Download - Load Ba Lacing
-
7/27/2019 Load Ba Lacing
1/67
IMPLEMENTLOAD BALANCING ANDREDUNDANCY NETWORK
H C BIN
0985196884
1
MCSA,MCITP-EA,CCNP
CCIE Written,Security+,CEH
-
7/27/2019 Load Ba Lacing
2/67
Hi h Availabilit Network
EtherChannel Concepts
(HSRP)
Virtual Router RedundancyProtocol (VRRP)
Gateway Load Balancing Protocol
Operational Management And
2Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
3/67
High Availability Design,
Optimize the interaction ofRedundantSupervisor
SiSi SiSi SiSiSiSi SiSi SiSi
with the network protocolsProvide the necessary amount of
Layer 2 or
Layer 3
Pick the right protocol for therequirement
O timize the tunin of theLayer 3 Equal
RedundantLinks
SiSiSiSiprotocol
The network looks like thisso that we can map the
Switches
SiSiSiSi
SiSi SiSiSiSiSiSi
protocols onto the physicaltopology
We want to build networks
3Truong Tan Group Tranning Center Http://ttgtc.com
Data CenterWAN Internet
that look like this
-
7/27/2019 Load Ba Lacing
4/67
Hierarchical Network,
SiSi
SiSi
o s
SiSi SiSiSiSi
SiSi
SiSi SiSi
SiSi
Server Farm
SiSi SiSi SiSi
4Truong Tan Group Tranning Center Http://ttgtc.com
WAN Internet PSTN
-
7/27/2019 Load Ba Lacing
5/67
Hierarchical Network
Easier to add a module
Fewer links in the core
Easier bandwidth upgrade
Routing protocol peering reduced
Equal cost Layer 3 links for best
2nd
Building Block8 new links3rd Building Block
4 new linksconvergence 12 links total
3 IGP Neighbors
4th Building Block4 new links
3 IGP Neighbors
5Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
6/67
A Different Point of View
us ness on nuance
Workforce various threat or suboptimal conditions
Maintain critical communications within and
Resilience
e ween agenc es, an o cus omers an epublicResilience
during normal and stress conditions.Application
Resilience
6Truong Tan Group Tranning Center Http://ttgtc.com
.utility in all conditions.Network
Resilience
-
7/27/2019 Load Ba Lacing
7/67
Network Resilience
ScenarioScenario SolutionSolution TechnologiesTechnologies
Reliable, fault-toleranthardware
WAN redundancyLoss of Headquarters or
Cam us
High-AvailabilityNetworking
High-speed, integratedload balancing
Advanced inte ratedOptimized Network
security
Network operations;optimized design;
Loss of Data Center
Organization-Wide
au an anoma ydetection mitigation;training;best practices
Integrated Security
7Truong Tan Group Tranning Center Http://ttgtc.com
/Denial of Service [DoS])
-
7/27/2019 Load Ba Lacing
8/67
Application Resilience
ScenarioScenario SolutionSolution TechnologiesTechnologies
Continuous DataProtection/Continuous
Loss of Data CenterData Center
Small ComputerInterface over IP(iSCSI)/Fibre ChannelApplicationover
Application loadbalances
Loss of Application Server
a anc ng a over
-
Hardware & Design
8Truong Tan Group Tranning Center Http://ttgtc.com
Point Failure
-
7/27/2019 Load Ba Lacing
9/67
Communication Resilience
cenar ocenar o o u ono u on TechnologiesTechnologies
IP Communications(Call-ProcessingResilience)Loss of Central Office
Distributed CentralOffice-Based Voice
Gateways
Integrated MobileCommunications
IP Call Centers (Call-Distributed CallCentersCenter Redundancy)
Quality of Service (QoS)Loss of Call Center
Distributed CallProcessing Survivable
Remote Telephony
9Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
10/67
Workforce Resilience
ScenarioScenario SolutionSolution TechnologiesTechnologies
Flood/Fire/Terrorism Workforce relocationTo Another Facilit
IPSec VPN
IP Communications
Dispersed
Remote ManagementInclement Weather
Workforce Cannot Go to Office
or orce
Workforce
Telecommuting
10Truong Tan Group Tranning Center Http://ttgtc.com
Sick Child/Car Wont StartIndividual Cannot Go to Office
-
7/27/2019 Load Ba Lacing
11/67
11Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
12/67
An Etherchannel combines multiple physical links into a single logical link. Ideal for load
sharing or l ink redundancy can be used by both layer 2 and Layer 3 subsystems
Physical ViewMultiple ports aredefined as being
part of an
Etherchannel
group
