from:http://www.ha97.com/5646.html
LVS cluster
LVS: Use Linux kernel cluster to implement a high-performance, high-availability load balancing server, which has good scalability (Scalability), reliability (Reliability) and manageability (Manageability).
The advantages of LVS are:
1. It has strong anti-load capability. It works on the 4th layer of the network for distribution purposes only, and does not generate traffic . This feature also determines that it has the strongest performance in load balancing software. And cpu resource consumption is relatively low.
2. The configuration is relatively low, which is a disadvantage and an advantage. Because there is not much configuration, it does not require much contact, which greatly reduces the probability of human error.
3. The work is stable, because it has a strong anti-load capability and has a complete dual-system hot backup solution, such as LVS+Keepalived, but we use LVS/DR+Keepalived the most in project implementation.
4. No traffic, LVS only distributes requests, and traffic does not go out from itself, which ensures that the performance of the balancer IO will not be affected by large traffic.
5. It has a wide range of applications. Because LVS works at Layer 4, it can load balance almost all applications, including http, databases, online chat rooms, and so on.
Network flow chart of LVS DR (Direct Routing) mode:
The disadvantages of LVS are:
1. The software itself does not support regular expression processing, and cannot do dynamic and static separation ; and now many websites have strong requirements in this regard, which is the advantage of Nginx/HAProxy+Keepalived.
2. If the website application is relatively large, the implementation of LVS/DR+Keepalived is more complicated, especially if there is a Windows Server machine behind it, if the implementation and configuration and maintenance process are more complicated, relatively speaking, Nginx/ HAProxy+Keepalived is much simpler.
from:http://blog.chinaunix.net/uid-27022856-id-3236257.html
1. How does LVS/DR process the request packet, and will it modify the content of the IP packet?
1.1 vs/dr itself does not care about the information above the IP layer. Even the port number is determined by the tcp/ip protocol stack to determine whether it is correct. vs/dr itself mainly does the following:
1) Receive the client's request and select the IP of a realserver according to the load balancing algorithm you set;
2) Take the mac address corresponding to the selected ip as the target mac, and then re-encapsulate the IP packet into a frame and forward it to the RS;
3) Record the connection information in the hash table.
vs/dr does few and simple things, so it is very efficient, not much worse than a hardware load balancing device.
The general flow of data packets and data frames is as follows: client --> VS --> RS --> client
1.2 The answer has been made before, vs/dr will not modify the content of the IP packet.
2. Why does RealServer configure VIP on the lo interface? Is it OK to configure VIP on the egress network card?
2.1 Since the RS is to be able to process the IP packet whose destination address is vip, the RS must first be able to receive the packet.
Configuring vip on lo can complete receiving the packet and return the result to the client.
2.2 答案是不可以将VIP设置在出口网卡上,否则会响应客户端的arp request,造成client/gateway arp table紊乱,以至于整个load balance都不能正常工作。
3. RealServer为什么要抑制arp帧?
这个问题在上一问题中已经作了说明,这里结合实施命令进一步阐述。我们在具体实施部署的时候都会作如下调整:
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
我相信很多人都不会弄懂它们的作用是什么,只知道一定得有。我这里也不打算拿出来详细讨论,只是作几点说明,就当是补充吧。
3.1
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
这两条是可以不用的,因为arp对逻辑接口没有意义。
3.2 如果你的RS的外部网络接口是eth0,那么
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
其实真正要执行的是:
echo "1" >/proc/sys/net/ipv4/conf/eth0/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/eth0/arp_announce
So I personally recommend adding the above two to your script, because if the default value of the above two in the system is not 0, there may be problems.
4. Why should LVS/DR load balancer (director) and RS be in the same network segment?
From the first question, you should understand how vs/dr forwards requests to RS, right? It is implemented at the data link layer, so the director must be in the same network segment as the RS.
5. Why does the lo interface on the director need an ip (ie DIP) on eth0 in addition to the VIP?
5.1 If tools such as keepalived are used for HA or Load Balance, DIP is required for health check.
5.2 HA or Load Balance without a health check mechanism has no practical significance.
6. Does LVS/DR ip_forward need to be enabled?
unnecessary. Because the director and realserver are on the same network segment, there is no need to enable forwarding.
7. Does the netmask of the director's vip have to be 255.255.255.255?
In lvs/dr, the netmask of the director's vip does not need to be set to 255.255.255.255, and there is no need to go to
route add -host $VIP dev eth0:0
The director's vip is originally intended to be announced to the outside world like a normal IP address, so don't make it so special.
8. How does LVS/DR perform the three-way handshake of tcp?
+
+
+
-
-
-