拓扑说明:(同一局域网模式)
Director-Master -> (192.168.43.90) [DR01]
Director-BACKUP -> (192.168.43.91) [DR02-BACKUP]
Real-server01 -> (192.168.43.92) [RS01]
Real-server02 -> (192.168.43.93) [RS02]
Client -> (192.168.43.110)
vip : 192.168.43.188
默认网关: 192.168.43.1
说明 :设置selinux、关闭防火墙、基本软件的安装(略)
报文请求过程分析
1.当用户请求到达DS时,请求报文会先经过内核空间中的PREROUTING链,此时源IP为CIP,目的IP为 VIP;
2.在PREROUTING规则链上进行检查目的IP是否为本机,如果是的话将数据包送至INPUT 链;
3.数据包到达INPUT链后,IPVS会比对数据包请求的服务是否为集群服务,若是,将请求报文中的源MAC地址修改为DIP的MAC地址,
将目标MAC地址修改RIP的MAC地址(这里需要IPVS根据策略算法选择一台合适的RS的MAC地址),然后再将数据包发至POSTROUTING链,
此时的源IP和目标IP均未修改,仅修改了源和目的的MAC地址(DR模式要求DS与RS也必须是同一个物理网络中,可公、可私);
4.POSTROUTING链检查目标MAC地址为 哪一个RIP的MAC地址,选择后,再把数据包将会发给RS;
5.RS发现请求报文的MAC地址是自己的MAC地址,就接收此报文并处理,将响应报文通过lo接口传送给eth0网卡然后向外发出,此时的源IP地址为VIP,目标IP为CIP;
6.响应报文最终到客户端;
参阅(图):
https://www.cnblogs.com/blxt/p/13099437.html
(一)组件安装配置
1.开启ip_forward转发功能
执行机器:DR01与DR02-BACKUP
[root@DR01 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@DR01 ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@DR01 ~]#
[root@DR02-BACKUP ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@DR02-BACKUP ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@DR02-BACKUP ~]#
2.ipvsadmin与keepalived安装
执行机器:DR01与DR02-BACKUP
[root@DR01 ~]# yum install ipvsadm keepalived -y
[root@DR01 ~]# rpm -qa | grep ipvs
ipvsadm-1.27-8.el7.x86_64
[root@DR01 ~]# rpm -qa | grep keepalived
keepalived-1.3.5-16.el7.x86_64
[root@DR01 ~]#
[root@DR02-BACKUP ~]# yum install ipvsadm keepalived -y
[root@DR02-BACKUP ~]# rpm -qa | grep ipvs
ipvsadm-1.27-8.el7.x86_64
[root@DR02-BACKUP ~]# rpm -qa | grep keepalived
keepalived-1.3.5-16.el7.x86_64
[root@DR02-BACKUP ~]#
3.keepalived的配置
*DR01配置:
[root@DR01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface ens37
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.43.188
}
}
virtual_server 192.168.43.188 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 5
protocol TCP
real_server 192.168.43.92 80 {
weight 1
TCP_CHECK {
connect_timeout 10
retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.43.93 80 {
weight 1
TCP_CHECK {
connect_timeout 10
retry 3
delay_before_retry 3
connect_port 80
}
}
}
[root@DR01 ~]#
*DR02-BACKUP配置:
[root@DR02-BACKUP ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface ens37
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.43.188
}
}
virtual_server 192.168.43.188 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 5
protocol TCP
real_server 192.168.43.92 80 {
weight 1
TCP_CHECK {
connect_timeout 10
retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.43.93 80 {
weight 1
TCP_CHECK {
connect_timeout 10
retry 3
delay_before_retry 3
connect_port 80
}
}
}
[root@DR02-BACKUP ~]#
4.keepalived服务脚本调整与更改日志路径
执行机器:DR01与DR02-BACKUP
[1]服务脚本修正:
[root@DR01 ~]# cat /usr/lib/systemd/system/keepalived.service
[Unit]
Description=LVS and VRRP High Availability Monitor
After=syslog.target network-online.target
[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
#KillMode=process 调整的这里,注释掉
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
[root@DR01 ~]#
[root@DR01 ~]# systemctl daemon-reload
[root@DR02-BACKUP ~]# cat /usr/lib/systemd/system/keepalived.service
[Unit]
Description=LVS and VRRP High Availability Monitor
After=syslog.target network-online.target
[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
#KillMode=process 调整的这里,注释掉
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
[root@DR02-BACKUP ~]#
[root@DR02-BACKUP ~]# systemctl daemon-reload
[2]日志路径更改
[root@DR01 ~]# grep 'local0.*' /etc/rsyslog.conf
local0.* /var/log/keepalived.log
[root@DR01 ~]# grep 'KEEPALIVED_OPTIONS' /etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -d -S 0"
[root@DR01 ~]# systemctl start rsyslog
[root@DR01 ~]# systemctl status rsyslog
● rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2020-08-03 13:49:07 CST; 1h 9min ago
Docs: man:rsyslogd(8)
http://www.rsyslog.com/doc/
Main PID: 999 (rsyslogd)
CGroup: /system.slice/rsyslog.service
└─999 /usr/sbin/rsyslogd -n
Aug 03 13:49:07 DR01 systemd[1]: Starting System Logging Service...
