准备工作
1、设备分配
192.168.137.100 LB Server(另一块公网网卡:192.168.138.100)
192.168.137.150 Server01(网关:192.168.137.100)
192.168.137.200 Server02(网关:192.168.137.100)
注:完成所有准备工作后调整设备网关。
2、关闭所有设备防火墙
systemctl stop firewalld systemctl disable firewalld setenforce 0
3、所有设备安装iptables
yum install -y iptables-services systemctl start iptables systemctl enable iptables iptables -F service iptables save
搭建LVS NAT模式
1、在LB Server上安装ipvsadm服务
yum install -y ipvsadm
2、编写脚本
[root@juispan ~]# vi /usr/local/sbin/lvs_nat.sh #! /bin/bash # director 服务器上开启路由转发功能 echo 1 > /proc/sys/net/ipv4/ip_forward # 关闭icmp的重定向 echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects # 注意区分网卡名字,两个网卡分别为ens33和ens37 echo 0 > /proc/sys/net/ipv4/conf/ens33/send_redirects #echo 0 > /proc/sys/net/ipv4/conf/ens37/send_redirects # director 设置nat防火墙 iptables -t nat -F iptables -t nat -X iptables -t nat -A POSTROUTING -s 192.168.137.0/24 -j MASQUERADE # director设置ipvsadm IPVSADM=‘/usr/sbin/ipvsadm‘ $IPVSADM -C $IPVSADM -A -t 192.168.138.100:80 -s wlc -p 3 $IPVSADM -a -t 192.168.138.100:80 -r 192.168.137.150:80 -m -w 1 $IPVSADM -a -t 192.168.138.100:80 -r 192.168.137.200:80 -m -w 1
3、执行脚本
[root@juispan ~]# sh /usr/local/sbin/lvs_nat.sh
4、测试效果
[root@juispan ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.138.100:80 wlc persistent 3 -> 192.168.137.150:80 Masq 1 0 0 -> 192.168.137.200:80 Masq 1 0 0
本文出自 “Gorilla City” 博客,请务必保留此出处http://juispan.blog.51cto.com/943137/1964200
原文:http://juispan.blog.51cto.com/943137/1964200