类别:原创 服务器
本文参考
LVS三种工作模式简介及案例参考http://www.sxt.cn/u/324/blog/3188
LVS DR模式基本配置参考http://www.21ops.com/ops/26717.html
LVS TUN模式配置参考(其它的文档全都少了内容) http://outofmemory.cn/wr/?u=http%3A%2F%2Fwww.jizhuomi.com%2Fsoftware%2F365.html
ipvsadm 命令详细参数参考 http://blog.csdn.net/huaishu/article/details/17023061
LVS的分类
LVS-DR: 直接路由,此种方式是最常用的方式,所有的Director和RealServer都在同一个物理网络中(交换机)并且都只有一块网卡。
LVS-NAT:地址转换,数据包来回都要经过NAT转换,所以Director Server(即LVS服务器)将成为系统瓶颈。使用NAT模式将需要两个不同网段的IP,一个IP接受外部请求服务,一般为外网ip,此IP称为VIP,一个IP与后端realserver同一地址段,负责相互通信,称为DIP。后端realserver的网关地址需指向DIP。同时需开启linux内核的数据包转发功能。
LVS-TUN:隧道 ,LVS/TUN与 LVS/DR 类似。只是在报文外面再加一层IP封装,整个过程比LVS/DR模式多一次报文的封装/解封过程。LVS/DR只支持本地网络,LVS/TUN却可以跨机房。
目的:使用LVS对两台web服务器进行负载设置,本方暂不涉及LVS本身的HA设置
VIP:10.10.6.200
DIP:10.10.6.201
web1:10.10.6.211
web2:10.10.6.212
操作系统:CentOS release 6.6 (Final)
关闭了selinux和iptables
[root@Web1 ~]# getenforce
Disabled
[root@Web1 ~]# chkconfig iptables off
[root@Web1 ~]# service iptables stop
[root@Web1 ~]#
[root@Web1 ~]# yum install httpd php php-fpm
[root@Web1 ~]# vi /etc/httpd/conf/httpd.conf
ServerName :80
[root@Web1 ~]# service httpd restart
[root@Web1 ~]# service php-fpm restart
[root@Web1 ~]#
[root@Web1 ~]#
[root@Web1 ~]# more /var/www/html/phpinfo.php
<?php
phpinfo()
?>
[root@Web1 ~]#
[root@Web1 ~]# more /var/www/html/index.html \\web2 这里全部要做相应的修改
<html>
<head>
<title>web1</title>
</head>
<body>
hostname: Web1<br>ip : 10.10.6.211
</body>
</html>
[root@Web1 ~]#
[root@Web1 ~]#
[root@Web1 ~]#
http://10.10.6.211/phpinfo.php
http://10.10.6.212/phpinfo.php
http://10.10.6.211
[root@LVS-master ~]# yum install ipvsadm
[root@LVS-master ~]# chkconfig ipvsadm on
[root@LVS-master ~]# service ipvsadm start
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@LVS-master ~]#
在eth0:0上设置对外提供的地址
[root@LVS-master ~]# ifconfig eth0:0 10.10.6.200 netmask 255.255.255.255 broadcast 10.10.6.200 up
设置路由
[root@LVS-master ~]# route add -host 10.10.6.200 dev eth0:0
[root@LVS-master ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.6.200 * 255.255.255.255 UH 0 0 0 eth0
10.10.6.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0
[root@LVS-master ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:56:AE:32:1E
inet addr:10.10.6.201 Bcast:10.10.6.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:feae:321e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:73055 errors:0 dropped:0 overruns:0 frame:0
TX packets:7458 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4799348 (4.5 MiB) TX bytes:779840 (761.5 KiB)
eth0:0 Link encap:Ethernet HWaddr 00:50:56:AE:32:1E
inet addr:10.10.6.200 Bcast:10.10.6.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2522 (2.4 KiB) TX bytes:2522 (2.4 KiB)
[root@LVS-master ~]#
[root@LVS-master ~]# ipvsadm -A -t 10.10.6.200:80 -s rr
【添加ipvsadm条目,-A表示追加条目,-t表示使用tcp协议,-s rr表示使用轮询算法】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.211 -g
【-a表示追加规则,-t表示使用tcp协议,-r表示real-server,-g表示使用DR模型】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.212 -g
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.6.200:http rr
-> 10.10.6.211:http Route 1 0 0
-> 10.10.6.212:http Route 1 0 0
