LVS/NAT configuration and application

I,
NAT: Destination Address Translation

II,
Be sure to load this module on Director machine !!!
Modprobe iptable_nat
NOTE: If your Realserver is an xen virtual machine.
Modprobe iptable_nat
Iii. Configuration:
1. Prepare five RHEL5U5
2. iptables-F: clear rules
3. Set/etc/selinux/config to off SELinux.
Draw Topology
Client:
CIP: 110.0.0.1/24
GW: 110.0.0.254
DGW:
110.0.0.254/24
220.0.0.254/24
Director:
Eth0 DIP: 192.168.0.253/24
Eth0: 1 VIP: 220.0.0.1/24
RealServer:
RIP: 192.168.0.188
RIP: 192.168.0.194
NOTE: If your Realserver is an xen virtual machine.
Modprobe iptable_nat

Iv. Deployment
Client:
Requirements:
You can access the VIP.
Configure IP Address: 110.0.0.1
Set GW: 110.0.0.254
DGW:
Requirements:
Implement IP Forwarding
Configure the IP Address:
110.0.0.254
220.0.0.254
Enable IP Forwarding
Director distributor:
Yum install ipvsadm
1. Forwarding
[Root @ vmware1 ~] # Sysctl-p
Net. ipv4.ip _ forward = 1
2. Load modules
Modprobe iptable_nat
3,
Add VIP 220.0.0.1/24
DIP 192.168.0.253/24
Modify GW-> 220.0.0.254

4. Use this command to set rules:
Ipvsadm-A-t 220.0.0.1: 80-s rr
Ipvsadm-a-t 220.0.0.1: 80-r 192.168.0.188-m
Ipvsadm-a-t 220.0.0.1: 80-r 192.168.0.194-m
[Root @ www blues] #/etc/init. d/ipvsadm save
Saving IPVS table to/etc/sysconfig/ipvsadm: [OK]
RealServer:
Configure IP Address: 192.168.0.188
The gateway points to DIP: 192.168.0.253.
E. g:
Start HTTPD
(During the experiment, the pages of each server are different)
Echo "192.168.0.188">/var/www/html/index.html
======= O & M ========
Ipvsadm-L-n
Ipvsadm-C
Ipvsadm-L-n -- stats
Ipvsadm-L-n -- rate
Ipvsadm-L-n-c
Parameter memo
•-L |-l -- list displays the kernel virtual server table
•-Z -- zero virtual service table counters are cleared (when
Before)
•-C -- clear clears all
Record.
• -- Stats display statistics
• -- Rate display rate information
•-C -- connection displays the current connection of LVS
Save and test policies
• Service ipvsadm save
• AB-n 1000-c 1000 http: // 192.168.1.100
• Watch-n 0.1 ipvsadm-L-n -- stats
Note:
• Single NIC:
-The virtual IP address must be in the form of eth0: X. By default, data is sent.
The IP address on eth0. There must be at least two IP addresses.
• Dual-card, but ensure that the egress route Nic is correct.
• The client cannot be a node in the Cluster
======================================
======================================
Vsftpd:
81 iptables-t mangle-a prerouting-d accept 0.0.2-p tcp -- dport 21-j MARK -- set-mark 21
82 iptables-t mangle-a prerouting-d restart 0.0.2-p tcp -- dport restart :20000-j MARK -- set-mark 21
90 ipvsadm-A-f 21-s lc-p 3600
91 ipvsadm-a-f 21-r 10.10.10.32-m
92 ipvsadm-a-f 21-r 10.10.10.33-m
Start vsftpd
Pasv_address = 255.0.0.2
Pasvanderbilt max_port = 20000
Pasv_min_port = 10000
 

This article is from "The path to Linux Cultivation"