LVS之DR + keepalived 模式配置文档

拓扑说明:(同一局域网模式)

Director-Master     ->  (192.168.43.90)    [DR01]

Director-BACKUP ->  (192.168.43.91)     [DR02-BACKUP]

Real-server01         ->  (192.168.43.92)     [RS01]

Real-server02         ->  (192.168.43.93)    [RS02]

Client                        ->  (192.168.43.110)

vip           : 192.168.43.188

默认网关: 192.168.43.1

说明        :设置selinux、关闭防火墙、基本软件的安装(略)


报文请求过程分析

1.当用户请求到达DS时,请求报文会先经过内核空间中的PREROUTING链,此时源IP为CIP,目的IP为 VIP;

2.在PREROUTING规则链上进行检查目的IP是否为本机,如果是的话将数据包送至INPUT 链;

3.数据包到达INPUT链后,IPVS会比对数据包请求的服务是否为集群服务,若是,将请求报文中的源MAC地址修改为DIP的MAC地址,

将目标MAC地址修改RIP的MAC地址(这里需要IPVS根据策略算法选择一台合适的RS的MAC地址),然后再将数据包发至POSTROUTING链,

此时的源IP和目标IP均未修改,仅修改了源和目的的MAC地址(DR模式要求DS与RS也必须是同一个物理网络中,可公、可私);

4.POSTROUTING链检查目标MAC地址为 哪一个RIP的MAC地址,选择后,再把数据包将会发给RS;

5.RS发现请求报文的MAC地址是自己的MAC地址,就接收此报文并处理,将响应报文通过lo接口传送给eth0网卡然后向外发出,此时的源IP地址为VIP,目标IP为CIP;

6.响应报文最终到客户端;

参阅(图):

https://www.cnblogs.com/blxt/p/13099437.html


(一)组件安装配置

1.开启ip_forward转发功能

执行机器:DR01与DR02-BACKUP

[root@DR01 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward

[root@DR01 ~]# cat /proc/sys/net/ipv4/ip_forward

1

[root@DR01 ~]#

[root@DR02-BACKUP ~]# echo 1 > /proc/sys/net/ipv4/ip_forward

[root@DR02-BACKUP ~]# cat /proc/sys/net/ipv4/ip_forward

1

[root@DR02-BACKUP ~]#

2.ipvsadmin与keepalived安装

执行机器:DR01与DR02-BACKUP

[root@DR01 ~]# yum install ipvsadm keepalived -y

[root@DR01 ~]# rpm -qa | grep ipvs

ipvsadm-1.27-8.el7.x86_64

[root@DR01 ~]# rpm -qa | grep keepalived

keepalived-1.3.5-16.el7.x86_64

[root@DR01 ~]#

[root@DR02-BACKUP ~]# yum install ipvsadm keepalived -y

[root@DR02-BACKUP ~]# rpm -qa | grep ipvs

ipvsadm-1.27-8.el7.x86_64

[root@DR02-BACKUP ~]# rpm -qa | grep keepalived

keepalived-1.3.5-16.el7.x86_64

[root@DR02-BACKUP ~]#

3.keepalived的配置

*DR01配置:

[root@DR01 ~]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

  router_id LVS_DEVEL

}

vrrp_instance VI_1 {

    state MASTER

    interface ens37

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        192.168.43.188

    }

}

virtual_server 192.168.43.188 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    #persistence_timeout 5

    protocol TCP

    real_server 192.168.43.92 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 10

            retry 3

            delay_before_retry 3

            connect_port 80

        }

    }

    real_server 192.168.43.93 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 10

            retry 3

            delay_before_retry 3

            connect_port 80

        }

    }

}

[root@DR01 ~]#

*DR02-BACKUP配置:

