当前位置：首页 > news >正文

建设个人博客网站汽车网址都有哪些

news 2025/11/15 2:17:32

建设个人博客网站,汽车网址都有哪些,cn免费域名注册网站,开发公司年终总结lVS 负载均衡技术一、LVS 简介 LVS#xff08;Linux Virtual Server#xff09;即 Linux 虚拟服务器#xff0c;是由章文嵩博士主导的开源负载均衡项目#xff0c;目前已被集成到 Linux 内核模块中。LVS 在 Linux 内核中实现了基于 IP 的数据请求负载均衡调度方案终端…lVS 负载均衡技术一、LVS 简介 LVSLinux Virtual Server即 Linux 虚拟服务器是由章文嵩博士主导的开源负载均衡项目目前已被集成到 Linux 内核模块中。LVS 在 Linux 内核中实现了基于 IP 的数据请求负载均衡调度方案终端用户从外部访问公司的负载均衡服务器请求会发送给 LVS 调度器。调度器根据预设算法如轮询将请求分发给后端的某台 Web 服务器。若真实服务器连接相同存储并提供相同服务则用户访问任意服务器所获得的服务内容一致整个集群对用户透明。 LVS 支持三种工作模式 NAT 模式Network Address TranslationDR 模式Direct RoutingTUN 模式IP Tunneling 官方站点http://www.linuxvirtualserver.org 二、体系结构 LVS 集群系统由三部分组成负载均衡层Load Balancer 由一台或多台 Director Server 组成安装 LVS 模块Director Server 根据路由表将用户请求分发给 Real Server可安装监控模块如 Ldirectord检测 Real Server 健康状态服务器群组层Server Array 由一组实际运行服务的机器Real Server组成如 Web、MAIL、FTP 等Real Server 可通过 LAN 或 WAN 连接Director Server 也可兼任 Real Server 共享存储层Shared Storage 为所有 Real Server 提供共享存储和一致性内容物理上通常由磁盘阵列设备组成可通过 NFS 或集群文件系统如 GFS、OCFS2实现支持系统 Director ServerLinux、FreeBSD推荐 LinuxReal Server几乎所有系统平台Linux、Windows、Solaris、AIX、BSD 等三、LVS 管理工具 1. ipvs 内核中实现的 IP 层负载均衡模块组成IP 包处理、负载均衡算法、系统配置管理、虚拟服务器与真实服务器链表 2. ipvsadm 用户空间命令行工具用于管理集群服务常用命令 -A # 添加集群服务 -E # 修改集群服务 -D # 删除虚拟服务 -C # 清空整个表 -R # 从标准输入重载 -S # 保存值到标准输出 -a # 添加 Real Server -e # 修改 Real Server -d # 删除 Real Server -L # 列出表 -t # TCP 服务 -u # UDP 服务 -r # 服务器地址主机和端口只支持端口映射的LVS类型才允许此处使用和集群服务中的不同端口 -g # DR 模式 -i # TUN 模式 -m # NAT 模式 -w # 权重 -n # 数字格式显示 IP 和端口示例 ipvsadm -A -t 192.168.1.100:80 -s rr ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.20:80 -g ipvsadm -Ln保存与重载配置 ipvsadm -Sn /etc/sysconfig/ipvsadm ipvsadm -R /etc/sysconfig/ipvsadm systemctl restart ipvsadm四、LVS 工作模式及原理 1. NAT 模式Network Address Translation 通过地址转换实现调度请求和响应报文均需经 LB 处理LB 易成为瓶颈支持端口映射Real Server 网关必须指向 LVS 特点只需一个公网 IP支持所有 TCP/IP 系统扩展性有限建议不超过 20 个节点 2. DR 模式Direct Routing 通过改写目标 MAC 地址实现调度响应报文直接返回客户端性能高要求 LB 与 RS 在同一局域网特点高性能无隧道开销RS 需配置 VIP 并抑制 ARP 响应 3. TUN 模式IP Tunneling 通过 IP 隧道封装请求报文响应报文直接返回客户端支持跨地域部署RS 需有合法 IP 特点可跨网络部署需服务器支持 IP Tunneling 协议五、LVS 调度算法静态调度算法 rrRound Robin轮询调度wrrWeighted Round Robin加权轮询shSource Hashing基于源地址散列dhDestination Hashing基于目标地址散列动态调度算法 lcLeast Connections最少连接数wlcWeighted Least Connections加权最少连接数lblcLocality-Based Least Connections基于局部性的最少连接lblcrLocality-Based Least Connections with Replication带复制的基于局部性的最少连接sedShortest Expected Delay最短预期延迟nqNever Queue永不排队六、配置lvs-nat模式的httpd负载集群—http 环境说明主机名称网卡信息安装应用系统dr.example.comdip:192.168.100.10/24–vip:172.16.30.10/24ipvsadmCentOS7rs1.example.comrip:192.168.100.20/24–gw:192.168.100.10httpdCentOS7rs2.example.comrip:192.168.100.30/24–gw:192.168.100.10httpdCentOS7client.exampel.com172.16.30.20/24无CentOS7 1.DR、RS1、RS2三台主机都关闭防火墙和selinux 略 2.