LVS-NAT LVS-DR model of Load Balancing

LVS-NAT LVS-DR model of Load Balancing

LVS is short for Linux Virtual Server. It is a Virtual Server cluster system that can define one or more backend servers. Worker s in the INPUT kernel.

LVS Scheduling Methods: 10
Static Method: only scheduling based on the algorithm itself
Rr: Round Robin
Wrr: Weighted RR Weight Round Robin
Sh: source hashing supports session binding Based on ip address anti-balancing
Dh: destination hashing is not used much according to firewall settings

Dynamic Method: based on the current algorithm and RS Load
If the link is in the active status, the data link ends, but the link is closed, it is called an inactive link.
Lc: Least Connection # minimum Connection
Overhead = Active * 256 + Inactive # In the round robin result at the beginning, the least winner wins;
Wlc: Weighted LC
Overhead = (Active * 256 + Inactive)/weight # the smallest winner in the result;
Sed: Shortest Expect CT Delay # minimum expected latency of wlc upgrade
Overhead = (Active + 1) * 256/weight
Nq: Nerver Queue # The first round of improved sed is round-robin Based on sed.
Lblc: Locality-based Least Connection based on local minimum connections
Dh + lc is rarely used for session binding
Lblcr: Replicated and Locality-based Least Connection does not use many backend servers

Lvs-nat

Features of lvs nat:
1. RS should use a private address;
2. The RS gateway must point to the DIP;
3. RIP and DIP must be in the same network segment;
4. Request and response packets must pass through ctor. In high-load scenarios, Director may become a bottleneck in system performance;
5. Port ing is supported;
6. RS can use any OS that supports cluster services;

Install ipvsadm
[Root @ marvin/] # yum install ipvsadm-y

Vip: 192.168.1.119
Dip: 192.168.243.132 virtual NIC: Host Mode
Rip1: 192.168.243.129 virtual NIC: Host Mode: The demo.html page content of the http service test page martin

Rip2: 192.168.243.131 virtual NIC: Host Mode: lucia
Http: no installation and configuration instructions are provided here.
Add vip:
[Root @ marvin/] # ifconfig eth1: 0 192.168.1.119/24 up

Configure route forwarding:
[Root @ marvin nat] # vim/etc/sysctl. conf
Net. ipv4.ip _ forward = 1

[Root @ marvin nat] # sysctl-p

Real-server route pointing to dip:
[Root @ martin/] # route add default gw 192.168.243.132
[Root @ lucia/] # route add default gw 192.168.243.132

Add cluster service:
# Add a Cluster Server
[Root @ marvin/] # ipvsadm-A-t 192.168.1.119: 80-s rr
# Add backend servers
[Root @ marvin/] # ipvsadm-a-t 192.168.1.119: 80-r 192.168.243.129-m
[Root @ marvin/] # ipvsadm-a-t 192.168.1.119: 80-r 192.168.243.131-m
# Data viewing
[Root @ marvin/] # ipvsadm-L-n # -- rate -- stats
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.119: 80 rr
-> 192.168.243.129: 80 Masq 1 0 0
-> 192.168.243.131: 80 Masq 1 0 0

Test result
[Root @ marvin/] # ipvsadm-L-n -- rate -- stats
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress: Port
TCP 192.168.1.119: 80 104 1090 507 154977
-> 192.168.243.129: 80 52 649 304 101371
-> 192.168.243.131: 80 52 441 203 53606

Modify:
[Root @ marvin/] # ipvsadm-E-t 192.168.1.119: 80-s wrr
[Root @ marvin/] # ipvsadm-e-t 192.168.1.119: 80-r 192.168.243.131-m-w 3

Clear counter:

[Root @ marvin/] # ipvsadm-Z-t 192.168.1.119: 80

Test result 3: 1
1234567 [root @ marvin/] # ipvsadm-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.119: 80 wrr
-> 192.168.243.129: 80 Masq 1 0 5
-> 192.168.243.131: 80 Masq 3 1 16

Data storage:
[Root @ marvin lvs-date] # ipvsadm-S>/mydata/lvs-date/nat/wrr. conf

