LVS 三种工作模式基本配置(不含HA)
类别:原创 服务器
本文参考
LVS三种工作模式简介及案例参考http://www.sxt.cn/u/324/blog/3188
LVS DR模式基本配置参考http://www.21ops.com/ops/26717.html
LVS TUN模式配置参考(其它的文档全都少了内容) http://outofmemory.cn/wr/?u=http%3A%2F%2Fwww.jizhuomi.com%2Fsoftware%2F365.html
ipvsadm 命令详细参数参考 http://blog.csdn.net/huaishu/article/details/17023061
LVS的分类
LVS-DR: 直接路由,此种方式是最常用的方式,所有的Director和RealServer都在同一个物理网络中(交换机)并且都只有一块网卡。
LVS-NAT:地址转换,数据包来回都要经过NAT转换,所以Director Server(即LVS服务器)将成为系统瓶颈。使用NAT模式将需要两个不同网段的IP,一个IP接受外部请求服务,一般为外网ip,此IP称为VIP,一个IP与后端realserver同一地址段,负责相互通信,称为DIP。后端realserver的网关地址需指向DIP。同时需开启linux内核的数据包转发功能。
LVS-TUN:隧道 ,LVS/TUN与 LVS/DR 类似。只是在报文外面再加一层IP封装,整个过程比LVS/DR模式多一次报文的封装/解封过程。LVS/DR只支持本地网络,LVS/TUN却可以跨机房。
一、说明
目的:使用LVS对两台web服务器进行负载设置,本方暂不涉及LVS本身的HA设置
VIP:10.10.6.200
DIP:10.10.6.201
web1:10.10.6.211
web2:10.10.6.212
操作系统:CentOS release 6.6 (Final)
关闭了selinux和iptables
[root@Web1 ~]# getenforce Disabled [root@Web1 ~]# chkconfig iptables off [root@Web1 ~]# service iptables stop [root@Web1 ~]#
二、安装配置web服务(以web1为例,web2相同)
(一)安装apache和php
[root@Web1 ~]# yum install httpd php php-fpm [root@Web1 ~]# vi /etc/httpd/conf/httpd.conf ServerName :80 [root@Web1 ~]# service httpd restart [root@Web1 ~]# service php-fpm restart [root@Web1 ~]# [root@Web1 ~]# [root@Web1 ~]# more /var/www/html/phpinfo.php <?php phpinfo() ?> [root@Web1 ~]# [root@Web1 ~]# more /var/www/html/index.html \\web2 这里全部要做相应的修改 <html> <head> <title>web1</title> </head> <body> hostname: Web1<br>ip : 10.10.6.211 </body> </html> [root@Web1 ~]# [root@Web1 ~]# [root@Web1 ~]#
(二)测试web站点:
http://10.10.6.211/phpinfo.php
http://10.10.6.212/phpinfo.php
http://10.10.6.211
http://10.10.6.212
三、LVS配置(DR、NAT、TUN三种模式任选其一)
(一)安装ipvsadm
[root@LVS-master ~]# yum install ipvsadm [root@LVS-master ~]# chkconfig ipvsadm on [root@LVS-master ~]# service ipvsadm start [root@LVS-master ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn [root@LVS-master ~]#
(二)DR模式配置(最常用)
1.LVS server 配置
在eth0:0上设置对外提供的地址
[root@LVS-master ~]# ifconfig eth0:0 10.10.6.200 netmask 255.255.255.255 broadcast 10.10.6.200 up
设置路由
[root@LVS-master ~]# route add -host 10.10.6.200 dev eth0:0 [root@LVS-master ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.6.200 * 255.255.255.255 UH 0 0 0 eth0 10.10.6.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0 [root@LVS-master ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:56:AE:32:1E inet addr:10.10.6.201 Bcast:10.10.6.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:feae:321e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:73055 errors:0 dropped:0 overruns:0 frame:0 TX packets:7458 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4799348 (4.5 MiB) TX bytes:779840 (761.5 KiB) eth0:0 Link encap:Ethernet HWaddr 00:50:56:AE:32:1E inet addr:10.10.6.200 Bcast:10.10.6.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:48 errors:0 dropped:0 overruns:0 frame:0 TX packets:48 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2522 (2.4 KiB) TX bytes:2522 (2.4 KiB) [root@LVS-master ~]# [root@LVS-master ~]# ipvsadm -A -t 10.10.6.200:80 -s rr
【添加ipvsadm条目,-A表示追加条目,-t表示使用tcp协议,-s rr表示使用轮询算法】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.211 -g
【-a表示追加规则,-t表示使用tcp协议,-r表示real-server,-g表示使用DR模型】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.212 -g [root@LVS-master ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.10.6.200:http rr -> 10.10.6.211:http Route 1 0 0 -> 10.10.6.212:http Route 1 0 0 [root@LVS-master ~]#
