LVS之nat&dr

Evernote Export

負載均衡集群設計時的要點：

(1)session保持

session sticky(ip hash)

session cluster

session server

(2)數據共享

共享存儲：

NAS:Network Attached Storage,文件服務器,訪問接口是文件級別(NFS,SAMBA)

SAN:Storage Area Network，訪問接口是塊級別；SCSI協議借助于其他網絡技術(FC,以太網)

DS:Distributed Storage,訪問接口通常是文件級別，接口可是文件系統，也可以API；ceph，內核級分布式存儲；

數據同步：

rsync+inotify

數據結構：

結構化數據：存儲于SQL數據庫中；

半結構化數據：xml,json,存儲于文件系統或NoSQL；

非結構化數據：文件系統，DS；

ipvsadm命令的用法：

ipvsadm -A|E -t|u|f service-address [-s scheduler]

[-p [timeout]] [-M netmask] [-b sched-flags]

ipvsadm -D -t|u|f service-address

ipvsadm -C

ipvsadm -R

ipvsadm -S [-n]

ipvsadm -a|e -t|u|f service-address -r server-address

[-g|i|m] [-w weight] [-x upper] [-y lower]

ipvsadm -d -t|u|f service-address -r server-address

ipvsadm -L|l [options]

ipvsadm -Z [-t|u|f service-address]

ipvsadm –set tcp tcpfin udp

ipvsadm -h

管理集群服務：增、改、刪、查

ipvsadm -A|E -t|u|f service-address [-s scheduler]

ipvsadm -D -t|u|f service-address

-A：添加

-E：修改

-D：刪除

service-address：

-t, tcp, vip:port

-u, udp, vip:port

-f, fwm, MARK

-s scheduler：默認為wlc；

管理集群服務上的RS：

ipvsadm -a|e -t|u|f service-address -r server-address [-g|i|m] [-w weight]

ipvsadm -d -t|u|f service-address -r server-address

-a：添加一個RS

-e：修改一個RS

-d：刪除一個RS

-r server-address：

RS的地址

rip[:port]

-g：GATEWAY （默認）

-i: IPIP

-m: MASQUERADE，nat

-w weight,

查看：

ipvsadm -L|l [options]

-n：numeric，數字格式顯示地址和端口；

-c：connection，顯示ipvs連接；

–stats：統計數據；

–rate：速率

–exact：精確值

清空規則：

ipvsadm -C

保存和重載：

保存：

ipvsadm -S > /PATH/TO/SOME_RULE_FILE

ipvsadm-save > /PATH/TO/SOME_RULE_FILE

重載：

ipvsadm -R < /PATH/FROM/SOME_RULE_FILE

ipvsadm-restore < /PATH/FROM/SOME_RULE_FILE

計數器清零：

ipvsadm -Z [-t|u|f service-address]

lvs-nat；

多目標的DNAT：通過將請求報文的目標地址和目標端口修改為挑選出某RS的RIP和PORT來實現；

(1) RIP和DIP應該使用私網地址，RS的網關應該指向DIP(保證響應報文必須經由VS)；

(2) 請求和響應報文都要經由director轉發；極高負載的場景中，Director可能會成為系統瓶頸；

(3) 支持端口映射；

(4) VS必須為Linux，RS可以是任意的OS；

(5) RS的RIP與Director的DIP必須在同一IP網絡；

設計要點：

(1)DIP與RIP要在同一IP網絡，RIP的網關要指向DIP；

(2)支持端口映射；

(3)是否用到共享存儲取決業務要求；

實驗拓撲：

DS兩張網卡兩個IP地址：1.1.1.130模擬外部網絡VIP，192.168.150.137模擬內部網絡DIP

RS1地址：192.168.150.138 RIP

RS2地址：192.168.150.139 RIP

DS配置及說明

[root@localhost ~]# ifconfig

eno16777752: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 1.1.1.130 netmask 255.255.255.0 broadcast 1.1.1.255

inet6 fe80::20c:29ff:fe87:41f3 prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:87:41:f3 txqueuelen 1000 (Ethernet)