[root@LVS-master ~]#
设置网卡只对有eth0网卡上的ip地址做通告
[root@Web1 ~]#
[root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
[root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
在lo上设置集群服务的ip地址和路由
[root@Web1 ~]# ifconfig lo:0 10.10.6.200 netmask 255.255.255.255 broadcast 10.10.6.200
[root@Web1 ~]# route add -host 10.10.6.200 dev lo:0
[root@Web1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:56:AE:70:6E
inet addr:10.10.6.211 Bcast:10.10.6.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:feae:706e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:74398 errors:0 dropped:0 overruns:0 frame:0
TX packets:7263 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:11103638 (10.5 MiB) TX bytes:1076981 (1.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:106 errors:0 dropped:0 overruns:0 frame:0
TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:95140 (92.9 KiB) TX bytes:95140 (92.9 KiB)
lo:0 Link encap:Local Loopback
inet addr:10.10.6.200 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:65536 Metric:1
[root@Web1 ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.6.200 * 255.255.255.255 UH 0 0 0 lo
10.10.6.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0
[root@Web1 ~]#
http://10.10.6.200
第一次访问
第二次访问
第三次访问
第四次访问
LVS /DR 模式设置成功
[root@LVS-master ~]# vi dr.sh
[root@LVS-master ~]# more dr.sh
#!/bin/bash
#
# LVS script for VS/DR
#
. /etc/rc.d/init.d/functions
#
VIP=10.10.6.200
RIP1=10.10.6.211
RIP2=10.10.6.212
PORT=80
#
case "$1" in
start)
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:0
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Add an IP virtual service for VIP 10.10.6.200 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s rr
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g
/bin/touch /var/lock/subsys/ipvsadm &> /dev/null
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
/sbin/ifconfig eth0:0 down
/sbin/route del $VIP
/bin/rm -f /var/lock/subsys/ipvsadm
echo "ipvs is stopped..."
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ]; then
echo "ipvsadm is stopped ..."
else
echo "ipvs is running ..."
ipvsadm -L -n
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
;;
esac
[root@LVS-master ~]#
[root@LVS-master ~]# chmod +x dr.sh
[root@LVS-master ~]# ./dr.sh status
ipvs is running ...
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.6.200:80 rr
-> 10.10.6.211:80 Route 1 0 5
-> 10.10.6.212:80 Route 1 0 5
[root@LVS-master ~]#
[root@LVS-master ~]# ./dr.sh stop
SIOCDELRT: No such process
ipvs is stopped...
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@LVS-master ~]# ./dr.sh start
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.6.200:http rr
-> 10.10.6.211:http Route 1 0 0
-> 10.10.6.212:http Route 1 0 0
[root@LVS-master ~]#
[root@LVS-master ~]# echo "/root/dr.sh start" >>/etc/rc.local
[root@LVS-master ~]#
[root@Web1 ~]# vi dr-rs.sh
[root@Web1 ~]# more dr-rs.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=10.10.6.200
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@Web1 ~]# chmod +x dr-rs.sh
[root@Web1 ~]# ./dr-rs.sh status
LVS-DR real server Running.