2.后台两个Real Server服务器的配置(以web1为例,web2相同)
设置网卡只对有eth0网卡上的ip地址做通告
[root@Web1 ~]# [root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore [root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore [root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce [root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce 在lo上设置集群服务的ip地址和路由 [root@Web1 ~]# ifconfig lo:0 10.10.6.200 netmask 255.255.255.255 broadcast 10.10.6.200 [root@Web1 ~]# route add -host 10.10.6.200 dev lo:0 [root@Web1 ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:56:AE:70:6E inet addr:10.10.6.211 Bcast:10.10.6.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:feae:706e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:74398 errors:0 dropped:0 overruns:0 frame:0 TX packets:7263 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11103638 (10.5 MiB) TX bytes:1076981 (1.0 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:106 errors:0 dropped:0 overruns:0 frame:0 TX packets:106 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:95140 (92.9 KiB) TX bytes:95140 (92.9 KiB) lo:0 Link encap:Local Loopback inet addr:10.10.6.200 Mask:255.255.255.255 UP LOOPBACK RUNNING MTU:65536 Metric:1 [root@Web1 ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.6.200 * 255.255.255.255 UH 0 0 0 lo 10.10.6.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0 [root@Web1 ~]#
3.测试
http://10.10.6.200
第一次访问
第二次访问
第三次访问
第四次访问
LVS /DR 模式设置成功
4.相关脚本
(1)Director脚本
[root@LVS-master ~]# vi dr.sh
[root@LVS-master ~]# more dr.sh
#!/bin/bash
#
# LVS script for VS/DR
#
. /etc/rc.d/init.d/functions
#
VIP=10.10.6.200
RIP1=10.10.6.211
RIP2=10.10.6.212
PORT=80
#
case "$1" in
start)
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:0
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Add an IP virtual service for VIP 10.10.6.200 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s rr
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g
/bin/touch /var/lock/subsys/ipvsadm &> /dev/null
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
/sbin/ifconfig eth0:0 down
/sbin/route del $VIP
/bin/rm -f /var/lock/subsys/ipvsadm
echo "ipvs is stopped..."
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ]; then
echo "ipvsadm is stopped ..."
else
echo "ipvs is running ..."
ipvsadm -L -n
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
;;
esac
[root@LVS-master ~]#
[root@LVS-master ~]# chmod +x dr.sh
[root@LVS-master ~]# ./dr.sh status
ipvs is running ...
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.6.200:80 rr
-> 10.10.6.211:80 Route 1 0 5
-> 10.10.6.212:80 Route 1 0 5
[root@LVS-master ~]#
[root@LVS-master ~]# ./dr.sh stop
SIOCDELRT: No such process
ipvs is stopped...
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@LVS-master ~]# ./dr.sh start
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.6.200:http rr
-> 10.10.6.211:http Route 1 0 0
-> 10.10.6.212:http Route 1 0 0
[root@LVS-master ~]#
[root@LVS-master ~]# echo "/root/dr.sh start" >>/etc/rc.local
[root@LVS-master ~]#
(2)Real Server启动脚本(以web1为例,web2相同)
[root@Web1 ~]# vi dr-rs.sh
[root@Web1 ~]# more dr-rs.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=10.10.6.200
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@Web1 ~]# chmod +x dr-rs.sh
[root@Web1 ~]# ./dr-rs.sh status
LVS-DR real server Running.
