用过keepalived 的朋友都知道在设置keepalived 的virtual ipaddress 地址时(以下简称vip)我们通常使用vip 相同网段的三个地址,问题来了如果有多个项目(vip)将会占用多个公网ip 地址,不过在使用keepalived 的过程中我们发现,即使用不同网段的ip 地址也能够"跑"vip ,举个例子比如我用内网地址 10.0.100.81 与 10.0.100.82 来跑公网 vip 192.168.57.75 ,这样我们就可以节省两个公网ip 地址了,不过要想实现这一"妙招" 是需要几个前提条件的。
前提条件
1 公网ip与内网ip在同一个广播域内(内外网络连接在同一个交换机内)
2 配置 keepalived vip 添加子网掩码(如 192.168.57.75/24 )
3 需要手动为vip 添加默认路由
解释:
1 公网ip与内网ip在同一个广播域内
- ip add
- 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
- link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
- inet 127.0.0.1/8 scope host lo
- inet6 ::1/128 scope host
- valid_lft forever preferred_lft forever
- 2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
- link/ether 00:50:56:ad:20:0d brd ff:ff:ff:ff:ff:ff
- 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
- link/ether 00:50:56:ad:20:0e brd ff:ff:ff:ff:ff:ff
- inet 10.0.100.81/24 brd 10.0.100.255 scope global eth1
- inet6 fe80::250:56ff:fead:200e/64 scope link
- valid_lft forever preferred_lft forever
- 4: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
- link/sit 0.0.0.0 brd 0.0.0.0
- eth0 为公网 ip地址为none
- eth1 为内网 ip地址为 10.0.100.81
- //我在eth1 网卡可以抓到 eth0 网络的arp 包
- tcpdump -i eth1 -vvn arp
- tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
- 09:38:59.900475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.57.1 tell 192.168.57.71, length 28
- 09:38:59.901161 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.57.1 is-at c0:62:6b:8d:c1:cc, length 46
2 配置 keepalived vip 请添加子网掩码(如 192.168.57.75/24 )