RX packets 121 bytes 15542 (15.1 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 38 bytes 6012 (5.8 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.137 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe87:41fd prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)

RX packets 6811 bytes 5830568 (5.5 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 3197 bytes 312274 (304.9 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@localhost ~]# iptables -nL 查看iptables規則，確保iptables所有規則都為ACCEPT

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

[root@localhost ~]# iptables -F 清空所有iptables規則

[root@localhost ~]# less /etc/sysctl.conf

[root@localhost ~]# vim /etc/sysctl.conf 修改內核參數，開啟內核轉發功能

[root@localhost ~]# cat /etc/sysctl.conf

# System default settings live in /usr/lib/sysctl.d/00-system.conf.

le

#

# For more information, see sysctl.conf(5) and sysctl.d(5).

net.ipv4.ip_forward = 1

[root@localhost ~]# sysctl -p

net.ipv4.ip_forward = 1

[root@localhost ~]# cat /proc/sys/net/ipv4/i

icmp_echo_ignore_all ip_dynaddr

icmp_echo_ignore_broadcasts ip_early_demux

icmp_errors_use_inbound_ifaddr ip_forward

icmp_ignore_bogus_error_responses ip_forward_use_pmtu

icmp_ratelimit ipfrag_high_thresh

icmp_ratemask ipfrag_low_thresh

igmp_max_memberships ipfrag_max_dist

igmp_max_msf ipfrag_secret_interval

igmp_qrv ipfrag_time

inet_peer_maxttl ip_local_port_range

inet_peer_minttl ip_local_reserved_ports

inet_peer_threshold ip_nonlocal_bind

ip_default_ttl ip_no_pmtu_disc

[root@localhost ~]# cat /proc/sys/net/ipv4/ip_forward

1

[root@localhost ~]# ipvsadm -Ln 查看目前LVS的規則

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

[root@localhost ~]# ipvsadm -A -t 1.1.1.130:80 -s rr 管理集群服務，添加集群主機VIP，調度規則算法，rr為round robin, 輪調，輪詢，輪叫

[root@localhost ~]# ipvsadm -a -t 1.1.1.130:80 -r 192.168.150.138:80 -m -w 1 管理集群服務上的RS，添加RS主機，-m為添LVS類型為nat，-w為調度算法加權重，此時權重值無效，因為為rr算法

[root@localhost ~]# ipvsadm -a -t 1.1.1.130:80 -r 192.168.150.139:80 -m -w 2

[root@localhost ~]# ipvsadm -Ln 查看目前LVS的規則，已經存在

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 1.1.1.130:80 rr

-> 192.168.150.138:80 Masq 1 0 0

-> 192.168.150.139:80 Masq 2 0 0

[root@localhost ~]# curl http://1.1.1.130 此時訪問VIP時，后臺提供http服務的主機已經在輪詢

<h1>RS1</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS1</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 1.1.1.130:80 rr

-> 192.168.150.138:80 Masq 1 0 3

-> 192.168.150.139:80 Masq 2 0 4

[root@localhost ~]# ipvsadm -E -t 1.1.1.130:80 -s wrr -E為修改LVS規則，將調度算法修改為wrr，加權的輪詢算法

[root@localhost ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 1.1.1.130:80 wrr

-> 192.168.150.138:80 Masq 1 0 3

-> 192.168.150.139:80 Masq 2 0 3

[root@localhost ~]# curl http://1.1.1.130 此時根據權重，RS2主機訪問量會是RS1主機的兩倍

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS1</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS1</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS2</h1>

[root@localhost ~]# curl http://1.1.1.130

<h1>RS1</h1>

[root@localhost ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 1.1.1.130:80 wrr

-> 192.168.150.138:80 Masq 1 0 4

-> 192.168.150.139:80 Masq 2 0 9

[END] 2016/11/30 22:52:30

RS配置及說明：

RS1：

[BEGIN] 2016/11/30 21:47:08

[root@localhost ~]# ifconfig

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.138 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe1e:b6ec prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:1e:b6:ec txqueuelen 1000 (Ethernet)