[root@Web1 ~]# ./dr-rs.sh stop
[root@Web1 ~]# ./dr-rs.sh start
[root@Web1 ~]#
[root@Web1 ~]# echo "/root/dr-rs.sh start" >>/etc/rc.local
[root@Web1 ~]#
(三)NAT模式配置
1.LVS server 配置
增加一块网卡,作为外网网卡,ip为 192.168.0.200,此ip即为对外的VIP,并将默认网关设置成VIP段的网关,本地的内网ip不设置网关
[root@LVS-master ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.200 * 255.255.255.0 U 0 0 0 eth1 10.10.6.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 default 192.168.0.1 0.0.0.0 UG 0 0 0 eth1 [root@LVS-master ~]# [root@LVS-master ~]# cat /proc/sys/net/ipv4/ip_forward 0 [root@LVS-master ~]# echo 1 > /proc/sys/net/ipv4/ip_forward [root@LVS-master ~]# cat /proc/sys/net/ipv4/ip_forward 1 [root@LVS-master ~]# [root@LVS-master ~]# ipvsadm -A -t 192.168.0.200:80 -s rr 【添加ipvsadm条目,-A表示追加条目,-t表示使用tcp协议,-s rr表示使用轮询算法】 [root@LVS-master ~]# ipvsadm -a -t 192.168.0.200:80 -r 10.10.6.211 -m 【-a表示追加规则,-t表示使用tcp协议,-r表示real-server,-m表示使用NAT模型】 [root@LVS-master ~]# ipvsadm -a -t 192.168.0.200:80 -r 10.10.6.212 -m [root@LVS-master ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.0.200:http rr -> 10.10.6.211:http Masq 1 0 1 -> 10.10.6.212:http Masq 1 0 1
2.更改后端realserver的网关(以web1为例,web2相同)
[root@Web1 ~]# route add default gw 10.10.6.201;route del default gw 10.10.6.254 [root@Web1 ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.6.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 default 10.10.6.201 0.0.0.0 UG 0 0 0 eth0 [root@Web1 ~]#
3.测试
第一次访问
第二次访问
[root@LVS-master ~]# ipvsadm -Lc IPVS connection entries pro expire state source virtual destination TCP 00:10 TIME_WAIT 192.168.0.201:24093 192.168.0.200:http 10.10.6.211:http TCP 00:26 TIME_WAIT 192.168.0.201:24539 192.168.0.200:http 10.10.6.212:http [root@LVS-master ~]#
LVS /NAT 模式设置成功
4.相关脚本
[root@LVS-master ~]# vi nat.sh
[root@LVS-master ~]# more nat.sh
#!/bin/bash
#
# chkconfig: - 88 12
# description: LVS script for VS/NAT
#
. /etc/rc.d/init.d/functions
#
VIP=192.168.0.200
DIP=10.10.6.201
RIP1=10.10.6.211
RIP2=10.10.6.212
#
case "$1" in
start)
# /sbin/ifconfig eth0:0 $VIP netmask 255.255.255.0 up
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Clear all ipvsadm rules/services.
/sbin/ipvsadm -C
# Add an IP virtual service for VIP 192.168.0.200 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s rr
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -m
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -m
/bin/touch /var/lock/subsys/ipvsadm.lock
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
# ifconfig eth0:0 down
rm -rf /var/lock/subsys/ipvsadm.lock
;;
status)
[ -e /var/lock/subsys/ipvsadm.lock ] && echo "ipvs is running..." || echo "ipvsadm is stopped..."