[root@DR02-BACKUP ~]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

  router_id LVS_DEVEL

}

vrrp_instance VI_1 {

    state BACKUP

    interface ens37

    virtual_router_id 51

    priority 90

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        192.168.43.188

    }

}

virtual_server 192.168.43.188 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    #persistence_timeout 5

    protocol TCP

    real_server 192.168.43.92 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 10

            retry 3

            delay_before_retry 3

            connect_port 80

        }

    }

    real_server 192.168.43.93 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 10

            retry 3

            delay_before_retry 3

            connect_port 80

        }

    }

}

[root@DR02-BACKUP ~]#

4.keepalived服务脚本调整与更改日志路径

执行机器:DR01与DR02-BACKUP

[1]服务脚本修正:

[root@DR01 ~]# cat /usr/lib/systemd/system/keepalived.service

[Unit]

Description=LVS and VRRP High Availability Monitor

After=syslog.target network-online.target

[Service]

Type=forking

PIDFile=/var/run/keepalived.pid

#KillMode=process  调整的这里,注释掉

EnvironmentFile=-/etc/sysconfig/keepalived

ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS

ExecReload=/bin/kill -HUP $MAINPID

[Install]

WantedBy=multi-user.target

[root@DR01 ~]#

[root@DR01 ~]# systemctl daemon-reload

[root@DR02-BACKUP ~]#  cat /usr/lib/systemd/system/keepalived.service

[Unit]

Description=LVS and VRRP High Availability Monitor

After=syslog.target network-online.target

[Service]

Type=forking

PIDFile=/var/run/keepalived.pid

#KillMode=process  调整的这里,注释掉

EnvironmentFile=-/etc/sysconfig/keepalived

ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS

ExecReload=/bin/kill -HUP $MAINPID

[Install]

WantedBy=multi-user.target

[root@DR02-BACKUP ~]#

[root@DR02-BACKUP ~]# systemctl daemon-reload

[2]日志路径更改

[root@DR01 ~]#  grep 'local0.*' /etc/rsyslog.conf

local0.*                                                /var/log/keepalived.log

[root@DR01 ~]# grep 'KEEPALIVED_OPTIONS' /etc/sysconfig/keepalived

KEEPALIVED_OPTIONS="-D -d -S 0"

[root@DR01 ~]# systemctl start rsyslog

[root@DR01 ~]#  systemctl status rsyslog

● rsyslog.service - System Logging Service

  Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)

  Active: active (running) since Mon 2020-08-03 13:49:07 CST; 1h 9min ago

    Docs: man:rsyslogd(8)

          http://www.rsyslog.com/doc/

Main PID: 999 (rsyslogd)

  CGroup: /system.slice/rsyslog.service

          └─999 /usr/sbin/rsyslogd -n

Aug 03 13:49:07 DR01 systemd[1]: Starting System Logging Service...

Aug 03 13:49:07 DR01 rsyslogd[999]:  [origin software="rsyslogd" swVersion="8.24.0-38.el7" x-pid="999" x-info="http://www.rsyslog.com"] start

Aug 03 13:49:07 DR01 systemd[1]: Started System Logging Service.

[root@DR01 ~]# systemctl enable rsyslog

[root@DR01 ~]#

[root@DR02-BACKUP ~]# grep 'local0.*' /etc/rsyslog.conf

local0.*                                                /var/log/keepalived.log

[root@DR02-BACKUP ~]# grep 'KEEPALIVED_OPTIONS' /etc/sysconfig/keepalived

KEEPALIVED_OPTIONS="-D -d -S 0"

[root@DR02-BACKUP ~]# systemctl start rsyslog

[root@DR02-BACKUP ~]# systemctl status rsyslog

● rsyslog.service - System Logging Service

  Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)

  Active: active (running) since Mon 2020-08-03 12:17:59 CST; 2h 37min ago

    Docs: man:rsyslogd(8)

          http://www.rsyslog.com/doc/

Main PID: 999 (rsyslogd)

  CGroup: /system.slice/rsyslog.service

          └─999 /usr/sbin/rsyslogd -n

Aug 03 12:17:59 DR02-BACKUP systemd[1]: Starting System Logging Service...