RX packets 200 bytes 21679 (21.1 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 77 bytes 10491 (10.2 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@localhost ~]# yum -y install httpd telnet-server

已加載插件：fastestmirror

Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast

base | 3.6 kB 00:00:00

epel | 4.3 kB 00:00:00

extras | 3.4 kB 00:00:00

local | 3.6 kB 00:00:00

updates | 3.4 kB 00:00:00

(1/2): epel/updateinfo | 677 kB 00:00:00

(2/2): epel/primary_db | 4.4 MB 00:00:04

Determining fastest mirrors

* base: mirrors.cn99.com

* extras: mirrors.cn99.com

* updates: mirrors.cn99.com

正在解決依賴關系

–> 正在檢查事務

—> 軟件包 httpd.x86_64.0.2.4.6-40.el7.centos.4 將被安裝

os.4.x86_64 需要

–> 正在處理依賴關系 /etc/mime.types，它被軟件包 httpd-2.4.6-40.el7.centos.4.x86_64 需要

—> 軟件包 telnet-server.x86_64.1.0.17-59.el7 將被安裝

–> 正在檢查事務

—> 軟件包 httpd-tools.x86_64.0.2.4.6-40.el7.centos.4 將被安裝

—> 軟件包 mailcap.noarch.0.2.1.41-2.el7 將被安裝

–> 解決依賴關系完成

依賴關系解決

============================================================================================

Package 架構版本源大小

============================================================================================

正在安裝:

httpd x86_64 2.4.6-40.el7.centos.4 updates 2.7 M

telnet-server x86_64 1:0.17-59.el7 base 40 k

為依賴而安裝:

httpd-tools x86_64 2.4.6-40.el7.centos.4 updates 83 k

mailcap noarch 2.1.41-2.el7 base 31 k

事務概要

============================================================================================

安裝 2 軟件包 (+2 依賴軟件包)

總下載量：2.8 M

安裝大?。?.6 M

Downloading packages:

頭V3 RSA/SHA256 Signature, 密鑰 ID f4a80eb5: NOKEY

httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm 的公鑰尚未安裝

(1/4): httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm | 83 kB 00:00:00

(2/4): httpd-2.4.6-40.el7.centos.4.x86_64.rpm | 2.7 MB 00:00:00

mailcap-2.1.41-2.el7.noarch.rpm 的公鑰尚未安裝=========== ] 0.0 B/s | 2.8 MB –:–:– ETA

(3/4): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00

(4/4): telnet-server-0.17-59.el7.x86_64.rpm | 40 kB 00:00:00

——————————————————————————————–

總計 1.5 MB/s | 2.8 MB 00:00:01

從 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 檢索密鑰

導入 GPG key 0xF4A80EB5:

用戶ID : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"

指紋 : 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5

軟件包 : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda)

來自 : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

正在安裝 : mailcap-2.1.41-2.el7.noarch 1/4

正在安裝 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 2/4

正在安裝 : httpd-2.4.6-40.el7.centos.4.x86_64 3/4

正在安裝 : 1:telnet-server-0.17-59.el7.x86_64 4/4

驗證中 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 1/4

驗證中 : 1:telnet-server-0.17-59.el7.x86_64 2/4

驗證中 : mailcap-2.1.41-2.el7.noarch 3/4

驗證中 : httpd-2.4.6-40.el7.centos.4.x86_64 4/4

已安裝:

httpd.x86_64 0:2.4.6-40.el7.centos.4 telnet-server.x86_64 1:0.17-59.el7

作為依賴被安裝:

httpd-tools.x86_64 0:2.4.6-40.el7.centos.4 mailcap.noarch 0:2.1.41-2.el7

完畢！

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976 lvs的nat方式，RS的網關必須執行DS的內部ip，此次試驗為192.168.150.137

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976

TYPE=Ethernet

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPADDR=192.168.150.138

NETMASK=255.255.255.0

GATEWAY=192.168.150.137

DNS1=192.168.150.2

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno33554976

UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90

DEVICE=eno33554976

ONBOOT=yes

[root@localhost ~]# systemctl restart network.service

[root@localhost ~]# ip addr list

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

00

link/ether 00:0c:29:1e:b6:ec brd ff:ff:ff:ff:ff:ff

inet 192.168.150.138/24 brd 192.168.150.255 scope global eno33554976

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe1e:b6ec/64 scope link

valid_lft forever preferred_lft forever

[root@localhost ~]# ip route list

default via 192.168.150.137 dev eno33554976 proto static metric 100

192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.138 metric 100

[root@localhost ~]# ping 192.168.150.137

PING 192.168.150.137 (192.168.150.137) 56(84) bytes of data.

