EasyManua.ls Logo

Cisco Nexus 7000 Series - GLBP Authentication

Cisco Nexus 7000 Series
536 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Send document comments to nexus7k-docfeedback@cisco.com.
18-4
Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 4.x
OL-20002-02
Chapter 18 Configuring GLBP
Information About GLBP
Figure 18-1 GLBP Topology
If router A becomes unavailable, client 1 does not lose access to the WAN because router B assumes
responsibility for forwarding packets sent to the virtual MAC address of router A and for responding to
packets sent to its own virtual MAC address. Router B also assumes the role of the AVG for the entire
GLBP group. Communication for the GLBP members continues despite the failure of a router in the
GLBP group.
GLBP Authentication
GLBP has three authentication types:
MD5 authentication
Plain text authentication
No authentication
MD5 authentication provides greater security than plain text authentication. MD5 authentication allows
each GLBP group member to use a secret key to generate a keyed MD5 hash that is part of the outgoing
packet. At the receiving end, a keyed hash of an incoming packet is generated. If the hash within the
incoming packet does not match the generated hash, the packet is ignored. The key for the MD5 hash
can either be given directly in the configuration using a key string or supplied indirectly through a key
chain.
You can also choose to use a simple password in plain text to authenticate GLBP packets, or choose no
authentication for GLBP.
GLBP rejects packets in any of the following cases:
The authentication schemes differ on the router and in the incoming packet.
MD5 digests differ on the router and in the incoming packet.
Text authentication strings differ on the router and in the incoming packet.
Router A
AVG 1
AVF 1.1
Router B
AVF 1.2
Virtual IP address 192.0.2.1
Virtual MAC 0007.b400.0101
Virtual MAC 0007.b400.0102
Default gateway:
Gateway MAC:
Client 1
Virtual IP address 192.0.2.1
Virtual MAC 0007.b400.0101
Client 2
Virtual IP address 192.0.2.1
Virtual MAC 0007.b400.0102
AVG = active virtual gateway
AVF = active virtual forwarder
185062
WAN Link1
WAN Link2

Table of Contents

Other manuals for Cisco Nexus 7000 Series

Preview: Quick Start Guide
Quick Start Guide10 pages
Preview: Command Reference
Command Reference1018 pages
Preview: Reference Guide
Reference Guide746 pages
Preview: Hardware Installation And Reference Guide
Hardware Installation And Reference Guide402 pages
Preview: Troubleshooting
Troubleshooting10 pages
Preview: Configuring
Configuring8 pages

Related product manuals