lvs-NAT-DR-端口绑定

                                  LVS-NAT

Client    eth0:192.168.1.1、24

Gw      eth0:192.168.1.254/24

        eth1:1.1.1.254/24

Director  Vip: eth0:.1.1.1.1/24

        Dip: eth1:172.16.1.254/24

Real server 1    eth0:172.16.1.1/24

Real server 2    eth0:172.16.1.2/24

Client

#route add default gw 192.168.1.254 deveth0

Gw

#echo 1 > /proc/sys/net/ipv4/ip_forward

Real server 1 和2

#route add default gw 172.16.1.254 dev eth0

Director

# echo 1 > /proc/sys/net/ipv4/ip_forward

# route add default gw 1.1.1.254 dev eth0

# yum install ipvsadm

# ipvsadm -A -t 1.1.1.1:80 -s rr

# ipvsadm -a -t 1.1.1.1:80 -r 172.16.1.1:80-m

# ipvsadm -a -t 1.1.1.1:80 -r 172.16.1.2:80-m

# ipvsadm -Ln

# ipvsadm -Ln –stats

                            Lvs+DR

Client            eth0 ：192.168.1.1/24

GW               eth0： 192.168.1.254/24

                 eth1： 1.1.1.254/24

Director                   VIPeth0:1 1.1.1.1/24

                  DIP eth0 1.1.1.100/24

Real Server 1         eth0 1.1.1.10/24

Real Server 2              eth0 1.1.1.20/24

Client:

[root@localhost ~]# route add default gw192.168.1.254 dev eth0

GW:

# echo 1 > /proc/sys/net/ipv4/ip_forward

Real Server 1 和2

# yum install httpd

# ifconfig lo:1 1.1.1.1/32

# echo 1 >/proc/sys/net/ipv4/conf/eth0/arp_ignore

# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce

Director:

# yum install ipvsadm

# ipvsadm -A -t 1.1.1.1:80 -s rr

# ipvsadm -a -t 1.1.1.1:80 -r 1.1.1.10:80-g

# ipvsadm -a -t 1.1.1.1:80 -r 1.1.1.20:80-g

# ipvsadm -Ln

# ipvsadm -Ln –stats

                               Lvs+端口绑定

Client          eth0：  192.168.122.1/24

Director        VIP  eth0:1  192.168.122.254/24

              DIP   eth0： 192.168.122.100/24

Real Server 1     eth0192.168.122.10/24

Real Server 2     eth0 192.168.122.20/24

Real Server 1和2

# ifconfig lo:1 192.168.122.254/32

# echo 1 >/proc/sys/net/ipv4/conf/eth0/arp_ignore

# echo 2 >/proc/sys/net/ipv4/conf/eth0/arp_announce、

# yum install vsftpd

# vim /etc/vsftpd/vsftpd.conf

pasv_enable=YES                       #开启被动模式

pasv_max_port=60000                #指定被动端口范围 50000-60000

pasv_min_port=50000

pasv_address=192.168.122.254    #指定被动模式使用的IP

Director:

# iptables -t mangle -A PREROUTING -p tcp--dport 21 -j MARK --set-mark 123

# iptables -t mangle -A PREROUTING -p tcp--dport 50000:60000 -j MARK --set-mark 123

# yum install ipvsadm

# ipvsadm -A -f 123 -s rr -p 30

# ipvsadm -a -f 123 -r 192.168.122.10 -g

# ipvsadm -a -f 123 -r 192.168.122.20 -g

# ipvsadm -Ln

# ipvsadm -Ln -c