配置ip信息略 3.后端RS1和RS2部署WEB服务器 RS1: [rootrs1 ~]# yum -y install httpd [rootrs1 ~]# echo RS1 /var/www/html/index.html [rootrs1 ~]# systemctl restart httpd.service [rootrs1 ~]# systemctl enable httpd.service RS2: [rootrs2 ~]# yum -y install httpd [rootrs2 ~]# echo RS2 /var/www/html/index.html [rootrs2 ~]# systemctl restart httpd.service [rootrs2 ~]# systemctl enable httpd.service4.配置DR 开启IP转发功能 [rootdr ~]# vim /etc/sysctl.conf net.ipv4.ip_forward 1 [rootdr ~]# sysctl -p net.ipv4.ip_forward 1安装ipvsadm并添加规则 [rootdr ~]# yum -y install ipvsadm [rootdr ~]# ipvsadm -A -t 172.16.30.10:80 -s rr [rootdr ~]# ipvsadm -a -t 172.16.30.10:80 -r 192.168.100.20:80 -m [rootdr ~]# ipvsadm -a -t 172.16.30.10:80 -r 192.168.100.30:80 -m [rootdr ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size4096) Prot LocalAddress:Port Scheduler Flags- RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.30.10:80 rr- 192.168.100.20:80 Masq 1 0 0 - 192.168.100.30:80 Masq 1 0 0 [rootdr ~]# ipvsadm -Sn /etc/sysconfig/ipvsadm [rootdr ~]# systemctl restart ipvsadm.service [rootdr ~]# systemctl enable ipvsadm.service5.客户端测试 [rootclient ~]# curl http://172.16.30.10 RS1 [rootclient ~]# curl http://172.16.30.10 RS2 [rootclient ~]# curl http://172.16.30.10 RS1 [rootclient ~]# curl http://172.16.30.10 RS2七、配置lvs-nat模式的httpd负载集群—https 1.在DR中生成一对密钥 [rootdr ~]# cd /etc/pki/CA/[rootdr CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) Generating RSA private key, 2048 bit long modulus .............. ................................ e is 65537 (0x10001)[rootdr CA]# openssl rsa -in private/cakey.pem -pubout writing RSA key -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5jU3wZ9ZQtWJlvpx61t Fd4gVA4/fsh5hbkKqmf9XsOIRqGbw/0RfVOm7Q//NdtuhvvwJ1RolmceHb7a9aqv TpJFvzOlGrY0ObdSReJUZlzXrFgr4jAzWGyu5CaJHUaZHg19QDb2dbk9jq1dHIxa /sTeuWauGn2EqhsC2GKGYYEmqLGBfLXSIDz/72OGvrmKkAPFGgtrJ1RfUWp0OVy rS/YaFvXXSl1zDHpkhiYScW9GdNSuUfHcQL/iSOtmnZonkVDRLoDym1E2NQ9KvA kg6aarz8W0V4Z2D37l85Eb2mIV8g1nxLDPuY4ULFacFjLvY/0gbFDlolAJHFDP4 RQIDAQAB -----END PUBLIC KEY----- [rootdr CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 1024 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ., the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HB Locality Name (eg, city) [Default City]:WH Organization Name (eg, company) [Default Company Ltd]:LQ Organizational Unit Name (eg, section) []:linux Common Name (eg, your name or your servers hostname) []:server.example.com Email Address []:yyhexample.com[rootdr CA]# touch index.txt [rootdr CA]# echo 01 serial2.