LVS Load Balancer Setup, Nat mode

Lvs-nat model: Similar to Dnat, but supports multi-target forwarding, which is multi-objective Dnat

It is forwarded by modifying the destination address of the request message to a certain RS rip selected by the scheduling algorithm.

Architectural Features:

(1) RS should use a private address, that is, RIP should be a private address, each RS gateway must point to the dip

(2) The request message and the response message are forwarded through the Director; in high-load scenarios, the director is prone to becoming a system bottleneck

(3) Support port mapping

(4) RS can use any type of OS

(5) The Rip of Rs must be in the same network 650 as the director's Dip ) this.width=650; "Src=" http://s5.51cto.com/wyfs02/M02/76/A8/ Wkiom1zynqihxlczaabp4twbcek908.png "title=" P67b4[}1cy (xuk[@4009 ' aw.png "alt=" Wkiom1zynqihxlczaabp4twbcek908.png " Width= "650" style= "padding:0px;margin:0px;vertical-align:top;border:none;"/>

It is necessary to figure out which port is which IP address before setting up the LVS load balancer for NAT mode.

Therefore, we need to plan the IP address and test according to the service topology map that we want to set up first.

1, according to the above topology diagram we can plan the IP address as:

vip:192.168.10.1

The VIP is the extranet address, so this address needs to be able to connect to the external network, note that if it is on a VM virtual machine it is best to set the bridge mode to the experiment.

dip:192.168.100.1

Dip is an intranet private address, not publicly available, and the gateway to the real server behind it must be set to dip

Rip:192.168.100.2-4

RIP is the IP address of the real server, and the three servers in the topology map set the IP address from 2 to 4 in turn

2, set the completion IP address after the internal network to test whether connectivity.

Test for proper communication between each IP address, using the Ping tool

Ping the IP addresses of the other hosts on each host

3, test whether the service needs to be set up in the directory to access the normal

This time in HTTP for example, after installing HTTP on each RS, using Curl http://192.168.100.2 test is normal in directory

After the test is complete, you can configure the cluster.

We use LVS configuration, do not understand can first read another blog LVs Foundation http://kmk0226.blog.51cto.com/5975994/1717592

Configure Directory

Configure IPVSADM on the directory server, the HTTP service is configured natively, the port number is 80

Ipvsadm-a-T 192.168.10.1:80-s RR//Set VIP to access the IP address of the cluster when the port number is 80,-s for the use of custom cluster mode, RR for polling, on behalf of each server will be rotated access ipvsadm-a-t 192.168 .10.1:80-r 192.168.100.2-m-W 1//Set 192.168.100.2 as an RS server,-M stands for Nat mode,-W is weighted, 1 is weighted to 1ipvsadm-a-T 192.168.10.1:80-r 19  2.168.100.3-m-W 2//Set 192.168.100.3 as an RS server,-M stands for Nat mode,-W for weight, 2 for weight of 2ipvsadm-a-T 192.168.10.1:80-r 192.168.100.4-m -W 3//Set 192.168.100.4 to an RS server,-M for the NAT mode,-W for weight, 3 for weight 3 Note: The larger the weight, the greater the chance of being accessed, but it is not valid for RR polling.

After you have configured your directory, the configuration of the cluster is complete.

To test whether the cluster is properly accessed:

1, the experimental environment first ensure that the Iptables firewall is off state

2, in the experimental environment to ensure that SELinux is closed or warning state

3, in the RS server to establish an HTTP page, the content of the page is best to distinguish between the content of each host, such as: 192.168.100.2 such an IP address content

4, the local physical machine directly access the VIP test whether the normal access, and whether it is normal polling access, if it is normal to represent the LVS cluster has been set up to complete

Summarize:

LVS Load Balancer cluster to the network requirements, if the internal network is not complete or will cause the cluster can not access, focus on as long as all the IP address can ping the normal erection success.

This article is from the "Private blog" blog, make sure to keep this source http://kmk0226.blog.51cto.com/5975994/1736671

LVS Load Balancer Setup, Nat mode