• 首页
• 分类首页

LVS TUN

RealServer:lvs_tun.sh

注意：VIP、master和backup在同一网段和交换机，realserver在不同网段，但是同属于一外网IP段？

• tun模式与dr模式一样，lvs 和 realserver的端口必须一致，区别tun模式realserver与lvs可以不同网段和机房
• dr性能最高，其次是tun（需要重新封包), 最后是nat。 功能与性能排序相反
• 跨网段不通，必须在realserver中的/etc/sysctl.conf加入如下设置

  net.ipv4.conf.tunlN.arp_ignore = 1
  net.ipv4.conf.tunlN.arp_announce = 2
  net.ipv4.conf.tunlN.rp_filter = 0 #这个非常重要不然ip-ip的连接不会从realserver返回到客户端
  

• 配置文件

  cat > /etc/lvs_tun.conf <<EOF
  # LVS_TUN VIP configfile
  VIPs="172.16.17.60"
  EOF
  

• lvs_tun.sh

  #!/bin/sh
  # name   : lvs_tun.sh
  # auther : YuanXing
  # update : 2013-11-20
  # description : start realserver
  # chkconfig: 2345 55 25
   
  VIPs="$VIPs"
  CONF=/etc/lvs_tun.conf
   
  . /etc/rc.d/init.d/functions
  
  do_start(){
      echo "Start LVS_TUN of RealServer"
      VIPs=
      if [ -f "$CONF" ];then
          . $CONF
      else
          echo "Error:config file $CONF not exist!"
          return 1  
      fi
      if [ -z "$VIPs" ];then
          echo "Error:VIPs is empty!"
          return 1
      fi
      lab=0
      for vip in `echo "$VIPs"|grep -vE "^#|^$"`
      do
          [ -z "$vip" ] && echo "Error vip:$vip" && continue
          echo "Add VIP:$vip"
          /sbin/ifconfig tunl$lab down
          /sbin/ifconfig tunl$lab up
          echo "1" > /proc/sys/net/ipv4/conf/tunl$lab/arp_ignore
          echo "2" > /proc/sys/net/ipv4/conf/tunl$lab/arp_announce
          echo "0" > /proc/sys/net/ipv4/conf/tunl$lab/rp_filter
          echo "1" > /proc/sys/net/ipv4/conf/tunl$lab/forwarding
          /sbin/ifconfig tunl$lab $vip netmask 255.255.255.255 broadcast $vip up
          /sbin/route add -host $vip dev tunl$lab
          lab=`expr $lab + 1`
      done
      echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
      echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
      echo "0" > /proc/sys/net/ipv4/conf/all/rp_filter
  }
  do_stop(){
      echo "Close LVS_TUN RealServer"
      for dev in `ifconfig|grep ^tunl|awk '{print $1}'`
      do
          echo "Set $dev down"
          /sbin/ifconfig $dev down
      done
      echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
      echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
      echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
  }
    
  case "$1" in
  start)
      do_start
      exit $?
      ;;
  stop)
      do_stop
      ;;
  restart)
      do_stop
      do_start
      ;;
  status)
      #ip addr show|grep 'tunl'
      ip -o -f inet addr show|grep ': tunl'
      netstat -rn|grep -E 'Iface|tunl'
      ;;
  *)
      echo "Usage: $0 {start|stop|restart|status}"
      exit 1
      ;;
  esac
  

• 设置自启动

  chkconfig --add lvs_tun.sh 
  chkconfig lvs_tun.sh  on
  chkconfig --list lvs_tun.sh 
  

• keepalived.conf

  virtual_server 172.16.17.60 8080 {
      delay_loop 6
      lb_algo rr
      lb_kind TUN
      persistence_timeout 120
      protocol TCP
      ha_suspend
      #virtualhost 172.16.17.60
      sorry_server 172.16.19.150 8080
  
      real_server 172.16.19.150 8080 {
          weight 1
          TCP_CHECK {
              connect_port 8080
              connect_timeout 3
              nb_get_retry 3
              delay_before_retry 3
          }
      } # end real_server
      real_server 172.16.19.151 8080 {
          weight 1
          TCP_CHECK {
              connect_port 8080
              connect_timeout 3
              nb_get_retry 3
              delay_before_retry 3
          }
      } # end real_server
  } # end virtual_server 172.16.17.60:8080
  

© 2012 - 2021 XStar  | Powerby:Vimwiki  | Style:丘迟  | 首页  | 分类首页  | 站点地图