Å×Å©³ëÄÄÇ»ÅÍ
Ãâó :http://www.hobanlife.com/
tar xvfz ipvsadm-1.15.tar.gz make install
xÀ©µµ¿ì´Â xhost¶ó´Â ÇÁ·Î±×·¥À» ÀÌ¿ëÇÏ¿© ¿ø°Ý ÇÁ·Î±×·¥À» ÀÚ½ÅÀÇ À©µµ¿ì¿¡ ¶ç¿ï ¼ö ÀÖ½À´Ï´Ù. ¿ì¼± ¿ø°Ý È£½ºÆ®(¿¹¸¦ µé¸é kulsnet)°¡ ÀÚ½ÅÀÇ x¼¹ö(kuls2)¸¦ »ç¿ëÇÒ ¼ö ÀÖ°Ô Çã°¡±ÇÀ» ÁÝ´Ï´Ù. $xhost +kul...
¸®´ª½º ºÎÆà µð½ºÄÏ ¸¸µé±â, LILO°¡ Æļյż ºÎÆÃÀÌ ¾ÈµÉ¶§... 2000.11. 8 À̼º¼ö(senux@senux.com) ¸¸µë ¸®´ª½º ½Ã½ºÅÛÀ» »ç¿ëÇÏ´Ù °£È¤ ºÎÆÃÀÌ ¾ÈµÇ´Â ¹®Á¦°¡ »ý°åÀ»¶§ Ãʺ¸ÀÚºÐÀº ´çȲÇÏ´Â °æ¿ì°¡ ¸¹½À´Ï...
Ãâó:http://linux.sarang.net/board/?p=read&table=tip&no=2653&o[at]=s&o[sc]=a&o[ss]=fsck&o[st]=a ext3 ÆÄÀϽýºÅÛ±¸ÃàÇϱâ. ÁÖÀÇ) ÇԺηΠ½Ã½ºÅÛÀ» °Çµå¸®´Â°ÍÀº À§ÇèÇÏ´Ï ÁÖÀÇÇϽñâ¹Ù¶ø´Ï´Ù. ext3´Â Á®...
À¯µ¿¾ÆÇǶó¼ ÄÓ¶§¸¶´Ù ip°¡ ¹Ù²ò´Ï´Ù. °¡²ûÀº ±×´ë·ÎÀ̱¸¿©... ±×·¡¼ Áý¹Û¿¡¼µµ ÄÄ¿¡ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ½ºÅ©¸³Æ®¸¦ ¸¸µé¾îºÃ½À´Ï´Ù... /etc/rc.d/rc.local¿¡ ¾Æ·¡¿Í °°ÀÌ µî·ÏÇØ µÎ¸é µÇ°ÚÁÒ... /etc/star...
adslÁ¢¼ÓÇÏ°í rc.local.¿¡¼ Ãß°¡ÇÏ¿© »ç¿ëÇÏ´Â ½ºÅ©¸³Æ® ÇöÀç »óÅ¿¡¼ ºüÁø°ÍÀº dns¼¹ö¿¡ º¯°æ°ªÀ» º¸³×´Â °ÍÇÏ°í dns¼¹ö¿¡¼ ÇØ´ç µµ¸ÞÀÎÀ» activeÇϴ°͸¸ ºüÁ®ÀÖ½À´Ï´Ù.
/etc/rc.d/init.d/firewall #!/bin/sh # Get ip extip="`ifconfig ppp0 grep 'inet addr' awk '{print $2}' sed -e 's/.*://'`" # Save ip echo $extip > /etc/ppp/ip ipchains -P input ACCEPT ip...
> ÇãÁ¤±Õ ´ÔÀÌ ¾²½Å ±ÛÀÔ´Ï´Ù. > À¯µ¿¾ÆÇǶó¼ ÄÓ¶§¸¶´Ù ip°¡ ¹Ù²ò´Ï´Ù. °¡²ûÀº ±×´ë·ÎÀ̱¸¿©... > ±×·¡¼ Áý¹Û¿¡¼µµ ÄÄ¿¡ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ½ºÅ©¸³Æ®¸¦ ¸¸µé¾îºÃ½À´Ï´Ù... > /etc/rc.d/rc.local¿¡ ¾Æ·¡¿Í °°...
.
°©ÀÚ±â ÄÄÇ»ÅÍ°¡ ²¨ÁøÈÄ ´Ù½Ã ºÎÆýÃų·Á°í ÇÏ´Ï check root file system.... ¸ð ÀÌ·¸°Ô ³ª¿À¸é¼ CTRL+D Reboot login root password> ÀÌ·¸°Ô ³ª¿Ã‹š ·çÆ® ¾ÏÈ£ ´©¸£°í ¹®Á¦ ÀÖ´ÂÇÏµå µð½ºÅ©¸¦ ¾Ë¾Æ³»µÚ.....
Ãâó :http://www.hobanlife.com/
Virtual Server via NAT This page contains information about how to setup a virtual server via NAT. Network address translation Due to the shortage of IP address in IPv4 and some security reasons, ...
tar xvfz ipvsadm-1.15.tar.gz make install
Port Forwarding - with Linux 2.2 What's Changes If you haven't used Port Forwarding before, you can skip this section. This is quick guide to the changes since 2.0.36. Most of the changes are mino...
