標籤:lvs dr arp禁止回應
部署LVS-DR模式的時候,我們需要對後端realserver設定的vip禁止ARP廣播回應,後端realserver伺服器可能是linux或者windows
(一)、對於realserver 是linux的系統 ,給後端伺服器配置vip的方法
真實伺服器(real server)配置
ip配置
1)ip:10.0.0.11/16
gw:10.0.0.139
vip:172.16.10.100
# ifconfig lo:0 172.16.10.100/32 broadcast 172.16.10.100 設定廣播位址為自己。
禁用接收廣播回應配置
#vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
# sysctl -p
或者
# yum install arptables_jf
# arptables -A IN -d 172.16.10.100 -j DROP
添加路由
# route add -host 172.16.10.100 dev lo:0
(二)、對於real server 是windows伺服器的伺服器 VIP的添加方法:
1、關閉、禁止系統內建防火牆
2、新增迴環網卡
方法是:開始——運行——hdwwiz
或者win(ctrl與alt中間的鍵)+R鍵——hdwwiz 斷行符號之後
650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/37/C6/wKioL1OvqlmxzotmAAIszno7Ukg566.jpg" title="clipboard.png" alt="wKioL1OvqlmxzotmAAIszno7Ukg566.jpg" />
然後
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/37/C7/wKiom1OvqrGhEGDIAAFDLmM4Tck228.jpg" title="clipboard.png" alt="wKiom1OvqrGhEGDIAAFDLmM4Tck228.jpg" />
650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />
下一步
650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />650) this.width=650;" src="http://s3.51cto.com/wyfs02/M01/37/C6/wKioL1OvqqWyNY6VAADvBN4elLY365.jpg" title="clipboard.png" alt="wKioL1OvqqWyNY6VAADvBN4elLY365.jpg" />
下一步
650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/37/C7/wKiom1OvqvShgjpqAADdf6CiYqM375.jpg" title="clipboard.png" alt="wKiom1OvqvShgjpqAADdf6CiYqM375.jpg" />
下一步
650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/37/C6/wKioL1Ovqubzm-QtAAF98TrOyYg907.jpg" title="clipboard.png" alt="wKioL1Ovqubzm-QtAAF98TrOyYg907.jpg" />
下一步(等待幾秒鐘)選擇途中選項
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M01/37/C7/wKiom1OvqzewVJHUAAIPfl070d4539.jpg" title="clipboard.png" alt="wKiom1OvqzewVJHUAAIPfl070d4539.jpg" />
650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />
再下一步直到完成
開啟網路介面卡可以看到多出了個lo介面650) this.width=650;" src="/e/u261/themes/default/images/spacer.gif" style="background:url("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd;" alt="spacer.gif" />
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/37/C7/wKiom1Ovq1XBN7QUAAG5YXPDBN0414.jpg" title="clipboard.png" alt="wKiom1Ovq1XBN7QUAAG5YXPDBN0414.jpg" />
3、配置環回ip為vip的ip,掩碼255.255.255.255
4、4.修改網卡資訊
在命令列下修改,開始--運行--cmd
netsh interface ipv4 set interface "本地串連" weakhostreceive=enabled
netsh interface ipv4 set interface "本地串連" weakhostsend=enabled
netsh interface ipv4 set interface "本地串連2" weakhostreceive=enabled
netsh interface ipv4 set interface "本地串連2" weakhostsend=enabled
本文出自 “窮途--初心” 部落格,請務必保留此出處http://aixocm.blog.51cto.com/4208464/1432068
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