Data cluster service:
[Root @ marvin nat] # ipvsadm-D-t 192.168.1.119: 80
[Root @ marvin nat] # ipvsadm-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn

Restore cluster service:
[Root @ marvin nat] # ipvsadm-R </mydata/lvs-date/nat/wrr. conf
[Root @ marvin nat] # ipvsadm-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.119: 80 wrr
-> 192.168.243.129: 80 Masq 1 0 0
-> 192.168.243.131: 80 Masq 3 0 0

View the ing table:
[Root @ marvin/] # ipvsadm-L-c
IPVS connection entries
Pro expire state source virtual destination
TCP 00:46 TIME_WAIT 192.168.1.102: 56168 192.168.1.119: http 192.168.243.131: http
TCP TIME_WAIT 192.168.1.102: 56161 192.168.1.119: http 192.168.243.129: http
TCP 00:46 TIME_WAIT 192.168.1.102: 56163 192.168.1.119: http 192.168.243.131: http
TCP 00:46 TIME_WAIT 192.168.1.102: 56164 192.168.1.119: http 192.168.243.131: http
TCP 00:44 TIME_WAIT 192.168.1.102: 56154 192.168.1.119: http 192.168.243.131: http
TCP 00:45 TIME_WAIT 192.168.1.102: 56162 192.168.1.119: http 192.168.243.131: http
TCP 00:52 TIME_WAIT 192.168.1.102: 56172 192.168.1.119: http 192.168.243.131: http
TCP 00:46 TIME_WAIT 192.168.1.102: 56165 192.168.1.119: http 192.168.243.129: http
TCP TIME_WAIT 192.168.1.102: 56153 192.168.1.119: http 192.168.243.129: http
TCP 00:47 TIME_WAIT 192.168.1.102: 56171 192.168.1.119: http 192.168.243.131: http
TCP 00:44 TIME_WAIT 192.168.1.102: 56155 192.168.1.119: http 192.168.243.131: http
TCP 00:46 TIME_WAIT 192.168.1.102: 56167 192.168.1.119: http 192.168.243.131: http
TCP 00:46 TIME_WAIT 192.168.1.102: 56169 192.168.1.119: http 192.168.243.129: http
TCP 00:47 TIME_WAIT 192.168.1.102: 56170 192.168.1.119: http 192.168.243.131: http
TCP 00:46 TIME_WAIT 192.168.1.102: 56166 192.168.1.119: http 192.168.243.131: http
TCP 00:45 TIME_WAIT 192.168.1.102: 56159 192.168.1.119: http 192.168.243.131: http
TCP 00:44 TIME_WAIT 192.168.1.102: 56156 192.168.1.119: http 192.168.243.131: http
TCP 00:44 TIME_WAIT 192.168.1.102: 56152 192.168.1.119: http 192.168.243.131: http
TCP TIME_WAIT 192.168.1.102: 56157 192.168.1.119: http 192.168.243.129: http
TCP 00:45 TIME_WAIT 192.168.1.102: 56160 192.168.1.119: http 192.168.243.131: http
TCP 00:45 TIME_WAIT 192.168.1.102: 56158 192.168.1.119: http 192.168.243.131: http
TCP 00:44 TIME_WAIT 192.168.1.102: 56149 192.168.1.119: http 192.168.243.131: http

Lvs-dr:

Lvs dr type:
1. When a front-end route is sent to a VIP, the request can only be a VIP on Dirctor;
Solution:
(1) static address binding;
Vro configuration permissions may not be available;
Static Address binding will be difficult to apply when Director is called;
(2) arptables
(3) Modify Linux kernel parameters, set the VIP on RS to the alias of the lo interface, and restrict Linux to only respond to ARP requests of the corresponding interface;
Features of The lvs dr type:
1. RS can use a private address, but it can also use a public address. In this case, RS can be directly connected through the Internet for configuration and monitoring;
2. The RS gateway must not point to DIP;
3. RS and Dirctory must be in the same physical network (cannot be separated by routers );
4. The request message passes through Directory, but the response packet must not pass through ctor
5. Port ing is not supported;
6. The RS can use most operating systems;

Vip: 192.168.1.119
# Dip: Virtual NIC: Host Mode
Rip1: 192.168.1.122 virtual NIC: Host Mode: The demo.html page content of the http service test page, martin