Aug 03 13:49:07 DR01 rsyslogd[999]: [origin software="rsyslogd" swVersion="8.24.0-38.el7" x-pid="999" x-info="http://www.rsyslog.com"] start
Aug 03 13:49:07 DR01 systemd[1]: Started System Logging Service.
[root@DR01 ~]# systemctl enable rsyslog
[root@DR01 ~]#
[root@DR02-BACKUP ~]# grep 'local0.*' /etc/rsyslog.conf
local0.* /var/log/keepalived.log
[root@DR02-BACKUP ~]# grep 'KEEPALIVED_OPTIONS' /etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -d -S 0"
[root@DR02-BACKUP ~]# systemctl start rsyslog
[root@DR02-BACKUP ~]# systemctl status rsyslog
● rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2020-08-03 12:17:59 CST; 2h 37min ago
Docs: man:rsyslogd(8)
http://www.rsyslog.com/doc/
Main PID: 999 (rsyslogd)
CGroup: /system.slice/rsyslog.service
└─999 /usr/sbin/rsyslogd -n
Aug 03 12:17:59 DR02-BACKUP systemd[1]: Starting System Logging Service...
Aug 03 12:17:59 DR02-BACKUP rsyslogd[999]: [origin software="rsyslogd" swVersion="8.24.0-38.el7" x-pid="999" x-info="http://www.rsyslog.com"] start
Aug 03 12:17:59 DR02-BACKUP systemd[1]: Started System Logging Service.
[root@DR02-BACKUP ~]# systemctl enable rsyslog
[root@DR02-BACKUP ~]#
5.nginx的安装以便于测试
执行机器:RS01与RS02
[root@RS01 wordpress]# yum install -y nginx
[root@RS01 opt]# curl http://192.168.43.92/wordpress/index.html
This is RS01!!
[root@RS02 wordpress]# yum install -y nginx
[root@RS02 opt]# curl http://192.168.43.93/wordpress/index.html
This is RS02!!
6.编写Real-server上的功能脚本
执行机器:RS01与RS02
[root@RS01 opt]# ls
lnmp1.7-full lnmp1.7-full.tar.gz lvs_dr_rs.sh wordpress-5.4.2.zip
[root@RS01 opt]# cat lvs_dr_rs.sh
#!/bin/bash
vip=192.168.43.188
ifconfig lo:1 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev lo:1
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
[root@RS01 opt]#
[root@RS02 opt]# ls
lnmp1.7-full lnmp1.7-full.tar.gz lvs_dr_rs.sh wordpress-5.4.2.zip
[root@RS02 opt]# cat lvs_dr_rs.sh
#!/bin/bash
vip=192.168.43.188
ifconfig lo:1 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev lo:1
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
[root@RS02 opt]#
(二)组件的启动与自启
1.keepalived添加开机自启
[root@DR01 ~]# systemctl start keepalived
[root@DR01 ~]# systemctl enable keepalived
[root@DR02 ~]# systemctl start keepalived
[root@DR02 ~]# systemctl enable keepalived
2.nginx添加开机自启
[root@RS01 opt]# systemctl start nginx
[root@RS01 opt]# systemctl enable nginx
[root@RS02 opt]# systemctl start nginx
[root@RS02 opt]# systemctl enable nginx
3.Real-server的脚本执行
[root@RS01 opt]# ./lvs_dr_rs.sh
[root@RS02 opt]# ./lvs_dr_rs.sh
(三)配置完成后的分析与观察
DR01与DR02-BACKUP的情况:
观察vip的产生及负载均衡情况:
[root@DR01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.90/24 brd 192.168.43.255 scope global ens37
valid_lft forever preferred_lft forever
inet 192.168.43.188/32 scope global ens37
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe09:5ee7/64 scope link
valid_lft forever preferred_lft forever
[root@DR01 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.43.188:80 rr
-> 192.168.43.92:80 Route 1 0 58
-> 192.168.43.93:80 Route 1 0 59
[root@DR01 ~]#
[root@DR02-BACKUP ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e4:23:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.91/24 brd 192.168.43.255 scope global ens37
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee4:2398/64 scope link
