LVS之简单搭建LVS-DR（二）

一、规划

Director

eth0：192.168.253.130

eth0:1 192.168.253.144   （VIP）

 

RS1

lo:1   192.168.253.144

eth0：192.168.253.128

 

RS2

lo:1   192.168.253.144

eth0：192.168.253.129

 

 

二、配置Real服务器

[root@RS01 ~]# ifconfig lo:1 192.168.253.144 netmask 255.255.255.255 broadcast 192.168.253.144 up

[root@RS01 ~]# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0C:29:AD:91:18 

          inet addr:192.168.253.128  Bcast:192.168.253.255  Mask:255.255.255.0

          inet6 addr: fe80::20c:29ff:fead:9118/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:570 errors:0 dropped:0 overruns:0 frame:0

          TX packets:283 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:51858 (50.6 KiB)  TX bytes:36643 (35.7 KiB)

 

lo        Link encap:Local Loopback 

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

 

lo:1      Link encap:Local Loopback 

          inet addr:192.168.253.144  Mask:255.255.255.255

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

[root@RS01 ~]# route add -host 192.168.253.144 dev lo:1

[root@RS01 ~]# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.253.144 0.0.0.0         255.255.255.255 UH    0      0        0 lo

192.168.253.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0

169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0

0.0.0.0         192.168.253.130 0.0.0.0         UG    0      0        0 eth0

 

 

 

 

[root@RS02 ~]# ifconfig lo:1 192.168.253.144 netmask 255.255.255.255 broadcast 192.168.253.144 up

[root@RS02 ~]# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0C:29:1C:1A:24 

          inet addr:192.168.253.129  Bcast:192.168.253.255  Mask:255.255.255.0

          inet6 addr: fe80::20c:29ff:fe1c:1a24/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:486 errors:0 dropped:0 overruns:0 frame:0

          TX packets:284 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:43794 (42.7 KiB)  TX bytes:25041 (24.4 KiB)

 

lo        Link encap:Local Loopback 

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

 

lo:1      Link encap:Local Loopback 

          inet addr:192.168.253.144  Mask:255.255.255.255

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

 

[root@RS02 ~]# route add -host 192.168.253.144 dev lo:1

[root@RS02 ~]# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.253.144 0.0.0.0         255.255.255.255 UH    0      0        0 lo

192.168.253.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0

169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0

0.0.0.0         192.168.253.130 0.0.0.0         UG    0      0        0 eth0

 

三、配置Director

[root@LVS01 ~]# ifconfig eth1:1 192.168.253.144 netmask 255.255.255.255 broadcast 192.168.253.144

[root@LVS01 ~]# ipvsadm -A -t 192.168.253.144:80 -s rr

[root@LVS01 ~]# ipvsadm -a -t 192.168.253.144:80 -r 192.168.253.128 -g

[root@LVS01 ~]# ipvsadm -a -t 192.168.253.144:80 -r 192.168.253.129 -g

 

[root@LVS01 ~]# ipvsadm -L -n

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  192.168.253.144:80 rr

  -> 192.168.253.128:80           Route   1      0          0        

  -> 192.168.253.129:80           Route   1      0          0

 

Route 代表DR

 

四、配置ARP抑制

访问http://192.168.253.144

 

这时，能看真实服务的主页内容，但是反复刷新，有可能还是其中一台Real服务的主页内容。这是由于ARP的机制造成的。

 

由于ARP的对应关系是通过广播学习到的。在当router收到ARP广播时，就会把获得的MAC地址和IP地址绑定在一起。而Director和所有的Real服务器都是在同一个网段，当第一次在浏览器中成功访问到Real服务器时，就把Real服务器的MAC地址与Director 的ip地址绑定在一起，以至于后面的所有请求都直接到其中一台Real服务器上去了。就出现了只能出现一台Real服务器的主页内容。

 

此时需要在Real服务器上限制ARP广播。

 

[root@RS01 ~]# echo "1" > /proc/sys/net/ipv4/conf/eth0/arp_ignore

[root@RS01 ~]# echo "2" > /proc/sys/net/ipv4/conf/eth0/arp_announce

[root@RS01 ~]# echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore

[root@RS01 ~]# echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

 

[root@RS02 ~]# echo "1" > /proc/sys/net/ipv4/conf/eth0/arp_ignore

[root@RS02 ~]# echo "2" > /proc/sys/net/ipv4/conf/eth0/arp_announce

[root@RS02 ~]# echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore

[root@RS02 ~]# echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

 

以上只是临时的做法，重启系统后会失效。

 

永久的做法是修改配置文件：

 

[root@RS01 ~]# vim /etc/sysctl.conf

[root@RS01 ~]# sysctl -p

五、测试

http://192.168.253.144/