今天来看一下LVS的第三种模式IP TUN。
TUN方式,是通过给数据包加上新的IP头部来实现,这个可以跨整个广域网。
环境:
| 主机名 | IP | 系统 | 角色 |
| tiandong63 |
RIP:192.168.199.11、DG:192.168.199.1 VIP:192.168.199.63 |
rhel6.5 | real server1 |
| tiandong64 |
RIP:192.168.199.12、DG:192.168.199.1 VIP:192.168.199.63 |
rhel6.5 | real server2 |
| OpenStack |
DIP:192.168.199.7、DG:192.168.199.1 VIP:192.168.199.63 |
rhel7.4 | 分发器 |
| localhost | 192.168.199.8 | rhel7.4 | 测试机 |
分发器:
1、配置网络:
ens33 192.168.199.7 DIP
ens33:1 192.168.199.63 VIP
[[email protected] ~]#ifconfig ens33:1 192.168.199.63 netmask 255.255.255.0 up
[[email protected] ~]# echo 1 > /proc/sys/net/ipv4/ip_forward 开启路由转发功能
2、配置IP TUN模式
[email protected] ~]#yum install ipvsadm -y
[[email protected] ~]#ipvsadm -A -t 192.168.199.63:80 -s rr
[[email protected] ~]#ipvsadm -a -t 192.168.199.63:80 -r 192.168.199.11:80 -i #-i隧道模式
[[email protected] ~]#ipvsadm -a -t 192.168.199.63:80 -r 192.168.199.12:80 -i
[[email protected] ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.199.63:80 rr
-> 192.168.199.11:80 Tunnel 1 0 0
-> 192.168.199.12:80 Tunnel 1 0 0
Realserver1:tiandong63
1、配置网络:
eth0 RIP:192.168.199.11
[[email protected] ~]# modprobe ipip #在加载好ipip模块后就会有默认的tunl0隧道。
[[email protected] ~]# lsmod |grep ipip
ipip 8371 0
tunnel4 2943 1 ipip
[[email protected] ~]#ifconfig tunl0 192.168.199.63 netmask 255.255.255.255 up
[[email protected]tiandong63 ~]# service network restart
[[email protected] ~]# ifconfig -a 此时就可以看到tunl0的网卡了。
eth0 Link encap:Ethernet HWaddr 00:0C:29:38:0B:14
inet addr:192.168.199.11 Bcast:192.168.199.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe38:b14/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:113954 errors:0 dropped:0 overruns:0 frame:0
TX packets:40448 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:164480499 (156.8 MiB) TX bytes:2794350 (2.6 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tunl0 Link encap:IPIP Tunnel HWaddr
inet addr:192.168.199.63 Mask:255.255.255.255
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1664 (1.6 KiB) TX bytes:0 (0.0 b)
2、关闭ARP转发:
[[email protected] ~]# vim /etc/sysctl.conf 在最后加上:
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[[email protected] ~]# sysctl -p 是配置生效
3、配置web服务器
[[email protected] ~]#yum install httpd -y
[[email protected] ~]# echo ‘this is 192.168.199.11‘ > /var/www/html/index.html 写一个测试页面
[[email protected] ~]# /etc/init.d/httpd start
Realserver2:tiandong64
1、配置网络
eth0 RIP:192.168.199.12
[[email protected] ~]# modprobe ipip
[[email protected] ~]# lsmod |grep ipip
ipip 8371 0
tunnel4 2943 1 ipip
[[email protected] ~]#ifconfig tunl0 192.168.199.63 netmask 255.255.255.255 up
[[email protected] ~]# service network restart
[[email protected] ~]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:0C:29:C7:20:71
inet addr:192.168.199.12 Bcast:192.168.199.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:2071/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:41108 errors:0 dropped:0 overruns:0 frame:0
TX packets:13848 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:57855802 (55.1 MiB) TX bytes:884097 (863.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tunl0 Link encap:IPIP Tunnel HWaddr
inet addr:192.168.199.63 Mask:255.255.255.255
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2080 (2.0 KiB) TX bytes:0 (0.0 b)
2、关闭ARP转发:
[[email protected] ~]# vim /etc/sysctl.conf 在最后加上:
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[[email protected] ~]# sysctl -p 是配置生效
3、配置web服务器
[[email protected] ~]#yum install httpd -y
[[email protected] ~]# echo ‘this is 192.168.199.12‘ > /var/www/html/index.html 写一个测试页面
[[email protected] ~]# /etc/init.d/httpd start
然后进行测试:
[[email protected] ~]#yum install elinks -y
[[email protected] ~]# elinks 192.168.199.63 --dump
this is 192.168.199.11
[[email protected] ~]# elinks 192.168.199.63 --dump
this is 192.168.199.12
[[email protected] ~]# elinks 192.168.199.63 --dump
this is 192.168.199.11
[[email protected] ~]# elinks 192.168.199.63 --dump
this is 192.168.199.12
在分发器上查看: 是平均分配的。
[[email protected] ~]# ipvsadm -ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 192.168.199.63:80 4 20 0 1664 0
-> 192.168.199.11:80 2 10 0 832 0
-> 192.168.199.12:80 2 10 0 832 0
原文地址:https://www.cnblogs.com/winter1519/p/10102044.html