additionally, GLBP allows a group of Layer 3 routers to share the load of the default gateway on a LAN. A GLBP router can automatically assume the forwarding function of another router in the group if the other router fails."

Sounds promising I thought, so I created a network using GNS3 to replicate what I described above, I also ran a single OSPF area to distribute the routes.

GLBP really works. Here is a snip on my config.

interface FastEthernet1/1
 ip address 10.2.2.2 255.255.255.0
 ip ospf network broadcast
 duplex full
 speed 100
 glbp 1 ip 10.2.2.1
 glbp 1 timers 5 18
 glbp 1 timers redirect 1800 28800
 glbp 1 priority 102
 glbp 1 preempt delay minimum 7
 glbp 1 authentication text Bend
! Preshared key not required but seemed like a good idea.
 glbp 1 weighting track 1 decrement 100
 glbp 1 forwarder preempt delay minimum 7
!
router ospf 101
 router-id 10.2.2.2
 log-adjacency-changes
 network 10.2.2.0 0.0.0.255 area 0
 network 10.3.3.0 0.0.0.255 area 0
!

So within my little GNS network all was working, HA was achieved and ping worked a treat. In GNS I has used Cisco 7206 routers, after all I was only confirming my config..

However in the real world. The Nexus 7000 comes with GLBP support out the box no extra licenses needed. Not the case with the Nexus 5000! Not even with a L3 daughter card and respective L3 license.


Back to HSRP and active passive until we have the money for the advanced license.
 
UPDATE 8/2/13. Despite all the Nexus 5000 and GLBP documentation on cisco.com its not a released feature yet. I have been told it will be available first half of 2013.