valid_lft forever preferred_lft forever
[root@DR02-BACKUP ~]#
[root@DR02-BACKUP ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.43.188:80 rr
-> 192.168.43.92:80 Route 1 0 0
-> 192.168.43.93:80 Route 1 0 0
[root@DR02-BACKUP ~]#
RS01与RS02的观察分析:
[root@RS01 opt]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.43.188/32 brd 192.168.43.188 scope global lo:1 # 注意观察这里
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:d3:f8:97 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.92/24 brd 192.168.43.255 scope global noprefixroute ens37
valid_lft forever preferred_lft forever
inet6 fe80::dc4f:e9fc:faa9:6ab/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@RS01 opt]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore && cat /proc/sys/net/ipv4/conf/lo/arp_announce && cat /proc/sys/net/ipv4/conf/all/arp_ignore && cat /proc/sys/net/ipv4/conf/all/arp_announce
1
2
1
2
[root@RS02 opt]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.43.188/32 brd 192.168.43.188 scope global lo:1 # 注意观察这里
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:bf:42:92 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.93/24 brd 192.168.43.255 scope global noprefixroute ens37
valid_lft forever preferred_lft forever
inet6 fe80::56a8:84a1:c027:4d74/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@RS02 opt]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore && cat /proc/sys/net/ipv4/conf/lo/arp_announce && cat /proc/sys/net/ipv4/conf/all/arp_ignore && cat /proc/sys/net/ipv4/conf/all/arp_announce
1
2
1
2
(四)测试
我们在IP为192.168.43.110的客户端进行测试调度情况:
[root@harbor ~]# ip a | grep 192.168.43.110
inet 192.168.43.110/24 brd 192.168.43.255 scope global noprefixroute ens33
[root@harbor ~]# while true ; do curl http://192.168.43.188/wordpress/index.html ; sleep 3; done
This is RS02!!
This is RS01!!
This is RS02!!
This is RS01!!
This is RS02!!
^C
[root@harbor ~]#
(五)故障模拟及日志分析
1.模拟DR01关闭keepalived服务
[root@DR01 ~]# systemctl stop keepalived
[root@DR01 ~]# tail -f /var/log/keepalived.log
Aug 3 14:59:23 DR01 Keepalived[1408]: Stopping
Aug 3 14:59:23 DR01 Keepalived_healthcheckers[1409]: Removing service [192.168.43.92]:80 from VS [192.168.43.188]:80
Aug 3 14:59:23 DR01 Keepalived_healthcheckers[1409]: Removing service [192.168.43.93]:80 from VS [192.168.43.188]:80
Aug 3 14:59:23 DR01 Keepalived_healthcheckers[1409]: Stopped # 日志提示已经停止
Aug 3 14:59:23 DR01 Keepalived_vrrp[1410]: VRRP_Instance(VI_1) sent 0 priority
Aug 3 14:59:23 DR01 Keepalived_vrrp[1410]: VRRP_Instance(VI_1) removing protocol VIPs.
Aug 3 14:59:24 DR01 Keepalived_vrrp[1410]: Stopped
Aug 3 14:59:24 DR01 Keepalived[1408]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
[root@DR01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.90/24 brd 192.168.43.255 scope global ens37 # vip漂移了
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe09:5ee7/64 scope link
valid_lft forever preferred_lft forever
[root@DR01 ~]#
[root@DR02-BACKUP ~]# tail -f /var/log/keepalived.log
Aug 3 14:59:24 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Transition to MASTER STATE # 转化为Master
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Entering MASTER STATE
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) setting protocol VIPs.
