目录
lvs的nat模式
Ivs-nat:
- 本质是多目标IP的DNAT,通过将请求报文中的目标地址和目标端口修改为某挑出的RS的RIP和 PORT实现转发。
- RIP和DIP应在同一个IP网络,且应使用私网地址;RS的网关要指向DIP。
- 请求报文和响应报文都必须经由Director转发,Director易于成为系统瓶颈。
- 支持端口映射,可修改请求报文的目标PORT。
- VS必须是Linux系统,RS可以是任意OS系统。
实验准备:
1.四台虚拟机:一台client客户端,一台lvs调度器,两台server服务端;
其中,lvs要配置两个网卡,一个NAT,一个仅主机模式。
2.安装httpd服务,命令如下
yum install httpd -y
实验过程:
1.开启网络
nmcli networking # 查看网络状态
nmcli networking on # 如果是disabled状态就输入此命令开启
2.修改lvs和两台server的ip
2.在lvs调度器上更改网卡的配置
[root@lvs ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=172.25.254.100/24,172.25.254.2
method=manual
dns=114.114.114.114;
[root@lvs ~]# cat /etc/NetworkManager/system-connections/eth1.nmconnection
[connection]
id=eth1
type=ethernet
interface-name=eth1
[ipv4]
address1=192.168.0.100/24
method=manual3.在lvs中打开内核路由器
[root@lvs ~]# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 0
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 0
[root@lvs ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward=1
[root@lvs ~]# sysctl -p # 刷新配置
net.ipv4.ip_forward = 14.分别在server1和server2里更改网卡的配置,并查看网关
[root@server1 ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=192.168.0.10/24,192.168.0.100
method=manual
[root@webserver1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.100 0.0.0.0 UG 100 0 0 eth0
172.25.254.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@server2 ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=192.168.0.20/24,192.168.0.100
method=manual
[root@webserver2 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.100 0.0.0.0 UG 100 0 0 eth0
172.25.254.0 0.0.0.0 255.255.255.0 U 100 0 0 eth05.分别写入server1和server2,再开启httpd服务
[root@webserver1 ~]# echo webserver1 - 192.168.0.10 > /var/www/html/index.html
[root@webserver1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@webserver2 ~]# echo webserver2 - 192.168.0.20 > /var/www/html/index.html
[root@webserver2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.6.最终在lvs中检测
[root@lvs ~]# curl 192.168.0.10
webserver1 - 192.168.0.10
[root@lvs ~]# curl 192.168.0.20
webserver2 - 192.168.0.207.在lvs中安装lvs软件
dnf install ipvsadm -y8.查看策略文件
cat /etc/sysconfig/ipvsadm查看策略内容的命令
ipvsadm -Ln添加策略
ipvsadm -A -t 172.25.254.100:80 -s rr
ipvsadm -a -t 172.25.254.100:80 -r 192.168.0.10:80 -m
ipvsadm -a -t 172.25.254.100:80 -r 192.168.0.20:80 -m
添加完再次查看内容
[root@lvs ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.254.100:80 rr
-> 192.168.0.10:80 Masq 1 0 0
-> 192.168.0.20:80 Masq 1 0 0 9.测试:在另一台主机中查看结果
[root@server ~]# for i in {1..10}
> do
> curl 172.25.254.100
> done
webserver2 - 192.168.0.20
webserver1 - 192.168.0.10
webserver2 - 192.168.0.20
webserver1 - 192.168.0.10
webserver2 - 192.168.0.20
webserver1 - 192.168.0.10
webserver2 - 192.168.0.20
webserver1 - 192.168.0.10
webserver2 - 192.168.0.20
webserver1 - 192.168.0.10lvs的DR模式
lvs-DR:
- Direct Routing,直接路由,LVS默认模式,应用最广泛,通过为请求报文重新封装一个MAC首部进行转发,源MAC是DIP所在的接口的MAC,目标MAC是某挑选出的RS的RIP所在接口的MAC地址。
- 源IP/PORT,以及目标IP/PORT均保持不变。
实验准备:
1.准备好五台主机并配好对应的IP
实验过程:
1.在lvs主机中配置网卡,查看网关
[root@lvs ~]# cat /etc/NetworkManager/system-connections/eth1.nmconnection
[connection]
id=eth1
type=ethernet
interface-name=eth1
[ipv4]
address1=192.168.0.50/24,192.168.0.100
method=manual
[root@lvs ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.100 0.0.0.0 UG 100 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth1
2.在route路由器中配置网卡
[root@router ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=172.25.254.100/24,172.25.254.2
method=manual
dns=114.114.114.114;
[root@router ~]# cat /etc/NetworkManager/system-connections/eth1.nmconnection
[connection]
id=eth1
type=ethernet
interface-name=eth1
[ipv4]
address1=192.168.0.100/24
method=manual3.在route里面用vim编辑 =1,然后sysctl -p刷新
[root@router ~]# vim /etc/sysctl.conf
[root@router ~]# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 0
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 0
[root@router ~]# sysctl -p
net.ipv4.ip_forward=1
[root@router ~]# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 04.在客户端上配置
[root@client ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=172.25.254.200/24,172.25.254.100
method=manual
dns=114.114.114.114;
[root@lvs ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.254.100 0.0.0.0 UG 100 0 0 eth0
172.25.254.0 0.0.0.0 255.255.255.0 U 100 0 0 eth05.rs主机中使vip不对外相应
5.配置server1和server2
[root@server1 ~]# ip a a 192.168.0.200/32 dev lo
[root@server1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.0.200/32 scope global lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:8a:ae:0e brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.0.10/24 brd 192.168.0.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::efbe:acf4:b525:3659/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@server1 ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=192.168.0.10/24,192.168.0.100
method=manual
[root@server2 ~]# ip a a 192.168.0.200/32 dev lo
[root@server2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.0.200/32 scope global lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:8a:ae:0e brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.0.10/24 brd 192.168.0.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::efbe:acf4:b525:3659/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@server2 ~]# cat /etc/NetworkManager/system-connections/eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0
[ipv4]
address1=192.168.0.20/24,192.168.0.100
method=manual6.在lvs中写策略
7.测试
扫一扫
2029
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