Aug 03 12:17:59 DR02-BACKUP rsyslogd[999]:  [origin software="rsyslogd" swVersion="8.24.0-38.el7" x-pid="999" x-info="http://www.rsyslog.com"] start

Aug 03 12:17:59 DR02-BACKUP systemd[1]: Started System Logging Service.

[root@DR02-BACKUP ~]# systemctl enable rsyslog

[root@DR02-BACKUP ~]#

5.nginx的安装以便于测试

执行机器:RS01与RS02

[root@RS01 wordpress]# yum install -y nginx

[root@RS01 opt]# curl http://192.168.43.92/wordpress/index.html

This is RS01!!

[root@RS02 wordpress]# yum install -y nginx

[root@RS02 opt]# curl http://192.168.43.93/wordpress/index.html

This is RS02!!

6.编写Real-server上的功能脚本

执行机器:RS01与RS02

[root@RS01 opt]# ls

lnmp1.7-full  lnmp1.7-full.tar.gz  lvs_dr_rs.sh  wordpress-5.4.2.zip

[root@RS01 opt]# cat lvs_dr_rs.sh

#!/bin/bash

vip=192.168.43.188

ifconfig lo:1 $vip broadcast $vip netmask 255.255.255.255 up

route add -host $vip dev lo:1

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p >/dev/null 2>&1

[root@RS01 opt]#

[root@RS02 opt]# ls

lnmp1.7-full  lnmp1.7-full.tar.gz  lvs_dr_rs.sh  wordpress-5.4.2.zip

[root@RS02 opt]# cat lvs_dr_rs.sh

#!/bin/bash

vip=192.168.43.188

ifconfig lo:1 $vip broadcast $vip netmask 255.255.255.255 up

route add -host $vip dev lo:1

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p >/dev/null 2>&1

[root@RS02 opt]#


(二)组件的启动与自启

1.keepalived添加开机自启

[root@DR01 ~]# systemctl start keepalived

[root@DR01 ~]# systemctl enable keepalived

[root@DR02 ~]# systemctl start keepalived

[root@DR02 ~]# systemctl enable keepalived

2.nginx添加开机自启

[root@RS01 opt]# systemctl start nginx

[root@RS01 opt]# systemctl enable nginx

[root@RS02 opt]# systemctl start nginx

[root@RS02 opt]# systemctl enable nginx

3.Real-server的脚本执行

[root@RS01 opt]# ./lvs_dr_rs.sh

[root@RS02 opt]# ./lvs_dr_rs.sh


(三)配置完成后的分析与观察

DR01与DR02-BACKUP的情况:

观察vip的产生及负载均衡情况:

[root@DR01 ~]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.90/24 brd 192.168.43.255 scope global ens37

      valid_lft forever preferred_lft forever

    inet 192.168.43.188/32 scope global ens37

      valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fe09:5ee7/64 scope link

      valid_lft forever preferred_lft forever

[root@DR01 ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn

TCP  192.168.43.188:80 rr

  -> 192.168.43.92:80            Route  1      0          58

  -> 192.168.43.93:80            Route  1      0          59

[root@DR01 ~]#

[root@DR02-BACKUP ~]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:e4:23:98 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.91/24 brd 192.168.43.255 scope global ens37

      valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fee4:2398/64 scope link

      valid_lft forever preferred_lft forever

[root@DR02-BACKUP ~]#

[root@DR02-BACKUP ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn

TCP  192.168.43.188:80 rr

  -> 192.168.43.92:80            Route  1      0          0

  -> 192.168.43.93:80            Route  1      0          0

[root@DR02-BACKUP ~]#

RS01与RS02的观察分析:

[root@RS01 opt]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet 192.168.43.188/32 brd 192.168.43.188 scope global lo:1  # 注意观察这里