[root@Web1 ~]# ./dr-rs.sh stop
[root@Web1 ~]# ./dr-rs.sh start
[root@Web1 ~]#
[root@Web1 ~]# echo "/root/dr-rs.sh start" >>/etc/rc.local
[root@Web1 ~]#
增加一块网卡,作为外网网卡,ip为 192.168.0.200,此ip即为对外的VIP,并将默认网关设置成VIP段的网关,本地的内网ip不设置网关
[root@LVS-master ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.200 * 255.255.255.0 U 0 0 0 eth1
10.10.6.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
link-local * 255.255.0.0 U 1003 0 0 eth1
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth1
[root@LVS-master ~]#
[root@LVS-master ~]# cat /proc/sys/net/ipv4/ip_forward
0
[root@LVS-master ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@LVS-master ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@LVS-master ~]#
[root@LVS-master ~]# ipvsadm -A -t 192.168.0.200:80 -s rr
【添加ipvsadm条目,-A表示追加条目,-t表示使用tcp协议,-s rr表示使用轮询算法】
[root@LVS-master ~]# ipvsadm -a -t 192.168.0.200:80 -r 10.10.6.211 -m
【-a表示追加规则,-t表示使用tcp协议,-r表示real-server,-m表示使用NAT模型】
[root@LVS-master ~]# ipvsadm -a -t 192.168.0.200:80 -r 10.10.6.212 -m
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.200:http rr
-> 10.10.6.211:http Masq 1 0 1
-> 10.10.6.212:http Masq 1 0 1
[root@Web1 ~]# route add default gw 10.10.6.201;route del default gw 10.10.6.254
[root@Web1 ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.6.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 10.10.6.201 0.0.0.0 UG 0 0 0 eth0
[root@Web1 ~]#
第一次访问
第二次访问
[root@LVS-master ~]# ipvsadm -Lc
IPVS connection entries
pro expire state source virtual destination
TCP 00:10 TIME_WAIT 192.168.0.201:24093 192.168.0.200:http 10.10.6.211:http
TCP 00:26 TIME_WAIT 192.168.0.201:24539 192.168.0.200:http 10.10.6.212:http
[root@LVS-master ~]#
LVS /NAT 模式设置成功
[root@LVS-master ~]# vi nat.sh
[root@LVS-master ~]# more nat.sh
#!/bin/bash
#
# chkconfig: - 88 12
# description: LVS script for VS/NAT
#
. /etc/rc.d/init.d/functions
#
VIP=192.168.0.200
DIP=10.10.6.201
RIP1=10.10.6.211
RIP2=10.10.6.212
#
case "$1" in
start)
# /sbin/ifconfig eth0:0 $VIP netmask 255.255.255.0 up
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Clear all ipvsadm rules/services.
/sbin/ipvsadm -C
# Add an IP virtual service for VIP 192.168.0.200 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s rr
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -m
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -m
/bin/touch /var/lock/subsys/ipvsadm.lock
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
# ifconfig eth0:0 down
rm -rf /var/lock/subsys/ipvsadm.lock
;;
status)
[ -e /var/lock/subsys/ipvsadm.lock ] && echo "ipvs is running..." || echo "ipvsadm is stopped..."
