配置 lvs-nat模式
ip类型 | ip地址 |
vip | 192.168.80.129 |
dip | 192.168.59.131 |
r1ip | 192.168.59.134 |
r2ip | 192.168.59.133 |
调度器上添加仅主机模式的网卡配置VIP
关闭selinux
systemctl disable --now firewalld setenforce 0
在调度器上开启ip转发功能
[root@lb ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@lb ~]# sysctl -p net.ipv4.ip_forward = 1
在调度器上添加规则并保存
[root@lb ~]# ipvsadm -A -t 192.168.80.129:80 -s rr [root@lb ~]# ipvsadm -a -t 192.168.80.129:80 -r 192.168.59.134:80 -m [root@lb ~]# ipvsadm -a -t 192.168.80.129:80 -r 192.168.59.133:80 -m [root@lb ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.80.129:80 rr -> 192.168.59.133:80 Masq 1 0 0 -> 192.168.59.134:80 Masq 1 0 0 [root@lb ~]# ipvsadm -Sn > ipvsadm [root@lb ~]# ls anaconda-ks.cfg ipvsadm [root@lb ~]# cat ipvsadm -A -t 192.168.80.129:80 -s rr -a -t 192.168.80.129:80 -r 192.168.59.133:80 -m -w 1 -a -t 192.168.80.129:80 -r 192.168.59.134:80 -m -w 1
设置开机自动读取规则
[root@lb ~]# ipvsadm -R < ipvsadm [root@lb ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.80.129:80 rr -> 192.168.59.133:80 Masq 1 0 0 -> 192.168.59.134:80 Masq 1 0 0
将rip网关指向dip
[root@r1 CA]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 TYPE=Ethernet BOOTPROTO=static NAME=ens160 DEVICE=ens160 ONBOOT=yes IPADDR=192.168.59.134 NETMASK=255.255.255.0 GATEWAY=192.168.59.131 [root@r2 html]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 TYPE=Ethernet BOOTPROTO=static NAME=ens192 DEVICE=ens192 ONBOOT=yes IPADDR=192.168.59.133 NETMASK=255.255.255.0 GATEWAY=192.168.59.131
lvs-DR模式
ip类型 | ip地址 |
vip | 192.168.80.129 |
dip | 192.168.59.131 |
r1ip | 192.168.59.134 |
r2ip | 192.168.59.133 |
配置vip和dip
TYPE=Ethernet BOOTPROTO=static NAME=ens224 DEVICE=ens224 ONBOOT=yes IPADDR0=192.168.59.131 NETMASK0=255.255.255.0 IPADDR1=192.168.59.250 NETMASK1=255.255.255.0 GATEWAY=192.168.59.2 DNS1=114.114.114.114
在RS上先关闭arp包的通告和响应然后配置RIP和VIP
[root@r1 ~]# vim /etc/sysctl.conf net,ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 [root@r1 ~]# sysctl -p [root@r2 ~]# vim /etc/sysctl.conf net,ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 [root@r2 ~]# sysctl -p [root@r1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 TYPE=Ethernet BOOTPROTO=static NAME=ens160 DEVICE=ens160 ONBOOT=yes IPADDR=192.168.59.134 NETMASK=255.255.255.0 GATEWAY=192.168.59.2 DNS1=114.114.114.114 [root@r2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 TYPE=Ethernet BOOTPROTO=static NAME=ens192 DEVICE=ens192 ONBOOT=yes IPADDR=192.168.59.133 NETMASK=255.255.255.0 GATEWAY=192.168.59.2 DNS1=114.114.114.114 [root@r1 ~]# ifconfig lo:0 192.168.59.250/32 broadcast 192.168.59.250 up [root@r1 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 192.168.59.250/0 brd 192.168.59.250 scope global lo:0 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:ac:bd:24 brd ff:ff:ff:ff:ff:ff inet 192.168.59.134/24 brd 192.168.59.255 scope global noprefixroute ens160 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:feac:bd24/64 scope link valid_lft forever preferred_lft forever [root@r1 ~]# route add -host 192.168.59.250 dev lo:0 [root@r1 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.59.2 0.0.0.0 UG 100 0 0 ens160 192.168.59.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160 192.168.59.250 0.0.0.0 255.255.255.255 UH 0 0 0 lo [root@r2 ~]# ifconfig lo:0 192.168.59.250/32 broadcast 192.168.59.250 up [root@r2 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 192.168.59.250/0 brd 192.168.59.250 scope global lo:0 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:80:fc:e9 brd ff:ff:ff:ff:ff:ff inet 192.168.59.133/24 brd 192.168.59.255 scope global noprefixroute ens192 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe80:fce9/64 scope link valid_lft forever preferred_lft forever [root@r2 ~]# route add -host 192.168.59.250 dev lo:0 [root@r2 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.59.2 0.0.0.0 UG 100 0 0 ens192 192.168.59.0 0.0.0.0 255.255.255.0 U 100 0 0 ens192 192.168.59.250 0.0.0.0 255.255.255.255 UH 0 0 0 lo
添加规则
[root@localhost ~]# ipvsadm -A -t 192.168.59.250:80 -s wrr [root@localhost ~]# ipvsadm -a -t 192.168.59.250:80 -r 192.168.59.134:80 -g [root@localhost ~]# ipvsadm -a -t 192.168.59.250:80 -r 192.168.59.133:80 -g [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.59.250:80 wrr -> 192.168.59.133:80 Route 1 0 0 -> 192.168.59.134:80 Route 1 0 0