LVS实战案例：DR模式案例

DR模式案例环境准备：5台主机

1、一台客户端：ETH0：仅主机：192.168.10.6/24 GW:192.168.10.200
2、一台Route：ETH0:NAT 10.0.0.0/24 ETH1：仅主机 192.168.10.200/24 启用IP_FORWARD
3、一台LVS:ETH0：NAT：DIP:10.0.0.8/24 GW：10.0.0.200
4、两台RS：RS1:ETH0:NAT:10.0.0.7/24 GW:10.0.0.200 RS2:ETH0:NAT:10.0.0.17/24 GW:10.0.0.200

LVS网络配置：

所有主机禁用iptables和selinux

# 客户端：internet主机环境


[root@Internet-132 ~]# hostname
Internet-132

[root@Internet-132 ~]# hostname -I
192.168.10.6 

[root@Internet-132 ~]# ip r 
default via 192.168.10.200 dev eth1 
192.168.10.0/24 dev eth1 proto kernel scope link src 192.168.10.6 

[root@Internet-132 ~]# ping 10.0.0.7 -c1
PING 10.0.0.7 (10.0.0.7) 56(84) bytes of data.
64 bytes from 10.0.0.7: icmp_seq=1 ttl=63 time=0.650 ms

--- 10.0.0.7 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.650/0.650/0.650/0.000 ms

[root@Internet-132 ~]# ping 10.0.0.17 -c1
PING 10.0.0.17 (10.0.0.17) 56(84) bytes of data.
64 bytes from 10.0.0.17: icmp_seq=1 ttl=63 time=0.614 ms

--- 10.0.0.17 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.614/0.614/0.614/0.000 ms

# Route环境网络配置

[root@ops- network-scripts]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf 

[root@ops- network-scripts]# sysctl -p
net.ipv4.ip_forward = 1

[root@ops- network-scripts]# cat ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.0.0.200
NETMASK=255.255.255.0

[root@ops- network-scripts]# cat ifcfg-eth1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.10.200
NETMASK=255.255.255.0

RS1的网络配置

[root@NET-Rs1-134 network-scripts]# hostname
Rs1-134

[root@NET-Rs1-134 network-scripts]# hostname -I
10.0.0.7

[root@NET-Rs1-134 network-scripts]# hostname -I
10.0.0.7 172.16.2.134 

[root@NET-Rs1-134 network-scripts]# cat ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.0.0.7
NETMASK=255.255.255.0
GATEWAY=10.0.0.200

[root@NET-Rs1-134 network-scripts]# ip r
default via 10.0.0.200 dev eth0 
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.7 

[root@NET-Rs1-134 network-scripts]# yum -y install httpd;hostname -I > /var/www/html/index.html;systemctl enable --now httpd

[root@NET-Rs1-134 network-scripts]# ping 192.168.10.6 -c1
PING 192.168.10.6 (192.168.10.6) 56(84) bytes of data.
64 bytes from 192.168.10.6: icmp_seq=1 ttl=63 time=0.590 ms

--- 192.168.10.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.590/0.590/0.590/0.000 ms

[root@NET-Rs1-134 network-scripts]# curl 10.0.0.7
rs1 10.10.2.134 192.168.2.134 172.16.2.134

RS2的网络配置

[root@NET-Rs2-135 network-scripts]# cat ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.0.0.17
NETMASK=255.255.255.0
GATEWAY=10.0.0.200

[root@NET-Rs2-135 network-scripts]# ip r
default via 10.0.0.200 dev eth0 
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.17 

[root@NET-Rs1-134 network-scripts]# yum -y install httpd;hostname -I > /var/www/html/index.html;systemctl enable --now httpd

[root@NET-Rs2-135 ~]# ping 192.168.10.6 -c1
PING 192.168.10.6 (192.168.10.6) 56(84) bytes of data.
64 bytes from 192.168.10.6: icmp_seq=1 ttl=63 time=0.933 ms

--- 192.168.10.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.933/0.933/0.933/0.000 ms

