lvs-nat和dr模式
作者:互联网
配置 lvs-nat模式
| ip类型 | ip地址 |
| vip | 192.168.80.129 |
| dip | 192.168.59.131 |
| r1ip | 192.168.59.134 |
| r2ip | 192.168.59.133 |
调度器上添加仅主机模式的网卡配置VIP
关闭selinux
systemctl disable --now firewalld setenforce 0
在调度器上开启ip转发功能
[root@lb ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@lb ~]# sysctl -p net.ipv4.ip_forward = 1
在调度器上添加规则并保存
[root@lb ~]# ipvsadm -A -t 192.168.80.129:80 -s rr
[root@lb ~]# ipvsadm -a -t 192.168.80.129:80 -r 192.168.59.134:80 -m
[root@lb ~]# ipvsadm -a -t 192.168.80.129:80 -r 192.168.59.133:80 -m
[root@lb ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.80.129:80 rr
-> 192.168.59.133:80 Masq 1 0 0
-> 192.168.59.134:80 Masq 1 0 0
[root@lb ~]# ipvsadm -Sn > ipvsadm
[root@lb ~]# ls
anaconda-ks.cfg ipvsadm
[root@lb ~]# cat ipvsadm
-A -t 192.168.80.129:80 -s rr
-a -t 192.168.80.129:80 -r 192.168.59.133:80 -m -w 1
-a -t 192.168.80.129:80 -r 192.168.59.134:80 -m -w 1
设置开机自动读取规则
[root@lb ~]# ipvsadm -R < ipvsadm [root@lb ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.80.129:80 rr -> 192.168.59.133:80 Masq 1 0 0 -> 192.168.59.134:80 Masq 1 0 0
将rip网关指向dip
[root@r1 CA]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 TYPE=Ethernet BOOTPROTO=static NAME=ens160 DEVICE=ens160 ONBOOT=yes IPADDR=192.168.59.134 NETMASK=255.255.255.0 GATEWAY=192.168.59.131 [root@r2 html]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 TYPE=Ethernet BOOTPROTO=static NAME=ens192 DEVICE=ens192 ONBOOT=yes IPADDR=192.168.59.133 NETMASK=255.255.255.0 GATEWAY=192.168.59.131
lvs-DR模式
| ip类型 | ip地址 |
| vip | 192.168.80.129 |
| dip | 192.168.59.131 |
| r1ip | 192.168.59.134 |
| r2ip | 192.168.59.133 |
配置vip和dip
TYPE=Ethernet BOOTPROTO=static NAME=ens224 DEVICE=ens224 ONBOOT=yes IPADDR0=192.168.59.131 NETMASK0=255.255.255.0 IPADDR1=192.168.59.250 NETMASK1=255.255.255.0 GATEWAY=192.168.59.2 DNS1=114.114.114.114
在RS上先关闭arp包的通告和响应然后配置RIP和VIP
[root@r1 ~]# vim /etc/sysctl.conf
net,ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@r1 ~]# sysctl -p
[root@r2 ~]# vim /etc/sysctl.conf
net,ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@r2 ~]# sysctl -p
[root@r1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
BOOTPROTO=static
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.59.134
NETMASK=255.255.255.0
GATEWAY=192.168.59.2
DNS1=114.114.114.114
[root@r2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
BOOTPROTO=static
NAME=ens192
DEVICE=ens192
ONBOOT=yes
IPADDR=192.168.59.133
NETMASK=255.255.255.0
GATEWAY=192.168.59.2
DNS1=114.114.114.114
[root@r1 ~]# ifconfig lo:0 192.168.59.250/32 broadcast 192.168.59.250 up
[root@r1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.59.250/0 brd 192.168.59.250 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:ac:bd:24 brd ff:ff:ff:ff:ff:ff
inet 192.168.59.134/24 brd 192.168.59.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feac:bd24/64 scope link
valid_lft forever preferred_lft forever
[root@r1 ~]# route add -host 192.168.59.250 dev lo:0
[root@r1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.59.2 0.0.0.0 UG 100 0 0 ens160
192.168.59.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160
192.168.59.250 0.0.0.0 255.255.255.255 UH 0 0 0 lo
[root@r2 ~]# ifconfig lo:0 192.168.59.250/32 broadcast 192.168.59.250 up
[root@r2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.59.250/0 brd 192.168.59.250 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:80:fc:e9 brd ff:ff:ff:ff:ff:ff
inet 192.168.59.133/24 brd 192.168.59.255 scope global noprefixroute ens192
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe80:fce9/64 scope link
valid_lft forever preferred_lft forever
[root@r2 ~]# route add -host 192.168.59.250 dev lo:0
[root@r2 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.59.2 0.0.0.0 UG 100 0 0 ens192
192.168.59.0 0.0.0.0 255.255.255.0 U 100 0 0 ens192
192.168.59.250 0.0.0.0 255.255.255.255 UH 0 0 0 lo
添加规则
[root@localhost ~]# ipvsadm -A -t 192.168.59.250:80 -s wrr [root@localhost ~]# ipvsadm -a -t 192.168.59.250:80 -r 192.168.59.134:80 -g [root@localhost ~]# ipvsadm -a -t 192.168.59.250:80 -r 192.168.59.133:80 -g [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.59.250:80 wrr -> 192.168.59.133:80 Route 1 0 0 -> 192.168.59.134:80 Route 1 0 0
标签:00,lvs,dr,forever,192.168,lft,nat,80,root 来源: https://www.cnblogs.com/Mariko/p/14942074.html