LVS集群之IP TUN模式
今天來看一下LVS的第三種模式IP TUN。
TUN方式,是通過給數據包加上新的IP頭部來實現,這個可以跨整個廣域網。
環境:
| 主機名 | IP | 系統 | 角色 |
| tiandong63 |
RIP:192.168.199.11、DG:192.168.199.1 VIP:192.168.199.63 |
rhel6.5 | real server1 |
| tiandong64 |
RIP:192.168.199.12、DG:192.168.199.1 VIP:192.168.199.63 |
rhel6.5 | real server2 |
| OpenStack |
DIP:192.168.199.7、DG:192.168.199.1 VIP:192.168.199.63 |
rhel7.4 | 分發器 |
| localhost | 192.168.199.8 | rhel7.4 | 測試機 |
分發器:
1、配置網絡:
ens33 192.168.199.7 DIP
ens33:1 192.168.199.63 VIP
[root@openstack ~]#ifconfig ens33:1 192.168.199.63 netmask 255.255.255.0 up
[root@openstack ~]# echo 1 > /proc/sys/net/ipv4/ip_forward 開啟路由轉發功能
2、配置IP TUN模式
root@openstack ~]#yum install ipvsadm -y
[root@openstack ~]#ipvsadm -A -t 192.168.199.63:80 -s rr
[root@openstack ~]#ipvsadm -a -t 192.168.199.63:80 -r 192.168.199.11:80 -i #-i隧道模式
[root@openstack ~]#ipvsadm -a -t 192.168.199.63:80 -r 192.168.199.12:80 -i
[root@openstack ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.199.63:80 rr
-> 192.168.199.11:80 Tunnel 1 0 0
-> 192.168.199.12:80 Tunnel 1 0 0
Realserver1:tiandong63
1、配置網絡:
eth0 RIP:192.168.199.11
[root@tiandong63 ~]# modprobe ipip #在加載好ipip模塊後就會有默認的tunl0隧道。
[root@tiandong63 ~]# lsmod |grep ipip
ipip 8371 0
tunnel4 2943 1 ipip
[root@tiandong63 ~]#ifconfig tunl0 192.168.199.63 netmask 255.255.255.255 up
[root@tiandong63 ~]# service network restart
[root@tiandong63 ~]# ifconfig -a 此時就可以看到tunl0的網卡了。
eth0 Link encap:Ethernet HWaddr 00:0C:29:38:0B:14
inet addr:192.168.199.11 Bcast:192.168.199.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe38:b14/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:113954 errors:0 dropped:0 overruns:0 frame:0
TX packets:40448 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:164480499 (156.8 MiB) TX bytes:2794350 (2.6 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tunl0 Link encap:IPIP Tunnel HWaddr
inet addr:192.168.199.63 Mask:255.255.255.255
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1664 (1.6 KiB) TX bytes:0 (0.0 b)
2、關閉ARP轉發:
[root@tiandong63 ~]# vim /etc/sysctl.conf 在最後加上:
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[root@tiandong63 ~]# sysctl -p 是配置生效
3、配置web服務器
[root@tiandong63 ~]#yum install httpd -y
[root@tiandong63 ~]# echo ‘this is 192.168.199.11‘ > /var/www/html/index.html 寫一個測試頁面
[root@tiandong63 ~]# /etc/init.d/httpd start
Realserver2:tiandong64
1、配置網絡
eth0 RIP:192.168.199.12
[root@tiandong64 ~]# modprobe ipip
[root@tiandong64 ~]# lsmod |grep ipip
ipip 8371 0
tunnel4 2943 1 ipip
[root@tiandong64 ~]#ifconfig tunl0 192.168.199.63 netmask 255.255.255.255 up
[root@tiandong64 ~]# service network restart
[root@tiandong64 ~]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:0C:29:C7:20:71
inet addr:192.168.199.12 Bcast:192.168.199.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:2071/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:41108 errors:0 dropped:0 overruns:0 frame:0
TX packets:13848 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:57855802 (55.1 MiB) TX bytes:884097 (863.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tunl0 Link encap:IPIP Tunnel HWaddr
inet addr:192.168.199.63 Mask:255.255.255.255
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2080 (2.0 KiB) TX bytes:0 (0.0 b)
2、關閉ARP轉發:
[root@tiandong64 ~]# vim /etc/sysctl.conf 在最後加上:
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[root@tiandong64 ~]# sysctl -p 是配置生效
3、配置web服務器
[root@tiandong64 ~]#yum install httpd -y
[root@tiandong64 ~]# echo ‘this is 192.168.199.12‘ > /var/www/html/index.html 寫一個測試頁面
[root@tiandong64 ~]# /etc/init.d/httpd start
然後進行測試:
[root@localhost ~]#yum install elinks -y
[root@localhost ~]# elinks 192.168.199.63 --dump
this is 192.168.199.11
[root@localhost ~]# elinks 192.168.199.63 --dump
this is 192.168.199.12
[root@localhost ~]# elinks 192.168.199.63 --dump
this is 192.168.199.11
[root@localhost ~]# elinks 192.168.199.63 --dump
this is 192.168.199.12
在分發器上查看: 是平均分配的。
[root@openstack ~]# ipvsadm -ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 192.168.199.63:80 4 20 0 1664 0
-> 192.168.199.11:80 2 10 0 832 0
-> 192.168.199.12:80 2 10 0 832 0
LVS集群之IP TUN模式