[root@NET-Rs2-135 ~]# curl 10.0.0.17
rs2 10.10.2.135 192.168.2.135 172.16.2.135

LVS的网络配置

[root@NET-lvs-133 network-scripts]# hostname
NET-lvs-133

[root@NET-lvs-133 network-scripts]# hostname -I
10.0.0.8

[root@NET-lvs-133 network-scripts]# cat ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.0.0.8
NETMASK=255.255.255.0
GATEWAY=10.0.0.200

[root@NET-lvs-133 network-scripts]# ip r
default via 10.0.0.200 dev eth0 
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 

[root@NET-lvs-133 network-scripts]# ping 192.168.10.6 -c1
PING 192.168.10.6 (192.168.10.6) 56(84) bytes of data.
64 bytes from 192.168.10.6: icmp_seq=1 ttl=63 time=0.628 ms

--- 192.168.10.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.628/0.628/0.628/0.000 ms

[root@NET-lvs-133 network-scripts]# ifconfig lo:1 10.0.0.100/32

[root@NET-lvs-133 network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 10.0.0.100/24 scope global lo:1
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:07:26:8a brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.8/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe07:268a/64 scope link 
       valid_lft forever preferred_lft forever

[root@NET-lvs-133 network-scripts]# ipvsadm -A -t 10.0.0.100:80 -s wrr
[root@NET-lvs-133 network-scripts]# ipvsadm -a -t 10.0.0.100:80 -r 10.0.0.7:80 -g -w 2
[root@NET-lvs-133 network-scripts]# ipvsadm -a -t 10.0.0.100:80 -r 10.0.0.17:80 -g -w 4
[root@NET-lvs-133 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 wrr
  -> 10.0.0.7:80                  Route   2      0          4         
  -> 10.0.0.17:80                 Route   4      0          7

后端RS的IPVS配置：

RS1的ipvs配置

[root@NET-Rs1-134 network-scripts]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore 
[root@NET-Rs1-134 network-scripts]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore 
[root@NET-Rs1-134 network-scripts]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce 
[root@NET-Rs1-134 network-scripts]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce 
[root@NET-Rs1-134 network-scripts]# ifconfig lo:1 10.0.0.100/32
[root@NET-Rs1-134 network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 10.0.0.100/0 scope global lo:1
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:0e:92:09 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.7/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe0e:9209/64 scope link 
       valid_lft forever preferred_lft forever

RS2的ipvs配置

[root@NET-Rs2-135 network-scripts]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore 
[root@NET-Rs2-135 network-scripts]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore 
[root@NET-Rs2-135 network-scripts]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce 
[root@NET-Rs2-135 network-scripts]#  echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce 
[root@NET-Rs2-135 network-scripts]# ifconfig lo:1 10.0.0.100/32
[root@NET-Rs2-135 network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 10.0.0.100/0 scope global lo:1
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:92:5e:81 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.17/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe92:5e81/64 scope link 
       valid_lft forever preferred_lft forever

在客户端curl VIP测试

[root@Internet-132 ~]# while :;do curl 10.0.0.100;sleep 1 ;done
rs1 10.10.2.134 192.168.2.134 172.16.2.134 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs1 10.10.2.134 192.168.2.134 172.16.2.134 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs1 10.10.2.134 192.168.2.134 172.16.2.134 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs1 10.10.2.134 192.168.2.134 172.16.2.134 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs2 10.10.2.135 192.168.2.135 172.16.2.135 
rs1 10.10.2.134 192.168.2.134 172.16.2.134 
rs2 10.10.2.135 192.168.2.135 172.16.2.135

posted @ 2022-03-18 01:02 姚鑫磊阅读(52) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

姚鑫磊的博客园

翻过一座山，山后一片海。

姚鑫磊

大海无量！

LVS实战案例：DR模式案例

LVS实战案例：DR模式案例

DR模式案例环境准备：5台主机

LVS网络配置：

后端RS的IPVS配置：

公告