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:d3:f8:97 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.92/24 brd 192.168.43.255 scope global noprefixroute ens37

      valid_lft forever preferred_lft forever

    inet6 fe80::dc4f:e9fc:faa9:6ab/64 scope link noprefixroute

      valid_lft forever preferred_lft forever

[root@RS01 opt]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore && cat /proc/sys/net/ipv4/conf/lo/arp_announce && cat /proc/sys/net/ipv4/conf/all/arp_ignore && cat /proc/sys/net/ipv4/conf/all/arp_announce

1

2

1

2

[root@RS02 opt]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet 192.168.43.188/32 brd 192.168.43.188 scope global lo:1  # 注意观察这里

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:bf:42:92 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.93/24 brd 192.168.43.255 scope global noprefixroute ens37

      valid_lft forever preferred_lft forever

    inet6 fe80::56a8:84a1:c027:4d74/64 scope link noprefixroute

      valid_lft forever preferred_lft forever

[root@RS02 opt]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore && cat /proc/sys/net/ipv4/conf/lo/arp_announce && cat /proc/sys/net/ipv4/conf/all/arp_ignore && cat /proc/sys/net/ipv4/conf/all/arp_announce

1

2

1

2


(四)测试

我们在IP为192.168.43.110的客户端进行测试调度情况:

[root@harbor ~]# ip a | grep 192.168.43.110

    inet 192.168.43.110/24 brd 192.168.43.255 scope global noprefixroute ens33

[root@harbor ~]# while true ; do  curl http://192.168.43.188/wordpress/index.html ; sleep 3; done

This is RS02!!

This is RS01!!

This is RS02!!

This is RS01!!

This is RS02!!

^C

[root@harbor ~]#


(五)故障模拟及日志分析

1.模拟DR01关闭keepalived服务

[root@DR01 ~]# systemctl stop keepalived

[root@DR01 ~]# tail -f /var/log/keepalived.log

Aug  3 14:59:23 DR01 Keepalived[1408]: Stopping

Aug  3 14:59:23 DR01 Keepalived_healthcheckers[1409]: Removing service [192.168.43.92]:80 from VS [192.168.43.188]:80

Aug  3 14:59:23 DR01 Keepalived_healthcheckers[1409]: Removing service [192.168.43.93]:80 from VS [192.168.43.188]:80

Aug  3 14:59:23 DR01 Keepalived_healthcheckers[1409]: Stopped  # 日志提示已经停止

Aug  3 14:59:23 DR01 Keepalived_vrrp[1410]: VRRP_Instance(VI_1) sent 0 priority

Aug  3 14:59:23 DR01 Keepalived_vrrp[1410]: VRRP_Instance(VI_1) removing protocol VIPs.

Aug  3 14:59:24 DR01 Keepalived_vrrp[1410]: Stopped

Aug  3 14:59:24 DR01 Keepalived[1408]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2

[root@DR01 ~]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.90/24 brd 192.168.43.255 scope global ens37  # vip漂移了

      valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fe09:5ee7/64 scope link

      valid_lft forever preferred_lft forever

[root@DR01 ~]#

[root@DR02-BACKUP ~]# tail -f /var/log/keepalived.log

Aug  3 14:59:24 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Transition to MASTER STATE  # 转化为Master

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Entering MASTER STATE

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) setting protocol VIPs.

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens37 for 192.168.43.188

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:26 DR02-BACKUP ntpd[695]: Listen normally on 9 ens37 192.168.43.188 UDP 123

Aug  3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens37 for 192.168.43.188

Aug  3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188

[root@DR02-BACKUP ~]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:e4:23:98 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.91/24 brd 192.168.43.255 scope global ens37

      valid_lft forever preferred_lft forever

    inet 192.168.43.188/32 scope global ens37  # vip 漂移来了

      valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fee4:2398/64 scope link

      valid_lft forever preferred_lft forever

[root@DR02-BACKUP ~]#

[root@DR02-BACKUP ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn

TCP  192.168.43.188:80 rr

  -> 192.168.43.92:80            Route  1      0          2

  -> 192.168.43.93:80            Route  1      0          2

[root@DR02-BACKUP ~]#

页面可访问:

[root@harbor ~]# while true ; do  curl http://192.168.43.188/wordpress/index.html ; sleep 3; done

This is RS02!!

