部署lvs-tun
参考文档:

http://www.linuxvirtualserver.org/VS-IPTunneling.html

http://kb.linuxvirtualserver.org/wiki/LVS/TUN_mode_with_FreeBSD_and_Solaris_realserver

http://www.jasonwu.me/2012/09/11/detailed_lvs_difference_between_the_three_models.html#id4

http://bbs.chinaunix.net/thread-3680672-1-1.html

* 如果都是内网地址的话,配置tun时,需要在路由器上做些配置

IP Tunelling

We will do IPv4 tunneling using GRE. GRE is a tunneling protocol that was originally developed by Cisco, and it can do a few more things than IP-in-IP tunneling. For example, you can also transport multicast traffic and IPv6 through a GRE tunnel.

We are using Debian with linux kernel 2.4.26. In Linux, you’ll need the ip_gre.o module.

Starting Configuration

We have 2 routers X and Y, and intermediate network C (or let’s say, Internet).

router X

Router X is connected to the Internet on interface eth0 and network A on eth1.

interface eth0 :: address 169.229.255.134 on the Internet (or network C)
interface eth1 :: address 10.0.2.1, network 10.0.2.0/24 (network A)

router Y

Router Y is connected to the Internet on interface eth0, network B on eth1 and network C on eth2.

interface eth0 :: address 207.241.237.37 on the Internet (or network C)
interface eth1 :: address 10.0.3.1, network 10.0.3.0/24 (network B)
interface eth2 :: address 10.0.4.1, network 10.0.4.0/24 (network C)

As far as network C is concerned, we assume that it will pass any packet sent from X to Y and vice versa. How and why, we do not care.

实验环境:
lvs-directory:10.255.253.211
lvs-realserver1:10.255.253.220
lvs-realserver2:172.16.224.23

虚拟地址:10.255.253.117

选用172.16.0.0/24作为ip隧道
lvs-directory:172.16.0.1
lvs-realserver1:172.16.0.2
lvs-realserver2:172.16.0.3

操作10.255.253.211:
ifconfig eth0:0 10.255.253.117 netmask 255.255.255.255 10.255.253.117 up
ip tunnel add tun0 mode ipip remote 10.255.253.220 local 10.255.253.117 dev eth0
ifconfig tun0 172.16.0.1 netmask 255.255.255.0 pointopoint 172.16.0.2
ip tunnel add tun1 mode ipip remote 172.16.224.23 local 10.255.253.117 dev eth0
ifconfig tun1 172.16.0.1 netmask 255.255.255.0 pointopoint 172.16.0.3
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/ipvsadm -C
ipvsadm -A -t 10.255.253.117:80 -s rr
ipvsadm -a -t 10.255.253.117:80 -r 10.255.253.220:80 -i
ipvsadm -a -t 10.255.253.117:80 -r 172.16.224.23:80 -i

操作10.255.253.220:
ip tunnel add tun0 mode ipip remote 10.255.253.117 local 10.255.253.220 dev eth0
ifconfig tun0 172.16.0.2 netmask 255.255.255.0 pointopoint 172.16.0.1
ifconfig tunl0 10.255.253.117 broadcast 10.255.253.117 netmask 255.255.255.255 up
route add -host 10.255.253.117 dev tunl0
echo 1 >/proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 1 > /proc/sys/net/ipv4/ip_forward

操作172.16.224.23:
ip tunnel add tun0 mode ipip remote 10.255.253.117 local 172.16.224.23 dev eth0
ifconfig tun0 172.16.0.3 netmask 255.255.255.0 pointopoint 172.16.0.1
ifconfig tunl0 10.255.253.117 broadcast 10.255.253.117 netmask 255.255.255.255 up
route add -host 10.255.253.117 dev tunl0
echo 1 >/proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 1 > /proc/sys/net/ipv4/ip_forward

done