lb route 相关的一些问题

lb route 相关的一些问题

==========================

查看系统平台和版本

> show hardware
    Platform: NetScaler Virtual Appliance 450010
    Manufactured on: 9/30/2009
    CPU: 3192MHZ
    Host Id: 000c294ffa77
    Serial no: HE2H81UJ47
    Encoded serial no: 891e0000cb254307ee9a
 Done
> 
> show version
    NetScaler NS12.0: Build 56.20.nc, Date: Dec 19 2017, 06:00:47  
 Done
> 

 

进行 lb route 配置

虚拟服务器必须配置固定的IP地址和端口以及协议
协议: ANY IP地址: 0.0.0.0 端口: 0

LLB的负载均衡虚拟服务器的名字建议命名为: lb_vsrv_isp_llb_all lb_vsrv_isp_llb_ct lb_vsrv_isp_llb_cu lb_vsrv_isp_llb_cmcc lb_vsrv_isp_llb_edu
LLB的虚拟服务的名字建议命名为: svc_isp_ct svc_isp_cu svc_isp_cmcc svc_isp_edu
虚拟服务器支持的负载算法和会话保持算法 支持的负载算法: DESTINATIONIPHASH LEASTBANDWIDTH LEASTPACKETS LRTM ROUNDROBIN SOURCEIPHASH SRCIPDESTIPHASH 支持的会话保持算法: SOURCEIP SRCIPDESTIP DESTIP

 

> show ip
      Ipaddress        Traffic Domain  Type             Mode     Arp      Icmp     Vserver  State
      ---------        --------------  ----             ----     ---      ----     -------  ------
1)    192.168.11.15    0               NetScaler IP     Active   Enabled  Enabled  NA       Enabled
2)    192.168.10.45    0               SNIP             Active   Enabled  Enabled  NA       Enabled
3)    192.168.11.5     0               SNIP             Active   Enabled  Enabled  NA       Enabled
 Done
> show route
    Network          Netmask          Gateway/OwnedIP  State   Traffic Domain  Type
    -------          -------          ---------------  -----   --------------  ----
1)    0.0.0.0          0.0.0.0          192.168.10.1     UP      0              STATIC
2)    127.0.0.0        255.0.0.0        127.0.0.1        UP      0              PERMANENT
3)    192.168.10.0     255.255.255.0    192.168.10.45    UP      0              DIRECT
4)    192.168.11.0     255.255.255.0    192.168.11.15    UP      0              DIRECT
 Done
> 
> enable ns mode usnip
 Done
> add server srv_route1 9.9.9.9
 Done
> add server srv_route2 192.168.30.1
 Done
> add server srv_route3 192.168.10.1
 Done
> add service svc_route1 srv_route1 any *
 Done
> add service svc_route2 srv_route2 any *
 Done
> add service svc_route3 srv_route3 any *
 Done
> bind service svc_route1 -monitorName ping
 Done
> bind service svc_route2 -monitorName ping
 Done
> bind service svc_route3 -monitorName ping
 Done
> show service -summary
---------------------------------------------------------------------------------------------
      Name        State           IP Addr           Port  Protocol   MaxClients  MaxReqs     
---------------------------------------------------------------------------------------------
1     svc_route1  UP              srv_route1        *     ANY        0           0           
2     svc_route2  UP              srv_route2        *     ANY        0           0           
3     svc_route3  UP              srv_route3        *     ANY        0           0           
 Done
> 
> add monitor mon_tcp_llb TCP -destIP 114.114.114.114 -destPort 53 -Transparent YES -LRTM DISABLED
 Done
> add monitor mon_ping_llb PING -destIP 114.114.114.114 -Transparent YES -LRTM DISABLED
 Done
> bind service svc_route1 -monitorName mon_tcp_llb
 Done
> bind service svc_route2 -monitorName mon_tcp_llb
 Done
> bind service svc_route3 -monitorName mon_tcp_llb
 Done
> show service -summary
---------------------------------------------------------------------------------------------
      Name        State           IP Addr           Port  Protocol   MaxClients  MaxReqs     
---------------------------------------------------------------------------------------------
1     svc_route1  DOWN            srv_route1        *     ANY        0           0           
2     svc_route2  DOWN            srv_route2        *     ANY        0           0           
3     svc_route3  UP              srv_route3        *     ANY        0           0           
 Done
> 
> add lb vserver lb_vsrv_isp1 ANY 0.0.0.0 0 -persistenceType DESTIP -lbMethod ROUNDROBIN
 Done
> bind lb vserver lb_vsrv_isp1 svc_route1 
 Done
> add lb vserver lb_vsrv_isp2 ANY 0.0.0.0 0 -persistenceType DESTIP -lbMethod ROUNDROBIN
 Done
> bind lb vserver lb_vsrv_isp2 svc_route2
 Done
> add lb vserver lb_vsrv_isp3 ANY 0.0.0.0 0 -persistenceType DESTIP -lbMethod ROUNDROBIN
 Done
> bind lb vserver lb_vsrv_isp3 svc_route3
 Done> 

