Load Balancer LVs tun mode (IP tunneling)

1 , LVS , TUN Introduction

LVS is a Linux Virtual Server in the actual environment, often as b/S structure of the network application in the load balancer to use, working in 7 Layer network model, the network layer, which is usually said IP layer, because the data is processed in Linux The kernel state is complete, so the relative reverse proxy server, the performance is generally higher;

TUN is a IP Tunneling , IP The name of the tunnel, which will be received by the scheduler IP the packet is encapsulated in a new IP The data packet is forwarded to the application server, and then the actual server's return data is returned directly to the user.

2 , a simple Lvs/tun Architecture Diagram

here, I'll simply draw Lvs/tun deployment environment When the pattern is applied:

Let's assume that Baidu is using this architectural model (in fact, what is the structure of Baidu I did not field research)

Then to simulate the user access to the situation of Baidu.

1. users in the browser input http://www.baidu.com, the user's computer through the network to inquire DNS, Www.baidu.com The IP address of the domain name .

2.DNS server through the user's address, in the server list to select a possible distance from the user's nearest LVS Virtual Services IP Address or an address that follows the polling policy.

can be used ping Www.baidu.com ip is returned. Span style= "Color:rgb (51,51,51)" > address, this ip address is our dns Return to our address. can also be used dig command, you can see www.baidu.com actually corresponds to 3 " Span style= "Color:rgb (51,51,51)" >ip address

3. the IP address obtained by the user's browser via DNS to access the LVS Server

4. Enter Lvs/tun mode andLVS will supply the packet to APACHE or nginx -built reverse proxy server;

5. The reverse proxy server eventually sends the request to the application server;

6. After the application server completes the user request, it is returned directly to the user through the reverse proxy server, without having to pass the LVS server.

3 , premises

not all servers are supported IP tunnels, but for the general Linux server operating systems, basic support IP Tunneling agreement.

If you've seen me about LVS/DR mode, it is found that the process is essentially the same.

4 , Advantages

TUN mode can solve DR mode can not cross the network segment of the problem, or even across the public network.

5 , Summary

for large-scale Web sites, use aloneLVSis still not enough, generally still have to cooperateNginx or Apachedo load balancing. The simplest thing to do at this timeLvs+nginx/haproxy(NginxThe official version is not now4Layer Agent function,Haproxynot supported on the back endkeepalive),Of course UseDRmode orTUNmode is also available. It's all going to work.2layer to get it fixed. In fact, the number of visits is not very large companies, directly withNginx/haproxy/apachejustOKup. It's too complicated. Maintenance costs will be high.

Load Balancer LVs tun mode (IP tunneling)