64 bytes from 192.168.150.137: icmp_seq=1 ttl=64 time=0.772 ms

^C

— 192.168.150.137 ping statistics —

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.772/0.772/0.772/0.000 ms

[root@localhost ~]# vim /var/www/html/index.html

[root@localhost ~]# cat /var/www/html/index.html

<h1>RS1</h1>

[root@localhost ~]# systemctl start httpd.service

[root@localhost ~]# ss -tnl

State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 *:22 *:*

LISTEN 0 100 127.0.0.1:25 *:*

LISTEN 0 128 :::80 :::*

LISTEN 0 128 :::22 :::*

LISTEN 0 100 ::1:25 :::*

[END] 2016/11/30 22:52:35

RS2:

[BEGIN] 2016/11/30 21:47:23

[root@localhost ~]# ifconfig

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.139 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe7c:2ca9 prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:7c:2c:a9 txqueuelen 1000 (Ethernet)

RX packets 179 bytes 19733 (19.2 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 76 bytes 9965 (9.7 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 4 bytes 352 (352.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 4 bytes 352 (352.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@localhost ~]# yum -y install httpd telnet-server

已加載插件：fastestmirror

Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast

base | 3.6 kB 00:00:00

epel | 4.3 kB 00:00:00

extras | 3.4 kB 00:00:00

local | 3.6 kB 00:00:00

updates | 3.4 kB 00:00:00

(1/2): epel/updateinfo | 677 kB 00:00:01

(2/2): epel/primary_db | 4.4 MB 00:00:05

Determining fastest mirrors

* base: mirrors.aliyun.com

* extras: mirrors.aliyun.com

* updates: mirrors.aliyun.com

正在解決依賴關系

–> 正在檢查事務

—> 軟件包 httpd.x86_64.0.2.4.6-40.el7.centos.4 將被安裝

os.4.x86_64 需要

–> 正在處理依賴關系 /etc/mime.types，它被軟件包 httpd-2.4.6-40.el7.centos.4.x86_64 需要

—> 軟件包 telnet-server.x86_64.1.0.17-59.el7 將被安裝

–> 正在檢查事務

—> 軟件包 httpd-tools.x86_64.0.2.4.6-40.el7.centos.4 將被安裝

—> 軟件包 mailcap.noarch.0.2.1.41-2.el7 將被安裝

–> 解決依賴關系完成

依賴關系解決

============================================================================================

Package 架構版本源大小

============================================================================================

正在安裝:

httpd x86_64 2.4.6-40.el7.centos.4 updates 2.7 M

telnet-server x86_64 1:0.17-59.el7 base 40 k

為依賴而安裝:

httpd-tools x86_64 2.4.6-40.el7.centos.4 updates 83 k

mailcap noarch 2.1.41-2.el7 base 31 k

事務概要

============================================================================================

安裝 2 軟件包 (+2 依賴軟件包)

總下載量：2.8 M

安裝大小：9.6 M

Downloading packages:

RSA/SHA256 Signature, 密鑰 ID f4a80eb5: NOKEY

httpd-2.4.6-40.el7.centos.4.x86_64.rpm 的公鑰尚未安裝

(1/4): httpd-2.4.6-40.el7.centos.4.x86_64.rpm | 2.7 MB 00:00:00

(2/4): httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm | 83 kB 00:00:00

telnet-server-0.17-59.el7.x86_64.rpm 的公鑰尚未安裝====== ] 0.0 B/s | 2.8 MB –:–:– ETA

(3/4): telnet-server-0.17-59.el7.x86_64.rpm | 40 kB 00:00:00

(4/4): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00

——————————————————————————————–

總計 1.7 MB/s | 2.8 MB 00:00:01

從 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 檢索密鑰

導入 GPG key 0xF4A80EB5:

用戶ID : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"

指紋 : 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5

軟件包 : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda)

來自 : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

正在安裝 : mailcap-2.1.41-2.el7.noarch 1/4

正在安裝 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 2/4

正在安裝 : httpd-2.4.6-40.el7.centos.4.x86_64 3/4

正在安裝 : 1:telnet-server-0.17-59.el7.x86_64 4/4

驗證中 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 1/4

驗證中 : 1:telnet-server-0.17-59.el7.x86_64 2/4

驗證中 : mailcap-2.1.41-2.el7.noarch 3/4

驗證中 : httpd-2.4.6-40.el7.centos.4.x86_64 4/4

已安裝:

httpd.x86_64 0:2.4.6-40.el7.centos.4 telnet-server.x86_64 1:0.17-59.el7

作為依賴被安裝:

httpd-tools.x86_64 0:2.4.6-40.el7.centos.4 mailcap.noarch 0:2.1.41-2.el7

完畢！

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976

TYPE=Ethernet

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPADDR=192.168.150.139

NETMASK=255.255.255.0

GATEWAY=192.168.150.137

DNS1=192.168.150.2

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno33554976

UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90

DEVICE=eno33554976

ONBOOT=yes

[root@localhost ~]# systemctl restart network.service

[root@localhost ~]# ip addr list

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

00

link/ether 00:0c:29:7c:2c:a9 brd ff:ff:ff:ff:ff:ff

inet 192.168.150.139/24 brd 192.168.150.255 scope global eno33554976

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe7c:2ca9/64 scope link

valid_lft forever preferred_lft forever

[root@localhost ~]# ip route list

default via 192.168.150.137 dev eno33554976 proto static metric 100

192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.139 metric 100

[root@localhost ~]# ping 192.168.150.137

PING 192.168.150.137 (192.168.150.137) 56(84) bytes of data.

64 bytes from 192.168.150.137: icmp_seq=1 ttl=64 time=0.516 ms

^C

— 192.168.150.137 ping statistics —

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.516/0.516/0.516/0.000 ms

[root@localhost ~]# vim /var/www/html/index.html

[root@localhost ~]# cat /var/www/html/index.html

<h1>RS2</h1>

[root@localhost ~]# systemctl start httpd.service

[root@localhost ~]# ss -tnl

State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 *:22 *:*

LISTEN 0 100 127.0.0.1:25 *:*

LISTEN 0 128 :::80 :::*

LISTEN 0 128 :::22 :::*

LISTEN 0 100 ::1:25 :::*

[END] 2016/11/30 22:52:38

lvs-dr

lvs-dr：direct routing

通過修改請求報文的MAC地址進行轉發；IP首部不會發生變化（源IP為CIP，目標IP始終為VIP）；

通過為請求報文的重新封裝一個MAC首部進行轉發，元MAC是DIP所在接口的MAC，目標MAC是挑選出某RS的RIP所在接口的MAC地址；IP首部不會發生變化(CIP<–>VIP)

(1) 確保前端路由器將目標IP為VIP的請求報文一定會發送給Director；

解決方案：

在路由器上靜態綁定VIP和Director的MAC地址；

禁止RS響應VIP的ARP請求，禁止RS的VIP進行通告；

(a) arptables；

(b) 修改各RS的內核參數，并把VIP配置在特定的接口上lo實現禁止其響應；

arp_ignore,arp_announce

(2) RS的RIP可以使用私有地址，也可以使用公網地址；

(3) RS跟Director必須在同一物理網絡中；

(4) 請求報文必須由Director調度，但響應報文必須不能經由Director；

(5) 不支持端口映射；

(6) 各RS可以使用大多數的OS；

在各主機(Director,RS)均需要配置VIP；因此，要解決地址沖突的問題，目標是讓各RS上的VIP不可見，僅用接收目標地址為VIP的報文，同時可作為響應報文的源地址；