This is RS01!!

This is RS02!!

This is RS01!!

2.模拟DR01关闭恢复开启keepalived服务

[root@DR01 ~]# systemctl start keepalived

[root@DR01 ~]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.90/24 brd 192.168.43.255 scope global ens37

      valid_lft forever preferred_lft forever

    inet 192.168.43.188/32 scope global ens37

      valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fe09:5ee7/64 scope link

      valid_lft forever preferred_lft forever

[root@DR01 ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn

TCP  192.168.43.188:80 rr

  -> 192.168.43.92:80            Route  1      0          0

  -> 192.168.43.93:80            Route  1      0          0

[root@DR01 ~]#

[root@DR01 ~]# tail -f /var/log/keepalived.log

Aug  3 15:05:08 DR01 Keepalived[1507]: Starting Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2

Aug  3 15:05:08 DR01 Keepalived[1507]: Opening file '/etc/keepalived/keepalived.conf'.

Aug  3 15:05:08 DR01 Keepalived[1508]: Starting Healthcheck child process, pid=1509

Aug  3 15:05:08 DR01 Keepalived[1508]: Starting VRRP child process, pid=1510

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Initializing ipvs

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Opening file '/etc/keepalived/keepalived.conf'.

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< Global definitions >------

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Router ID = LVS_DEVEL

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Default interface = eth0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: LVS flush = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP IPv4 mcast group = 224.0.0.18

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP IPv6 mcast group = ff02::12

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP delay = 5

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP repeat = 5

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP refresh timer = 0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP refresh repeat = 1

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP lower priority delay = 4294

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP lower priority repeat = -1

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Send advert after receive lower priority advert = true

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Send advert after receive higher priority advert = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP interval = 0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous NA interval = 0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP default protocol version = 2

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Iptables input chain = INPUT

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Using ipsets = true

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ipset IPv4 address set = keepalived

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ipset IPv6 address set = keepalived6

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ipset IPv6 address,iface set = keepalived_if6

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP check unicast_src = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP skip check advert addresses = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP strict mode = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP process priority = 0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP don't swap = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Checker process priority = 0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Checker don't swap = false

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP keepalived disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP checker disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP RFCv2 disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP RFCv3 disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP traps disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP socket = default (unix:/var/agentx/master)

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Network namespace = (default)

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Script security disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Default script uid:gid 0:0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< SSL definitions >------

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Using autogen SSL context

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< LVS Topology >------

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: System is compiled with LVS v1.2.1

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VIP = 192.168.43.188, VPORT = 80

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Address family = inet

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  delay_loop = 6, lb_algo = rr

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Hashed = disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  flag-1 = disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  flag-2 = disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  flag-3 = disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  One packet scheduling = disabled

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  protocol = TCP

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  alpha is OFF, omega is OFF

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  quorum = 1, hysteresis = 0

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  lb_kind = DR

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  RIP = 192.168.43.92, RPORT = 80, WEIGHT = 1

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  RIP = 192.168.43.93, RPORT = 80, WEIGHT = 1

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< Health checkers >------

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: [192.168.43.92]:80

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Keepalive method = TCP_CHECK

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Connection dest = [192.168.43.92]:80

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Connection timeout = 10

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:    Retry count = 3

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:    Retry delay = 3

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: [192.168.43.93]:80

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Keepalive method = TCP_CHECK

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Connection dest = [192.168.43.93]:80

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:  Connection timeout = 10

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:    Retry count = 3

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]:    Retry delay = 3

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Activating healthchecker for service [192.168.43.188]:80

Aug  3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Activating healthchecker for service [192.168.43.188]:80

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Registering Kernel netlink reflector

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Registering Kernel netlink command channel

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Registering gratuitous ARP shared channel

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Opening file '/etc/keepalived/keepalived.conf'.

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) removing protocol VIPs.

