本次实验基于rhel6.5版本虚拟机
调度器server1 IP:172.25.35.1
服务端1 server2 IP:172.25.35.2
服务端2 server3 IP:172.25.35.3
调度器配置:
ipvsadm -C #清空以前策略
ipvsadm -l #验证
modprobe ipip #添加模块tunl0
(modprobe -r ipip) #删除模块
ip addr del 172.25.35.100/24 dev eth0 #删除上个实验地址
ip addr add 172.25.35.100/24 dev tunl0 #添加隧道模式tun0 ip
ip link set up tunl0
#添加策略
[root@server1 rhel6.5]# ipvsadm -A -t 172.25.35.100:80 -s rr
[root@server1 rhel6.5]# ipvsadm -a -t 172.25.35.100:80 -r 172.25.35.2:80 -i
[root@server1 rhel6.5]# ipvsadm -a -t 172.25.35.100:80 -r 172.25.35.3:80 -i
#查看策略
[root@server1 rhel6.5]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.35.100:http rr
-> 172.25.35.2:http Tunnel 1 0 0
-> 172.25.35.3:http Tunnel 1 0 0
服务端1配置:
modprobe ipip #添加模块tunl0
[root@server2 ~]# ip addr del 172.25.35.100/32 dev eth0 #删除上个实验eth0ip
[root@server2 ~]# ip addr add 172.25.35.100/32 dev tunl0 #添加tunl0ip
[root@server2 ~]# ip link set up tunl0 #启动tunl0
[root@server2 ~]# ip addr show
3: tunl0: <NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN
link/ipip 0.0.0.0 brd 0.0.0.0
inet 172.25.35.100/32 scope global tunl0
查看过滤策略
sysctl -a | grep rp_filter
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.tunl0.rp_filter = 1
net.ipv4.conf.tunl0.arp_filter = 0
修改为0
[root@server2 ~]# sysctl -w net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.rp_filter = 0
[root@server2 ~]# sysctl -w net.ipv4.conf.lo.rp_filter=0
net.ipv4.conf.lo.rp_filter = 0
[root@server2 ~]# sysctl -w net.ipv4.conf.eth0.rp_filter=0
net.ipv4.conf.eth0.rp_filter = 0
[root@server2 ~]# net.ipv4.conf.tunl0.rp_filter^C
[root@server2 ~]# sysctl -w net.ipv4.conf.tunl0.rp_filter=0
net.ipv4.conf.tunl0.rp_filter = 0
sysctl -p #刷新策略,使其生效
但是有一个改不掉:
net.ipv4.conf.default.rp_filter = 1
在文件中修改:
vim /etc/sysctl.conf
刷新策略
sysctl -p
最后效果如下:
[root@server2 ~]# sysctl -a | grep rp_filter
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.tunl0.arp_filter = 0
服务端2同服务端1操作
客户端测试:
[root@foundation35 Packages]# arp -d 172.25.35.100
[root@foundation35 Packages]# curl 172.25.35.100
server3's Apache server
[root@foundation35 Packages]# curl 172.25.35.100
server2's Apache server
[root@foundation35 Packages]# curl 172.25.35.100
server3's Apache server
[root@foundation35 Packages]# curl 172.25.35.100
server2's Apache server
调度器看访问次数:
[root@server1 rhel6.5]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.35.100:80 rr
-> 172.25.35.2:80 Tunnel 1 0 2
-> 172.25.35.3:80 Tunnel 1 0 2