One Network LVS-NAT

一、One Network LVS-NAT

LVS NAT 模式,VIP 和 RIP 处于同一网段方案,基本架构图如下:

                        ________
                       |        |
                       | client |
                       |________|
                       CIP=192.168.1.254
                           |
                           |
             __________    |
            |          |   |   VIP=192.168.1.110 (eth0:110)
            | director |---|
            |__________|   |   DIP=192.168.1.9 (eth0:9)
                           |
                           |
          ------------------------------------
          |                |                 |
          |                |                 |
   RIP1=192.168.1.2   RIP2=192.168.1.3  RIP3=192.168.1.4 (all eth0)
    _____________      _____________     _____________
   |             |    |             |   |             |
   | realserver  |    | realserver  |   | realserver  |
   |_____________|    |_____________|   |_____________|

1.1 To get a LVS-NAT LVS to work on one network

director:/etc/lvs# echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
director:/etc/lvs# echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
director:/etc/lvs# echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects

或修改 /etc/sysctl.conf 添加如下选项执行 sysctl -p 使配置永久生效

net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eth0.send_redirects = 0

默认设置之后,可能 RealServer 主机路由是以下状态:

realserver:/etc/lvs# route -n
Kernel IP routing table
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.1.9     0.0.0.0         UG        0 0          0 eth0

Remove the route to 192.168.1.0/24. 移除 192.168.1.0/24 的路由,防止 RIP 和 CIP直接通信

realserver:/etc/lvs# route del -net 192.168.1.0 netmask 255.255.255.0 dev eth0
realserver:/etc/lvs# route -n
Kernel IP routing table
0.0.0.0         192.168.1.9     0.0.0.0         UG        0 0          0 eth0

二、Reference

–EOF–

Written by kumu on 18 November 2014