Rip2: 192.168.1.123 virtual NIC: Host Mode: lucia
Http: no installation and configuration instructions are provided here.
Simple Description: dip = vip here is generally public network. If you want to set dip for different network segments, that is, dip can be a private network, as long as the rip and dip can communicate with the rip network to flow to cip.
Real-server:
[Root @ martin ~] # Echo 1>/proc/sys/net/ipv4/conf/eth0/arp_ignore
[Root @ martin ~] # Echo 2>/proc/sys/net/ipv4/conf/eth0/arp_announce
[Root @ martin ~] # Echo 1>/proc/sys/net/ipv4/conf/all/arp_ignore
[Root @ martin ~] # Echo 2>/proc/sys/net/ipv4/conf/all/arp_announce

[Root @ lucia ~] # Echo 1>/proc/sys/net/ipv4/conf/eth0/arp_ignore
[Root @ lucia ~] # Echo 2>/proc/sys/net/ipv4/conf/eth0/arp_announce
[Root @ lucia ~] # Echo 1>/proc/sys/net/ipv4/conf/all/arp_ignore
[Root @ lucia ~] # Echo 2>/proc/sys/net/ipv4/conf/all/arp_announce


Arp_ignore passive mode # whether to respond to ARP Address requests. The default value is 0.
0 # reply to all IP addresses of the Local Machine (no matter where the address is located ).
1 # respond only when the target address of the request is configured on the interface to which the request arrives
Arp_announce # specifies how the local address is advertised on the local machine. The default value is 0. Announcement level: Active Mode
0 # all local IP addresses in tonggao.
1 # Try to notify the target network of the address that matches the network only
2 # only advertise addresses of the same network segment. Advertise rip mac to hide vip mac on real-server

Add vip: (set the broadcast domain to the local machine)
[Root @ martin ~] # Ip addr add dev lo 192.168.1.119/32 broadcast 192.168.1.119 label lo: 0

[Root @ lucia ~] # Ip addr add dev lo 192.168.1.119/32 broadcast 192.168.1.119 label lo: 0

Add cluster service

[Root @ marvin nat] # ipvsadm-A-t 192.168.1.119: 80-s rr # time [-p 300]
[Root @ marvin nat] # ipvsadm-a-t 192.168.1.119: 80-r 192.168.1.222-g
[Root @ marvin nat] # ipvsadm-a-t 192.168.1.119: 80-r 192.168.1.223-g

[Root @ marvin nat] # ipvsadm-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.119: 80 rr
-> 192.168.1.222: 80 Route 1 0 5
-> 192.168.1.223: 80 Route 1 0 5

[Root @ marvin nat] # ipvsadm-E-t 192.168.1.119: 80-s wrr
[Root @ marvin nat] # ipvsadm-e-t 192.168.1.119: 80-r 192.168.1.223-g-w 4
[Root @ marvin nat] # ipvsadm-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.119: 80 wrr
-> 192.168.1.222: 80 Route 1 0 6
-> 192.168.1.223: 80 Route 4 0 24

Packet Capture: data goes out from lo
[Root @ lucia ~] # Tcpdump-I any-nn-XX tcp src port 80 and ip src 192.168.1.119

Tcpdump: verbose output suppressed, use-v or-vv for full protocol decode
Listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
19:14:03. 630672 IP 192.168.1.119.80> 192.168.1.102.58761: Flags [S.], seq 4229184048, ack 1320608146, win 14480, options [mss 1460, sackOK, TS val 418789887 ecr 177960826, nop, wscale 6], length 0
0x0000: 0004 0001 0006 000c 2960 a9fd 0000 0800 ........)'......
0x0010: 4500 003c 0000 4000 4006 b68e c0a8 0177 E... <...... @ ...... w
0x0020: c0a8 0166 0050 e589 fc14 3a30 4eb6 e192... f. P...: 0N...
0x0030: a012 3890 69c0 0000 0204 05b4 0402 080a... 8. I ...........
0x0040: 18f6 39ff 0a9b 777a 0103 0306 ...... wz ....

This article permanently updates the link address: