nat模式

Director分發(fā)器配置

配置VIP

[root@tianyun ~]# ip addr add dev eth0 192.168.122.100/24
[root@tianyun ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@tianyun ~]# sysctl -p //確保打開路由轉(zhuǎn)發(fā)
[root@tianyun ~]#ln -sv /usr/src/kernels/3.10..... /usr/src/linux

定義LVS分發(fā)策略

[root@tianyun ~]# yum -y install ipvsadm //RHEL確保LoadBalancer倉庫可用
[root@tianyun ~]# ipvsadm -A -t 192.168.122.100:80 -s rr
[root@tianyun ~]# ipvsadm -a -t 192.168.122.100:80 -r 10.10.10.10 -m //-m masquerading (NAT)
[root@tianyun ~]# ipvsadm -a -t 192.168.122.100:80 -r 10.10.10.20 -m
[root@tianyun ~]# ipvsadm -a -t 192.168.122.100:80 -r 10.10.10.30 -m
[root@tianyun ~]# service ipvsadm save
[root@tianyun ~]# ipvsadm -L
[root@tianyun ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.122.100:80 rr
-> 10.10.10.10:80 Masq 1 0 1
-> 10.10.10.20:80 Masq 1 0 1
-> 10.10.10.30:80 Masq 1 0 1

[root@tianyun ~]# ipvsadm -L -n --stats // 顯示統(tǒng)計信息
[root@tianyun ~]# ipvsadm -L -n --rate //看速率
[root@tianyun ~]# ipvsadm -Ln -c //查看LVS的連接條目
[root@tianyun ~]# watch -n.5 'ipvsadm -Ln -c'

測試
[root@client ~]# elinks -dump http://192.168.122.100/
[root@client ~]# ab -c 1000 -n 1000 http://192.168.122.100/

總結(jié)

VS/NAT模式的原理是：當Director收到Client請求時减牺，Director將數(shù)據(jù)包的目標IP由VIP轉(zhuǎn)換為選中的Real Server的RIP來實現(xiàn)分發(fā)肖揣，
要求RS將網(wǎng)關(guān)指向Director的DIP氨肌。
特點是：配置簡單，所有的入站牡拇、出站數(shù)據(jù)包都經(jīng)過分發(fā)器。當數(shù)據(jù)量比較大時，分發(fā)器可能會出現(xiàn)網(wǎng)絡(luò)瓶頸惠呼！因而支持的RS數(shù)量少导俘。

Director必須開啟kernel ip_forward
所有RealServer默認網(wǎng)關(guān)指向DIP
Director使用DIP和RealServer RIP通信
[root@director1 ~]# watch -n.5 'ipvsadm -Ln -c'
Every 0.5s: ipvsadm -Ln -c Tue Dec 29 06:41:15 2015

IPVS connection entries
pro expire state source virtual destination
TCP 00:32 SYN_RECV 192.168.122.1:55989 192.168.122.100:80 10.10.10.10:80
TCP 00:42 SYN_RECV 192.168.122.1:55991 192.168.122.100:80 10.10.10.20:80
TCP 00:41 SYN_RECV 192.168.122.1:55990 192.168.122.100:80 10.10.10.30:80
TCP 00:29 SYN_RECV 192.168.122.1:55988 192.168.122.100:80 10.10.10.20:80
TCP 00:59 SYN_RECV 192.168.122.1:55993 192.168.122.100:80 10.10.10.30:80
TCP 00:42 SYN_RECV 192.168.122.1:55992 192.168.122.100:80 10.10.10.10:80

LVS/DR

RS
[root@tianyun ~]# yum -y install httpd
[root@tianyun ~]# ip addr add dev lo 192.168.122.100/32 //在lo接口上綁定VIP
[root@tianyun ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore //non-arp
[root@tianyun ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce

Director

配置VIP

[root@tianyun ~]# ip addr add dev eth0 192.168.122.100/32 //配置VIP
[root@tianyun ~]# yum -y install ipvsadm //RHEL確保LoadBalancer倉庫可用

LVS分發(fā)策略
[root@tianyun ~]# ipvsadm -C // 清除內(nèi)核虛擬服務(wù)器表中的所有記錄
[root@tianyun ~]# ipvsadm -A -t 192.168.122.100:80 -s rr
[root@tianyun ~]# ipvsadm -a -t 192.168.122.100:80 -r 192.168.122.10 -g
[root@tianyun ~]# ipvsadm -a -t 192.168.122.100:80 -r 192.168.122.20 -g
[root@tianyun ~]# ipvsadm -a -t 192.168.122.100:80 -r 192.168.122.30 -g
[root@tianyun ~]# service ipvsadm save
Saving IPVS table to /etc/sysconfig/ipvsadm: [ OK ]

[root@tianyun ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.122.100:80 rr
-> 192.168.122.10:80 Route 1 0 0
-> 192.168.122.20:80 Route 1 0 0
-> 192.168.122.30:80 Route 1 0 0

[root@tianyun ~]# ipvsadm -L -n
[root@tianyun ~]# ipvsadm -L -n --stats // 顯示統(tǒng)計信息
[root@tianyun ~]# ipvsadm -L -n --rate //看速率
[root@tianyun ~]# ipvsadm -Ln -c //查看LVS的連接條目
[root@tianyun ~]# watch -n.5 'ipvsadm -Ln -c'

測試
[root@client ~]# elinks -dump http://192.168.122.100
[root@client ~]# ab -c 1000 -n 1000 http://192.168.122.100/
[root@client ~]# tcpdump -nni eth0 -e host 192.168.122.100

總結(jié)
VS/DR模式的原理是： 當一個client發(fā)送一個請求到VIP，Di據(jù)VIP選rector根擇對應(yīng)的real-server的Pool剔蹋，根據(jù)算法旅薄，在Pool中選擇一臺Real-server，然后將client的求包請發(fā)給選擇的Real-server泣崩，最后選擇的Real-server把應(yīng)答包直接傳給client少梁，client接收到應(yīng)答包之后建立連接形成一個請求應(yīng)答過程。