(1)在前端的網關接口上靜態綁定；

(2)在各RS上使用arptables；

(3)在各RS上修改內核參數，來顯示arp響應和通告；

限制響應級別:arp_ignore

0：使用本地任意接口上配置的地址進行響應；

1：僅在請求的目標IP配置在本地主機的接收報文的接口上時才給予響應

2-8

限制通告級別：arp_announce

0:默認，把本機所有接口信息向每個接口通告

1:盡量避免向非本網絡通告；

2:總是避免；

設計要點：

(1)：各主機一個接口即可，但需要在同一物理網絡中；

(2)：rip的網管不能指向dip；rip和dip通常應該在同一網絡，但此二者未必會與vip在同一網絡；

(3)：各rs需要先設置內核參數，再設置vip和路由；

Director：

# ifconfig INTERFACE_ALIAS $vip netmask 255.255.255.255 broadcast $vip up

定義集群服務及服務上的RS；

RealServer：

內核參數：

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

# echo 2 > /proc/sys/net/ipv4/conf/all/arp_annouce

# echo 1 > /proc/sys/net/ipv4/conf/INTERFACE/arp_ignore

# echo 2 > /proc/sys/net/ipv4/conf/INTERFACE/arp_annouce

注意：INTERFACE為你的物理接口；

# ifconfig lo:0 $vip netmask 255.255.255.255 broadcast $vip up

# route add -host $vip dev lo:0

實驗拓撲：

DS一張網卡兩個地址：192.168.150.137 DIP，192.168.150.131 VIP

RS1地址：192.168.150.138 RIP

RS2地址：192.168.150.139 RIP

DS配置及說明：

[BEGIN] 2016/11/30 23:08:56

[root@localhost ~]# ipvsadm -C

[root@localhost ~]# ping 192.168.150.138

PING 192.168.150.138 (192.168.150.138) 56(84) bytes of data.

64 bytes from 192.168.150.138: icmp_seq=1 ttl=64 time=0.488 ms

^C

— 192.168.150.138 ping statistics —

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.488/0.488/0.488/0.000 ms

[root@localhost ~]# ping 192.168.150.139

PING 192.168.150.139 (192.168.150.139) 56(84) bytes of data.

64 bytes from 192.168.150.139: icmp_seq=1 ttl=64 time=0.676 ms

^C

— 192.168.150.139 ping statistics —

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.676/0.676/0.676/0.000 ms

[root@localhost ~]# ifconfig

eno16777752: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500

ether 00:0c:29:87:41:f3 txqueuelen 1000 (Ethernet)

RX packets 284 bytes 36266 (35.4 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 113 bytes 17679 (17.2 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.137 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe87:41fd prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)

RX packets 8906 bytes 6016519 (5.7 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 4604 bytes 475486 (464.3 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@localhost ~]# ip addr add 192.168.150.131/24 dev eno33554976 在同一網卡上配置了192.168.150.131作為VIP

[root@localhost ~]# ip addr l

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eno16777752: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000

link/ether 00:0c:29:87:41:f3 brd ff:ff:ff:ff:ff:ff

3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:87:41:fd brd ff:ff:ff:ff:ff:ff

inet 192.168.150.137/24 brd 192.168.150.255 scope global eno33554976

valid_lft forever preferred_lft forever

inet 192.168.150.131/24 scope global secondary eno33554976

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe87:41fd/64 scope link

valid_lft forever preferred_lft forever

[root@localhost ~]# ip addr del 192.168.150.131/24 dev eno33554976

[root@localhost ~]# ip addr l

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eno16777752: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000

link/ether 00:0c:29:87:41:f3 brd ff:ff:ff:ff:ff:ff

3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:87:41:fd brd ff:ff:ff:ff:ff:ff

inet 192.168.150.137/24 brd 192.168.150.255 scope global eno33554976

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe87:41fd/64 scope link

valid_lft forever preferred_lft forever

[root@localhost ~]# ifconfig

eno16777752: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500

ether 00:0c:29:87:41:f3 txqueuelen 1000 (Ethernet)

