LVS_DR 安装后无法转发真实服务器
最近在学习LVS,现遇到如下问题
在VM下面使用4台安装CENTOS 5.3 64位系统进行实验
虚拟地址为:192.168.47.200
LVS1:192.168.47.130
LVS2:192.168.47.131
realserver1:192.168.47.132
realserver2:192.168.47.133
在lvs1和lvs2上安装配置ipvsadm和keepalived
在realserver1和realserver2 上只设置lvs_real脚本
脚本内容如下:
#!/bin/bash
#description : start realserver
VIP=192.168.47.200
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of REALServer"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "close LVS Directorserver"
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
LVS1和LVS2的配置如下:
LVS1:
#!/bin/bash
#description : start realserver
VIP=192.168.47.200
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of REALServer"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "close LVS Directorserver"
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
#define
global_defs {
router_id LVS_YTK_1
}
vrrp_sync_group TEST {
group {
VI_YTK
}
}
#vrrp
vrrp_instance VI_YTK {
state MASTER
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 180
advert_int 5
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.47.200
}
}
# virtual machine setting
# setting port 80 forward
virtual_server 192.168.47.200 80 {
delay_loop 10
lb_algo wlc
lb_kind DR
persistence_timeout 60
protocol TCP
}
# real_server
real_server 192.168.47.132 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
# real_server
real_server 192.168.47.133 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
LVS2
#!/bin/bash
#description : start realserver
VIP=192.168.47.200
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of REALServer"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "close LVS Directorserver"
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
#define
global_defs {
router_id LVS_YTK_2
}
vrrp_sync_group TEST {
group {
VI_YTK
}
}
#vrrp
vrrp_instance VI_YTK {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 150
advert_int 5
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.47.200
}
}
# virtual machine setting
# setting port 80 forward
virtual_server 192.168.47.200 80 {
delay_loop 10
lb_algo wlc
lb_kind DR
persistence_timeout 60
protocol TCP
}
# real_server
real_server 192.168.47.132 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
# real_server
real_server 192.168.47.133 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
配置完成后可以PING通虚拟IP地址:192.168.47.200
但是无法浏览到真实服务器上的网页
而且在LVS1上使用ipvsadm命令只出现以下内容
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.47.200:http wlc persistent 60
请问此问题如何解决,烦请告之一下谢谢.
rlogin
周六, 2011-11-12 17:52
Permalink
hi!
请检查你的防火墙配置!关闭主机的防火墙试试看!