LVS模式二：TUN隧道模式

2024-02-27 13:41:15

1.清除之前的策略,添加新的策略，保存策略

[root@server1 ~]# ipvsadm -C
[root@server1 ~]# ipvsadm -l
[root@server1 ~]# ipvsadm -A -t 172.25.63.100:80 -s rr       ##添加vip，对后端服务器采用轮询算法
[root@server1 ~]# ipvsadm -a -t 172.25.63.100:80 -r 172.25.63.2:80 -i    ##添加后端真实服务器
[root@server1 ~]# ipvsadm -a -t 172.25.63.100:80 -r 172.25.63.3:80 -i    ##添加后端真实服务器

[root@server1 ~]# /etc/init.d/ipvsadm save       ##保存策略

2.添加模块

[root@server1 ~]# modprobe ipip

3.删除上一个实验的ip

[root@server1 ~]# ip addr del 172.25.63.100/24 dev eth0

4.添加隧道，给隧道添加ip并查看

[root@server1 ~]# ip addr add 172.25.63.100/24 dev tunl0
[root@server1 ~]# ip a

5.激活隧道并查看

[root@server1 ~]# ip link set up tunl0
[root@server1 ~]# ip a

6.删除上一个实验的ip，导入模块，添加隧道，给隧道添加ip并查看

[root@server2 ~]# ip addr del 172.25.63.100/32 dev eth0
[root@server2 ~]# modprobe ipip      ##导入模块
[root@server2 ~]# ip addr add 172.25.63.100/32 dev tunl0
[root@server2 ~]# ip a

7.激活隧道并查看

[root@server2 ~]# ip link set up tunl0
[root@server2 ~]# ip a

8.修改rp_filter参数，将参数为1的都改为0

[root@server2 ~]# sysctl -a | grep rp_filter
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.tunl0.rp_filter = 1
net.ipv4.conf.tunl0.arp_filter = 0
[root@server2 ~]# sysctl -w net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.rp_filter = 0
[root@server2 ~]# sysctl -w net.ipv4.conf.lo.rp_filter=0
net.ipv4.conf.lo.rp_filter = 0
[root@server2 ~]# sysctl -w net.ipv4.conf.eth0.rp_filter=0
net.ipv4.conf.eth0.rp_filter = 0
[root@server2 ~]# sysctl -w net.ipv4.conf.tunl0.rp_filter=0
net.ipv4.conf.tunl0.rp_filter = 0

9.刷新后，查看rp_filter参数，发现有一个参数始终不为0

[root@server2 ]# sysctl -p
[root@server2 ]# sysctl -a | grep rp_filter

10.进入配置文件，修改参数为0

[root@server2 ]# vim  /etc/sysctl.conf

11.刷新后，查看rp_filter参数修改成功

[root@server2 ]# sysctl -p
[root@server2 ]# sysctl -a | grep rp_filter

12.删除上一个实验的ip，导入模块，添加隧道，给隧道添加ip并查看

[root@server3 ]# ip addr del 172.25.23.100/32 dev eth0
[root@server3 ]# modprobe ipip
[root@server3 ]# ip addr add 172.25.23.100/32 dev tunl0
[root@server3 ]# ip a

13.激活隧道并查看

[root@server3 ]# ip link set up tunl0
[root@server3 ]# ip a

14.修改rp_filter参数，将参数为1的都改为0

[root@server3 ]# sysctl -a | grep rp_filter
[root@server3 ]# sysctl -w net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.rp_filter = 0
[root@server3 ]# sysctl -w net.ipv4.conf.lo.rp_filter=0
net.ipv4.conf.lo.rp_filter = 0
[root@server3 ]# sysctl -w net.ipv4.conf.eth0.rp_filter=0
net.ipv4.conf.eth0.rp_filter = 0
[root@server3 ]# sysctl -w net.ipv4.conf.tunl0.rp_filter=0
net.ipv4.conf.tunl0.rp_filter = 0

15.刷新后，查看rp_filter参数，发现有一个参数始终不为0

[root@server3 ]# sysctl -p
[root@server3 ]# sysctl -a | grep rp_filter

16.进入配置文件，修改参数为0

[root@server3 ]# vim  /etc/sysctl.conf

17.刷新后，查看rp_filter参数修改成功

[root@server3 ]# sysctl -p
[root@server3 ]# sysctl -a | grep rp_filter

18.测试：

[root@foundation63 ~]# arp -d 172.25.63.100
[root@foundation63 ~]# curl 172.25.63.100
<h1>server3 - www.westos.org</h1>

[root@foundation63 ~]# curl 172.25.63.100
<h1>server2.example.com</h1>

[root@foundation63 ~]# curl 172.25.63.100
<h1>server3 - www.westos.org</h1>

[root@foundation63 ~]# curl 172.25.63.100
<h1>server2.example.com</h1>

码农公寓

相关文章