LVS的三种模式:
NAT模式(LVS/NAT)
直接路由模式(LVS/DR)
ip隧道模式(LVS/TUN)
以及二度开发的第四种模式(FULL NAT)
一、NAT模式
实验环境:
一台Director:server1
版本:Red Hat Enterprise Linux Server release 6.5
双网卡:
eth0:172.25.60.1/24 (VIP:外网IP)
eth1:192.168.60.1/24(DIP:内网IP)
两台RealServer:
Server2:192.168.60.2/24(网关必须指向Director的DIP)
Server3:192.168.60.3/24(网关必须执行Director的DIP)
一台Client: 172.25.60.250
实验步骤:
1.虚拟服务器sever1:
<1>添加网卡
<2>网络设置
[root@server1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=staic
IPADDR=192.168.60.1
PEEFIX=24
<2>添加地址为172.25.60.1:80的虚拟服务,指定调度算法为轮转
[root@server1 ~]# ipvsadm -A -t 172.25.60.1:80 -s rr
<3>添加真实服务器,指定传输模式为NAT
[root@server1 ~]# ipvsadm -a -t 172.25.60.1:80 -r 192.168.9.2:80 -m
[root@server1 ~]# ipvsadm -a -t 172.25.60.1:80 -r 192.168.9.3:80 -m
<4>保存rule
[root@server1 ~]# /etc/init.d/ipvsadm save
<5>开启路由机制
永久开启:
[root@server1 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@server1 ~]# sysctl -p
或者
临时开启:
[root@server1 ~]# sysctl -w net.ipv4.ip_forward=1
[root@server1 ~]# sysctl -p
<6>加载NAT模块
[root@server1 ~]# modprobe iptable_nat
2.真实服务器server2:
<1>配置网络
[root@server2 ~]# ip addr add 192.168.60.2/24 dev eth0
[root@server2 ~]# route add default gw 192.168.60.1
IP:
网关:
<2>开启httpd服务
[root@server2 ~]# /etc/init.d/httpd start
3.真实服务器server3:
<1>配置网络
[root@server3 ~]# ip addr add 192.168.60.3/24 dev eth0
[root@server3 ~]# route add default gw 192.168.60.1
IP:
网关:
<2>开启httpd服务
[root@server2 ~]# /etc/init.d/httpd start
4.测试:
客户端测试:
[root@foundation60 ~]# curl 172.25.60.1
server 2
[root@foundation60 ~]# curl 172.25.60.1
server 3
[root@foundation60 ~]# curl 172.25.60.1
server 2
[root@foundation60 ~]# curl 172.25.60.1
server 3
2.TUN隧道
实验环境:
一台Director:server1
版本:Red Hat Enterprise Linux Server release 6.5
单网卡:
eth0:172.25.60.1/24
两台RealServer:
Server2:172.25.60.2/24
Server3:172.25.60.3/24
一台Client: 172.25.60.250
实验步骤:
1.虚拟服务器sever1:
<1>开启隧道服务
[root@server1 ~]# modprobe ipip
<2>添加ip并开启
[root@server1 ~]# ip addr add 172.25.9.100/24 dev tunl0
[root@server1 ~]# ip link set up dev tunl0
<3>添加路由到172.25.60.100
[root@server1 ~]# route add -host 172.25.0.100 dev tunl0
<4>开启路由机制
[root@server1 ~]# sysctl -w net.ipv4.ip_forward=1
[root@server1 ~]# sysctl -p
<5>添加地址为172.25.60.100:80的虚拟服务,指定调度算法为轮转
[root@server1 ~]# ipvsadm -A -t 172.25.0.100:80 -s rr
<6>添加真实服务器,指定传输模式为隧道模式
[root@server1 ~]# ipvsadm -a -t 172.25.60.100:80 -r 172.25.60.2:80 -i
[root@server1 ~]# ipvsadm -a -t 172.25.60.100:80 -r 172.25.60.3:80 -i
2.真实服务器server2:
<1>开启隧道服务
[root@server2 ~]# modprobe ipip
<2>添加ip并开启
[root@server2 ~]# ip addr add 172.25.60.100/24 dev tunl0
[root@server2 ~]# ip link set up dev tunl0
<3>添加路由到172.25.60.100
[root@server2 ~]# route add -host 172.25.60.100 dev tunl0
<4>禁止反向过滤机制
[root@server2 ~]# sysctl -a | grep rp_filter
[root@server2 ~]# sysctl -w net.ipv4.conf.tunl0.rp_filter=0
<4>开启路由机制
[root@server2 ~]# sysctl -w net.ipv4.ip_forward=1
[root@server2 ~]# sysctl -p
<6>开启arp策略
[root@server2 ~]# /etc/init.d/arptables_jf restart
<7>开启httpd服务
[root@server2 ~]# /etc/init.d/httpd start
3.真实服务器server3:
<1>开启隧道服务
[root@server2 ~]# modprobe ipip
<2>添加ip并开启
[root@server2 ~]# ip addr add 172.25.60.100/24 dev tunl0
[root@server2 ~]# ip link set up dev tunl0
<3>添加路由到172.25.60.100
[root@server2 ~]# route add -host 172.25.60.100 dev tunl0
<4>禁止反向过滤机制
[root@server2 ~]# sysctl -a | grep rp_filter
[root@server2 ~]# sysctl -w net.ipv4.conf.tunl0.rp_filter=0
<5>开启路由机制
[root@server2 ~]# sysctl -w net.ipv4.ip_forward=1
[root@server2 ~]# sysctl -p
<6>开启arp策略
[root@server2 ~]# /etc/init.d/arptables_jf restart
<7>开启httpd服务
[root@server2 ~]# /etc/init.d/httpd start
4.客户端测试:
[root@foundation60 ~]# curl 172.25.60.100
server 2
[root@foundation60 ~]# curl 172.25.60.100
server 3
[root@foundation60 ~]# curl 172.25.60.100
server 2
[root@foundation60 ~]# curl 172.25.60.100
server 3