在RS1中生成证书签署请求并发送给CA [rootrs1 ~]# yum -y install mod_ssl [rootrs1 ~]# mkdir /etc/httpd/ssl [rootrs1 ~]# cd /etc/httpd/ssl/ [rootrs1 ssl]# (umask 077;openssl genrsa -out httpd.key 2048) Generating RSA private key, 2048 bit long modulus .............................................................................. .............. e is 65537 (0x10001)[rootrs1 ssl]# openssl req -new -key httpd.key -days 1024 -out httpd.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ., the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HB Locality Name (eg, city) [Default City]:WH Organization Name (eg, company) [Default Company Ltd]:LQ Organizational Unit Name (eg, section) []:linux Common Name (eg, your name or your servers hostname) []:rs1.example.com Email Address []:yyhexample.comPlease enter the following extra attributes to be sent with your certificate request A challenge password []: An optional company name []:[rootrs1 ssl]# ls httpd.csr httpd.key[rootrs1 ssl]# scp httpd.csr root192.168.100.10:/root/ The authenticity of host 192.168.100.10 (192.168.100.10) cant be established. ECDSA key fingerprint is SHA256:bc8pckdrnthbzRqp5xqp3pc3woSB44M7ii5AH0InEjI. ECDSA key fingerprint is MD5:0d:cc:c8:38:2a:5f:6a:da:8f:f9:e9:54:87:8e:2c:2a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 192.168.100.10 (ECDSA) to the list of known hosts. root192.168.100.10s password: httpd.csr 100% 1033 440.1KB/s 00:00 3.CA签署证书并发给RS1 [rootdr ~]# openssl ca -in httpd.csr -out httpd.crt -days 1024 Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details:Serial Number: 1 (0x1)ValidityNot Before: Sep 22 08:49:44 2025 GMTNot After : Jul 12 08:49:44 2028 GMTSubject:countryName CNstateOrProvinceName HBorganizationName LQorganizationalUnitName linuxcommonName rs1.example.comemailAddress yyhexample.comX509v3 extensions:X509v3 Basic Constraints: CA:FALSENetscape Comment: OpenSSL Generated CertificateX509v3 Subject Key Identifier: FA:E9:89:4D:42:F6:F8:28:74:10:91:B1:91:C4:37:FB:2D:6D:8B:A0X509v3 Authority Key Identifier: keyid:88:B7:91:59:2C:9C:13:49:09:FB:BF:CF:80:85:06:09:B6:D7:C1:90 Certificate is to be certified until Jul 12 08:49:44 2028 GMT (1024 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated4.将CA签署的证书httpd.crt和服务器的证书cacert.pem发送给RS1 [rootdr ~]# scp httpd.crt root192.168.100.20:/etc/httpd/ssl [rootdr ~]# scp /etc/pki/CA/cacert.pem root192.168.100.20:/etc/httpd/ssl5.RS2配置https [rootrs2 ~]# yum -y install mod_ssl [rootrs2 ~]# mkdir /etc/httpd/ssl6.RS1中把RS1的证书和密钥发送给RS2 [rootrs1 ssl]# scp httpd.csr root192.168.100.10:/root/7.