LVS / ipsadm mode and basic use

Keywords: Linux Operation & Maintenance server Middleware


Article catalog
Docker builds a simple LVS - dz45693 - blog Park (

Linux Virtual Server, Linux Virtual Server, mainly realizes soft load scheduling

1, Introduction

1.1 three working modes of LVS

  • NAT - network address translation

    NAT (Network Address Translation) refers to Network Address Translation. The requested data packet will be transmitted to the cluster virtual IP on the LVS cluster first. LVS will modify the source address and port of this data packet and send it to the back-end real server. The real server will return the response data packet to the LVS scheduler, After receiving the response packet, the scheduler will modify the source address and source port to VIP and the corresponding port of the scheduler. After the modification, the scheduler will send the response packet back to the end user. The above two network cards Eth0 and Eth1 are used for interactive connection with external / internal network devices respectively, in order to protect the back-end service group, avoid external exposure and improve security.

  • TUN - tunnel mode

    Unlike before, in NAT mode, both request and response packets pass through LVS, but in TUN mode, the packet paths of request and response are separated, and the back-end Web service directly returns the response data to the user. This is to enable LVS to concentrate on processing data requests and reduce the workload of LVS

  • DR - Direct Routing

    In the TUN mode, a tunnel link needs to be created between the LVS and the back-end server, which will increase the burden of the server when there is a large amount of data. Although the DR (direct routing) mode is very similar to the tunnel mode, the difference is that the Dr mode requires that the scheduler and the back-end server must be in the same LAN, and the VIP address needs to be shared between the scheduler and all the back-end servers, Because the final real server needs to set the source IP as the VIP address and the target IP as the client IP when responding to the data packet to the client. In this way, the client accesses the VIP address of the scheduler, and the source address of the response is still the VIP address (VIP on the real server). The client does not feel that the back-end server exists.

1.2 scheduling algorithm

Generally, in the production environment, a LVS may drag a pile of Nginx servers, so the selection of forwarding scheduling is particularly important, and these scheduling algorithms are used in LVS

  • Consistent Hashing
  • polling
  • Weighted polling

As for what this means, I won't explain it. It's explained in the Nginx article

1.3 ipsadm - LVS management tool

At present, LVS is already a part of the Linux standard kernel. After Linux 2.4, various functional modules of LVS have been completely built in. There is no need to do other operations. We only need to install an LVS management tool

yum -y install ipvsadm

2, Basic use

Enough theoretical knowledge and practice

2.1 deployment practice

First, sort out the thinking environment in your mind

  • A client that initiates an access request
  • LVS, load scheduling
  • Web services to provide actual business

Then start the test. Here I use the container to test, because I don't want to do so many virtual machines

1 - deploy a Web container service

## Deploy Nginx container
podman run -itd --name=nginx_demo -p 8088:80  nginx

Record the IP address in the container

root@3d620ec694c9:/# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet  netmask  broadcast

Effect test

root@3d620ec694c9:/# curl 
<!DOCTYPE html>
<title>Welcome to nginx!</title>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href=""></a>.<br/>
Commercial support is available at
<a href=""></a>.</p>

<p><em>Thank you for using nginx.</em></p>

2 - deploy LVS Scheduler - DR mode

## install
yum -y install ipvsadm
ipvsadm -At -s rr
ipvsadm -at -r -g

See the actual effect

Write later


Posted by ParkerPHP on Sun, 05 Dec 2021 01:23:10 -0800