LVS持久连接的三种模型:
1、PCC 将某个客户的所用访问请求在超时时间内都定向到同一台server上 基于客户端的持久连接
2、PPC 将某个客户的某个服务访问请求在超时时间内都定向到同一台server上 基于会话的端口持久连接
3、Netfilter Mark 基于防火墙标志的持久连接(将多个服务端口绑定到一起,定义有限个服务为集群服务)
PCC:
[root@localhost ~]# ipvsadm -C [root@localhost ~]# ipvsadm -At 172.25.25.200:0 -s rr -p 120 [root@localhost ~]# ipvsadm -at 172.25.25.200:0 -r 172.25.25.4 -g [root@localhost ~]# ipvsadm -at 172.25.25.200:0 -r 172.25.25.5 -g [root@localhost ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.25.25.200:80 rr persistent 120 -> 172.25.25.4:80 Route 1 0 0 -> 172.25.25.5:80 Route 1 0 0
PPC:
[root@localhost ~]# ipvsadm -C [root@localhost ~]# ipvsadm -At 172.25.25.200:22 -s rr -p 360 [root@localhost ~]# ipvsadm -At 172.25.25.200:80 -s rr -p 360 [root@localhost ~]# ipvsadm -at 172.25.25.200:80 -r 172.25.25.4 -g [root@localhost ~]# ipvsadm -at 172.25.25.200:80 -r 172.25.25.5 -g [root@localhost ~]# ipvsadm -at 172.25.25.200:20 -r 172.25.25.4 -g [root@localhost ~]# ipvsadm -nL IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.25.25.200:22 rr persistent 360 -> 172.25.25.4:22 Route 1 0 2 TCP 172.25.25.200:80 rr persistent 360 -> 172.25.25.4:80 Route 1 0 0 -> 172.25.25.5:80 Route 1 0 2
基于防火墙标记:
[root@localhost ~]# ipvsadm -C [root@localhost ~]# iptables -t mangle -A PREROUTING -d 172.25.25.200 -i eth0 -p tcp -m multiport --dport 80,443 -j MARK --set-mark 10 # 创建规则(把防火墙的8定义为集群服务) [root@localhost ~]# ipvsadm -A -f 10 -s rr -p 360 [root@localhost ~]# ipvsadm -a -f 10 -r 172.25.25.4 -g [root@localhost ~]# ipvsadm -a -f 10 -r 172.25.25.5 -g [root@localhost ~]# ipvsadm -nL IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn FWM 10 rr persistent 360 -> 172.25.25.4:0 Route 1 0 2 -> 172.25.25.5:0 Route 1 0 0