8
lvs fwmark 模式
source link: http://abcdxyzk.github.io/blog/2018/06/06/kernel-lvs-fwmark/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
lvs fwmark 模式
2018-06-06 01:51:00
http://blog.51cto.com/angus717/769577
persistent netfilter marked packet persistence 持久防火墙标记(在pre-routing链上打netfilter marked,而且该标记只在防火墙内部有效通常是0-99)
[root@slave ~]# ipvsadm -C
[root@slave ~]# iptables -t mangle -A PREROUTING -i eth0 -p tcp -d 172.16.8.120 --dport 80 -j MARK --set-mark 80
[root@slave ~]# iptables -t mangle -A PREROUTING -i eth0 -p tcp -d 172.16.8.120 --dport 443 -j MARK --set-mark 80
[root@slave ~]# ipvsadm -A -f 80 -s rr -p 1000
[root@slave ~]# ipvsadm -a -f 80 -r 172.16.100.7 -g
[root@slave ~]# ipvsadm -a -f 80 -r 172.16.100.6 -g
[root@slave ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
FWM 80 rr persistent 1000
-> 172.16.100.6:0 Route 1 0 0
-> 172.16.100.7:0 Route 1 0 0 Posted by kk
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK