One, LVS load balanced NAT operation mode 650) this.width=650; "Src=" https://s4.51cto.com/oss/201711/05/ 7233965d67479310bf3811804d0715af.png "title=" 1.png "alt=" 7233965d67479310bf3811804d0715af.png "/>
Work flow
(a). When a user requests to reach the director Server, the requested data message is first to the prerouting chain of the kernel space. At this time the source IP of the message is CIP, the target IP is VIP
(b). prerouting Check that the destination IP of the packet is native and the packet is sent to the input chain
(c). Ipvs is the Cluster service than the service requested by the packet, if the destination IP address of the packet is modified to be the back-end server IP, then the packet is sent to the postrouting chain. At this time the source IP of the message is CIP, the destination IP is RIP
(d). Postrouting chain through routing, data packets sent to real Server
(e). Real server is the target for its own IP, and the start of the build response message is sent back to director server. At this point the source IP of the message is RIP, the target IP is CIP
(f). Director server modifies the source IP address to its own VIP address before responding to the client, and then responds to the client. At this time the source IP of the message is VIP, the target IP is CIP
Environment Preparation:
Server |
Ip |
Clients (client) |
172.16.111.13 (Analog public network address) |
Virtual Services (VS)
|
172.16.111.123 (Analog public network address) 192.168.111.200 (Intranet) |
Back-end Request processing server (RS1)
|
192.168.111.101 (Gateway Point vs) |
Back-end Request processing server (RS2)
|
192.168.111.102 (Gateway Point vs)
|
3. Experimental steps:
(1) iptables-f && setenforce 0 Empty firewall policy, turn off SELinux yum install ipvsadm-y//install LVS management software on director (2) in director Configure the LVS policy ipvsadm-a-T 172.16.111.123:80-s WRR//Open a 80-port-based virtual service, the scheduling algorithm is WRR ipvsadm-a-T 172.16.111.123:80-r 192.1 68.111.101-m-W 1 ipvsadm-a-t 172.16.111.123:80-r 192.168.111.102-m-w 1//Configuration Web Service backend Real server is a NAT working mode with a weight of 1 vim/etc/sysctl.conf Modify netipv4.ip.forward=1//Turn on route forwarding (3) Configure configuration gateway on real server point to 192.168.111.2000
Implementing load balancing based on LNMP e-commerce sites