LVS-DR模式单网段案例
DR模型中各主机上均需要配置VIP,解决地址冲突的方式有三种:
(1) 在前端网关做静态绑定
(2) 在各RS使用arptables
(3) 在各RS修改内核参数,来限制arp响应和通告的级别
限制响应级别:arp_ignore
-0:默认值,表示可使用本地任意接口上配置的任意地址进行响应
-1:仅在请求的目标IP配置在本地主机的接收到请求报文的接口上时,才给予响应
限制通告级别:arp_announce
-0:默认值,把本机所有接口的所有信息向每个接口的网络进行通告
-1:尽量避免将接口信息向非直接连接网络进行通告
-2:必须避免将接口信息向非本网络进行通告
配置要点
- Director 服务器采用双IP桥接网络,一个是VIP,一个DIP
- Web服务器采用和DIP相同的网段和Director连接
- 每个Web服务器配置VIP
- 每个web服务器可以出外网
范例:
环境:五台主机
一台:客户端 172.20.0.123/16 GW:172.20.200.200
一台:ROUTER
eth0 :NAT 192.168.0.200/24 VIP
eth1: 桥接 172.20.200.200/16
启用 IP_FORWARD
一台:LVS
eth0: 192.168.0.19/24 GW:192.168.0.200
两台RS:
RS1:192.168.0.7/24 GW:192.168.0.200
RS2:192.168.0.17/24 GW:192.168.0.200配置过程
#在LVS服务器上实现
[root@centos8 ~]#ifconfig lo:1 192.168.0.100/32
[root@centos8 ~]#ipvsadm -A -t 192.168.0.100:80 -s rr
[root@centos8 ~]#ipvsadm -a -t 192.168.0.100:80 -r 192.168.0.7
[root@centos8 ~]#ipvsadm -a -t 192.168.0.100:80 -r 192.168.0.17
[root@centos8 ~]#ipvsadm -Ln
#在后端RS服务器上实现
[root@RS1 ~]#ifconfig lo:1 192.168.0.100/32
[root@RS1 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@RS1 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@RS1 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@RS1 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
范例:
[root@client ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=172.20.200.6
PREFIX=16
GATEWAY=172.20.200.200
ONBOOT=yes
[root@Router ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=10.0.0.200
PREFIX=24
ONBOOT=yes
[root@Router ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
NAME=eth1
BOOTPROTO=static
IPADDR=172.20.200.200
PREFIX=16
ONBOOT=yes
[root@Router ~]#cat /etc/sysctl.conf
net.ipv4.ip_forward=1
[root@Router ~]#sysctl -p
[root@rs1 ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=10.0.0.7
PREFIX=24
GATEWAY=10.0.0.200
ONBOOT=yes
[root@rs1 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@rs1 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@rs1 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@rs1 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@rs1 ~]#ifconfig lo:1 10.0.0.100/32
[root@rs1 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 10.0.0.100/0 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:32:80:38 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.7/24 brd 10.0.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe32:8038/64 scope link
valid_lft forever preferred_lft forever
[root@rs2 ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=10.0.0.17
PREFIX=24
GATEWAY=10.0.0.200
ONBOOT=yes
[root@rs2 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@rs2 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@rs2 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@rs2 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@rs2 ~]#ifconfig lo:1 10.0.0.100/32
[root@LVS ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=static
IPADDR=10.0.0.8
PREFIX=24
GATEWAY=10.0.0.200
ONBOOT=yes
[root@LVS ~]#ifconfig lo:1 10.0.0.100/32
[root@LVS ~]#ipvsadm -A -t 10.0.0.100:80 -s wrr
[root@LVS ~]#ipvsadm -a -t 10.0.0.100:80 -r 10.0.0.7 -g -w 3
[root@LVS ~]#ipvsadm -a -t 10.0.0.100:80 -r 10.0.0.17 -g 本文链接:http://www.yunweipai.com/35611.html
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/52766.html