标签:tool rect virt style 1.0 real emctl 清空 firewall
1.LVS NAT模式搭建①测试机器网络环境准备工作
一号机:调度器
内网ip:192.168.231.128
外网ip:192.168.127.100
二号机:real server1
内网ip:192.168.231.129
网关:192.168.231.128
三号机:real server
内网ip:192.168.231.133
网关:192.168.231.128
②防火墙设置
※关闭防火墙firewalld
systemctl stop firewalld; systemctl disable firewalld
※清空iptables规则
systemctl enable iptables ;systemctl start iptables; iptables -F; service iptables save
※停用selinux
setenforce 0
③在调度器上安装ipvsadm工具
[root@test_01 ~]# yum install -y ipvsdam
④新建脚本文件/usr/local/sbin/lvs_nat.sh,将如下内容写入脚本文件中
#! /bin/bash # director 服务器上开启路由转发功能 echo 1 > /proc/sys/net/ipv4/ip_forward # 关闭icmp的重定向 echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects # 注意区分网卡名字 echo 0 > /proc/sys/net/ipv4/conf/ens33/send_redirects echo 0 > /proc/sys/net/ipv4/conf/ens37/send_redirects # director 设置nat防火墙 iptables -t nat -F iptables -t nat -X iptables -t nat -A POSTROUTING -s 192.168.231.0/24 -j MASQUERADE # director设置ipvsadm IPVSADM='/usr/sbin/ipvsadm' $IPVSADM -C $IPVSADM -A -t 192.168.127.100:80 -s wlc -p 3 $IPVSADM -a -t 192.168.127.100:80 -r 192.168.231.129:80 -m -w 1 $IPVSADM -a -t 192.168.127.100:80 -r 192.168.231.133:80 -m -w 1
⑤执行脚本,查看规则是否启用
[root@test_01 ~]# sh /usr/local/sbin/lvs_nat.sh [root@test_01 ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.127.100:80 rr persistent 3 -> 192.168.231.129:80 Masq 1 0 0 -> 192.168.231.133:80 Masq 1 0 0
标签:tool rect virt style 1.0 real emctl 清空 firewall
原文地址:http://blog.51cto.com/lavender7n/2067087