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens37 for 192.168.43.188
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:25 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:26 DR02-BACKUP ntpd[695]: Listen normally on 9 ens37 192.168.43.188 UDP 123
Aug 3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens37 for 192.168.43.188
Aug 3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 14:59:30 DR02-BACKUP Keepalived_vrrp[1434]: Sending gratuitous ARP on ens37 for 192.168.43.188
[root@DR02-BACKUP ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e4:23:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.91/24 brd 192.168.43.255 scope global ens37
valid_lft forever preferred_lft forever
inet 192.168.43.188/32 scope global ens37 # vip 漂移来了
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee4:2398/64 scope link
valid_lft forever preferred_lft forever
[root@DR02-BACKUP ~]#
[root@DR02-BACKUP ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.43.188:80 rr
-> 192.168.43.92:80 Route 1 0 2
-> 192.168.43.93:80 Route 1 0 2
[root@DR02-BACKUP ~]#
页面可访问:
[root@harbor ~]# while true ; do curl http://192.168.43.188/wordpress/index.html ; sleep 3; done
This is RS02!!
This is RS01!!
This is RS02!!
This is RS01!!
2.模拟DR01关闭恢复开启keepalived服务
[root@DR01 ~]# systemctl start keepalived
[root@DR01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.90/24 brd 192.168.43.255 scope global ens37
valid_lft forever preferred_lft forever
inet 192.168.43.188/32 scope global ens37
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe09:5ee7/64 scope link
valid_lft forever preferred_lft forever
[root@DR01 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.43.188:80 rr
-> 192.168.43.92:80 Route 1 0 0
-> 192.168.43.93:80 Route 1 0 0
[root@DR01 ~]#
[root@DR01 ~]# tail -f /var/log/keepalived.log
Aug 3 15:05:08 DR01 Keepalived[1507]: Starting Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Aug 3 15:05:08 DR01 Keepalived[1507]: Opening file '/etc/keepalived/keepalived.conf'.
Aug 3 15:05:08 DR01 Keepalived[1508]: Starting Healthcheck child process, pid=1509
Aug 3 15:05:08 DR01 Keepalived[1508]: Starting VRRP child process, pid=1510
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Initializing ipvs
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Opening file '/etc/keepalived/keepalived.conf'.
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< Global definitions >------
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Router ID = LVS_DEVEL
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Default interface = eth0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: LVS flush = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP IPv4 mcast group = 224.0.0.18
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP IPv6 mcast group = ff02::12
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP delay = 5
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP repeat = 5
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP refresh timer = 0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP refresh repeat = 1
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP lower priority delay = 4294
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP lower priority repeat = -1
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Send advert after receive lower priority advert = true
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Send advert after receive higher priority advert = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous ARP interval = 0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Gratuitous NA interval = 0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP default protocol version = 2
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Iptables input chain = INPUT
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Using ipsets = true
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ipset IPv4 address set = keepalived
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ipset IPv6 address set = keepalived6
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ipset IPv6 address,iface set = keepalived_if6
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP check unicast_src = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP skip check advert addresses = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP strict mode = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP process priority = 0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VRRP don't swap = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Checker process priority = 0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Checker don't swap = false
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP keepalived disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP checker disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP RFCv2 disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP RFCv3 disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP traps disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: SNMP socket = default (unix:/var/agentx/master)
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Network namespace = (default)
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Script security disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Default script uid:gid 0:0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< SSL definitions >------
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Using autogen SSL context
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< LVS Topology >------
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: System is compiled with LVS v1.2.1
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: VIP = 192.168.43.188, VPORT = 80
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Address family = inet
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: delay_loop = 6, lb_algo = rr
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Hashed = disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: flag-1 = disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: flag-2 = disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: flag-3 = disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: One packet scheduling = disabled
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: protocol = TCP
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: alpha is OFF, omega is OFF
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: quorum = 1, hysteresis = 0
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: lb_kind = DR
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: RIP = 192.168.43.92, RPORT = 80, WEIGHT = 1
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: RIP = 192.168.43.93, RPORT = 80, WEIGHT = 1
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: ------< Health checkers >------
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: [192.168.43.92]:80
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Keepalive method = TCP_CHECK
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Connection dest = [192.168.43.92]:80
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Connection timeout = 10
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Retry count = 3
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Retry delay = 3
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: [192.168.43.93]:80
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Keepalive method = TCP_CHECK
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Connection dest = [192.168.43.93]:80
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Connection timeout = 10
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Retry count = 3
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Retry delay = 3
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Activating healthchecker for service [192.168.43.188]:80
Aug 3 15:05:08 DR01 Keepalived_healthcheckers[1509]: Activating healthchecker for service [192.168.43.188]:80
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Registering Kernel netlink reflector
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Registering Kernel netlink command channel
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Registering gratuitous ARP shared channel
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Opening file '/etc/keepalived/keepalived.conf'.
