白金帮忙看下.这样做负载均衡可行吗??

Linux下双网卡绑定技术实现负载均衡

信息来源: CSDN.net

保持服务器的高可用性是企业级 IT 环境的重要因素。其中最重要的一点是服务器网络连接的高可用性。网卡（NIC）绑定技术有助于保证高可用性特性并提供其它优势以提高网络性能。

我们在这介绍的Linux双网卡绑定实现就是使用两块网卡虚拟成为一块网卡，这个聚合起来的设备看起来是一个单独的以太网接口设备，通俗点讲就是两块网卡具有相同的IP地址而并行链接聚合成一个逻辑链路工作。其实这项技术在Sun和Cisco中早已存在，被称为Trunking和Etherchannel技术，在Linux的2.4.x的内核中也采用这这种技术，被称为bonding。bonding技术的最早应用是在集群——beowulf上，为了提高集群节点间的数据传输而设计的。下面我们讨论一下bonding 的原理,什么是bonding需要从网卡的混杂(promisc)模式说起。我们知道，在正常情况下，网卡只接收目的硬件地址(MAC Address)是自身Mac的以太网帧，对于别的数据帧都滤掉，以减轻驱程序的负担。但是网卡也支持外一种被称为混杂promisc的模式，可以接收网络上所有的帧，比如说tcpdump，就是运行在这个模式下。bonding也运行在这个模式下，而且修改了驱动程序中的mac地址，将两块网卡的Mac地址改成相同，可以接收特定mac的数据帧。然后把相应的数据帧传送给bond驱动程序处理。

说了半天理论，其实配置很简单，一共四个步骤：
实验的操作系统是Redhat Linux Enterprise 3.0
绑定的前提条件：芯片组型号相同，而且网卡应该具备自己独立的BIOS芯片。
1.编辑虚拟网络接口配置文件,指定网卡IP
vi /etc/sysconfig/network-scripts/ifcfg-bond0

[root@rhas-13 root]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 ifcfg-bond0

2 #vi ifcfg-bond0
　　将第一行改成 DEVICE=bond0
　　# cat ifcfg-bond0
　　DEVICE=bond0
　　BOOTPROTO=static
　　IPADDR=172.31.0.13
　　NETMASK=255.255.252.0
　　BROADCAST=172.31.3.254
　　ONBOOT=yes
　　TYPE=Ethernet
　　这里要主意，不要指定单个网卡的IP 地址、子网掩码或网卡 ID。将上述信息指定到虚拟适配器(bonding)中即可。

[root@rhas-13 network-scripts]# cat ifcfg-eth0

　　DEVICE=eth0
　　ONBOOT=yes
　　BOOTPROTO=dhcp
[root@rhas-13 network-scripts]# cat ifcfg-eth1

　　DEVICE=eth0
　　ONBOOT=yes
　　BOOTPROTO=dhcp

3 # vi /etc/modules.conf

编辑 /etc/modules.conf 文件，加入如下一行内容以使系统在启动时加载bonding模块，对外虚拟网络接口设备为 bond0加入下列两行

alias bond0 bonding
options bond0 miimon=100 mode=1

说明：miimon是用来进行链路监测的。 比如:miimon=100，那么系统每100ms监测一次路连接状态，如果有一条线路不通就转入另一条线路；mode的值表示工作模式，他共有0，1,2,3四种模式，常用的为0,1两种。
mode=0表示load balancing (round-robin)为负载均衡方式，两块网卡都工作。
mode=1表示fault-tolerance (active-backup)提供冗余功能，工作方式是主备的工作方式,也就是说默认情况下只有一块网卡作,另一块做备份. bonding只能提供链路监测，即从主机到交换机的链路是否接通。如果只是交换机对外的链路down掉了，而交换机本身并没有故障，那么bonding会认为链路没有问题而继续使用

4 # vi /etc/rc.d/rc.local 加入两行

ifenslave bond0 eth0 eth1
route add -net 172.31.3.254 netmask 255.255.255.0 bond0

到这时已经配置完毕重新启动机器. 重启会看见以下信息就表示配置成功了

Bringing up interface bond0 OK
Bringing up interface eth0 OK
Bringing up interface eth1 OK

下面我们讨论以下mode分别为0,1时的情况

mode=1工作在主备模式下,这时eth1作为备份网卡是noarp的

root@rhas-13 network-scripts]# ifconfig 验证网卡的配置信息


bond0 Link encap:Ethernet HWaddr 00:0E:7F:25:D9:8B
inet addr:172.31.0.13 Bcast:172.31.3.255 Mask:255.255.252.0
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 M etric:1
RX packets:18495 errors:0 dropped:0 overruns:0 frame:0
TX packets:480 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1587253 (1.5 Mb) TX bytes:89642 (87.5 Kb)

eth0 Link encap:Ethernet HWaddr 00:0E:7F:25:D9:8B
inet addr:172.31.0.13 Bcast:172.31.3.255 Mask:255.255.252.0
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:9572 errors:0 dropped:0 overruns:0 frame:0
TX packets:480 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:833514 (813.9 Kb) TX bytes:89642 (87.5 Kb)
Interrupt:11

eth1 Link encap:Ethernet HWaddr 00:0E:7F:25:D9:8B
inet addr:172.31.0.13 Bcast:172.31.3.255 Mask:255.255.252.0
UP BROADCAST RUNNING NOARP SLAVE MULTICAST MTU:1500 Metric:1
RX packets:8923 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:753739 (736.0 Kb) TX bytes:0 (0.0
Interrupt:15

那也就是说在主备模式下,当一个网络接口失效时(例如主交换机掉电等),不回出现网络中断,系统会按照cat /etc/rcd/rc.local里指定网卡的顺序工作,机器仍能对外服务,起到了失效保护的功能.