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< Global definitions >------

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Router ID = LVS_DEVEL

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Default interface = eth0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: LVS flush = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP IPv4 mcast group = 224.0.0.18

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP IPv6 mcast group = ff02::12

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP delay = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP repeat = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP refresh timer = 0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP refresh repeat = 1

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP lower priority delay = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP lower priority repeat = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Send advert after receive lower priority advert = true

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Send advert after receive higher priority advert = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP interval = 0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous NA interval = 0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP default protocol version = 2

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Iptables input chain = INPUT

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Using ipsets = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ipset IPv4 address set = keepalived

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ipset IPv6 address set = keepalived6

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ipset IPv6 address,iface set = keepalived_if6

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP check unicast_src = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP skip check advert addresses = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP strict mode = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP process priority = 0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP don't swap = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Checker process priority = 0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Checker don't swap = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP keepalived disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP checker disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP RFCv2 disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP RFCv3 disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP traps disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP socket = default (unix:/var/agentx/master)

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Network namespace = (default)

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Script security disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Default script uid:gid 0:0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< VRRP Topology >------

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP Instance = VI_1

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Using VRRPv2

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Want State = MASTER

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Running on device = ens37

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Skip checking advert IP addresses = no

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Enforcing strict VRRP compliance = no

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Using src_ip = 192.168.43.90

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Gratuitous ARP delay = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Gratuitous ARP repeat = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Gratuitous ARP refresh timer = 0

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Gratuitous ARP refresh repeat = 1

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Gratuitous ARP lower priority delay = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Gratuitous ARP lower priority repeat = 5

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Send advert after receive lower priority advert = true

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Send advert after receive higher priority advert = false

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Virtual Router ID = 51

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Priority = 100

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Advert interval = 1 sec

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Accept enabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Promote_secondaries disabled

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Authentication type = SIMPLE_PASSWORD

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Password = 1111

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:  Virtual IP = 1

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]:    192.168.43.188/32 dev ens37 scope global

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< NIC >------

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Name = ens33

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: index = 2

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv4 address = 192.168.131.90

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv6 address = ::

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: MAC = 00:0c:29:09:5e:dd

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: is UP

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: MTU = 1500

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: HW Type = ETHERNET

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< NIC >------

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Name = ens37

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: index = 3

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv4 address = 192.168.43.90

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv6 address = fe80::20c:29ff:fe09:5ee7

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: MAC = 00:0c:29:09:5e:e7

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: is UP

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: is RUNNING

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: MTU = 1500

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: HW Type = ETHERNET

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: Using LinkWatch kernel netlink reflector...

Aug  3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP sockpool: [ifindex(3), proto(112), unicast(0), fd(10,11)]

Aug  3 15:05:09 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) Transition to MASTER STATE

Aug  3 15:05:10 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) Entering MASTER STATE

Aug  3 15:05:10 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) setting protocol VIPs.

Aug  3 15:05:10 DR01 Keepalived_vrrp[1510]: Sending gratuitous ARP on ens37 for 192.168.43.188

Aug  3 15:05:10 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens37 for 192.168.43.188

Aug  3 15:05:10 DR01 Keepalived_vrrp[1510]: Sending gratuitous ARP on ens37 for 192.168.43.188

[root@DR02-BACKUP ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn

TCP  192.168.43.188:80 rr

  -> 192.168.43.92:80            Route  1      0          2

  -> 192.168.43.93:80            Route  1      0          2

[root@DR02-BACKUP ~]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

      valid_lft forever preferred_lft forever

2: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:0c:29:e4:23:98 brd ff:ff:ff:ff:ff:ff

    inet 192.168.43.91/24 brd 192.168.43.255 scope global ens37

      valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fee4:2398/64 scope link

      valid_lft forever preferred_lft forever

[root@DR02-BACKUP ~]#

[root@DR02-BACKUP ~]# tail -f /var/log/keepalived.log

Aug  3 15:05:09 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 90

Aug  3 15:05:09 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Entering BACKUP STATE

Aug  3 15:05:09 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) removing protocol VIPs.