在RS1中修改https的配置文件 [rootrs1 ~]# vim /etc/httpd/conf.d/ssl.conf SSLCertificateFile /etc/httpd/ssl/httpd.crt SSLCertificateKeyFile /etc/httpd/ssl/httpd.key SSLCACertificateFile /etc/httpd/ssl/cacert.pem[rootrs1 ~]# systemctl restart httpd.service [rootrs1 ~]# ss -tnl | grep 443 LISTEN 0 128 :::443 :::*8.在RS2中修改https的配置文件 [rootrs2 ~]# vim /etc/httpd/conf.d/ssl.conf SSLCertificateFile /etc/httpd/ssl/httpd.crt SSLCertificateKeyFile /etc/httpd/ssl/httpd.key SSLCACertificateFile /etc/httpd/ssl/cacert.pem[rootrs2 ~]# systemctl restart httpd.service [rootrs2 ~]# ss -tnl | grep 443 LISTEN 0 128 :::443 :::*9.在DR中添加规则 [rootdr ~]# ipvsadm -A -t 172.16.30.10:443 -s rr [rootdr ~]# ipvsadm -a -t 172.16.30.10:443 -r 192.168.100.20 -m [rootdr ~]# ipvsadm -a -t 172.16.30.10:443 -r 192.168.100.30 -m [rootdr ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size4096) Prot LocalAddress:Port Scheduler Flags- RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.30.10:80 rr- 192.168.100.20:80 Masq 1 0 0 - 192.168.100.30:80 Masq 1 0 0 TCP 172.16.30.10:443 rr- 192.168.100.20:443 Masq 1 0 0 - 192.168.100.30:443 Masq 1 0 0 [rootdr ~]# ipvsadm -Sn /etc/sysconfig/ipvsadm10.客户端测试 [rootclient ~]# curl -k https://172.16.30.10 RS2 [rootclient ~]# curl -k https://172.16.30.10 RS1 [rootclient ~]# curl -k https://172.16.30.10 RS2 [rootclient ~]# curl -k https://172.16.30.10 RS1八、配置lvs-dr模式的httpd负载集群环境说明主机名称网卡信息系统dr.example.comdip:192.168.100.10/24–vip:192.168.100.100/24CentOS7rs1.example.comrip:192.168.100.20/24–vip:192.168.100.100/24CentOS7rs2.example.comrip:192.168.100.30/24–vip:192.168.100.100/24CentOS7client.exampel.com192.168.100.200CentOS7 1.DR、RS1、RS2三台主机都关闭防火墙和selinux 略 2.配置ip信息 [rootdr ~]# ifconfig lo 192.168.100.100/32 broadcast 192.168.100.100 netmask 255.255.255.255 up3.配置httpd [rootrs1 ~]# yum -y install httpd [rootrs1 ~]# echo RS1 /var/www/html/index.html [rootrs1 ~]# systemctl restart httpd.service [rootrs1 ~]# systemctl enable httpd.service [rootrs2 ~]# yum -y install httpd [rootrs2 ~]# echo RS2 /var/www/html/index.html [rootrs2 ~]# systemctl restart httpd.service [rootrs2 ~]# systemctl enable httpd.service4.RS上配置arp内核参数 [rootrs1 ~]# vim /etc/sysctl.conf # 编辑内容 # 将对应网卡设置为只回应目标IP为自身接口地址的ARP请求 net.ipv4.conf.all.arp_ignore 1 # 将ARP请求的源IP设置为所有接口的IP也就是RIP net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_ignore 1 net.ipv4.conf.lo.arp_announce 2[rootrs1 ~]# sysctl -p net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_ignore 1 net.ipv4.conf.lo.arp_announce 2[rootrs1 ~]# vim /etc/sysctl.conf # 编辑内容 net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_ignore 1 net.ipv4.conf.lo.arp_announce 2[rootrs1 ~]# sysctl -p net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_ignore 1 net.ipv4.conf.lo.arp_announce 25.RS上配置VIP [rootrs1 ~]# ifconfig lo 192.168.100.100/32 broadcast 192.168.100.100 netmask 255.255.255.255 up[rootrs2 ~]# ifconfig lo 192.168.100.100/32 broadcast 192.168.100.100 netmask 255.255.255.255 up6.