LVS small scale chopper

A, the ipvsadm command
1, the basic operation commands
1.1) was added Rule

ipvsadm -A|E -t|u|f service-address [-s scheduler] [-p timeout] [-M netmast] [--pepersistence_engine] [-b sched-flags] 

1.2) delete rules

ipvsadm -D -t|u|f service-address

1.3) emptied of all content definitions

ipvsadm -C

1.4) Overload

ipvsadm -R

1.4) Storage

ipvsadm -S [-n]

1.5) increases, the rules change RS

ipvsadm -a|e -t|u|f service-address -r server-address [-g|i|m] [-w weight]

1.6) RS delete rules

ipvsadm -d -t|u|f service-address -r server-address

1.7) to view the list of rules

-Ln the ipvsadm | L [Options]
　 --numeric, - n-: digitally output address and port number
　 - Exact: extension information, the exact value
　 - stats: Statistics
　 --rate: output rate information

1.8) Clear counter

ipvsadm -Z [-t|u|f service-address]

1.9) ipvs rules

/proc/net/ip_vs

2.0) ipvs connection

/proc/net/ip_vs_conn

2, save and reload rule
2.1) Save: It is recommended to save the / etc / sysconfig / ipvsadm

ipvsadm-save -n > /PATH/TO/IPVSADM_FILE
ipvsadm -Sn > /PATH/TO/IPVSADM_FILE
systemctl stop ipvsadm.service

2.2) Overload:

ipvsadm-restore < /PATH/TO/IPVSADM_FILE
ipvsadm -R < /PATH/TO/IPVSADM_FILE
systemctl restart ipvsadm.service

3.lvs-nat:
design points:
1) RIP and DIP in the same IP network, RIP gateway to point DIP
2) to support port mapping
3) Director To open core forwarding

Configuration:
4. Cluster Management Service: add, change, delete
4.1) add, change:

ipvsadm -A|E -t|u|f service-address [-s scheduler] [-p timeout]

4.2) Delete:

ipvsadm -D -t|u|f service-address

4.3）service-address:

-t | U | f:
 - t: port TCP protocol, VIP: TCP_PORT
 - U: UDP port protocol, VIP: udp_port
 - f: Firewall MARK, mark, a digital 
[ -s Scheduler]: scheduling algorithm specified cluster : The default is wlc

5. RS on the cluster management: add, change, delete
5.1) increases, change: ipvsadm -a | e -t | u | f service-address -r server-address [-g | i | m] [-w weight ]
5.2) Server-address:
RIP [: port] If omitted port, port mapping is not
5.3) options:
LVS type:

- G: Gateway, DR type, default
 - I: IPIP, TUN type
 - m: Masquerade, NAT type
 -w weight: weight

Scheduler 6.ipvs
6.1) IPVS Scheduler: The scheduler consider whether the current load status of each RS
two kinds: static and dynamic methods
6.2) Static method: The scheduling algorithm itself only

. 1 , the RR: of the RoundRobin, in rotation
 2 , WRR: Weighted the RR, weighted in rotation
 . 3 , SH: the Source Hashing, implement session sticky, the source IP address of the hash; requests from the same IP address is always sent to the first pick of the RS in order to achieve the session bind
 4, DH: Destination hashing; request destination address hash, will be sent to the same destination address is always forwarded to the first pick in the RS, the typical usage scenario is a forward proxy caching scenarios load balancing such as: bandwidth, operators

Lab: implement NAT mode of LVS ( must backtrack )

=. 1 ip_forward 
route the Add default GW 192.168.0.201 
# -t: TCP, - S WRR: weighting in rotation 
the ipvsadm -A -t 172.20.0.200:80 - S WRR 

# -m: the NAT mode; default: DR mode, does not support the mapping to different ports; - W: weight default. 1 
the ipvsadm -a -t 172.20.0.200:80. 3 -w -m -R & lt 192.168.30.17:8080 
the ipvsadm -a -t 172.20.0.200:80 -R & lt 192.168.30.27: 8080 - m

 2 .router: router configuration 
ip_forward =. 1 
route the Add default GW 192.168.0.200

LVS-DR

1.DR VIP model needs to be configured on each host, address conflict resolution way in three ways:

1.1 ) at the front end gateway do static binding
 1.2 ) in each of the RS uses arptables
 level 1.3) changing kernel parameters in the RS, in response to limitations and advertised arp

2. The response level restrictions: arp_ignore

2.1) 0 : Default, indicates any interface may be used on the local address response disposed at an arbitrary
 2.2) 1: Only the request destination IP configuration in a local host when receiving the request packet interface, in response only to give

3. Restrictions Notice Level: arp_announce

3.1) 0 : default value, the machine all the interface information for all notifies the network interface of each
 3.2) 1 : Avoid the interface information notifies the network directly connected to the non-
 3.3) 2: interface information must be avoided to non- notice network

Experimental: realization DR mode, the LVS ( not backtrack )

1.LVS
VIP: ip add a 192.168.30.7/32 dev lo
DIR: 192.168.30.100/24 eth0
GATEWAY: 192.168.30.X]

ipvsadm -A -t 192.168.30.7:80 -s rr
ipvsadm -a -t 192.168.30.7:80 -r 192.168.30.17 [-g]
ipvsadm -a -t 192.168.30.7:80 -r 192.168.30.27 [-g]

2RS
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
ip add a 192.168.30.7/32 dogs