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) removing protocol VIPs.
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< Global definitions >------
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Router ID = LVS_DEVEL
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Default interface = eth0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: LVS flush = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP IPv4 mcast group = 224.0.0.18
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP IPv6 mcast group = ff02::12
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP delay = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP repeat = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP refresh timer = 0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP refresh repeat = 1
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP lower priority delay = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP lower priority repeat = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Send advert after receive lower priority advert = true
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Send advert after receive higher priority advert = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP interval = 0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous NA interval = 0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP default protocol version = 2
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Iptables input chain = INPUT
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Using ipsets = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ipset IPv4 address set = keepalived
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ipset IPv6 address set = keepalived6
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ipset IPv6 address,iface set = keepalived_if6
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP check unicast_src = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP skip check advert addresses = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP strict mode = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP process priority = 0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP don't swap = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Checker process priority = 0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Checker don't swap = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP keepalived disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP checker disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP RFCv2 disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP RFCv3 disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP traps disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: SNMP socket = default (unix:/var/agentx/master)
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Network namespace = (default)
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Script security disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Default script uid:gid 0:0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< VRRP Topology >------
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP Instance = VI_1
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Using VRRPv2
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Want State = MASTER
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Running on device = ens37
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Skip checking advert IP addresses = no
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Enforcing strict VRRP compliance = no
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Using src_ip = 192.168.43.90
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP delay = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP repeat = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP refresh timer = 0
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP refresh repeat = 1
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP lower priority delay = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Gratuitous ARP lower priority repeat = 5
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Send advert after receive lower priority advert = true
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Send advert after receive higher priority advert = false
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Virtual Router ID = 51
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Priority = 100
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Advert interval = 1 sec
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Accept enabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Promote_secondaries disabled
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Authentication type = SIMPLE_PASSWORD
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Password = 1111
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Virtual IP = 1
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: 192.168.43.188/32 dev ens37 scope global
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< NIC >------
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Name = ens33
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: index = 2
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv4 address = 192.168.131.90
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv6 address = ::
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: MAC = 00:0c:29:09:5e:dd
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: is UP
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: MTU = 1500
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: HW Type = ETHERNET
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: ------< NIC >------
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Name = ens37
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: index = 3
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv4 address = 192.168.43.90
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: IPv6 address = fe80::20c:29ff:fe09:5ee7
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: MAC = 00:0c:29:09:5e:e7
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: is UP
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: is RUNNING
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: MTU = 1500
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: HW Type = ETHERNET
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: Using LinkWatch kernel netlink reflector...
Aug 3 15:05:08 DR01 Keepalived_vrrp[1510]: VRRP sockpool: [ifindex(3), proto(112), unicast(0), fd(10,11)]
Aug 3 15:05:09 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) Transition to MASTER STATE
Aug 3 15:05:10 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) Entering MASTER STATE
Aug 3 15:05:10 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) setting protocol VIPs.
Aug 3 15:05:10 DR01 Keepalived_vrrp[1510]: Sending gratuitous ARP on ens37 for 192.168.43.188
Aug 3 15:05:10 DR01 Keepalived_vrrp[1510]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens37 for 192.168.43.188
Aug 3 15:05:10 DR01 Keepalived_vrrp[1510]: Sending gratuitous ARP on ens37 for 192.168.43.188
[root@DR02-BACKUP ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.43.188:80 rr
-> 192.168.43.92:80 Route 1 0 2
-> 192.168.43.93:80 Route 1 0 2
[root@DR02-BACKUP ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e4:23:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.91/24 brd 192.168.43.255 scope global ens37
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee4:2398/64 scope link
valid_lft forever preferred_lft forever
[root@DR02-BACKUP ~]#
[root@DR02-BACKUP ~]# tail -f /var/log/keepalived.log
Aug 3 15:05:09 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 90
Aug 3 15:05:09 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) Entering BACKUP STATE
Aug 3 15:05:09 DR02-BACKUP Keepalived_vrrp[1434]: VRRP_Instance(VI_1) removing protocol VIPs.
