1 实验环境:
- 一台:客户端 eth0:仅主机 192.168.10.8/24 GW:192.168.10.18
- 一台:ROUTER
eth0 :NAT 192.168.100.18/24
eth1: 仅主机 192.168.10.18/24
启用 IP_FORWARD - 一台:LVS
eth0:NAT:DIP:192.168.100.48/24 GW:192.168.100.18 - 两台RS:
RS1:eth0:NAT:192.168.100.28/24 GW:192.168.100.18
RS2:eth0:NAT:192.168.100.38/24 GW:192.168.100.18
2 环境配置
2.1 internet主机环境
[root@internet ~]
192.168.10.8
[root@internet ~]
PING 192.168.10.18 (192.168.10.18) 56(84) bytes of data.
64 bytes from 192.168.10.18: icmp_seq=1 ttl=64 time=0.364 ms
--- 192.168.10.18 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.364/0.364/0.364/0.000 ms
2.2 router主机环境
[root@router ~]
[root@router ~]
net.ipv4.ip_forward = 1
[root@router network-scripts]
/etc/sysconfig/network-scripts
[root@router network-scripts]
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=192.168.100.18
PREFIX=24
ONBOOT=yes
[root@router network-scripts]
DEVICE=eth1
NAME=eth1
BOOTPROTO=static
IPADDR=192.168.10.18
PREFIX=24
ONBOOT=yes
2.3 RS1主机环境
[root@rs1 ~]
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=192.168.100.28
PREFIX=24
GATEWAY=192.168.100.18
ONBOOT=yes
[root@rs1 ~]
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.18 0.0.0.0 UG 100 0 0 eth0
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
- DR模型中各主机上均需要配置VIP,解决地址冲突的方式有三种:
(1) 在前端网关做静态绑定
(2) 在各RS使用arptables
(3) 在各RS修改内核参数,来限制arp响应和通告的级别 - 限制响应级别:arp_ignore
0:默认值,表示可使用本地任意接口上配置的任意地址进行响应
1:仅在请求的目标IP配置在本地主机的接收到请求报文的接口上时,才给予响应 - 限制通告级别:arp_announce
0:默认值,把本机所有接口的所有信息向每个接口的网络进行通告
1:尽量避免将接口信息向非直接连接网络进行通告
2:必须避免将接口信息向非本网络进行通告 - 解决冲突:
[root@rs1 ~]
[root@rs1 ~]
[root@rs1 ~]
[root@rs1 ~]
[root@rs1 ~]
[root@rs1 ~]
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.100.88/0 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:50:56:31:25:f8 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.28/24 brd 192.168.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::426d:cb05:9dd9:4a7d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@rs1 ~]
[root@rs1 ~]
[root@rs1 ~]
2.3 RS1主机环境
[root@rs2 ~]
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=192.168.100.38
PREFIX=24
GATEWAY=192.168.100.18
ONBOOT=yes
[root@rs2 ~]
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.18 0.0.0.0 UG 100 0 0 eth0
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@rs2 ~]
[root@rs2 ~]
[root@rs2 ~]
[root@rs2 ~]
[root@rs2 ~]
[root@rs2 ~]
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.100.88/0 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:50:56:37:1d:82 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.38/24 brd 192.168.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::991:8f93:2834:ffdb/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@rs2 ~]
[root@rs2 ~]
[root@rs2 ~]
2.5 LVS主机的配置
[root@lvs ~]
[root@lvs ~]
[root@lvs ~]
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.100.88/0 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:50:56:28:0b:96 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.48/24 brd 192.168.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::e9a7:4bf4:23c5:2e73/64 scope link noprefixroute
valid_lft forever preferred_lft forever
root@lvs ~]
[root@lvs ~]
[root@lvs ~]
[root@lvs ~]
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.100.88:80 rr
-> 192.168.100.28:80 Route 1 0 0
-> 192.168.100.38:80 Route 1 0 0
3 测试访问
[root@internet ~]
192.168.100.28
[root@internet ~]
192.168.100.38
[root@internet ~]
192.168.100.28
[root@internet ~]
192.168.100.38
[root@internet ~]
192.168.100.28
[root@internet ~]
192.168.100.38
4 LVS-DR模式多网段案例实现
4.1 主机环境配置
[root@internet ~]
192.168.10.8
- router的网络配置在单网段基础上添加172.16.0.100/24的地址
[root@router ~]
[root@router ~]
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4f:0e:09 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.18/24 brd 192.168.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 172.16.0.8/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::e1d3:ec00:24bd:f6ed/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4f:0e:13 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.18/24 brd 192.168.10.255 scope global noprefixroute eth1
valid_lft forever preferred_lft forever
inet6 fe80::379e:9a2b:e54a:6119/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@router ~]
192.168.100.18 172.16.0.8 192.168.10.18
- LVS主机的配置在单网段基础上重启删除临时回环网卡vip192.168.100.88,同时也会初始化内核参数,运行脚本
lvs_dr_vs.sh
[root@lvs ~]
The VS Server is Ready!
[root@lvs ~]
vip='172.16.0.100'
iface='lo:1'
mask='255.255.255.255'
port='80'
rs1='192.168.100.28'
rs2='192.168.100.38'
scheduler='wrr'
type='-g'
rpm -q ipvsadm &> /dev/null || yum -y install ipvsadm &> /dev/null
case $1 in
start)
ifconfig $iface $vip netmask $mask
iptables -F
ipvsadm -A -t ${vip}:${port} -s $scheduler
ipvsadm -a -t ${vip}:${port} -r ${rs1} $type -w 1
ipvsadm -a -t ${vip}:${port} -r ${rs2} $type -w 1
echo "The VS Server is Ready!"
;;
stop)
ipvsadm -C
ifconfig $iface down
echo "The VS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
- RS主机的配置在单网段基础上 重启删除临时回环网卡vip192.168.100.88,在RS后端服务器运行的脚本
lvs_dr_rs.sh ,使用以下脚本代替命令的输入
[root@rs1 ~]
vip=172.16.0.100
mask='255.255.255.255'
dev=lo:1
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $dev $vip netmask $mask
echo "The RS Server is Ready!"
;;
stop)
ifconfig $dev down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "The RS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
[root@rs1 ~]
The RS Server is Ready!
[root@rs2 ~]
The RS Server is Ready!
4.2 测试访问
[root@internet ~]
rs2 192.168.100.38
[root@internet ~]
rs1 192.168.100.28
[root@internet ~]
rs2 192.168.100.38
[root@internet ~]
rs1 192.168.100.28
[root@internet ~]
rs2 192.168.100.38
[root@internet ~]
rs1 192.168.100.28
[root@internet ~]
rs2 192.168.100.38
![【教材】20022/11/28[指针] 指针数组](https://img-blog.csdnimg.cn/e206dfedc68e40b49c4ed6d1b7a2c036.png)
