Shulou(Shulou.com)06/03 Report--

The following gives you a detailed introduction to the configuration of DR (direct routing) mode load balancing, hoping to give you some help in practical application. Load balancing involves more things, there are not many theories, and there are many books on the Internet. Today, we will use the accumulated experience in the industry to do an answer.

DR (Direct routing) is one of the three load balancing modes, and it is also the most widely used one. For an introduction to this mode, please refer to the blog post: https://blog.51cto.com/14227204/2436891

The environment is as follows:

1. All web nodes and schedulers are configured with VIP: when the client accesses VIP (the virtual IP address of the cluster), if

The scheduler forwards the request to the web node, and then the web node responds directly to the client, and the client receives

After the packet, it is found that the source address of the received packet is not 200.0.0.254, then the web CVM will be directly discarded.

To solve this problem, 200.0.0.254 needs to be configured on the virtual interfaces of all web nodes and schedulers

This address, and by adding a route, restricts data access to the VIP locally to avoid communication confusion.

.

2. Solve the problem about the ARP response of web nodes: configure 200.0.0.254 on all web nodes and schedulers

After this address, when client accesses the address 200.0.0.254, all web nodes have this address, so

Will do the ARP response, so this may cause the client to skip the scheduler to access the web node directly.

In this way, the scheduler has no meaning to exist, and naturally it will not be able to achieve the effect of load balancing, so it is necessary

Turn off part of the ARP reply of the web node, and when broadcasting the address 200.0.0.254, only let the scheduler respond, web

If the node does not ring, it should be broadcast.

.

3. Solve the ICMP redirection optimization problem that comes with the scheduler kernel: the Linux kernel has an ICMP optimization function.

It is when client first accesses the scheduler that the scheduler forwards the request to a web node. At this point, Linux

The built-in ICMP optimization feature will find that the client can communicate directly with the web node and then send a data

Packet, tell client, then all packets accessing 200.0.0.254 can be sent directly to that web node, so that

All subsequent access requests will be sent directly to a web node without going through the scheduler, which must not be possible.

As a result, the effect of load balancing can not be achieved. So you need to turn off the ICMP redirect parameter response of the Linux kernel.

Preparatory work:

1. Configure your own address other than VIP

2. Prepare related software packages

The configuration is as follows:

Configure the load scheduler:

Bind the VIP address to the network card ens33 in the way of virtual interface to respond to cluster access.

[root@localhost /] # cd / etc/sysconfig/network-scripts/ [root@localhost network-scripts] # cp ifcfg-ens33 ifcfg-ens33:0 [root@localhost network-scripts] # vim ifcfg-ens33:0 # modify ens33:0, configure VIP.IPADDR=200.0.0.254 # modify the following four items Note that the name of the network card is the same NETMASK=255.255.255.0NAME=ens33:0DEVICE=ens33:0. [root@localhost network-scripts] # ifup ens33:0 # launch virtual interface [root@localhost network-scripts] # ifconfig ens33:0 # check whether the relevant configuration is successful ens33:0: flags=4163 mtu 1500 inet 200.0.254 netmask 255 .255.255.0 broadcast 200.0.0.255 ether 00:0c:29:f1:61:28 txqueuelen 1000 (Ethernet) root@localhost network-scripts] # ifconfig ens33: flags=4163 mtu 1500 inet 200.0.0.1 netmask 255.255.255.0 broadcast 200.0.0.255 inet6 fe80::595f:84d:a379:7b6e prefixlen 64 scopeid 0x20

Adjust the / proc response parameter (turn off the redirect parameter response of the Linux kernel):

[root@localhost /] # vim / etc/sysctl.conf # write the following three lines. Net.ipv4.conf.all.send _ redirects = 0net.ipv4.conf.default.send_redirects = 0net.ipv4.conf.ens33.send_redirects = 0 [root@localhost /] # sysctl-p # refresh configuration to make it effective net.ipv4.conf .all.send _ redirects = 0net.ipv4.conf.default.send_redirects = 0net.ipv4.conf.ens33.send_redirects = 0

