The firewall tag can only define multiple services as the same class. How can we define all future requests from the same client to the same realserver? Use LVS persitence
Assume that a specific request, such as http and mail, of a specific client cip, is directed to the same realserver. The firewall should be marked on Director.
1. director:
Iptables-A mangle-t PREROUTING-I eth0-d $ vip-p tcp -- dprot 80-j MARK -- set-mark 20
Iptables-A mangle-t PREROUTING-I eth0-d $ vip-p tcp -- dprot 110-j MARK -- set-mark 20
// Immediately mark the incoming request
Ipvsadm-A-f 20-s rr-p
// Add a cluster service and specify it as the firewall editing type. Use the wheel call algorithm and specify the default timeout value, that is, persistent connection.
Ipvsadm-a-f 20-r $ Rip1-g
// Add the realserver and define it as the DR Model
Ipvsadm-a-f 20-r $ Rip2-g
This article is from the "Beryl" blog