添加路由信息 [rootrs1 ~]# route add -host 192.168.100.100/32 dev lo[rootrs2 ~]# route add -host 192.168.100.100/32 dev lo7.添加并保存规则 [rootdr ~]# yum -y install ipvsadm[rootdr ~]# ipvsadm -A -t 192.168.100.100:80 -s rr [rootdr ~]# ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.20:80 -g [rootdr ~]# ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.30:80 -g [rootdr ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size4096) Prot LocalAddress:Port Scheduler Flags- RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.100.100:80 rr- 192.168.100.20:80 Route 1 0 0 - 192.168.100.30:80 Route 1 0 0 [rootdr ~]# ipvsadm -Sn /etc/sysconfig/ipvsadm [rootdr ~]# systemctl restart ipvsadm.service [rootdr ~]# systemctl enable ipvsadm.service8.客户端验证 [rootclient ~]# curl http://192.168.100.100 RS2 [rootclient ~]# curl http://192.168.100.100 RS1 [rootclient ~]# curl http://192.168.100.100 RS2 [rootclient ~]# curl http://192.168.100.100 RS1九、TUN模式环境说明主机名称网卡信息系统dr.example.comdip:192.168.100.10/24–vip:192.168.100.55/24CentOS7rs1.example.comrip:192.168.100.20/24–vip:192.168.100.55/24CentOS7rs2.example.comrip:192.168.100.30/24–vip:192.168.100.55/24CentOS7client.exampel.com192.168.100.200CentOS7 1.DR、RS1、RS2三台主机都关闭防火墙和selinux 略 2.配置ip信息 [rootdr ~]# ifconfig tunl0 192.168.100.55 broadcast 192.168.100.55 netmask 255.255.255.255 up[rootrs1 ~]# ifconfig tunl0 192.168.100.55 broadcast 192.168.100.55 netmask 255.255.255.255 up[rootrs2 ~]# ifconfig tunl0 192.168.100.55 broadcast 192.168.100.55 netmask 255.255.255.255 up3.开启IP转发 [rootdr ~]# vim /etc/sysctl.conf [rootdr ~]# sysctl -p net.ipv4.ip_forward 14.rs配置httpd [rootrs1 ~]# yum -y install httpd [rootrs1 ~]# echo RS1 /var/www/html/index.html [rootrs1 ~]# systemctl restart httpd.service [rootrs1 ~]# systemctl enable httpd.service [rootrs2 ~]# yum -y install httpd [rootrs2 ~]# echo RS2 /var/www/html/index.html [rootrs2 ~]# systemctl restart httpd.service [rootrs2 ~]# systemctl enable httpd.service5.启用ipip模块 [rootrs1 ~]# modprobe ipip [rootrs1 ~]# lsmod | grep ipip ipip 13465 0 tunnel4 13252 1 ipip ip_tunnel 25163 1 ipip[rootrs2 ~]# modprobe ipip [rootrs2 ~]# lsmod | grep ipip ipip 13465 0 tunnel4 13252 1 ipip ip_tunnel 25163 1 ipip6.