### Configure Real Server for VS/DR Source: http://www.linuxvirtualserver.org/docs/LocalNode.html Example configuration for a real server in a VS/DR setup. This includes network interface configuration and setting up an alias IP address on the loopback interface. ```bash ifconfig eth0 172.26.20.112 netmask 255.255.255.0 broadcast 172.26.20.255 up route add -net 172.26.20.0 netmask 255.255.255.0 dev eth0 ifconfig lo:0 172.26.20.110 netmask 255.255.255.255 broadcast 172.26.20.110 up route add -host 172.26.20.110 dev lo:0 ``` -------------------------------- ### HTTP Request Example Source: http://www.linuxvirtualserver.org/docs/PilotService.html Demonstrates a typical HTTP request stream interaction with a proxy server. This example shows the initial connection and a GET request. ```bash michael@natcache1:~ > telnet man0.sites.wwwcache.ja.net 8080 Trying 194.83.240.20... Connected to paprika.mcc.wwwcache.ja.net. Escape character is '^]'. GET http://rascal.mcc.ac.uk:81/squidtimes/ HTTP/1.0 ``` -------------------------------- ### Mon Configuration Example Source: http://www.linuxvirtualserver.org/docs/ha/heartbeat_mon.html This is a sample configuration file for the 'mon' daemon. It defines global options, host groups, and settings for monitoring web servers. ```config # # The mon.cf file # # # global options # cfbasedir = /etc/mon alertdir = /usr/lib/mon/alert.d mondir = /usr/lib/mon/mon.d maxprocs = 20 histlength = 100 randstart = 30s # # group definitions (hostnames or IP addresses) # hostgroup www1 www1.domain.com hostgroup www2 www2.domain.com # # Web server 1 ``` -------------------------------- ### Persistent Granularity Example Source: http://www.linuxvirtualserver.org/docs/persistence.html Demonstrates configuring persistence with a subnet mask for a virtual service. This allows for more granular control over which clients are subject to persistence rules. ```bash ipvsadm -A -t virtualdomain:www -p -M 255.255.255.0 ipvsadm -a -t virtualdomain:www -r 192.168.1.2 ipvsadm -a -t virtualdomain:www -r 192.168.1.3 ipvsadm -a -t virtualdomain:www -r 192.168.1.4 ``` -------------------------------- ### Configure Sticky HTTP with VS/NAT Source: http://www.linuxvirtualserver.org/docs/persistence.html This example demonstrates how to configure sticky HTTP sessions using ipvsadm for a VS/NAT setup. It adds a virtual service and then associates multiple real servers with it, ensuring client connections are maintained to the same server. ```bash ipvsadm -A -t virtualdomain:www -p ipvsadm -a -t virtualdomain:www -r 192.168.1.2 -m ipvsadm -a -t virtualdomain:www -r 192.168.1.3 -m ipvsadm -a -t virtualdomain:www -r 192.168.1.4 -m ``` -------------------------------- ### Configure Load Balancer for Local Node (VS/DR) Source: http://www.linuxvirtualserver.org/docs/LocalNode.html Example configuration for a load balancer using the VS/DR method, enabling it to process some requests locally. This setup includes network interface configuration and ipvsadm commands. ```bash ifconfig eth0 172.26.20.111 netmask 255.255.255.0 broadcast 172.26.20.255 up route add -net 172.26.20.0 netmask 255.255.255.0 dev eth0 ifconfig eth0:0 172.26.20.110 netmask 255.255.255.255 broadcast 172.26.20.110 up route add -host 172.26.20.110 dev eth0:0 ipvsadm -A -t 172.26.20.110:23 -s wlc ipvsadm -a -t 172.26.20.110:23 -r 127.0.0.1 ipvsadm -a -t 172.26.20.110:23 -r 172.26.20.112 -g ``` -------------------------------- ### LVS Direct Routing - Using Dummy Device for VIPs Source: http://www.linuxvirtualserver.org/VS-DRouting.html Example of configuring multiple VIPs on a dummy device with hidden interfaces. IP forwarding must be enabled. ```bash echo 1 > /proc/sys/net/ipv4/ip_forward ifconfig dummy0 0.0.0.0 up echo 1 > /proc/sys/net/ipv4/conf/all/hidden echo 1 > /proc/sys/net/ipv4/conf/dummy0/hidden ifconfig dummy0:0 172.26.20.110 up ifconfig dummy0:1 up ... ``` -------------------------------- ### LVS Start/Stop Script Source: http://www.linuxvirtualserver.org/docs/ha/heartbeat_mon.html An init script for managing LVS (Linux Virtual Server) configurations, including starting and stopping IPVS rules. ```bash #!