Configure load balancing policy:

[root@localhost /] # modprobe ip_vs # load ip_vs module [root@localhost /] # yum-y install ipvsadm # install the ipvsadm tool [root@localhost /] # ipvsadm-C # clear the original policy [root@localhost /] # ipvsadm-A-t 200.0.0.254ip_vs 80-s rr # configure cluster VIP and add related nodes [root@localhost /] # ipvsadm- a-t 200.0.254ipvsadm- 80-r 200.0.0.2ipvsadm- 80-g-w 1 [root@localhost /] # ipvsadm- a-t 200.0.254ipvsadm- 80-g-w 1 [root@localhost /] # ipvsadm-save # preservation policy Slightly-A-t localhost.localdomain:http-s rr-a-t localhost.localdomain:http-r 200.0.0.2:http-g-w 1 a-t localhost.localdomain:http-r 200.0.0.3:http-g-w 1 [root@localhost /] # ipvsadm-save > / etc/sysconfig/ipvsadm # Export to back up [root@localhost /] # ipvsadm- ln # Confirm the current policy of the cluster IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP 200.0.0.254 rr 80 rr-> 200.0.0.2 Prot LocalAddress:Port Scheduler Flags 80 Route 1 00-> 200.0.0.3 Prot LocalAddress:Port Scheduler Flags 80 Route 1 00

2. Configure web node server:

Because the VIP address of the web node server is only used to send the source address of the web response packet, there is no need to listen to the client's access request (monitored and distributed by the scheduler). Therefore, the virtual interface lo:0 is used to carry the VIP address and a routing record is added to limit the packets accessing the VIP to local.

[root@web1 /] # cd / etc/sysconfig/network-scripts/ [root@web1 network-scripts] # cp ifcfg-lo ifcfg-lo:0 [root@web1 network-scripts] # vim ifcfg-lo:0 # Edit this file. DEVICE=lo:0 # remember to modify the name of the network card IPADDR=200.0.0.254 # configure VIP NETMASK=255.255.255.255 # subnet mask must be all 1ONBOOT=yes [root@web1 network-scripts] # ifup lo:0 # launch virtual interface [root@web1 network-scripts] # ifconfig lo:0 # confirm to take effect lo:0: flags=73 mtu 65536 inet 200.0.254 netmask 255.255.255.255 loop txqueuelen 1 ( Local Loopback) [root@web1 /] # route add-host 200.0.0.254 dev lo:0 # add VIP local access route [root@web1 /] # route-n200.0.254 0.0.0.0 255.255.255.255 UH 00 lo [root@web1 /] # vim / etc/rc.local # set to Automatically add this route on boot / sbin/route add-host 200.0.0.254 dev lo:0

Adjust the / proc response parameters:

[root@web1 /] # vim / etc/sysctl.conf .net.ipv4.conf.ARP _ ignore = 1net.ipv4.conf.all.arp_announce = 2net.ipv4.conf.default.arp_ignore = 1net.ipv4.conf.default.arp_announce = 2net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2 [root@web1 /] # sysctl-p # refresh to make the configuration effective net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2net.ipv4.conf.default.arp_ignore = 1net.ipv4.conf.default.arp_announce = 2net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2

Install httpd and create a test web page:

[root@web1 /] # yum-y install httpd # install httpd [root @ web1 /] # echo test1.com > / var/www/html/index.html # create a test file [root@web1 /] # systemctl start httpd [root@web1 /] # systemctl enable httpd

Repeat the above steps to configure other node servers, the same virtual interface, the same / proc, the same httpd (to facilitate verification of success, I changed another home file to test2.com)

If you visit the same page, if you eliminate configuration errors, you can open multiple pages, or refresh them later, because it may have a time to stay connected, so there will be delays.

4. Configure NFS shared storage:

After reading the details of the DR (direct routing) mode load balancing configuration, if you have anything else you need to know, you can find out what you are interested in in the industry information or find our professional and technical engineers for answers. Technical engineers have more than ten years of experience in the industry.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.