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
[root@LVS-master ~]#
[root@LVS-master ~]# chmod +x nat.sh
[root@LVS-master ~]# ./nat.sh start
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.200:http rr
-> 10.10.6.211:http Masq 1 0 0
-> 10.10.6.212:http Masq 1 0 0
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.200:http rr
-> 10.10.6.211:http Masq 1 0 4
-> 10.10.6.212:http Masq 1 0 4
[root@LVS-master ~]#
[root@LVS-master ~]#
[root@LVS-master ~]# ifconfig tunl0 10.10.6.200 broadcast 10.10.6.200 netmask 255.255.255.255 up
[root@LVS-master ~]# ipvsadm -A -t 10.10.6.200:80 -s rr
【添加ipvsadm条目,-A表示追加条目,-t表示使用tcp协议,-s rr表示使用轮询算法】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.211 -i
【-a表示追加规则,-t表示使用tcp协议,-r表示real-server,-i表示使用tun模型】
[root@LVS-master ~]# ipvsadm -a -t 10.10.6.200:80 -r 10.10.6.212 -i
[root@LVS-master ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.6.200:http rr
-> 10.10.6.211:http Tunnel 1 0 0
-> 10.10.6.212:http Tunnel 1 0 0
[root@LVS-master ~]#
[root@Web1 ~]# ifconfig tunl0 10.10.6.200 broadcast 10.10.6.200 netmask 255.255.255.255 up
[root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
[root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
[root@Web1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@Web1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
\\ 对于centos6.6系统,一定下面两行一定要加上,否则,real server会认为收到的数据包非法,直接丢弃。对于其它系统没有做过测试。网上很多资料上都没有这一点,因此花费了我很长时间来解决TUN失败的问题。
[root@Web1 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
[root@Web1 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
\\ 网上很多资料说要加上下面这一行,不过我没加,也能正常使用。可能和我的real server 是单网卡,使用默认路由有关系
[root@Web1 ~]# route add -host 10.10.6.200 dev tunl0
[root@Web1 ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.6.200 * 255.255.255.255 UH 0 0 0 tunl0
10.10.6.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0
[root@Web1 ~]#
http://10.10.6.200
第一次访问
第二次访问
[root@LVS-master ~]# ipvsadm -Lnc
IPVS connection entries
pro expire state source virtual destination
TCP 14:57 ESTABLISHED 192.168.19.63:65441 10.10.6.200:80 10.10.6.211:80
TCP 14:57 ESTABLISHED 192.168.19.63:65440 10.10.6.200:80 10.10.6.212:80
TCP 14:57 ESTABLISHED 192.168.19.63:65442 10.10.6.200:80 10.10.6.212:80
[root@LVS-master ~]#
LVS /TUN 模式设置成功
[root@LVS-master ~]# vi tun.sh
[root@LVS-master ~]# more tun.sh
#!/bin/sh
# description: start LVS of Directorserver
VIP=10.10.6.200
DIP=10.10.6.201
RIP1=10.10.6.211
RIP2=10.10.6.212
GW=10.10.6.254
. /etc/rc.d/init.d/functions
case "$1" in
start)
echo " start LVS of DirectorServer"
# set the Virtual IP Address
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.0 up
/sbin/route add -host $VIP dev tunl0
#Clear IPVS table
/sbin/ipvsadm -C
#set LVS
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i
#Run LVS
/sbin/ipvsadm
#end
;;
stop)
echo "close LVS Directorserver"
ifconfig tunl0 down
/sbin/ipvsadm -C
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
[root@LVS-master ~]#
[root@LVS-master ~]# chmod +x tun.sh
[root@LVS-master ~]# ./tun.sh start
[root@Web1 ~]# vi tun-rs.sh
[root@Web1 ~]# more tun-rs.sh
#!/bin/bash
#
# Script to start LVS TUN real server.
# description: LVS TUN real server
#
. /etc/rc.d/init.d/functions
VIP=10.10.6.200
case "$1" in
start)
# Start LVS-TUN real server on this machine.
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
# /sbin/route add -host $VIP dev tunl0
echo 1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
;;
stop)
# Stop LVS-TUN real server loopback device(s).
/sbin/ip addr flush tunl0
/sbin/ifconfig tunl0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-TUN real server.
islothere=`/sbin/ifconfig tunl0 | grep $VIP`
isrothere=`netstat -rn | grep "tunl0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the tunl0 device
# not found.
echo "LVS-TUN real server Stopped."
else
echo "LVS-TUN real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
[root@Web1 ~]#
[root@Web1 ~]# chmod +x tun-rs.sh
[root@Web1 ~]# ./tun-rs.sh start
[root@Web1 ~]#
本文出自 “jedy 网络技术&linux学习” 博客,请务必保留此出处http://jedy82.blog.51cto.com/425872/1628085
原文地址:http://jedy82.blog.51cto.com/425872/1628085