RX packets 284 bytes 36266 (35.4 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 113 bytes 17679 (17.2 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.137 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe87:41fd prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)

RX packets 9364 bytes 6054581 (5.7 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 4855 bytes 504970 (493.1 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eno33554976:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 VIP地址子網掩碼設置為255.255.255.255，并將廣播地址設置為本身，禁止廣播

inet 192.168.150.131 netmask 255.255.255.255 broadcast 192.168.150.131

ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@localhost ~]# ipvsadm -C

[root@localhost ~]# ipvsadm -A -t 192.168.150.131 -s rr

Zero port specified for non-persistent service

[root@localhost ~]# ipvsadm -A -t 192.168.150.131:80 -s rr

[root@localhost ~]# ipvsadm -a -t 192.168.150.131:80 -r 192.168.150.138 -g -w 1 -g即指定gateway（默認模式）LVS方式為DR

[root@localhost ~]# ipvsadm -a -t 192.168.150.131:80 -r 192.168.150.139 -g -w 2

[root@localhost ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.150.131:80 rr

-> 192.168.150.138:80 Route 1 0 0

-> 192.168.150.139:80 Route 2 0 0

模擬客戶機進行http訪問結果：

[root@localhost ~]# curl http://192.168.150.131

<h1>RS1</h1>

[root@localhost ~]# curl http://192.168.150.131

<h1>RS2</h1>

[root@localhost ~]# curl http://192.168.150.131

<h1>RS1</h1>

[root@localhost ~]# curl http://192.168.150.131

<h1>RS2</h1>

此時本網絡內的arp表 arp將192.168.150.131指向的mac地址肯定是DS中的mac

arp -a

接口: 192.168.150.1 — 0xb

Internet 地址物理地址類型

192.168.150.131 00-0c-29-87-41-fd 動態

192.168.150.137 00-0c-29-87-41-fd 動態

192.168.150.138 00-0c-29-1e-b6-ec 動態

192.168.150.139 00-0c-29-7c-2c-a9 動態

192.168.150.255 ff-ff-ff-ff-ff-ff 靜態

224.0.0.2 01-00-5e-00-00-02 靜態

224.0.0.22 01-00-5e-00-00-16 靜態

224.0.0.252 01-00-5e-00-00-fc 靜態

239.255.255.250 01-00-5e-7f-ff-fa 靜態

RS的配置及說明：

RS1：

[BEGIN] 2016/11/30 23:10:53

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976 編輯網絡，網關無需指向DS

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976

TYPE=Ethernet

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPADDR=192.168.150.138

NETMASK=255.255.255.0

GATEWAY=192.168.150.2

DNS1=192.168.150.2

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno33554976

UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90

DEVICE=eno33554976

ONBOOT=yes

[root@localhost ~]# systemctl restart network.service

[root@localhost ~]# ip addr list

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:1e:b6:ec brd ff:ff:ff:ff:ff:ff

inet 192.168.150.138/24 brd 192.168.150.255 scope global eno33554976

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe1e:b6ec/64 scope link

valid_lft forever preferred_lft forever

[root@localhost ~]# ip route

default via 192.168.150.2 dev eno33554976 proto static metric 100

192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.138 metric 100

[root@localhost ~]# ls

anaconda-ks.cfg skp.sh

[root@localhost ~]# cat skp.sh 編輯內核修改腳本，關閉內核中的arp響應及通告

#!/bin/bash

#

case $1 in

start)

echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore

echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce

echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce

;;

stop)

echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore

echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore

echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce

echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce

;;

esac

[root@localhost ~]# ./skp.sh start

[root@localhost ~]# scp skp.sh root@192.168.150.139:/root 拷貝腳本至RS2并執行

The authenticity of host '192.168.150.139 (192.168.150.139)' can't be established.