Logical ViewSubsystems running
on the switch onlysee one logical link
12Truong Tan Group Tranning Center Http://ttgtc.com
An Etherchannel can be defined on Ethernet, Fast Ethernet, Gigabit Ethernet or 10 Gigabi t
Ethernet Ports
-
7/27/2019 Load Ba Lacing
13/67
EtherChannel
EtherChannel creates a logical link by bundling
SiSi
multiple physical links
PAgP Port Aggregation Protocol
LACP (802.3ad) Aggregation Protocol
Failure of a link in a bundle will affect the spanningtree link cost and may result in a topology change
SiSi
13Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
14/67
Logical aggregation ofsimilar links
Viewed as one logical port
-
Redundancy
14Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
15/67
EtherChannel Load Balancing
Network may not load balance
L3 Hash
hash How random are your SRC & DST SiSi SiSi
Recommendation to utilize L4
Hash
Link 1 load32%
L4 Hash In order to optimize the load
balancing of traffic over multiplelinks deploy in powers of two (two,
Link 0 load52%
,
Single fat link (10GE) simplifies allof this
Link 1 Load48%
SiSiSiSi
15Truong Tan Group Tranning Center Http://ttgtc.com
Switch(config)# port-channel load-balance src-dst-port
-
7/27/2019 Load Ba Lacing
16/67
Port Aggregation Protocol (PAgP)
Cisco-proprietary protocolExpedites the automatic creation of EtherChannels by
Link Aggregation Control Protocol (LACP)
.
Configures the maximum number of compatible ports in achannel, up to the maximum allowed by the hardware
16Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
17/67
Swi t ch( conf i g) #i nt er f ace por t - channel port-channel-number
Creates a port-channel interfaceSwi t ch( conf i g- i f ) #i p addr ess address mask
Assigns an IP address and subnet mask to the EtherChannel
- -
Specifies an interface to configure
desi r abl e | on}
Configures the interface in a port-channel and specifies the PAgP
17Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
18/67
Swi t ch#show r unni ng- conf i g i nt er f ace por t - channel num
Displays port-channel information
Swi t ch#show r unni ng- conf i g i nt er f ace interface x/y
Swi t ch show r un i nt er f ace or t - channel 1
Displays interface information
Swi t ch#show r un i nt er f ace gi g 0/ 9Bui l di ng conf i gur at i on. . .
Cur r ent conf i gur at i on:!
i nt er f ace Por t - channel 1no i p addr ess
Bui l di ng conf i gur at i on. . .
Cur r ent conf i gur at i on:!
i nt er f ace Gi gabi t Et her net 0/ 9
no i p di r ect ed- br oadcastend no i p addr esschannel - gr oup 1 mode desi r abl eend
18Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
19/67
Swi t ch#show et her channel num por t - channel
-
Swi t ch#show et herchannel 1 port - channelPor t - channel s i n t he gr oup:
- - - - - - - - - - - - - - - - - - - - - -
Por t - channel : Po1- - - - - - - - - - - -
Age of t he Por t - channel = 01d: 01h: 31m: 38sLo i cal s l ot or t = 1 0 Number of or t s = 2
GC = 0x00020001 Hot St andBy por t = nul lPor t st at e = Por t - channel Ag- I nuse
Por t s i n t he Por t - channel :
n ex oa or s a e- - - - - - +- - - - - - +- - - - - - +- - - - - - - - - - - -0 00 Gi 0/ 9 desi r abl e- sl0 00 Gi 0/ 10 desi r abl e- sl
Ti me si nce l ast or t bundl ed: 00d: 20h: 04m: 38s Gi 0 9
19Truong Tan Group Tranning Center Http://ttgtc.com
Ti me si nce l ast port Un- bundl ed: 00d: 21h: 17m: 20s Gi 0/ 10
-
7/27/2019 Load Ba Lacing
20/67
Swi t ch( conf i g- i f ) #channel - pr ot ocol {l acp | pagp}
Restricts the channel-group command to the specified EtherChannelprotocol for this port
Swi t ch( conf i g- i f ) #l acp por t - pr i or i t ypriority_value
- _
Configures the LACP system priority
20Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
21/67
Swi t ch#show i nt er f aces gi gabi t et her net 0/ 9 et her channelPor t st ate = Up Mst r I n- Bndl
Channel group = 1 Mode = Desi r abl e- Sl Gcchange = 0Por t - channel = Po2 GC = 0x00020001 Pseudo por t - channel = Po1
Por t i ndex = 0 Load = 0x00
- . - .A - Devi ce i s i n Aut o mode. P - Devi ce l ear ns on physi cal por t .
