A, the ipvsadm command
1, the basic operation commands
1.1) was added Rule
ipvsadm -A|E -t|u|f service-address [-s scheduler] [-p timeout] [-M netmast] [--pepersistence_engine] [-b sched-flags]
1.2) delete rules
ipvsadm -D -t|u|f service-address
1.3) emptied of all content definitions
ipvsadm -C
1.4) Overload
ipvsadm -R
1.4) Storage
ipvsadm -S [-n]
1.5) increases, the rules change RS
ipvsadm -a|e -t|u|f service-address -r server-address [-g|i|m] [-w weight]
1.6) RS delete rules
ipvsadm -d -t|u|f service-address -r server-address
1.7) to view the list of rules
-Ln the ipvsadm | L [Options] --numeric, - n-: digitally output address and port number - Exact: extension information, the exact value - stats: Statistics --rate: output rate information
1.8) Clear counter
ipvsadm -Z [-t|u|f service-address]
1.9) ipvs rules
/proc/net/ip_vs
2.0) ipvs connection
/proc/net/ip_vs_conn
2, save and reload rule
2.1) Save: It is recommended to save the / etc / sysconfig / ipvsadm
ipvsadm-save -n > /PATH/TO/IPVSADM_FILE ipvsadm -Sn > /PATH/TO/IPVSADM_FILE systemctl stop ipvsadm.service
2.2) Overload:
ipvsadm-restore < /PATH/TO/IPVSADM_FILE ipvsadm -R < /PATH/TO/IPVSADM_FILE systemctl restart ipvsadm.service
3.lvs-nat:
design points:
1) RIP and DIP in the same IP network, RIP gateway to point DIP
2) to support port mapping
3) Director To open core forwarding
Configuration:
4. Cluster Management Service: add, change, delete
4.1) add, change:
ipvsadm -A|E -t|u|f service-address [-s scheduler] [-p timeout]
4.2) Delete:
ipvsadm -D -t|u|f service-address
4.3)service-address:
-t | U | f: - t: port TCP protocol, VIP: TCP_PORT - U: UDP port protocol, VIP: udp_port - f: Firewall MARK, mark, a digital [ -s Scheduler]: scheduling algorithm specified cluster : The default is wlc
5. RS on the cluster management: add, change, delete
5.1) increases, change: ipvsadm -a | e -t | u | f service-address -r server-address [-g | i | m] [-w weight ]
5.2) Server-address:
RIP [: port] If omitted port, port mapping is not
5.3) options:
LVS type:
- G: Gateway, DR type, default - I: IPIP, TUN type - m: Masquerade, NAT type -w weight: weight
Scheduler 6.ipvs
6.1) IPVS Scheduler: The scheduler consider whether the current load status of each RS
two kinds: static and dynamic methods
6.2) Static method: The scheduling algorithm itself only
. 1 , the RR: of the RoundRobin, in rotation 2 , WRR: Weighted the RR, weighted in rotation . 3 , SH: the Source Hashing, implement session sticky, the source IP address of the hash; requests from the same IP address is always sent to the first pick of the RS in order to achieve the session bind 4, DH: Destination hashing; request destination address hash, will be sent to the same destination address is always forwarded to the first pick in the RS, the typical usage scenario is a forward proxy caching scenarios load balancing such as: bandwidth, operators
Lab: implement NAT mode of LVS ( must backtrack )
=. 1 ip_forward route the Add default GW 192.168.0.201 # -t: TCP, - S WRR: weighting in rotation the ipvsadm -A -t 172.20.0.200:80 - S WRR # -m: the NAT mode; default: DR mode, does not support the mapping to different ports; - W: weight default. 1 the ipvsadm -a -t 172.20.0.200:80. 3 -w -m -R & lt 192.168.30.17:8080 the ipvsadm -a -t 172.20.0.200:80 -R & lt 192.168.30.27: 8080 - m 2 .router: router configuration ip_forward =. 1 route the Add default GW 192.168.0.200
LVS-DR
1.DR VIP model needs to be configured on each host, address conflict resolution way in three ways:
1.1 ) at the front end gateway do static binding 1.2 ) in each of the RS uses arptables level 1.3) changing kernel parameters in the RS, in response to limitations and advertised arp
2. The response level restrictions: arp_ignore
2.1) 0 : Default, indicates any interface may be used on the local address response disposed at an arbitrary
2.2) 1: Only the request destination IP configuration in a local host when receiving the request packet interface, in response only to give
3. Restrictions Notice Level: arp_announce
3.1) 0 : default value, the machine all the interface information for all notifies the network interface of each 3.2) 1 : Avoid the interface information notifies the network directly connected to the non- 3.3) 2: interface information must be avoided to non- notice network
Experimental: realization DR mode, the LVS ( not backtrack )
1.LVS VIP: ip add a 192.168.30.7/32 dev lo DIR: 192.168.30.100/24 eth0 GATEWAY: 192.168.30.X] ipvsadm -A -t 192.168.30.7:80 -s rr ipvsadm -a -t 192.168.30.7:80 -r 192.168.30.17 [-g] ipvsadm -a -t 192.168.30.7:80 -r 192.168.30.27 [-g] 2RS echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce ip add a 192.168.30.7/32 dogs