在mode=0 负载均衡工作模式下，他能提供两倍的带宽,我们来看一下网卡的配置信息

　[root@rhas-13 root]# ifconfig

bond0 Link encap:Ethernet HWaddr 00:0E:7F:25:D9:8B
inet addr:172.31.0.13 Bcast:172.31.3.255 Mask:255.255.252.0
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:2817 errors:0 dropped:0 overruns:0 frame:0
TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:226957 (221.6 Kb) TX bytes:15266 (14.9 Kb)

eth0 Link encap:Ethernet HWaddr 00:0E:7F:25:D9:8B
inet addr:172.31.0.13 Bcast:172.31.3.255 Mask:255.255.252.0
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:1406 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:113967 (111.2 Kb) TX bytes:7268 (7.0 Kb)
Interrupt:11

eth1 Link encap:Ethernet HWaddr 00:0E:7F:25:D9:8B
inet addr:172.31.0.13 Bcast:172.31.3.255 Mask:255.255.252.0
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:1411 errors:0 dropped:0 overruns:0 frame:0
TX packets:47 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:112990 (110.3 Kb) TX bytes:7998 (7.8 Kb)
Interrupt:15

在这种情况下出现一块网卡失效,仅仅会是服务器出口带宽下降,也不会影响网络使用.
通过查看bond0的工作状态查询能详细的掌握bonding的工作状态

[root@rhas-13 bonding]# cat /proc/net/bonding/bond0

　　bonding.c:v2.4.1 (September 15, 2003)

　　Bonding Mode: load balancing (round-robin)
  　MII Status: up
　　MII Polling Interval (ms): 0
　　Up Delay (ms): 0
　　Down Delay (ms): 0
　　Multicast Mode: all slaves

　　Slave Interface: eth1
　　MII Status: up
　　Link Failure Count: 0
　　Permanent HW addr: 00:0e:7f:25:d9:8a

　　Slave Interface: eth0
　　MII Status: up
　　Link Failure Count: 0
　　Permanent HW addr: 00:0e:7f:25:d9:8b

如果可行的话.. 哪是不是装三块网卡.一块LAN.另外两块WAN就行了吗??  还有你给的哪个NAT脚本需要怎么改呢?



以下是NAT脚本:

#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
IPT = "/sbin/iptables"
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
$IPT -F -t filter
$IPT -F -t nat
$IPT -P INPUT DROP
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT

# ALLOW ALL in PRIVATE NET
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A INPUT -i eth1 -j ACCEPT

# ICMP
$IPT -A INPUT -p icmp -m limit --limit 1/s --limit-burst 10 -j ACCEPT

# KEEP CONNECTIONS
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# NAT
$IPT -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
$IPT -t nat -A PREROUTING -s ! 192.168.0.0/24 -d 1.2.3.4 -p tcp --dport 8080 -j DNAT --to 192.168.0.250
$IPT -t nat -A PREROUTING -s ! 192.168.0.0/24 -d 1.2.3.4 -p tcp --dport 554 -j DNAT --to 192.168.0.250

[[i] Last edited by jk0wg on 2005-1-10 at 14:20 [/i]]

你实际的拓扑是什么？网卡有多少？IP有几个？

三条10M光纤. 三个固定IP  .   内网是200台客户机.. 网吧里的..  三条光纤接收发器  网卡呢如果需要多少都可以加.

我想只用两条做.然后留一条备用. 还是三条都做负载均衡??  你觉得哪样好?

[ Last edited by jk0wg on 2005-1-10 at 17:46 ]

反正闲着也是闲着，一起用多好啊
不过有2点
1、上面那个写的不对，不是那样做
2、要考虑一条坏了以后的情况，负载均衡做好后，如果坏了一个，整个网络就断掉了

哪请白金帮写一个吧~~    ^_^   先谢啦!!