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
[root@LVS-master ~]#
[root@LVS-master ~]# chmod +x nat.sh
[root@LVS-master ~]# ./nat.sh start
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.200:http rr
-> 10.10.6.211:http Masq 1 0 0
-> 10.10.6.212:http Masq 1 0 0
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.200:http rr
-> 10.10.6.211:http Masq 1 0 4
-> 10.10.6.212:http Masq 1 0 4
[root@LVS-master ~]#
[root@LVS-master ~]#
(四)TUN 模式配置
1.LVS server 配置
[root@LVS-master ~]# ifconfig tunl0 10.10.6.200 broadcast 10.10.6.200 netmask 255.255.255.255 up [root@LVS-master ~]# ipvsadm -A -t 10.10.6.200:80 -s rr
【添加ipvsadm条目,-A表示追加条目,-t表示使用tcp协议,-s rr表示使用轮询算法】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.211 -i
【-a表示追加规则,-t表示使用tcp协议,-r表示real-server,-i表示使用tun模型】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.212 -i [root@LVS-master ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.10.6.200:http rr -> 10.10.6.211:http Tunnel 1 0 0 -> 10.10.6.212:http Tunnel 1 0 0 [root@LVS-master ~]#
2.后台两个Real Server服务器的配置(以web1为例,web2相同)
[root@Web1 ~]# ifconfig tunl0 10.10.6.200 broadcast 10.10.6.200 netmask 255.255.255.255 up [root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignore [root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce [root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore [root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
\\ 对于centos6.6系统,一定下面两行一定要加上,否则,real server会认为收到的数据包非法,直接丢弃。对于其它系统没有做过测试。网上很多资料上都没有这一点,因此花费了我很长时间来解决TUN失败的问题。
[root@Web1 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter [root@Web1 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
\\ 网上很多资料说要加上下面这一行,不过我没加,也能正常使用。可能和我的real server 是单网卡,使用默认路由有关系
[root@Web1 ~]# route add -host 10.10.6.200 dev tunl0 [root@Web1 ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.6.200 * 255.255.255.255 UH 0 0 0 tunl0 10.10.6.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0 [root@Web1 ~]#
3.测试
http://10.10.6.200
第一次访问
第二次访问
[root@LVS-master ~]# ipvsadm -Lnc IPVS connection entries pro expire state source virtual destination TCP 14:57 ESTABLISHED 192.168.19.63:65441 10.10.6.200:80 10.10.6.211:80 TCP 14:57 ESTABLISHED 192.168.19.63:65440 10.10.6.200:80 10.10.6.212:80 TCP 14:57 ESTABLISHED 192.168.19.63:65442 10.10.6.200:80 10.10.6.212:80 [root@LVS-master ~]#
LVS /TUN 模式设置成功
4.相关脚本
(1)Director脚本
[root@LVS-master ~]# vi tun.sh
[root@LVS-master ~]# more tun.sh
#!/bin/sh
# description: start LVS of Directorserver
VIP=10.10.6.200
DIP=10.10.6.201
RIP1=10.10.6.211
RIP2=10.10.6.212
GW=10.10.6.254
. /etc/rc.d/init.d/functions
case "$1" in
start)
echo " start LVS of DirectorServer"
# set the Virtual IP Address
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.0 up
/sbin/route add -host $VIP dev tunl0
#Clear IPVS table
/sbin/ipvsadm -C
#set LVS
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i
#Run LVS
/sbin/ipvsadm
#end
;;
stop)
echo "close LVS Directorserver"
ifconfig tunl0 down
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
[root@LVS-master ~]#
[root@LVS-master ~]# chmod +x tun.sh
[root@LVS-master ~]# ./tun.sh start
(2)Real Server启动脚本(以web1为例,web2相同)
[root@Web1 ~]# vi tun-rs.sh
[root@Web1 ~]# more tun-rs.sh
#!/bin/bash
#
# Script to start LVS TUN real server.
# description: LVS TUN real server
#
. /etc/rc.d/init.d/functions
VIP=10.10.6.200
case "$1" in
start)
# Start LVS-TUN real server on this machine.
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
# /sbin/route add -host $VIP dev tunl0
echo 1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
;;
stop)
# Stop LVS-TUN real server loopback device(s).
/sbin/ip addr flush tunl0
/sbin/ifconfig tunl0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-TUN real server.
islothere=`/sbin/ifconfig tunl0 | grep $VIP`
isrothere=`netstat -rn | grep "tunl0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the tunl0 device
# not found.
echo "LVS-TUN real server Stopped."
else
echo "LVS-TUN real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@Web1 ~]#
[root@Web1 ~]# chmod +x tun-rs.sh
[root@Web1 ~]# ./tun-rs.sh start
[root@Web1 ~]#