用DR方式实现DHCP集群问题

Submitted by robust on 周二, 2006-07-04 13:01

章博士,您好!我用DR做DHCP Server的时候不知为什么LB总不起作用,详细过程如下:
Load Balance 和Real Server都是用的 Fedora Core 4(内核为 : 2.6.11-1.139_FC4),听您及各位师兄指导,由于内核版本是2.6.11所以我没有在LB和RS上打任何补丁,包括IPVS和arp问题补丁都没有打,由于还在实验阶段,没有找两台server, 也没有让LB同时也做RS,先调通再说:)

安装配置过程如下:

kernel :2.6.11-1.139_FC4
Load Balance :192.168.200.7
Vitual IP :192.168.200.8
Real Server :192.168.200.133

一 在Load Balance端
通过www.rpmseek.com网站下载ipvsadm-1.24-7.i386.rpm安装,安装后在系统服务中启动ipvsadm后,在终端执行ipvsadm后出现

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn

1.配置IPVS

ifconfig eth0:0 192.168.200.8 netmask 255.255.255.255 broadcast 192.168.200.8 up
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
echo > 1 /proc/sys/net/ipv4/ip_forward
ipvsadm -A -u 192.168.200.8:67 -s rr
ipvsadm -a -u 192.168.200.8:67 -r 192.168.200.133:67 -g

2使用ipvsadm命令查看:
[root@localhost ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.200.8:bootps rr
-> 192.168.200.133:bootps Route 1 0 0

3.配置后的ifconfig情况

eth0 Link encap:Ethernet HWaddr 00:50:FC:26:A3:B5
inet addr:192.168.200.7 Bcast:192.168.255.255 Mask:255.255.0.0
inet6 addr: fe80::250:fcff:fe26:a3b5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:351363 errors:0 dropped:0 overruns:0 frame:0
TX packets:1416 errors:0 dropped:0 overruns:0 carrier:0
collisions:513 txqueuelen:1000
RX bytes:28940965 (27.6 MiB) TX bytes:233869 (228.3 KiB)
Interrupt:11 Base address:0xc000

eth0:0 Link encap:Ethernet HWaddr 00:50:FC:26:A3:B5
inet addr:192.168.200.8 Bcast:192.168.200.8 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xc000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2382 errors:0 dropped:0 overruns:0 frame:0
TX packets:2382 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2726732 (2.6 MiB) TX bytes:2726732 (2.6 MiB)

4.配置后的route情况
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
192.168.0.0 * 55.255.0.0 U 0 0 0 eth0

二、在Real Server端

1.配置情况
ifconfig lo:0 192.168.200.8 netmask 255.255.255.255 broadcast 192.168.200.8
route add -host 192.168.200.8 dev lo:0
echo > 1 /proc/sys/net/ipv4/ip_forward
echo > 1 /proc/sys/net/ipv4/conf/lo/arp_ignore
echo > 1 /proc/sys/net/ipv4/conf/lo/arp_announce
echo > 1 /proc/sys/net/ipv4/conf/all/arp_announce
echo > 1 /proc/sys/net/ipv4/conf/all/arp_ignore
sysctl -p

2.配置后用命令ifconfig查看情况

eth0 Link encap:Ethernet HWaddr 00:0D:87:DB:EE:0F
inet addr:192.168.200.133 Bcast:192.168.255.255 Mask:255.255.0.0
inet6 addr: fe80::20d:87ff:fedb:ee0f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:446154 errors:0 dropped:0 overruns:0 frame:0
TX packets:21747 errors:0 dropped:0 overruns:0 carrier:0
collisions:279 txqueuelen:1000
RX bytes:35182340 (33.5 MiB) TX bytes:4979035 (4.7 MiB)
Interrupt:177 Base address:0xe800

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1629 errors:0 dropped:0 overruns:0 frame:0
TX packets:1629 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1236174 (1.1 MiB) TX bytes:1236174 (1.1 MiB)

lo:0 Link encap:Local Loopback
inet addr:192.168.200.8 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1

3.用route命令查看情况

[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.200.8 * 255.255.255.255 UH 0 0 0 lo
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
192.168.0.0 * 255.255.0.0 U 0 0 0 eth0

接下来我用一台笔记本(Windows xp),三台机器接一个10M HUB上,笔记本能从Real Server得到IP地址,但是在LB上没有任何记录,即好像没有经过LB一样,如下:
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
UDP 192.168.200.8:bootps rr
-> 192.168.200.133:bootps Route 1 0 0
我查不出来是什么问题,还请章博士和各位师兄指点!
另外,如果我让LB同时也做RS,在LB上解决ARP问题,也是用arp_ignore和arp_announce代替吗?

Forums:

robust

周五, 2006-07-07 01:02

各们大侠,帮帮我啊,郁闷了我好几天了!
由于Client和最后的RS在一个HUB上,Client在最初申请IP地址的时候发的是源地址为0.0.0.0 目的地址为255.255.255.255的广播包,所以RS肯定响应了,没有通过LB!是不是给RS的ARP问题解决的不对啊?急!!!

wensong

周一, 2006-07-10 12:56

我没有做过,所以不知道以下想法可不可行。

在调度器上,将访问udp port 69的报文标识为1(防火墙标识值,firewall marking),然后用"ipvsadm -A -f 1 ..."作调度后端DHCP服务器。

在真实服务器上,用iptables将进入网口的广播报文过滤掉,例如,
iptables -A INPUT -i eth0 -m pkttype --pkt-type broadcast -j DROP

请试验一下。

robust

周三, 2006-07-12 14:31

谢谢您在百忙之中给我指导,还有一件事还要麻烦问您一下,---
“调度器上,将访问udp port 69的报文标识为1(防火墙标识值,firewall marking),然后用"ipvsadm -A -f 1 ..."作调度后端DHCP服务器”是什么意思啊?“调度后端DHCP服务器”是什么意思?
谢谢您!

Anonymous (没有被验证)

周三, 2014-03-05 14:06

And I was just woirdenng about that too!

Anonymous (没有被验证)

周四, 2014-03-06 05:16

Most help articles on the web are inaccurate or intocerenh. Not this! http://pdsuouzj.com [url=http://pwkwda.com]pwkwda[/url] [link=http://hqllyonnsiq.com]hqllyonnsiq[/link]

randomness