10.30.4.47
./intercept -i eth0 -F tcp and src port 25661 -d
10.30.4.48 nginx
server {
listen 21191;
proxy_pass rpc1;
}
upstream rpc1 {
server 10.4.196.113:14557;
server 10.4.196.114:34947;
}
server {
listen 21192;
proxy_pass rpc2;
}
upstream rpc2 {
server 10.145.238.53:17973;
server 10.145.238.49:10313;
}
线上引流机器
./tcpcopy -x 25661-10.30.4.48:21191 -s 10.30.4.47 -c 10.30.4.x -d -n 3 -f 1
Notepad:
1 . 要在nginx转发机器加上欺骗路由
root@10 etc $ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.30.4.1 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 10.30.4.1 255.0.0.0 UG 0 0 0 eth0
10.30.4.0 10.30.4.47 255.255.255.0 UG 0 0 0 eth0
10.30.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
172.16.0.0 10.30.4.1 255.255.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.0.0 10.30.4.1 255.255.0.0 UG 0 0 0 eth0
2. iptables转发关闭。