d - PAgP i s down.Ti mer s: H - Hel l o t i mer i s r unni ng. Q - Qui t t i mer i s r unni ng.
S - Swi t chi ng t i mer i s r unni ng. I - I nt er f ace t i mer i s r unni ng.
Local i nf or mat i on:Hel l o Par t ner PAgP Lear ni ng Gr oup
Por t Fl ags St at e Ti mer s I nt er val Count Pr i or i t y Met hod I f i ndexGi 0/ 9 SC U6/ S7 H 30s 1 128 Any 15
'
Par t ner Par t ner Par t ner Par t ner Gr oupPor t Name Devi ce I D Por t Age Fl ags Cap.Gi 0/ 9 DSW122 0005. 313e. 4780 Gi 0/ 9 18s SC 20001
21Truong Tan Group Tranning Center Http://ttgtc.com
Age of t he por t i n t he cur r ent st at e: 00d: 20h: 00m: 49s
-
7/27/2019 Load Ba Lacing
22/67
Configuring EtherChannel Load
Swi t ch( conf i g) #por t - channel l oad- bal ance type
Configures EtherChannel load balancing
Swi t ch#show et her channel l oad- bal anceSour ce XOR Dest i nat i on I P addr ess
22Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
23/67
Demo EtherChannel
23Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
24/67
Protocol (HSRP)
24Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
25/67
25Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
26/67
Problem: Using Proxy ARP
26Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
27/67
27Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
28/67
HSRP Group Members
HSRP standby groups consist of multiplerouters performing specific roles.
28Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
29/67
Designating an Active Router
The active router responds to ARP requests with the MAC
29Truong Tan Group Tranning Center Http://ttgtc.com
.
-
7/27/2019 Load Ba Lacing
30/67
30Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
31/67
Active and Secondar Router Interaction
The active router broadcasts periodic hello messages.
31Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
32/67
.
32Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
33/67
Multiple HSRP Groups
33Truong Tan Group Tranning Center Http://ttgtc.com
.
-
7/27/2019 Load Ba Lacing
34/67
Addressing HSRP Groups across Trunk Links
34Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
35/67
Multi le HSRP Grou s and Multi le VLANs
35Truong Tan Group Tranning Center Http://ttgtc.com
.
-
7/27/2019 Load Ba Lacing
36/67
HSRP Initial State
All routers begin in the initial state, when HSRP is
36Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
37/67
HSRP Learn State
Router has not received a hello message from an active router. Router does not know the virtual router IP address.
37Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
38/67
HSRP Listen State
Neither the active nor the standby router receives ahello message (if any). The router in the listen state knows the virtual router
38Truong Tan Group Tranning Center Http://ttgtc.com
.
-
7/27/2019 Load Ba Lacing
39/67
HSRP Speak State
Sends periodic Hello messages Participates in the election of the active and standby router
39Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
40/67
HSRP Standby State
Candidate for active router Sends hello message Knows the virtual router IP address
40Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
41/67
HSRP Active State
Assumes the active forwarding of packets for the virtual router Sends hello message
Knows the virtual router IP address
41Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
42/67
Configuring an HSRP Standby Interface
Enabling HSRP on a Cisco router interface automaticallydisables ICMP redirects.
42Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
43/67
The router in an HSRP group with the highest prioritybecomes the forwarding router.