 

问题1: 添加服务器的IP地址,不能为D类和E类的IPv4地址

D类地址 前四位为1110,注意是位
    1、不分网络地址和主机地址。
    2、地址范围:224.0.0.1 --- 239.255.255.254

E类地址 前五位为11110,注意是位
    1、不分网络地址和主机地址
    2、地址范围:240.0.0.1 --- 255.255.255.254

> add server srv_route4 223.255.255.255
 Done
> rm server srv_route4
 Done
> add server srv_route4 224.0.0.0
ERROR: Operation not permitted
> add server srv_route4 224.0.0.1
ERROR: Operation not permitted
> add server srv_route4 239.255.255.254
ERROR: Operation not permitted
> add server srv_route4 239.255.255.255
ERROR: Operation not permitted
> add server srv_route4 240.0.0.0
ERROR: Operation not permitted
> add server srv_route4 240.0.0.1
ERROR: Operation not permitted
> add server srv_route4 255.255.255.254
ERROR: Operation not permitted
> add server srv_route4 255.255.255.255
ERROR: Operation not permitted
> 

 

问题2: 添加路由项时,若网关与设备不在同一网段(简单理解即没有与之互通的SNIP),则操作失败,提示【ERROR: The gateway is not directly reachable】

> show ip
      Ipaddress        Traffic Domain  Type             Mode     Arp      Icmp     Vserver  State
      ---------        --------------  ----             ----     ---      ----     -------  ------
1)    192.168.11.15    0               NetScaler IP     Active   Enabled  Enabled  NA       Enabled
2)    192.168.10.45    0               SNIP             Active   Enabled  Enabled  NA       Enabled
3)    192.168.11.5     0               SNIP             Active   Enabled  Enabled  NA       Enabled
 Done
> 
> show route
    Network          Netmask          Gateway/OwnedIP  State   Traffic Domain  Type
    -------          -------          ---------------  -----   --------------  ----
1)    0.0.0.0          0.0.0.0          192.168.10.1     UP      0              STATIC
2)    127.0.0.0        255.0.0.0        127.0.0.1        UP      0              PERMANENT
3)    192.168.10.0     255.255.255.0    192.168.10.45    UP      0              DIRECT
4)    192.168.11.0     255.255.255.0    192.168.11.15    UP      0              DIRECT
 Done
> 
> add route 192.168.30.0 255.255.255.0 192.168.30.1
ERROR: The gateway is not directly reachable
> 

 

问题3: 对于与设备不在同一网段的服务(简单理解即没有与之互通的SNIP),此服务绑定的透传类型(-Transparent YES)的健康检查监视器 mon_tcp_llb,健康检查失败,提示信息为【Failure - Internal error: resource unavailable to send probe.】

> show service svc_route1
    svc_route1 (9.9.9.9:*) - ANY
    State: DOWN
    Last state change was at Thu Aug 30 07:09:52 2018 
    Time since last state change: 0 days, 00:10:13.350
    Server Name: srv_route1 
    Server ID : None     Monitor Threshold : 0
    Max Conn: 0    Max Req: 0    Max Bandwidth: 0 kbits
    Use Source IP: NO    
    Client Keepalive(CKA): NO
    Access Down Service: NO
    TCP Buffering(TCPB): NO
    HTTP Compression(CMP): NO
    Idle timeout: Client: 120 sec    Server: 120 sec
    Client IP: DISABLED 
    Cacheable: NO
    SC: OFF
    SP: OFF
    Down state flush: ENABLED
    Monitor Connection Close : NONE
    Appflow logging: ENABLED
    Process Local: DISABLED
    Traffic Domain: 0

1)    Monitor Name: mon_tcp_llb
        State: DOWN    Weight: 1    Passive: 0
        Probes: 48    Failed [Total: 48 Current: 48]
        Last response: Failure - Internal error: resource unavailable to send probe.
        Response Time: 0.0 millisec
2)    Monitor Name: ping
        State: UP    Weight: 1    Passive: 0
        Probes: 32    Failed [Total: 0 Current: 0]
        Last response: Success - ICMP echo reply received.
        Response Time: 273.67 millisec
 Done
> show service svc_route2
    svc_route2 (192.168.30.1:*) - ANY
    State: DOWN
    Last state change was at Thu Aug 30 07:09:55 2018 
    Time since last state change: 0 days, 00:10:13.220
    Server Name: srv_route2 
    Server ID : None     Monitor Threshold : 0
    Max Conn: 0    Max Req: 0    Max Bandwidth: 0 kbits
    Use Source IP: NO    
    Client Keepalive(CKA): NO
    Access Down Service: NO
    TCP Buffering(TCPB): NO
    HTTP Compression(CMP): NO
    Idle timeout: Client: 120 sec    Server: 120 sec
    Client IP: DISABLED 
    Cacheable: NO
    SC: OFF
    SP: OFF
    Down state flush: ENABLED
    Monitor Connection Close : NONE
    Appflow logging: ENABLED
    Process Local: DISABLED
    Traffic Domain: 0

