Dr Model configuration Instructions
Previously mentioned in the DR Model LVs and application servers have only one network card, but through the network card alias to configure multiple IPs, on the LVS above the alias configuration dip, on the application server through the alias to set the VIP.
The packets coming out of the network must be CIP+VIP, so it should be forwarded to the LVS, not the application server (the same VIP on the application server), in order to avoid the application server to use the VIP response when receiving ARP requests, then you need to configure something.
The following is a configuration Application server that does not respond to ARP broadcasts (which host the router broadcasts to find VIPs):
Arp_ignore: defines the level of response when an ARP request is received and defaults to 0.
- 0 means, respond to all, as long as I have IP, you just request, no matter from which Nic comes in I respond
- 1 indicates that only the response if the requested IP is the IP of the NIC that is coming in, responds
arp_announce: defines the notification level when you advertise your own address, which defaults to 0.
- 0 indicates that all local addresses are advertised outward
- 1 indicates that if the IP is not on this interface, it will avoid outward notification, but there will be omissions
- 2 Always use best local address, that is, only use the address of the network card receiving ARP broadcast to advertise out
The following configuration is for the application server to use the VIP as the source IP address when returning packets:
VIP, DIP, rip in the same network segment:
Because in Dr Mode, the LVS and application servers have only one NIC, typically eth0, plus an LO loopback address. A RIP address is configured on the Eth0, and a VIP address is configured on the lo:0 (the alias of the loopback address NIC).
The request is sent to the Eth0 interface of the LVS via the router switch, then the LVS forwards to the Eth0 interface of an application server, and finally the application server sends a response using eth0. However, Linux has a behavior, the message from which interface out, as far as possible with which interface IP address, if the interface and the gateway is not in the same network segment, it uses the address of the alias on that interface.
Therefore, based on the above process, the application server will respond to the client from the eth0 out, so that the source address of the message is the RIP address, which is obviously not right, because the client was requesting a VIP. We have the VIP configured on the lo:0 on the application server, so we need to make a special configuration.
We need to add a unique routing entry that clearly indicates that the reply user's request message uses the lo:0 address as the source IP address (the way to do this is to add a route message using the route command).
VIP, DIP, rip in different network segments:
The VIP, dip, and rip are usually not within the same network segment.
Because the client is requesting a VIP, the IP is a public address, and the other dips and rip are private addresses, such as:
In this case, the LVS can forward the request to the application server (because dip and RIP are the same network segment so as long as the same switch can communicate, and dip and rip are the network card direct address is not an alias), but the application server will not be able to respond directly to the request, because the Eht0 IP is private, And the router is not in the same network segment, although the Application Server Lo configuration VIP, but this IP is not visible, it can only be used as the source IP address of the reply packet, the packet to go through a two-layer package, that is, the target Mac and the source Mac, obviously the target Mac is the address of the router, The application server needs to know that this address requires ARP broadcasts, but because the application server's eth0 and routers are not on the same network segment, ARP broadcasts cannot be completed, which causes the application server to not respond directly to the client.
So in this case, the topology needs to change, and a router needs to be added, such as:
The application server returns the client through the router, and the IP and Router 2 intranet IP on the application server's eth0 is a network segment. Of course, you can use a router with three interfaces or you can use a sub-interface of the router.
Configuration (same network segment)
Network configuration:
LVS Server
DIP: Configured on eth0
Ip:192.168.159.133/24
gw:192.168.159.2
VIP: configured on the eth0:0
ip:192.168.159.200
Gw:none
Application Server 1
RIP: Configured on eth0
ip:192.168.159.134/240
gw:192.168.159.2
VIP: configured on the lo:0
ip:192.168.159.200
Gw:none
Application Server 2
RIP: Configured on eth0
Ip:192.168.159.135/24
gw:192.168.159.2
VIP: configured on the lo:0
ip:192.168.159.200
Gw:none
Configure alias address and routing information on LVS
That's the VIP address.
Routing information
ARP parameters for the application server
As an example of Application server 1, 2 is configured as a method
Note: to configure Arp_ignore and arp_announce in the configuration VIP first.
Application server 1 's RIP address configuration on eth0
Configure ARP in the following directory/proc/sys/net/ipv4/conf
The all interface must be configured (setting global functionality), eth0 or lo configuration. Here we choose to configure all and eth0.
Set Eth0 's arp_announce first
This command indicates that the –W parameter indicates a temporary modification and does not take effect permanently.
This has changed to 2, the default is 0.
Set the arp_announce of all
Set the Arp_ignore, this time we use echo to set, in fact, it is OK
Configure the VIP on all application servers
Also need to modify the lo:0 broadcast address, now is 3 255, we want to change to 4, meaning that in this area on it an address.
After configuring we go to ping this VIP:
In fact, in response to this ping operation is the LVS server, not the application server. We can find it from the MAC address table, such as:
To add routing information on all application servers
Route add–host VIP dev lo:0 # Replace VIP with IP address
Configuring the LVS Cluster service
Set up a Cluster service
Add an Application Server
View cluster Information
Test access
LVS (iii) DR model configuration