LVS NAT模式搭建
准备工作1、设备分配
192.168.137.100 LB Server(另一块公网网卡:192.168.138.100)
192.168.137.150 Server01(网关:192.168.137.100)
192.168.137.200 Server02(网关:192.168.137.100)
注:完成所有准备工作后调整设备网关。
2、关闭所有设备防火墙
1
2
3
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
3、所有设备安装iptables
1
2
3
4
5
yum install -y iptables-services
systemctl start iptables
systemctl enable iptables
iptables -F
service iptables save
搭建LVS NAT模式
1、在LB Server上安装ipvsadm服务
1
yum install -y ipvsadm
2、编写脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# vi /usr/local/sbin/lvs_nat.sh
#! /bin/bash
# director 服务器上开启路由转发功能
echo 1 > /proc/sys/net/ipv4/ip_forward
# 关闭icmp的重定向
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
# 注意区分网卡名字,两个网卡分别为ens33和ens37
echo 0 > /proc/sys/net/ipv4/conf/ens33/send_redirects
#echo 0 > /proc/sys/net/ipv4/conf/ens37/send_redirects
# director 设置nat防火墙
iptables -t nat -F
iptables -t nat -X
iptables -t nat -A POSTROUTING -s 192.168.137.0/24-j MASQUERADE
# director设置ipvsadm
IPVSADM='/usr/sbin/ipvsadm'
$IPVSADM -C
$IPVSADM -A -t 192.168.138.100:80 -s wlc -p 3
$IPVSADM -a -t 192.168.138.100:80 -r 192.168.137.150:80 -m -w 1
$IPVSADM -a -t 192.168.138.100:80 -r 192.168.137.200:80 -m -w 1
3、执行脚本
1
# sh /usr/local/sbin/lvs_nat.sh
4、测试效果
1
2
3
4
5
6
7
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.138.100:80 wlc persistent 3
-> 192.168.137.150:80 Masq 1 0 0
-> 192.168.137.200:80 Masq 1 0 0
页:
[1]