修改内核参数 [rootrs1 ~]# vim /etc/sysctl.conf [rootrs1 ~]# sysctl -p net.ipv4.conf.tunl0.arp_ignore 1 net.ipv4.conf.tunl0.arp_announce 2 net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.tunl0.rp_filter 0 net.ipv4.conf.all.rp_filter 0[rootrs2 ~]# vim /etc/sysctl.conf [rootrs2 ~]# sysctl -p sysctl: /etc/sysctl.conf(11): invalid syntax, continuing... sysctl: /etc/sysctl.conf(12): invalid syntax, continuing... net.ipv4.conf.tunl0.arp_ignore 1 net.ipv4.conf.tunl0.arp_announce 2 net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.tunl0.rp_filter 0 net.ipv4.conf.all.rp_filter 07.DR上添加规则 [rootdr ~]# yum -y install ipvsadm [rootdr ~]# ipvsadm -A -t 192.168.100.55:80 -s rr [rootdr ~]# ipvsadm -a -t 192.168.100.55:80 -r 192.168.100.20 -i [rootdr ~]# ipvsadm -a -t 192.168.100.55:80 -r 192.168.100.30 -i [rootdr ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size4096) Prot LocalAddress:Port Scheduler Flags- RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.100.55:80 rr- 192.168.100.20:80 Tunnel 1 0 0 - 192.168.100.30:80 Tunnel 1 0 0 [rootdr ~]# ipvsadm -Sn /etc/sysconfig/ipvsadm [rootdr ~]# systemctl restart ipvsadm.service 8.客户端验证 [rootclient ~]# curl http://192.168.100.55 RS2 [rootclient ~]# curl http://192.168.100.55 RS1 [rootclient ~]# curl http://192.168.100.55 RS2 [rootclient ~]# curl http://192.168.100.55 RS1十、LVS 三种工作模式配置注意事项 1、NAT 模式配置注意事项网络配置 Real Server 网关必须指向 Director这是 NAT 模式的关键要求Director 需要双网卡一个公网 VIP一个内网 DIP开启 IP 转发性能限制扩展性有限建议最多 10-20 个 Real Server 节点Director 可能成为瓶颈所有请求和响应都经过 Director 端口映射支持端口转换客户端请求端口与 Real Server 服务端口可以不同配置示例 # 端口映射 ipvsadm -a -t VIP:8080 -r RIP:80 -m2、DR 模式配置注意事项 ARP 抑制配置关键步骤 Real Server 上配置 ARP 参数 # /etc/sysctl.conf net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_ignore 1 net.ipv4.conf.lo.arp_announce 2配置顺序先配置 ARP 参数再配置 VIP VIP 配置 Real Server 的 VIP 配置在 lo 接口 ifconfig lo:0 VIP netmask 255.255.255.255 up添加主机路由 route add -host VIP dev lo:0网络要求同一局域网Director 和 Real Server 必须在同一网段不需要开启 IP 转发DR 模式在数据链路层工作 3、TUN 模式配置注意事项 IP 隧道配置加载 ipip 模块 modprobe ipip配置 tunl0 接口 ifconfig tunl0 VIP netmask 255.255.255.255 up内核参数配置开启 IP 转发 ARP 抑制和过滤参数 net.ipv4.conf.tunl0.arp_ignore 1 net.ipv4.conf.tunl0.arp_announce 2 net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.tunl0.rp_filter 0 net.ipv4.conf.all.rp_filter 0网络要求 Real Server 需要公网 IP响应直接返回客户端可跨网络部署支持不同地理位置的 Real Server 系统兼容性主要支持 Linux 系统需要内核支持 IP 隧道协议添加主机路由 route add -host VIP dev lo:0网络要求同一局域网Director 和 Real Server 必须在同一网段不需要开启 IP 转发DR 模式在数据链路层工作 3、TUN 模式配置注意事项 IP 隧道配置加载 ipip 模块 modprobe ipip配置 tunl0 接口 ifconfig tunl0 VIP netmask 255.255.255.255 up内核参数配置开启 IP 转发 ARP 抑制和过滤参数 net.ipv4.conf.tunl0.arp_ignore 1 net.ipv4.conf.tunl0.arp_announce 2 net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.tunl0.rp_filter 0 net.ipv4.conf.all.rp_filter 0网络要求 Real Server 需要公网 IP响应直接返回客户端可跨网络部署支持不同地理位置的 Real Server 系统兼容性主要支持 Linux 系统需要内核支持 IP 隧道协议Windows 支持有限可能需要额外配置

查看全文

http://www.zqtcl.cn/news/678604/