First, we need to understand the working mechanism of LVS: In LVS, ctor itself does not respond to the request, but only accepts the forwarded request to the backend. Realservers is the real response request in the background. LVS works basically like DNAT, but not exactly like it. It is a layer-4 switch. By default, the user request address and port are used to determine the user's request.
First, we need to understand the working mechanism of LVS:
In LVS, ctor itself does not respond to the request, but only accepts the forwarded request to the rear, ReaLsErvers is the real response request in the background.
LVS works basically like DNAT, but not exactly like it. It is a layer-4 switch. By default, it judges a user's request through the address and port requested by the user, in this way, it is forwarded to the host that actually provides services in the background, and it is determined that such a request is implemented through socket, so it can be implemented at Layer 4.In addition, the forwarding process is transparent to users (simply put, users access the dr ip address, while users do not know the process when DR is forwarded to RSS)
LVS Working Mode
1. DNAT
2. Direct routing
3. Tunnel
Benefits:
1. High concurrency
2. High Redundancy
3. Applicability: extends servers and reduces servers to facilitate server expansion and contraction
IP address type of LVS
1. VIP: virtual IP address, which does not provide services but forwards user requests to the backend
2 RIP: The real IP address, the IP address that the client actually provides services
3. DIP: Scheduling IP address, usually the IP address of the LVS connected to RIP
4. CIP: Client IP address. the IP address of the user upon request
Process: for example
= ======================================
LVSClusterType:
1. LVS-NAT DNAT
2. LVS-DR direct routing
3. LVS-TUN Tunnel
The three types are described in detail below:
Principle of LVS-NAT Model
User requests and responses must go through ctor
Both the source and target addresses must be converted, while the target address translation is transparent.
ThisArchitectureExpansion limited scheduler, Director will process all the requests, the pressure is relatively large, expansion to 10 nodes will not work
Requirements:
1. The cluster node must be in the same physical network, the same subnet or VLAN
2. DIP and RIP can only be in the same network (subnet) and cannot span network segments
3. The RIP address is usually a private address.
4. All RIP entries must use DIP as the gateway (address translation)
5. NAT addresses can be converted to ports (for example, 80 -- 8080)
6. Any operating system can perform RIP.
7. Director may become the bottleneck of the entire system.
Data transmission:
Through layer-2 (data link layer) Forwarding (ARP), the MAC address of DR is converted to the MAC address of RIP (not changed, but forwarded), so that data transmission is realized, after the RSS response, convert the rss mac address to the rip mac address.