/bin/sh # # You probably want to set the path to include # nothing but local filesystems. # PATH=/bin:/usr/bin:/sbin:/usr/sbin export PATH IPVSADM=/sbin/ipvsadm case "$1" in start) if [ -x $IPVSADM ] then echo 1 > /proc/sys/net/ipv4/ip_forward $IPVSADM -A -t 10.0.0.3:80 $IPVSADM -a -t 10.0.0.3:80 -r 192.168.0.1 -w 5 -g $IPVSADM -a -t 10.0.0.3:80 -r 192.168.0.2 -w 5 -g fi ;; stop) if [ -x $IPVSADM ] then $IPVSADM -C fi ;; *) echo "Usage: lvs {start|stop}" exit 1 esac exit 0 ``` -------------------------------- ### Start IPVS Sync Backup Daemon Source: http://www.linuxvirtualserver.org/docs/sync.html On the backup load balancers, start the IPVS synchronization daemon in backup mode, specifying the multicast interface. ```bash ipvsadm --start-daemon=backup --mcast-interface=eth0 ``` -------------------------------- ### ldirectord Configuration Example Source: http://www.linuxvirtualserver.org/docs/ha/heartbeat_ldirectord.html This is a sample configuration file for ldirectord, specifying timeouts, check intervals, virtual IP and port, protocol, scheduler, real servers with weights, and request/receive strings for health checks. ```config # # The /etc/ha.d/www.cf for ldirectord # # the number of second until a real server is declared dead timeout = 10 # the number of second between server checks checkinterval = 10 # # virtual = x.y.z.w:p # protocol = tcp|udp # scheduler = rr|wrr|lc|wlc # real = x.y.z.w:p gate|masq|ipip [weight] # ... # virtual = 10.0.0.3:80 protocol = tcp scheduler = wlc real = 192.168.0.1:80 gate 5 real = 192.168.0.2:80 gate 5 request = "/.testpage" receive = "test page" ``` -------------------------------- ### Add IPVS Rules for Kernel 2.2.x / 2.4.x / 2.6.x Source: http://www.linuxvirtualserver.org/VS-IPTunneling.html Commands to add virtual server rules for kernel 2.2.x, 2.4.x, and 2.6.x using 'ipvsadm'. This example configures a virtual service with weighted least-connection scheduling and adds real servers. ```bash ipvsadm -A -t 202.103.106.5:80 -s wlc ipvsadm -a -t 202.103.106.5:80 -r 202.103.107.2 -i -w 1 ipvsadm -a -t 202.103.106.5:80 -r 202.103.106.3 -i -w 2 ``` -------------------------------- ### Configure Real Server for Direct Routing Source: http://www.linuxvirtualserver.org/VS-DRouting.html This snippet demonstrates the network configuration for a real server in a direct routing setup. It includes setting up a secondary IP address, configuring the default route, and adding a host route for the VIP to ensure direct traffic flow. ```bash ifconfig eth0 ... # Follow the different network route ... ifconfig eth1 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 up route add -net 192.168.0.0 netmask 255.255.255.0 dev eth1 ifconfig lo:0 netmask 255.255.255.255 broadcast up route add -host dev lo:0 ``` -------------------------------- ### Configure ldirectord in haresources Source: http://www.linuxvirtualserver.org/docs/ha/heartbeat_ldirectord.html Add ldirectord to the haresources file to have heartbeat manage its startup and shutdown. This example includes IP address management and ldirectord for www and mail services. ```bash node1 IPaddr::10.0.0.3 ldirectord::www ldirectord::mail ``` -------------------------------- ### Start IPVS Sync Master Daemon Source: http://www.linuxvirtualserver.org/docs/sync.html On the primary load balancer, start the IPVS synchronization daemon in master mode, specifying the multicast interface. ```bash ipvsadm --start-daemon=master --mcast-interface=eth0 ``` -------------------------------- ### Enable IP Forwarding and Configure Firewall Rules Source: http://www.linuxvirtualserver.org/VS-NAT.html Enables IP forwarding and sets up firewall rules for load balancing. Ensure the default route of real servers points to the virtual server. ```bash echo 1 > /proc/sys/net/ipv4/ip_forward ipfwadm -F -a m -S 172.16.0.0/24 -D 0.0.0.0/0 ``` -------------------------------- ### Real Server Configuration with Redirect (Kernel 2.2.x) Source: http://www.linuxvirtualserver.org/VS-IPTunneling.html Configure real servers running kernel 2.2.x using the redirect approach. This involves enabling IP forwarding, loading the ipip module, and setting up IP firewall rules for redirection. ```bash echo 1 > /proc/sys/net/ipv4/ip_forward # insert it if it is compiled as module modprobe ipip ifconfig tunl0 0.0.0.0 up ipchains -A input -j REDIRECT 23 -d 172.26.20.110 23 -p tcp ... ``` -------------------------------- ### haresources Configuration for ldirectord Source: http://www.linuxvirtualserver.org/docs/ha/heartbeat_ldirectord.html This line in the haresources file specifies the hostname, the virtual IP address to manage, and the ldirectord service to start for the 'www' virtual service. ```config lvs1.domain.com IPaddr::10.0.0.3 ldirectord::www ``` -------------------------------- ### Real Server Configuration (Kernel 2.2.14+) Source: http://www.linuxvirtualserver.org/VS-IPTunneling.html Set up the real server with IP tunneling. This involves enabling IP forwarding, loading the ipip module, configuring the tunl0 interface, and hiding the device. ```bash echo 1 > /proc/sys/net/ipv4/ip_forward # insert it if it is compiled as module modprobe ipip ifconfig tunl0 0.0.0.0 up echo 1 > /proc/sys/net/ipv4/conf/all/hidden echo 1 > /proc/sys/net/ipv4/conf/tunl0/hidden ifconfig tunl0 172.26.20.110 netmask 255.255.255.255 broadcast 172.26.20.110 up ``` -------------------------------- ### Check out TCPSP Source Code with Subversion Source: http://www.linuxvirtualserver.org/software/tcpsp/index.html Use this command to check out the latest source code of TCPSP from the Subversion repository. Ensure you have a Subversion client installed. ```bash svn co http://svn.linuxvirtualserver.org/repos/tcpsp/trunk/ tcpsp ``` -------------------------------- ### Checkout ktcpvs Module Anonymously Source: http://www.linuxvirtualserver.org/software/svn.html Use this command to download the latest source code of the ktcpvs module from the anonymous SVN repository. Ensure you have SVN client installed. ```bash svn co http://svn.linuxvirtualserver.org/repos/ktcpvs/trunk/ ktcpvs ``` -------------------------------- ### LVS Direct Routing for Kernel 2.0.x - Load Balancer Source: http://www.linuxvirtualserver.org/VS-DRouting.html Configure the load balancer with a virtual IP and add a real server using ippfvsadm. This setup is for kernel 2.0.x. ```bash ifconfig eth0 172.26.20.111 netmask 255.255.255.0 broadcast 172.26.20.255 up route add -net 172.26.20.0 netmask 255.255.255.0 dev eth0 ifconfig eth0:0 172.26.20.110 netmask 255.255.255.255 broadcast 172.26.20.110 up route add -host 172.26.20.110 dev eth0:0 ippfvsadm -A -t 172.26.20.110:23 -R 172.26.20.112 ``` -------------------------------- ### Add IPVS Rules for Kernel 2.0.x Source: http://www.linuxvirtualserver.org/VS-IPTunneling.html Commands to add virtual server rules for kernel 2.0.x using 'ippfvsadm'. This example sets up TCP traffic for a virtual IP. ```bash ippfvsadm -A -t 202.103.106.5:80 -R 202.103.107.2 -w 1 ippfvsadm -A -t 202.103.106.5:80 -R 202.103.106.3 -w 2 ``` -------------------------------- ### LVS Redirect Approach - Real Server (Kernel 2.2.x) Source: http://www.linuxvirtualserver.org/VS-DRouting.html Configure real servers using the redirect approach with ipchains. The service daemon must listen on all addresses or the VIP. ```bash echo 1 > /proc/sys/net/ipv4/ip_forward ipchains -A input -j REDIRECT 23 -d 172.26.20.110 23 -p tcp ... ``` -------------------------------- ### Add Real Server with Forwarding Method (2.2.x) Source: http://www.linuxvirtualserver.org/VS-NAT.html Use ipvsadm to add a real server to a virtual service, specifying the forwarding method (e.g., '-m' for masquerading). Weights can also be assigned. ```bash ipvsadm -a -t 202.103.106.5:80 -r 172.16.0.2:80 -m ipvsadm -a -t 202.103.106.5:80 -r 172.16.0.3:8000 -m -w 2 ipvsadm -a -t 202.103.106.5:21 -r 172.16.0.2:21 -m ``` -------------------------------- ### Kernel Compile Options for IPVS (2.2.x) Source: http://www.linuxvirtualserver.org/VS-NAT.html Enable IPVS support and select desired scheduling algorithms. Ensure masquerading and forwarding are enabled. ```bash Code maturity level options ---> [*] Prompt for development and/or incomplete code/drivers Networking options ---> [*] Network firewalls ... [*] IP: forwarding/gatewaying ... [*] IP: firewalling ... [*] IP: masquerading ... [*] IP: masquerading virtual server support (EXPERIMENTAL) (12) IP masquerading table size (the Nth power of 2) IPVS: round-robin scheduling IPVS: weighted round-robin scheduling IPVS: least-connection scheduling IPVS: weighted least-connection scheduling IPVS: locality-based least-connection scheduling IPVS: locality-based least-connection with replication scheduling ``` -------------------------------- ### Catch-all Persistence with VS/DR Source: http://www.linuxvirtualserver.org/docs/persistence.html Sets up a catch-all virtual service using DR mode, where port zero is used to apply persistence to all services. This ensures that once a client connects to any service on a server, all subsequent connections for other services from the same client are directed to that same server within the persistence timeout. ```bash ipvsadm -A -t virtualdomain:0 -p ipvsadm -a -t virtualdomain:0 -r 192.168.1.2 -g ipvsadm -a -t virtualdomain:0 -r 192.168.1.3 -g ipvsadm -a -t virtualdomain:0 -r 192.168.1.4 -g ```