2台 Centos6.2 服务器 配置VS/DR+keepalived【既做转发有做realserver】问题

我也一样有此需求,内部测试可以正常访问Realserver的测试web页面。可到生产环境中,上线不到20分钟 我前端防火墙CPU就冲高到60%,用测试脚本访问VIP,发现总是延时在3~5s,页面访问很慢。寻明白人指点迷津,我的配置如下:
######keeplived配置
! Configuration File for keepalived
global_defs {
router_id LVS_MASTER
}

vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state MASTER
interface bond0
lvs_sync_daemon_inteface bond0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 2111
}
virtual_ipaddress {
10.10.1.35
10.10.1.36
}
}
virtual_server 10.10.1.35 80 {
delay_loop 5 #5秒检测一次realserver
lb_algo wrr #负载均衡算法 wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50 #(同一IP的连接,在该秒内被分配到同一台realserver)
protocol TCP

real_server 10.10.1.31 80 {
weight 10
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
connect_port 80
}
}
real_server 10.10.1.32 80 {
weight 10
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
connect_port 80
}
}
}

virtual_server 10.10.1.36 80 {
delay_loop 5
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP

real_server 10.10.1.31 80 {
weight 10
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
connect_port 80
}
}
real_server 10.10.1.32 80 {
weight 10
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
connect_port 80
}
}
}
############同时在两台服务器上运行realserver.sh
#!/bin/bash
SNS_VIP='10.10.1.35 10.10.1.36'
. /etc/rc.d/init.d/functions
case "$1" in
start)
NUM=1
for VIP in $SNS_VIP
do
ifconfig lo:$NUM $VIP netmask 255.255.255.255 broadcast $IP
NUM=`expr $NUM + 1`
done

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "1" > /proc/sys/net/ipv4/ip_forward
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
NUM=1
for VIP in $SNS_VIP
do
ifconfig lo:$NUM $VIP down
NUM=`expr $NUM + 1`
done

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0

Forums:

不能这么干的,是有问题的。好像是和mac地址有关系。

My prloebm was a wall until I read this, then I smashed it.

If I couicnmmated I could thank you enough for this, I'd be lying.

That's a brilliant answer to an innteesritg question

type diabetes cheap viagra erection once cialis easier three drugs buy viagra sooner

state require car insurance wonder other forms autoinsurance online pay necessary details cheaper auto insurance automobile

randomness