Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

1.8.3. 路​​​​​​​由​​​​​​​法​​​​​​​則​​​​​​​

您​​​​​​​可​​​​​​​以​​​​​​​使​​​​​​​用​​​​​​​ NAT(網​​​​​​​路​​​​​​​位​​​​​​​址​​​​​​​轉​​​​​​​換​​​​​​​,Network Address Translation)路​​​​​​​由​​​​​​​,或​​​​​​​藉​​​​​​​由​​​​​​​ LVS 直​​​​​​​接​​​​​​​進​​​​​​​行​​​​​​​路​​​​​​​由​​​​​​​。​​​​​​​以​​​​​​​下​​​​​​​章​​​​​​​節​​​​​​​會​​​​​​​簡​​​​​​​短​​​​​​​描​​​​​​​述​​​​​​​ NAT 路​​​​​​​由​​​​​​​與​​​​​​​使​​​​​​​用​​​​​​​ LVS 來​​​​​​​路​​​​​​​由​​​​​​​。​​​​​​​

1.8.3.1. NAT 路​​​​​​​由​​​​​​​

圖形 1.22, “LVS Implemented with NAT Routing”, illustrates LVS using NAT routing to move requests between the Internet and a private network.
LVS Implemented with NAT Routing

圖形 1.22. LVS Implemented with NAT Routing

在​​​​​​​這​​​​​​​個​​​​​​​例​​​​​​​子​​​​​​​裡​​​​​​​,啟​​​​​​​用​​​​​​​中​​​​​​​的​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​有​​​​​​​兩​​​​​​​張​​​​​​​網​​​​​​​路​​​​​​​卡​​​​​​​。​​​​​​​連​​​​​​​上​​​​​​​網​​​​​​​際​​​​​​​網​​​​​​​路​​​​​​​的​​​​​​​網​​​​​​​路​​​​​​​卡​​​​​​​有​​​​​​​位​​​​​​​於​​​​​​​ eth0 上​​​​​​​的​​​​​​​實​​​​​​​際​​​​​​​的​​​​​​​ IP 位​​​​​​​址​​​​​​​,同​​​​​​​時​​​​​​​有​​​​​​​浮​​​​​​​動​​​​​​​ IP 位​​​​​​​址​​​​​​​,連​​​​​​​到​​​​​​​ eth0:1 上​​​​​​​。​​​​​​​私​​​​​​​有​​​​​​​網​​​​​​​路​​​​​​​的​​​​​​​網​​​​​​​路​​​​​​​卡​​​​​​​在​​​​​​​ eth1 上​​​​​​​有​​​​​​​實​​​​​​​際​​​​​​​的​​​​​​​ IP 位​​​​​​​址​​​​​​​,也​​​​​​​有​​​​​​​浮​​​​​​​動​​​​​​​的​​​​​​​ IP 位​​​​​​​址​​​​​​​連​​​​​​​到​​​​​​​ eth1:1 上​​​​​​​。​​​​​​​在​​​​​​​備​​​​​​​援​​​​​​​情​​​​​​​況​​​​​​​發​​​​​​​生​​​​​​​時​​​​​​​,網​​​​​​​際​​​​​​​網​​​​​​​路​​​​​​​與​​​​​​​私​​​​​​​有​​​​​​​網​​​​​​​路​​​​​​​的​​​​​​​虛​​​​​​​擬​​​​​​​介​​​​​​​面​​​​​​​會​​​​​​​由​​​​​​​備​​​​​​​用​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​所​​​​​​​接​​​​​​​手​​​​​​​。​​​​​​​所​​​​​​​以​​​​​​​私​​​​​​​有​​​​​​​網​​​​​​​路​​​​​​​上​​​​​​​的​​​​​​​實​​​​​​​體​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​會​​​​​​​使​​​​​​​用​​​​​​​ NAT 路​​​​​​​由​​​​​​​器​​​​​​​的​​​​​​​浮​​​​​​​動​​​​​​​ IP 做​​​​​​​為​​​​​​​預​​​​​​​設​​​​​​​路​​​​​​​徑​​​​​​​,與​​​​​​​啟​​​​​​​用​​​​​​​中​​​​​​​的​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​溝​​​​​​​通​​​​​​​,這​​​​​​​樣​​​​​​​實​​​​​​​體​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​回​​​​​​​應​​​​​​​網​​​​​​​際​​​​​​​網​​​​​​​路​​​​​​​上​​​​​​​來​​​​​​​的​​​​​​​需​​​​​​​求​​​​​​​,就​​​​​​​不​​​​​​​會​​​​​​​有​​​​​​​問​​​​​​​題​​​​​​​。​​​​​​​
In the example, the LVS router's public LVS floating IP address and private NAT floating IP address are aliased to two physical NICs. While it is possible to associate each floating IP address to its physical device on the LVS router nodes, having more than two NICs is not a requirement.
藉​​​​​​​由​​​​​​​這​​​​​​​種​​​​​​​拓​​​​​​​樸​​​​​​​,啟​​​​​​​用​​​​​​​中​​​​​​​的​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​會​​​​​​​收​​​​​​​到​​​​​​​需​​​​​​​求​​​​​​​,並​​​​​​​導​​​​​​​向​​​​​​​到​​​​​​​正​​​​​​​確​​​​​​​的​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​上​​​​​​​。​​​​​​​實​​​​​​​體​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​會​​​​​​​處​​​​​​​理​​​​​​​這​​​​​​​些​​​​​​​需​​​​​​​求​​​​​​​,然​​​​​​​後​​​​​​​傳​​​​​​​回​​​​​​​給​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​。​​​​​​​LVS 路​​​​​​​由​​​​​​​器​​​​​​​會​​​​​​​使​​​​​​​用​​​​​​​網​​​​​​​路​​​​​​​位​​​​​​​址​​​​​​​轉​​​​​​​譯​​​​​​​,把​​​​​​​封​​​​​​​包​​​​​​​裡​​​​​​​面​​​​​​​實​​​​​​​體​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​的​​​​​​​位​​​​​​​址​​​​​​​替​​​​​​​代​​​​​​​成​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​的​​​​​​​公​​​​​​​開​​​​​​​ VIP 位​​​​​​​址​​​​​​​。​​​​​​​這​​​​​​​個​​​​​​​過​​​​​​​程​​​​​​​稱​​​​​​​為​​​​​​​ IP masquerading(IP 偽​​​​​​​冒​​​​​​​),因​​​​​​​為​​​​​​​實​​​​​​​體​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​的​​​​​​​位​​​​​​​址​​​​​​​被​​​​​​​隱​​​​​​​藏​​​​​​​起​​​​​​​來​​​​​​​,用​​​​​​​戶​​​​​​​端​​​​​​​是​​​​​​​看​​​​​​​不​​​​​​​見​​​​​​​的​​​​​​​。​​​​​​​
使​​​​​​​用​​​​​​​ NAT 路​​​​​​​由​​​​​​​時​​​​​​​,實​​​​​​​體​​​​​​​伺​​​​​​​服​​​​​​​器​​​​​​​可​​​​​​​以​​​​​​​是​​​​​​​執​​​​​​​行​​​​​​​多​​​​​​​種​​​​​​​作​​​​​​​業​​​​​​​系​​​​​​​統​​​​​​​的​​​​​​​任​​​​​​​何​​​​​​​電​​​​​​​腦​​​​​​​。​​​​​​​NAT 路​​​​​​​由​​​​​​​的​​​​​​​主​​​​​​​要​​​​​​​缺​​​​​​​點​​​​​​​是​​​​​​​ LVS 路​​​​​​​由​​​​​​​器​​​​​​​可​​​​​​​能​​​​​​​會​​​​​​​成​​​​​​​為​​​​​​​大​​​​​​​型​​​​​​​建​​​​​​​置​​​​​​​環​​​​​​​境​​​​​​​中​​​​​​​的​​​​​​​瓶​​​​​​​頸​​​​​​​,因​​​​​​​為​​​​​​​它​​​​​​​必​​​​​​​須​​​​​​​處​​​​​​​理​​​​​​​進​​​​​​​、​​​​​​​出​​​​​​​的​​​​​​​需​​​​​​​求​​​​​​​。​​​​​​​