Aug 3 15:05:10 DR02-BACKUP ntpd[695]: Deleting interface #9 ens37, 192.168.43.188#123, interface stats: received=0, sent=0, dropped=0, active_time=344 secs
[root@harbor ~]# while true ; do curl http://192.168.43.188/wordpress/index.html ; sleep 3; done
This is RS02!!
This is RS01!!
This is RS02!!
This is RS01!!
^C
[root@harbor ~]#
3.模拟RS01上nginx关闭时的情况
[root@RS01 opt]# systemctl stop nginx
[root@RS01 opt]#
[root@DR01 ~]# tail -f /var/log/keepalived.log
Aug 3 15:10:14 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:17 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:20 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:23 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Check on service [192.168.43.92]:80 failed after 3 retry.
Aug 3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Removing service [192.168.43.92]:80 from VS [192.168.43.188]:80
[root@DR02-BACKUP ~]# tail -f /var/log/messages
Aug 3 15:10:14 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:17 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:20 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:23 DR01 Keepalived_healthcheckers[1509]: TCP connection to [192.168.43.92]:80 failed.
Aug 3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Check on service [192.168.43.92]:80 failed after 3 retry.
Aug 3 15:10:23 DR01 Keepalived_healthcheckers[1509]: Removing service [192.168.43.92]:80 from VS [192.168.43.188]:80
[root@DR01 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.43.188:80 rr
-> 192.168.43.93:80 Route 1 0 1
# 观察这里,已经被移除了
[root@DR01 ~]#
[root@harbor ~]# while true ; do curl http://192.168.43.188/wordpress/index.html ; sleep 3; done
This is RS02!!
This is RS02!!
This is RS02!!
This is RS02!!
This is RS02!!
This is RS02!!
^C
(六)抓包分析Lvs-DR模式下更改数据包的情况
1.获取基本信息
Client MAC地址(192.168.43.110):
[root@harbor ~]# ip a | grep '43.e6'
link/ether 00:0c:29:5f:43:e6 brd ff:ff:ff:ff:ff:ff
DR01 MAC地址(192.168.43.188):
[root@DR01 ~]# ip a | grep '5e.e7'
link/ether 00:0c:29:09:5e:e7 brd ff:ff:ff:ff:ff:ff
RS02 MAC地址(192.168.43.93):
[root@RS02 opt]# ip a | grep '42.92'
link/ether 00:0c:29:bf:42:92 brd ff:ff:ff:ff:ff:ff
2.使用tupdump抓包导出,利用wireshark分析
[root@RS02 opt]# tcpdump -i ens37 -vv '((tcp) and (dst host 192.168.43.188) and (src host 192.168.43.110))' -w rs02.pcap
这里我们取2条数据继续分析即可:
1 0.000000 192.168.43.110 192.168.43.188 TCP 74 38370 → 80 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=300602194 TSecr=0 WS=128
Frame 1: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Ethernet II, Src: VMware_5f:43:e6 (00:0c:29:5f:43:e6), Dst: VMware_09:5e:e7 (00:0c:29:09:5e:e7) #注意: src:Client MAC dst:DR01 MAC
Internet Protocol Version 4, Src: 192.168.43.110, Dst: 192.168.43.188
Transmission Control Protocol, Src Port: 38370, Dst Port: 80, Seq: 0, Len: 0
2 0.000087 192.168.43.110 192.168.43.188 TCP 74 [TCP Out-Of-Order] 38370 → 80 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=300602194 TSecr=0 WS=128
Frame 2: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Ethernet II, Src: VMware_09:5e:e7 (00:0c:29:09:5e:e7), Dst: VMware_bf:42:92 (00:0c:29:bf:42:92) #注意: src: DR01 MAC dst:RS02 MAC
Internet Protocol Version 4, Src: 192.168.43.110, Dst: 192.168.43.188
Transmission Control Protocol, Src Port: 38370, Dst Port: 80, Seq: 0, Len: 0
同一条数据,通过1-2可以看出"Ethernet II"段的地址已经改写完毕.
