Article Directory
lvs dr mode (rip, dip not on the same network segment)
as the picture shows:
-
A total of three segments
- The client is a network segment: bridge card eth0
- 2 LAN router, bridge card eth1, NAT network card eth0
- vs rs and only a NAT network card eth0
-
principle:
Compared vip and dip in a network segment, the theoretical principle remains unchanged. Lvs only router to the routing has changed. In the words of a segment, route and lvs server group usually has a same gateway address, as shown in the 192.168.7.254, not in the words of a network, but it is achieved by adding a static route way, because they are connected to a switch (vmnet0) above.
note: Between two hosts can not communicate, the determining factor is the route, rather than whether a segment in.
Operating on the route
root@route:~# route add default gw 10.0.0.100 eth0
root@route:~# route add -host 10.0.0.100 eth0
root@route:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth1:
dhcp4: no
addresses: [172.16.2.2/20]
gateway4: 172.16.0.1
nameservers:
addresses: [223.6.6.6]
eth0:
dhcp4: no
addresses: [10.0.0.200/8]
gateway4: 0.0.0.0
nameservers:
addresses: [223.6.6.6]
Operations on vs
Gateway point to the router
root@director:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses: [192.168.1.103/21]
gateway4: 192.168.7.254
nameservers:
addresses: [223.6.6.6]
root@director:~# route add -host 10.0.0.200 eth0
root@director:~# route add default gw 10.0.0.200 eth0
lvs_dr_vs.sh
#!/bin/bash
vip='10.0.0.100'
iface='lo:1'
mask='255.255.255.255'
port='80'
rs1='192.168.1.104'
rs2='192.168.1.105'
scheduler='wrr'
type='-g'
dpkg-query -l ipvsadm &>/dev/null ||apt-get install ipvsadm &>/dev/null
case $1 in
start)
ifconfig $iface $vip netmask $mask #broadcast $vip up
iptables -F
ipvsadm -A -t ${vip}:${port} -s $scheduler
ipvsadm -a -t ${vip}:${port} -r ${rs1} $type -w 1
ipvsadm -a -t ${vip}:${port} -r ${rs2} $type -w 1
echo "The VS Server is Ready!"
;;
stop)
ipvsadm -C
ifconfig $iface down
echo "The VS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
~
~
root@director:~# bash lvs_dr_vs.sh start
On-rs
root@rs2:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses: [192.168.1.105/21]
gateway4: 10.0.0.200
nameservers:
addresses: [223.6.6.6]
root@rs2:~# route add -host 10.0.0.200 eth0
root@rs2:~# route add default gw 10.0.0.200 eth0
root@rs2:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.200 0.0.0.0 UG 0 0 0 eth0
10.0.0.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo
10.0.0.200 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.248.0 U 0 0 0 eth0
lvs_dr_rs.sh
#!/bin/sh
#Zhang Shijie:2017-08-18
LVS_VIP=10.0.0.100
case "$1" in
start)
/sbin/ifconfig lo:0 $LVS_VIP netmask 255.255.255.255 broadcast $LVS_VIP
/sbin/route add -host $LVS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
dpkg-query -l apache2 &> /dev/null|| apt-get -y install apache2 >/dev/null && echo "RealServer Start OK"
echo "<h1>`hostname`</h1>" > /var/www/html/index.html
;;
stop)
/sbin/ifconfig lo:0 down
/sbin/route del $LVS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
root@rs2:~# bash lvs_dr_rs.sh start
Experimental encountered pit
Binding of about vip
- Usually bound lo VIP card above, this is because lo card, not because of physical reasons such as loss of network cable network configuration results in loss of information; and if tied on a separate sheet eth0, on rs will affect the normal communication because there arp settings, but does not involve this point vs.
netmask on the vip on rs
Example: vip netmask on this case is set to 255.255.255.0 when rs, rs when you run the script, ping 10.0.0.22 or other address in the 10.0.0.0/24 segment can ping although not actually exist, the same effect as ping 127.0.0.1. If set to 255.255.255.255, this phenomenon does not exist. Ethereal found, did not receive the relevant data. (Of course, you can set up static routes after the catch).
Because in the past the network to learn bad, do not know what the reason is. If there is to know the old iron, please let me say something
Although the mask setting does not affect the final result, but the impact test. Because when if you can ping test rs with the route, the results are likely to get it is a fake.