1)    Monitor Name: mon_tcp_llb
        State: DOWN    Weight: 1    Passive: 0
        Probes: 48    Failed [Total: 48 Current: 48]
        Last response: Failure - Internal error: resource unavailable to send probe.
        Response Time: 0.0 millisec
2)    Monitor Name: ping
        State: UP    Weight: 1    Passive: 0
        Probes: 33    Failed [Total: 0 Current: 0]
        Last response: Success - ICMP echo reply received.
        Response Time: 0.344 millisec
 Done
> show service svc_route3
    svc_route3 (192.168.10.1:*) - ANY
    State: UP
    Last state change was at Thu Aug 30 06:58:29 2018 
    Time since last state change: 0 days, 00:21:40.260
    Server Name: srv_route3 
    Server ID : None     Monitor Threshold : 0
    Max Conn: 0    Max Req: 0    Max Bandwidth: 0 kbits
    Use Source IP: NO    
    Client Keepalive(CKA): NO
    Access Down Service: NO
    TCP Buffering(TCPB): NO
    HTTP Compression(CMP): NO
    Idle timeout: Client: 120 sec    Server: 120 sec
    Client IP: DISABLED 
    Cacheable: NO
    SC: OFF
    SP: OFF
    Down state flush: ENABLED
    Monitor Connection Close : NONE
    Appflow logging: ENABLED
    Process Local: DISABLED
    Traffic Domain: 0

1)    Monitor Name: mon_tcp_llb
        State: UP    Weight: 1    Passive: 0
        Probes: 125    Failed [Total: 0 Current: 0]
        Last response: Success - TCP syn+ack received.
        Response Time: 0.0 millisec
2)    Monitor Name: ping
        State: UP    Weight: 1    Passive: 0
        Probes: 32    Failed [Total: 0 Current: 0]
        Last response: Success - ICMP echo reply received.
        Response Time: 0.157 millisec
 Done
> 

 

问题4: 对于与设备不在同一网段的服务(简单理解即没有与之互通的SNIP),绑定此服务的虚拟服务器,添加 lb route 使用此虚拟服务器作为网关,执行失败,报错提示【ERROR: Service parameters are invalid for LLB/PBR VIP】

> add lb route 223.255.252.0 255.255.254.0 lb_vsrv_isp1
ERROR: Service parameters are invalid for LLB/PBR VIP
> 
> add lb route 223.223.192.0 255.255.240.0 lb_vsrv_isp2
ERROR: Service parameters are invalid for LLB/PBR VIP
> 
> add lb route 223.120.0.0 255.248.0.0 lb_vsrv_isp3
 Done
> 
> show lb route
    Network          Netmask          Traffic Domain  VIP                  Flags
    -------          -------          --------------  ---                  -----
1)    223.120.0.0      255.248.0.0      0               lb_vsrv_isp3         UP
 Done
> 
> show route
    Network          Netmask          Gateway/OwnedIP  State   Traffic Domain  Type
    -------          -------          ---------------  -----   --------------  ----
1)    0.0.0.0          0.0.0.0          192.168.10.1     UP      0              STATIC
2)    127.0.0.0        255.0.0.0        127.0.0.1        UP      0              PERMANENT
3)    192.168.10.0     255.255.255.0    192.168.10.45    UP      0              DIRECT
4)    192.168.11.0     255.255.255.0    192.168.11.15    UP      0              DIRECT
5)    223.120.0.0      255.248.0.0      lb_vsrv_isp3     UP      0              |LBROUTE
 Done
> 
> show ip
      Ipaddress        Traffic Domain  Type             Mode     Arp      Icmp     Vserver  State
      ---------        --------------  ----             ----     ---      ----     -------  ------
1)    192.168.11.15    0               NetScaler IP     Active   Enabled  Enabled  NA       Enabled
2)    192.168.10.45    0               SNIP             Active   Enabled  Enabled  NA       Enabled
3)    192.168.11.5     0               SNIP             Active   Enabled  Enabled  NA       Enabled
 Done
> 

 

============= End

 

posted @ 2018-08-30 15:39  lsgxeva  阅读(648)  评论(0)    收藏  举报