Default riorit is 100.
43Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
44/67
Preempt enables a router to resume the forwarding router role.
44Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
45/67
45Truong Tan Group Tranning Center Http://ttgtc.com
value of the hellotime.
-
7/27/2019 Load Ba Lacing
46/67
HSRP Interface Tracking
46Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
47/67
HSRP Interface Tracking (Cont.)
47Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
48/67
- -track type number interface-priority
Configures HSRP tracking
48Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
49/67
Switch#show standby briefP indicates configured to preempt.|
Interface Grp Prio P State Active addr Standby addr Group addrVl11 11 110 Active local 172.16.11.114 172.16.11.115
49Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
50/67
Switch#debug standby
*Mar 1 00:22:30.443: SB11: Vl11 Hello out 172.16.11.111 Active pri 100 ip 172.16.11.115*Mar 1 00:22:32.019: SB11: Vl11 Hello in 172.16.11.112 Standby pri 50 ip 172.16.11.115*Mar 1 00:22:33.331: SB11: Vl11 Hello out 172.16.11.111 Active pri 100 ip 172.16.11.115*Mar 1 00:22:34.927: SB11: Vl11 Hello in 172.16.11.112 Standby pri 50 ip 172.16.11.115*Mar 1 00:22:36.231: SB11: Vl11 Hello out 172.16.11.111 Active pri 100 ip 172.16.11.115*Mar 1 00:22:37.823: SB11: Vl11 Hello in 172.16.11.112 Standby pri 50 ip 172.16.11.115*Mar 1 00:22:39.163: SB11: Vl11 Hello out 172.16.11.111 Active pri 100 ip 172.16.11.115
*Mar 1 00:22:40.735: SB11: Vl11 Hello in 172.16.11.112 Standby pri 50 ip 172.16.11.115*Mar 1 00:22:42.119: SB11: Vl11 Hello out 172.16.11.111 Active pri 100 ip 172.16.11.115*Mar 1 00:22:43.663: SB11: Vl11 Hello in 172.16.11.112 Standby pri 50 ip 172.16.11.115*Mar 1 00:22:45.067: SB11: Vl11 Hello out 172.16.11.111 Active pri 100 ip 172.16.11.115*Mar 1 00:22:46.567: SB11: Vl11 Hello in 172.16.11.112 Standby pri 50 ip 172.16.11.115
50Truong Tan Group Tranning Center Http://ttgtc.com
Demo HSRP
-
7/27/2019 Load Ba Lacing
51/67
Demo HSRP
51Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
52/67
Virtual RouterRedundancy Protocol(VRRP)
52Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
53/67
Virtual Router (VR)
abstract object which acts as a default router.
Virtual Router MasterVRRP Router with forwarding responsibility of a VR.
Virtual Router Backup
responsibility when VR Master fails.
53Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
54/67
54Truong Tan Group Tranning Center Http://ttgtc.com
Vi t l R t R d d P t l
-
7/27/2019 Load Ba Lacing
55/67
Virtual Router Redundancy Protocol
(Cont.)
55Truong Tan Group Tranning Center Http://ttgtc.com
Demo VRRP
-
7/27/2019 Load Ba Lacing
56/67
Demo VRRP
56Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
57/67
Gateway Loada anc ng rotoco
(GLBP)
57Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
58/67
Allows automatic selection and use of multiple, available
Provides automatic detection and re-routing in the event offailure to any gateway
Fully utilizes resources (available bandwidth) withoutadministrative burden
58Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
59/67
59Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
60/67
60Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
61/67
61Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
62/67
62Truong Tan Group Tranning Center Http://ttgtc.com
Demo GLBP
-
7/27/2019 Load Ba Lacing
63/67
63Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
64/67
O erationalManagement AndMonitor
64Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
65/67
-
7/27/2019 Load Ba Lacing
66/67
Q and A
Email : [email protected] : http://itvietnam.com/forum/
66Truong Tan Group Tranning Center Http://ttgtc.com
-
7/27/2019 Load Ba Lacing
67/67
Date : 8h, 22/11/2008oca on : a , u e r eu u uong
Vn Tun- -
67Truong Tan Group Tranning Center Http://ttgtc.com