Aug  3 15:05:10 DR02-BACKUP ntpd[695]: Deleting interface #9 ens37, 192.168.43.188#123, interface stats: received=0, sent=0, dropped=0, active_time=344 secs

[root@harbor ~]# while true ; do  curl http://192.168.43.188/wordpress/index.html ; sleep 3; done

This is RS02!!

This is RS01!!

This is RS02!!

This is RS01!!

^C

[root@harbor ~]#

3.模拟RS01上nginx关闭时的情况

[root@RS01 opt]# systemctl stop nginx

[root@RS01 opt]#

[root@DR01 ~]# tail -f /var/log/keepalived.log

Aug  3 15:10:14 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:17 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:20 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:23 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Check on service [192.168.43.92]:80 failed after 3 retry.

Aug  3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Removing service [192.168.43.92]:80 from VS [192.168.43.188]:80

[root@DR02-BACKUP ~]# tail -f /var/log/messages

Aug  3 15:10:14 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:17 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:20 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:23 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.

Aug  3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Check on service [192.168.43.92]:80 failed after 3 retry.

Aug  3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Removing service [192.168.43.92]:80 from VS [192.168.43.188]:80

[root@DR01 ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn

TCP  192.168.43.188:80 rr

  -> 192.168.43.93:80            Route  1      0          1

  # 观察这里,已经被移除了

[root@DR01 ~]#

[root@harbor ~]# while true ; do  curl http://192.168.43.188/wordpress/index.html ; sleep 3; done

This is RS02!!

This is RS02!!

This is RS02!!

This is RS02!!

This is RS02!!

This is RS02!!

^C


(六)抓包分析Lvs-DR模式下更改数据包的情况

1.获取基本信息

Client MAC地址(192.168.43.110):

[root@harbor ~]# ip a | grep '43.e6'

    link/ether 00:0c:29:5f:43:e6 brd ff:ff:ff:ff:ff:ff

DR01 MAC地址(192.168.43.188):

[root@DR01 ~]# ip a | grep '5e.e7'

    link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff

RS02 MAC地址(192.168.43.93):

[root@RS02 opt]# ip a | grep '42.92'

    link/ether 00:0c:29:bf:42:92 brd ff:ff:ff:ff:ff:ff

2.使用tupdump抓包导出,利用wireshark分析

[root@RS02 opt]# tcpdump -i ens37 -vv '((tcp) and (dst host 192.168.43.188) and (src host 192.168.43.110))' -w rs02.pcap

这里我们取2条数据继续分析即可:

1 0.000000 192.168.43.110 192.168.43.188 TCP 74 38370 → 80 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=300602194 TSecr=0 WS=128

Frame 1: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)

Ethernet II, Src: VMware_5f:43:e6 (00:0c:29:5f:43:e6), Dst: VMware_09:5e:e7 (00:0c:29:09:5e:e7)  #注意: src:Client MAC  dst:DR01 MAC

Internet Protocol Version 4, Src: 192.168.43.110, Dst: 192.168.43.188

Transmission Control Protocol, Src Port: 38370, Dst Port: 80, Seq: 0, Len: 0

2 0.000087 192.168.43.110 192.168.43.188 TCP 74 [TCP Out-Of-Order] 38370 → 80 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=300602194 TSecr=0 WS=128

Frame 2: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)

Ethernet II, Src: VMware_09:5e:e7 (00:0c:29:09:5e:e7), Dst: VMware_bf:42:92 (00:0c:29:bf:42:92)  #注意: src: DR01 MAC    dst:RS02 MAC

Internet Protocol Version 4, Src: 192.168.43.110, Dst: 192.168.43.188

Transmission Control Protocol, Src Port: 38370, Dst Port: 80, Seq: 0, Len: 0

同一条数据,通过1-2可以看出"Ethernet II"段的地址已经改写完毕.

你可能感兴趣的:(LVS之DR + keepalived 模式配置文档)