ECDSA key fingerprint is 2a:e3:03:52:8c:84:02:59:a2:26:a3:b2:f6:74:6c:3c.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.150.139' (ECDSA) to the list of known hosts.

root@192.168.150.139's password:

skp.sh 100% 438 0.4KB/s 00:00

[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_announce 內核參數確認

2

[root@localhost ~]# ifconfig lo:0 192.168.150.131 netmask 255.255.255.255 broadcast 192.168.150.131 添加lo網卡的網絡地址為VIP地址，并將廣播地址設置為自己，靜止廣播

[root@localhost ~]# route add -host 192.168.150.131 dev lo:0 本地路由條目添加，經由此主機的地址出站報文均通告192.168.150.131

[root@localhost ~]# ifconfig

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.138 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe1e:b6ec prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:1e:b6:ec txqueuelen 1000 (Ethernet)

RX packets 7876 bytes 8797152 (8.3 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 3443 bytes 292668 (285.8 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 8 bytes 704 (704.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 8 bytes 704 (704.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 192.168.150.131 netmask 255.255.255.255

loop txqueuelen 0 (Local Loopback)

[root@localhost ~]# iptables -nL

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

[root@localhost ~]# ss -tnl

State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 *:22 *:*

LISTEN 0 100 127.0.0.1:25 *:*

LISTEN 0 128 :::80 :::*

LISTEN 0 128 :::22 :::*

LISTEN 0 100 ::1:25 :::*

[root@localhost ~]# ifconfig

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.138 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe1e:b6ec prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:1e:b6:ec txqueuelen 1000 (Ethernet)

RX packets 8007 bytes 8808139 (8.4 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 3519 bytes 301730 (294.6 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 8 bytes 704 (704.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 8 bytes 704 (704.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 192.168.150.131 netmask 255.255.255.255

loop txqueuelen 0 (Local Loopback)

[END] 2016/12/1 0:03:24

RS2：

[BEGIN] 2016/11/30 23:11:32

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976

[root@localhost ~]#

[root@localhost ~]#

[root@localhost ~]#

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976

TYPE=Ethernet

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPADDR=192.168.150.139

NETMASK=255.255.255.0

GATEWAY=192.168.150.2

DNS1=192.168.150.2

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno33554976

UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90

DEVICE=eno33554976

ONBOOT=yes

[root@localhost ~]# systemctl restart network.service

[root@localhost ~]# ip addr list

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:7c:2c:a9 brd ff:ff:ff:ff:ff:ff

inet 192.168.150.139/24 brd 192.168.150.255 scope global eno33554976

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe7c:2ca9/64 scope link

valid_lft forever preferred_lft forever

[root@localhost ~]# ip route

default via 192.168.150.2 dev eno33554976 proto static metric 100

192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.139 metric 100

[root@localhost ~]# ls

anaconda-ks.cfg skp.sh

[root@localhost ~]# ./skp.sh start

[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_

arp_accept arp_announce arp_filter arp_ignore arp_notify

[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_

arp_accept arp_announce arp_filter arp_ignore arp_notify

[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore

1

[root@localhost ~]# ifconfig lo:0 192.168.150.131 netmask 255.255.255.255 broadcast 192.168.150.131

[root@localhost ~]# route add -host 192.168.150.131 dev lo:0

[root@localhost ~]# ifconfig

eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.150.139 netmask 255.255.255.0 broadcast 192.168.150.255

inet6 fe80::20c:29ff:fe7c:2ca9 prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:7c:2c:a9 txqueuelen 1000 (Ethernet)

RX packets 7678 bytes 8904160 (8.4 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 3082 bytes 265852 (259.6 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 20 bytes 1760 (1.7 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 20 bytes 1760 (1.7 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 192.168.150.131 netmask 255.255.255.255

loop txqueuelen 0 (Local Loopback)

[END] 2016/12/1 0:03:29

原創文章，作者：N23-蘇州-void，如若轉載，請注明出處：http://www.www58058.com/61777

相關推薦

馬哥教育網絡班21期-第七周課程練習

文件系統管理

shell編程、yum的使用

Varnish基礎進階

網絡班26期-第1周課程作業

初學第一篇

評論列表（1條）

shell編程、yum的使用