lvs
实验环境:
主机1:172.25.46.1
主机2:172.25.46.2
主机3:172.25.46.3
主机1:
# yum install -y ipvsadm
# ip addr add 172.25.46.100/24 dev eth1
eth1:
inet 172.25.46.100/24 scope global secondary eth1
加载 rule
# ipvsadm -A -t 172.25.46.100:80 -s rr
# ipvsadm -a -t 172.25.46.100:80 -r 172.25.46.3:80 -g
# ipvsadm -a -t 172.25.46.100:80 -r 172.25.46.2:80 -g
# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.46.100:80 rr
-> 172.25.46.2:80 Route 1 0 0
-> 172.25.46.3:80 Route 1 0 0
将以上配置保存至/etc/sysconfig/ipvsadm文件-保存 rule
# /etc/init.d/ipvsadm save
# cat /etc/sysconfig/ipvsadm
-A -t 172.25.46.100:80 -s rr
-a -t 172.25.46.100:80 -r 172.25.46.2:80 -g -w 1
-a -t 172.25.46.100:80 -r 172.25.46.3:80 -g -w 1
# /etc/init.d/ipvsadm start
主机2:
# yum install -y httpd
# cd /var/www/html/
# ls
index.html
# cat index.html
server2.example.com
# /etc/init.d/httpd start
# netstat -antlp
tcp 0 0 :::22 :::* LISTEN 1125/sshd
# yum install -y arptables_jf
# arptables -A IN -d 172.25.46.100 -j DROP
# ip addr add 172.25.46.100/32 dev eth0
# ip addr show
eth0:
inet 172.25.46.100/32 scope global eth0
# arptables -A OUT -s 172.25.46.100 -j mangle --mangle-ip-s 172.25.46.2
# /etc/init.d/arptables_jf save
# arptables -nL
Chain IN (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
0.0.0.0/0 172.25.46.100 00/00 00/00 any 0000/0000 0000/0000 0000/0000
Chain OUT (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
mangle 172.25.46.100 0.0.0.0/0 00/00 00/00 any 0000/0000 0000/0000 0000/0000 --mangle-ip-s 172.25.46.2
Chain FORWARD (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
主机3:
# yum install -y httpd
# cd /var/www/html/
# ls
index.html
# cat index.html
server3.example.com
# /etc/init.d/httpd start
# netstat -antlp
tcp 0 0 :::80 :::* LISTEN 1479/httpd
# yum install -y arptables_jf
# arptables -A IN -d 172.25.46.100 -j DROP
# arptables -A OUT -s 172.25.46.100 -j mangle --mangle-ip-s 172.25.46.3
# arptables -nL
Chain IN (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
DROP 0.0.0.0/0 172.25.46.100 00/00 00/00 any 0000/0000 0000/0000 0000/0000
Chain OUT (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
mangle 172.25.46.100 0.0.0.0/0 00/00 00/00 any 0000/0000 0000/0000 0000/0000 --mangle-ip-s 172.25.46.3
Chain FORWARD (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
# /etc/init.d/arptables_jf save
---------浏览器172.25.46.100,页面在server2.example.com和servre3.example.com之间转换
访问cheungssh时:http://ip/cheungssh
http://域名/cheungssh