现在想用freeBSD做.方法如下:

freeBSD5.3-RELEASE内核:

machine i386
cpu I586_CPU
cpu I686_CPU
ident GENERIC
device pf
device pflog
device pfsync
options ALTQ
options ALTQ_CBQ

# To statically compile in device wiring instead of /boot/device.hints
options PANIC_REBOOT_WAIT_TIME=0 #内核异常时立即重起
options DEVICE_POLLING #改善网络响应时间
options HZ=1000 #man 4 polling
options IPSTEALTH #支持秘密IP转发
#options RANDOM_IP_ID #随机IP ID 阻止信息泄漏
options TCP_DROP_SYNFIN #抛弃SYN+FIN包，阻止检测服务器

options SCHED_4BSD # 4BSD scheduler
options INET # InterNETworking
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options MD_ROOT # MD is a potential root device
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options KBD_INSTALL_CDEV # install a CDEV entry in /dev

device apic # I/O APIC

# Bus support. Do not remove isa, even if you have no isa slots
device isa
device pci


# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
options ATA_STATIC_ID # Static device numbering


# SCSI peripherals
device scbus # SCSI bus (required for SCSI)
device da # Direct Access (disks)

# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard

device vga # VGA video card driver

device splash # Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device sc


# Floating point support - do not disable.
device npx


# Serial (COM) ports
device sio # 8250, 16[45]50 based serial ports


# PCI Ethernet NICs.
device de # DEC/Intel DC21x4x (``Tulip'')
device em # Intel PRO/1000 adapter Gigabit Ethernet Card
device ixgb # Intel PRO/10GbE Ethernet Card
device txp # 3Com 3cR990 (``Typhoon'')
device vx # 3Com 3c590, 3c595 (``Vortex'')

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
device bfe # Broadcom BCM440x 10/100 Ethernet
device bge # Broadcom BCM570xx Gigabit Ethernet
device dc # DEC/Intel 21143 and various workalikes
device fxp # Intel EtherExpress PRO/100B (82557, 82558)
device lge # Level 1 LXT1001 gigabit ethernet
device nge # NatSemi DP83820 gigabit ethernet
device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
device re # RealTek 8139C+/8169/8169S/8110S
device rl # RealTek 8129/8139
device sf # Adaptec AIC-6915 (``Starfire'')
device sis # Silicon Integrated Systems SiS 900/SiS 7016
device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
device ste # Sundance ST201 (D-Link DFE-550TX)
device ti # Alteon Networks Tigon I/II gigabit Ethernet
device tl # Texas Instruments ThunderLAN
device tx # SMC EtherPower II (83c170 ``EPIC'')
device vge # VIA VT612x gigabit ethernet
device vr # VIA Rhine, Rhine II
device wb # Winbond W89C840F
device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')

# ISA Ethernet NICs. pccard NICs included.
device cs # Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
device ex # Intel EtherExpress Pro/10 and Pro/10+
device ep # Etherlink III based cards
device fe # Fujitsu MB8696x based cards
device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
device lnc # NE2100, NE32-VL Lance Ethernet cards
device sn # SMC's 9000 series of Ethernet chips
device xe # Xircom pccard Ethernet

# ISA devices that use the old ISA shims
#device le


# Pseudo devices.
device loop # Network loopback
device mem # Memory and kernel memory devices
device io # I/O device
device random # Entropy device
device ether # Ethernet support
device ppp # Kernel PPP
device tun # Packet tunnel.
device pty # Pseudo-ttys (telnet etc)
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
device bpf # Berkeley packet filter

# USB support
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device usb # USB Bus (required)
device ugen # Generic
device ukbd # Keyboard
device umass # Disks/Mass storage - Requires scbus and da
device ums # Mouse
options NETGRAPH #netgraph(4) system
options NETGRAPH_ETHER
options NETGRAPH_PPPOE
options NETGRAPH_SOCKET

device vlan # IEEE 802.1Q VLAN Support

/etc/pf.conf配置：

lan_net = "192.168.0.0/24"
int_if = "dc0"
ext_if1 = "fxp0"
ext_if2 = "fxp1"
ext_gw1 = "68.146.224.1"
ext_gw2 = "142.59.76.1"

# nat outgoing connections on each internet interface
nat on $ext_if1 from $lan_net to any -> ($ext_if1)
nat on $ext_if2 from $lan_net to any -> ($ext_if2)

# default deny
block in from any to any
block out from any to any

# pass all outgoing packets on internal interface
pass out on $int_if from any to $lan_net
# pass in quick any packets destined for the gateway itself
pass in quick on $int_if from $lan_net to $int_if
# load balance outgoing tcp traffic from internal network.
pass in on $int_if route-to \
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
proto tcp from $lan_net to any flags S/SA modulate state
# load balance outgoing udp and icmp traffic from internal network
pass in on $int_if route-to \
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
proto { udp, icmp } from $lan_net to any keep state

# general "pass out" rules for external interfaces
pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if1 proto { udp, icmp } from any to any keep state
pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if2 proto { udp, icmp } from any to any keep state

# route packets from any IPs on $ext_if1 to $ext_gw1 and the same for
# $ext_if2 and $ext_gw2
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any

白金再给看看吧...  行不行...   :)

負載平衡這版里面有位叫BENDY的高手寫過如何實現﹐請查找一下相關文章﹐﹕）

好的.. 谢谢你!

Originally posted by cqfanli at 2005-1-17 09:18
負載平衡這版里面有位叫BENDY的高手寫過如何實現﹐請查找一下相關文章﹐﹕）

你好.. 我查了一下BENDY的文章.他写的是服务器负载均衡.我需要的是NAT服务器的多线路负载均衡...   我说的BSD5.3的哪个方法不知道能实现不? 性能上如何?  
https://discuz.dismall.com/viewth ... ;highlight=%2BBENDY