search

alibaba / LVS

A distribution of Linux Virtual Server with some advanced features. It introduces a new packet forwarding method - FULLNAT other than NAT/Tunneling/DirectRouting, and defense mechanism against synflooding attack - SYNPROXY.
2k stars 682 forks source link

fullnat 模式下 ipvsadm -S 与 ipvsadm -R 的问题 #15

Open shenshouer opened 8 years ago

shenshouer commented 8 years ago

我现在通过ipvsadm来进行当前规则的导入与导出时碰到了问题,操作如下:

[root@lvs keepalived]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4194304)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.10.11.77:http rr
  -> 10.10.11.66:http             FullNat 100    0          0
[root@lvs ~]# ipvsadm -S
-A -t 10.10.11.77:http -s rr
-a -t 10.10.11.77:http -r 10.10.11.66:http (null) -w 100
[root@lvs ~]# ipvsadm -S > /tmp/conf
[root@lvs ~]# cat /tmp/conf
-A -t 10.10.11.77:http -s rr
-a -t 10.10.11.77:http -r 10.10.11.66:http (null) -w 100
[root@lvs ~]# ipvsadm -R < /tmp/conf
Service already exists
unexpected argument (null)

这个是不是操作不对引起的?

movadd commented 8 years ago

ipvsadm -S -n

2016-01-08 13:32 GMT+08:00 sope notifications@github.com:

我现在通过ipvsadm来进行当前规则的导入与导出时碰到了问题,操作如下:

[root@lvs ~]# ipvsadm -S -A -t 10101177:http -s rr -a -t 10101177:http -r 10101166:http (null) -w 100 [root@lvs ~]# ipvsadm -S > /tmp/conf [root@lvs ~]# cat /tmp/conf -A -t 10101177:http -s rr -a -t 10101177:http -r 10101166:http (null) -w 100 [root@lvs ~]# ipvsadm -R < /tmp/conf Service already exists unexpected argument (null)

这个是不是操作不对引起的?

— Reply to this email directly or view it on GitHub https://github.com/alibaba/LVS/issues/15.

shenshouer commented 8 years ago

使用ipvsadm -R恢复规则时还是报错。

[root@lvs ~]# ipvsadm -S -n
-A -t 10.10.11.77:80 -s rr
-a -t 10.10.11.77:80 -r 10.10.11.66:80 (null) -w 100
-A -t 10.10.11.78:80 -s rr
-a -t 10.10.11.78:80 -r 10.10.11.66:80 (null) -w 100
[root@lvs ~]# ipvsadm -S -n > /tmp/conf
[root@lvs ~]# cat /tmp/conf
-A -t 10.10.11.77:80 -s rr
-a -t 10.10.11.77:80 -r 10.10.11.66:80 (null) -w 100
-A -t 10.10.11.78:80 -s rr
-a -t 10.10.11.78:80 -r 10.10.11.66:80 (null) -w 100
[root@lvs ~]# ipvsadm -C
[root@lvs ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4194304)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
[root@lvs ~]# ipvsadm -R < /tmp/conf 
unexpected argument (null)
kaerser commented 6 years ago

应该是ipvsadm-save还是使用的lvs官方方法,所以在重新编译的fullnat中ipvsadm-save就不支持-b的参数,导致导出规则之后出现(null),目前我的方式是把规则导出文件中的(null)替换为-b之后再导入就不会有报错了。 [root@hz-lvs-test-128-201 sysconfig]# /etc/init.d/ipvsadm save Saving IPVS table to /etc/sysconfig/ipvsadm: [ OK ] [root@hz-lvs-test-128-201 sysconfig]# cat ipvsadm -A -t 10.212.128.202:8000 -s rr -a -t 10.212.128.202:8000 -r 10.199.135.15:80 (null) -w 1 -a -t 10.212.128.202:8000 -r 10.199.135.16:80 (null) -w 1 [root@hz-lvs-test-128-201 sysconfig]# sed -i 's/(null)/-b/g' ipvsadm [root@hz-lvs-test-128-201 sysconfig]# cat ipvsadm -A -t 10.212.128.202:8000 -s rr -a -t 10.212.128.202:8000 -r 10.199.135.15:80 -b -w 1 -a -t 10.212.128.202:8000 -r 10.199.135.16:80 -b -w 1 [root@hz-lvs-test-128-201 sysconfig]# /etc/init.d/ipvsadm reload Clearing the current IPVS table: [ OK ] Applying IPVS configuration: [ OK ] [root@hz-lvs-test-128-201 sysconfig]# ipvsadm IP Virtual Server version 1.2.1 (size=1048576) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.212.128.202:irdmi rr -> 10.199.135.15:http FullNat 1 0 0
-> 10.199.135.16:http FullNat 1 0 0