Introduction and Setup of LVS Nat mode and Dr Mode

LVS introduction:

LVS is short for Linux vritual server and a Linux virtual server. It is mainly used for multi-server load balancing and works at the network layer. LVS works similar to iptables, and many principles are the same.

LVS scheduling method:

# grep -i ‘VS‘/boot/config-2.6.32-431.el6.x86_64 |grep -A 10 ‘IPVS scheduler‘# IPVS schedulerCONFIG_IP_VS_RR=mCONFIG_IP_VS_WRR=mCONFIG_IP_VS_LC=mCONFIG_IP_VS_WLC=mCONFIG_IP_VS_LBLC=mCONFIG_IP_VS_LBLCR=mCONFIG_IP_VS_DH=mCONFIG_IP_VS_SH=mCONFIG_IP_VS_SED=mCONFIG_IP_VS_NQ=m

 

Static Method: Only Scheduling Based on the scheduling algorithm itself

Rr: Round Robin. WRR: Weighted Round Robin. SH: hash of the source address, indicating that requests from the same CIP are always directed to the same Rs. Session persistence. DH: hash of the target address.

Dynamic Method: scheduling based on the algorithm and the current load of each rs

LC: minimum connection. Wlc: weighted least join. Sed: the shortest expectation latency. One request comes in, and the best response performance is achieved. NQ: Never queues for connections. After one round of polling, the best performance starts to respond. Lblc: Local minimal connection. Lblcr: lblc with replication

Next, install ipvsadm on The LVS host.

# yum install ipvsadm -y

Ipvsadm command parameters:

Ipvsadm-A | E-T | u | f service-Address [-s scheduler]-A: Add a virtual server record to the kernel virtual server table. Add a new virtual IP address. -E: edit the parameters of the kernel virtual server. -D: delete a record in the kernel virtual table. -C: Clear configuration records in the virtual service table. -S: Save the configured kernel virtual table rules. -A: Add a forwarded host address in the kernel virtual server table, that is, the backend server. -E: edit the Real Server record in the record of a virtual service table. -T: TCP, specifies the forwarding protocol-u: UDP, the same as TCP. -W: weight. -R: Specify the IP address of the backend node.

How the NAT model works:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/48/55/wKiom1QG8teTlS4CAAE49oOQzww259.jpg "Title =" nat.jpg "alt =" wkiom1qg8tetls4caae49ooqzww259.jpg "/>

The Nat mode is used by the user iptables for forwarding. Later, it is used to solve the problem of insufficient public IP addresses. Compared with iptables, LVS's Nat process becomes a high-concurrency load solution. The client sends an HTTP request to the virtual IP address. The server receives an HTTP request and forwards it to the Real Server IP address corresponding to the dip. After the Real Server completes processing, it returns to the client, in this case, if you directly use real serverip to respond to the client, the client will not receive the request because the client requests a virtual IP address. At this time, the real server sends the Request Response to dip. Dip and vritual are located on the same host, and vritualip response packets are encapsulated and returned to the client.

LVS Host IP address division.

# ifconfig eth0 |grep ‘inet addr‘inetaddr:172.16.32.10 Bcast:172.16.255.255 Mask:255.255.0.0# ifconfig eth1 |grep ‘inet addr‘inetaddr:10.0.0.1  Bcast:10.255.255.255  Mask:255.0.0.0

1 ip address division for Web hosts.

# ifconfig eth0 |grep ‘inet addr‘inetaddr:172.16.32.11 Bcast:172.16.255.255 Mask:255.255.0.0# ifconfig eth1 |grep ‘inet addr‘inetaddr:10.0.0.10  Bcast:10.255.255.255  Mask:255.0.0.0

 

2 IP address division for Web hosts.

# ifconfig eth0 |grep ‘inet addr‘inet addr:172.16.32.12  Bcast:172.16.255.255  Mask:255.255.0.0# ifconfig eth1 |grep ‘inet addr‘inetaddr:10.0.0.11  Bcast:10.255.255.255  Mask:255.0.0.0

 

During the test, the eth0 Nic of the web host can be down. This is easy to configure.

 

Test whether the Web node can be accessed normally on the LVS host.

# curlhttp://10.0.0.10


Enable kernel forwarding
# echo 1 >/proc/sys/net/ipv4/ip_forward


Set LVS.
# ipvsadm -A -t172.16.32.10:80 -s rr# ipvsadm -a -t172.16.32.10:80 -r 10.0.0.10 -m# ipvsadm -a -t172.16.32.10:80 -r 10.0.0.11 -m # ipvsadm -L -nIP Virtual Serverversion 1.2.1 (size=4096)ProtLocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  172.16.32.10:80 rr  -> 10.0.0.10:80                 Masq    1     0          2           -> 10.0.0.11:80                 Masq    1     0          3
 

 
Open your browser and enter the VIP address.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/48/57/wKioL1QG83fAtbPAAADJ-GItfeA354.jpg "style =" float: none; "Title =" DR-RR-WEB1.jpg "alt =" wKioL1QG83fAtbPAAADJ-GItfeA354.jpg "/>
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/48/55/wKiom1QG83XC8WfgAADMCdtnzYA901.jpg "style =" float: none; "Title =" DR-RR-WEB2.jpg "alt =" wkiom1qg83xc8wfgaadmctnzya901.jpg "/>



Now, we can see the effect.
Working principle of the Dr model:
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/48/57/wKioL1QG86uxumclAAGYgjUCOuw994.jpg "Title =" dr.jpg "alt =" wkiol1qg86uxumclaagygjucouw994.jpg "/>
Dr and real server use a virtual IP address to provide external services. The LVS host and the backend web host share the same network segment. In the same broadcast domain, incoming requests send responses in ARP broadcast mode. In this case, only Dr responses are configured, while real server uses the silent Method for ARP of this IP address. Dr finds the Real Server Based on the scheduling algorithm, changes the target MAC address to the Real Server's MAC address, and sends it to the real server. After the real server receives and processes the request, it is equivalent to directly receiving the request from the client. After the processing, the real server directly responds to the request from the client, instead of through the dr.
 
Next we will build the Dr mode.
Arp_ignore: how to respond to ARP Address requests. The default value 0, 1 indicates that the request is responded only when the requested address is configured on the interface of the request message.
Arp_announce: How to advertise the local address. The default value is 0, 2, indicating the address of the interface directly connected through the network.
 
LVS host
# ifconfig eth0:0172.16.32.88/16 up# ifconfig eth0:0eth0:0    Link encap:Ethernet  HWaddr 00:0C:29:E1:B1:1B            inet addr:172.16.32.88  Bcast:172.16.255.255  Mask:255.255.0.0          UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1


 
Web Node 1 settings:
Modify the Kernel Parameters on RS, set the VIP on RS to the alias of the LO interface, and restrict it from responding to VIP address requests.
# echo 1 >/proc/sys/net/ipv4/conf/eth0/arp_ignore # echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore # echo 2 >/proc/sys/net/ipv4/conf/eth0/arp_announce # echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce# ifconfig lo:0172.16.32.88/16 up# ifconfig lo:0lo:0      Link encap:Local Loopback            inet addr:172.16.32.88  Mask:255.255.0.0          UP LOOPBACK RUNNING  MTU:16436 Metric:1 # ifconfig lo:0172.16.32.88 netmask 255.255.255.255 broadcast 172.16.32.88 up# route add -host172.16.32.88 dev lo:0


Web Node 2 Settings:
# echo 1 >/proc/sys/net/ipv4/conf/eth0/arp_ignore # echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore # echo 2 >/proc/sys/net/ipv4/conf/eth0/arp_announce # echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce# ifconfig lo:0172.16.32.88/16 up# ifconfig lo:0lo:0      Link encap:Local Loopback            inet addr:172.16.32.88  Mask:255.255.0.0          UP LOOPBACK RUNNING  MTU:16436 Metric:1 # ifconfig lo:0172.16.32.88 netmask 255.255.255.255 broadcast 172.16.32.88 up# route add -host172.16.32.88 dev lo:0



LVS host settings.
# ipvsadm -A -t172.16.32.88:80 -s rr# ipvsadm -a -t172.16.32.88:80 -r 172.16.32.11 -g -w 1# ipvsadm -a -t172.16.32.88:80 -r 172.16.32.12 -g -w 1# ipvsadm -L -nIP Virtual Serverversion 1.2.1 (size=4096)ProtLocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  172.16.32.88:80 rr  -> 172.16.32.11:80              Route   1     1          3           -> 172.16.32.12:80              Route   1     0          4

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/48/55/wKiom1QG9CSCUiujAAC9w60sSlg259.jpg "style =" float: none; "Title =" DR-WEB1.jpg "alt =" wkiom1qg9cscuiujaac9w60sslg259.jpg "/>
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/48/57/wKioL1QG9CjygPA5AADMCdtnzYA167.jpg "style =" float: none; "Title =" DR-RR-WEB2.jpg "alt =" wkiol1qg9cjygpa5aadmctnzya167.jpg "/>


 
Okay.
This article from "you smile to anyone" blog, please be sure to keep this source http://54276311.blog.51cto.com/9130197/1548452
Introduction and Setup of LVS Nat mode and Dr Mode