¼¹ö°¡ »ì¾Ò³ª Á×¾ú³ª È®ÀÎÇÒ¶§ pingÀ» »ç¿ëÇÏÁÒ.. ´ÙÀ½ ¿É¼ÇÀ¸·Î ¼¹öÀÇ ping¿¡ ´ëÇÑ ¹ÝÀÀÀ» on offÇÒ¼ö ÀÖ½À´Ï´Ù. /etc/rc.d/rc.local¿¡´Ù ³Ö¾î µÎ¸é ÁÁ°ÚÁÒ.. # echo 1 >/proc/sys/net/ipv4/icmp_echo_ign...
¾ÆÆÄÄ¡¿¡¼ Àü¼Û ¼Óµµ Á¦ÇÑÇϱâ (¸ðµç ¼³¸íÀº ·¹µåÇÞ 6.0À» ±âÁØÀ¸·Î ÇÕ´Ï´Ù.) 1. ¾ÆÆÄÄ¡ 1.3.x¿ë bandwidth ¸ðµâÀÌ ÇÊ¿äÇÕ´Ï´Ù. ftp://ftp.cohprog.com/pub/apache/module/1.3.0/mod_bandwidth.c¸¦ ¹Þ¾Æ ¿À½Ã...
¾ÆÆÄÄ¡ ÈÀÏ¿¡ À̺κÐÀ» ³Ö¾îµÎ¸é ȨÆäÀÌÁö ±Ü¾î°¡´Â°Í ¾î´ÀÁ¤µµ´Â ¸·À»¼ö ÀÖ½À´Ï´Ù. vi /usr/local/etc/httpd/conf/httpd.conf -------------------- ¼Ò½º -------------- BrowserMatch "WebZIP" go_out Br...
Amd ¿ÀÅ丶¿îÆ® µ¥¸ó, ¿ø°ÝÁö¿¡¼ ¼¹ö Á¢¼Ó½Ã ÀÚµ¿À¸·Î ¸¶¿îÆ® µð·ºÅ丮µéÀ» ¸¶¿îÆ® Çϴ°ÍÀÔ´Ï´Ù. Áï, ¿äûÀÌ ÀÖÀ» ¶§ ÀåÄ¡¿Í HFS È£½ºÆ®¸¦ ¸¶¿îÆ® ½ÃÄÑ ÁÖ´Â ÀÚµ¿ ¸¶¿îÆ® µ¥¸óÀÔ´Ï´Ù. ³×Æ®¿öÅ© ±¸¼ºÀÌ À߸ø...
mkbootdisk --device /dev/fd0 2.2.0-pre8 À̶ó°í ÀÔ·ÂÇÕ´Ï´Ù. ¸¸¾à ÀÚ½ÅÀÇ Ç÷ÎÇÇ µå¶óÀ̺ê ÀåÄ¡¸íÀÌ fd0ÀÎ °æ¿ì À§ÀÇ --device /dev/fd0 ºÎºÐÀº »ý·«Çصµ µË´Ï´Ù. ÇÏÁö¸¸ ÀÚ½ÅÀÇ Ç÷ÎÇÇ µå¶óÀ̺ê ÀåÄ¡¸íÀÌ /de...
************************************* DB¿Í DB User¸¦ Ãß°¡ÇÏ´Â µµ±¸ ************************************* USAGE : mysql.create [DB/USER] [PASSWORD] $ cat /usr/local/bin/mysql.create #!/bin/sh #...
·¹µåÇÞ 7.0 ¿µ¹®ÆÇ ½Ãµð·ç mysql rpm ÀνºÅç ÇϽźÐÀº ·¹µåÇÞ »çÀÌÆ®¿¡¼ ÆÐÄ¡¹öÁ¯ ¹ÞÀ¸¼¼¿ä. 3.23.22 -> 2.23.24 ·Î ¹öÁ¯¾÷ÀÌ µÇ¾îÀÖ´õ±º¿ä. pid ÆÛ¹Ì¼Ç ¹®Á¦·Î »ý¼ºÀÌ ¾ÈµÇ´Â ¹®Á¦°¡ ¹ß»ýÇÏ¿© ·çÆ®¿Í ...
mysqlclient µµÇؾßÇÏ°í ½É°¢ÇÒ¶§ lib* glib* php* ±âŸµîµî ¸¹Àº rpmÀ» ¾÷µ¥ÀÌÆ® ÇØ¾ß »ç¿ë°¡´ÉÇÕ´Ï´Ù. > ÇãÁ¤±Õ ´ÔÀÌ ¾²½Å ±ÛÀÔ´Ï´Ù. > ·¹µåÇÞ 7.0 ¿µ¹®ÆÇ ½Ãµð·ç mysql rpm ÀνºÅç ÇϽźÐÀº ·¹µåÇÞ »çÀÌÆ®¿¡¼...
http://linux.sarang.net/board/?p=list&table=tip
Netscape 4.76ÇѱÛȽÃÅ°´Â ¹æ¹ý ´ÙÀ½ÀÇ ¹®¼´Â Netscape 4.76À» ÇѱÛÈ ½ÃÄÑ ¼³Ä¡ÇÏ´Â ¹æ¹ýÀ» Àû°í ÀÖ½À´Ï´Ù. o ÇÊ¿äÇÑ ÈÀÏ 1. netscape 4.76 ¹èÆ÷ÆÇ 2. ÃÖÁØÈ£ ´ÔÀÇ ÇѱÛÈ ¸®¼Ò½º (http://www.kr....
1. vi¿¡¼ (not vim) vi¿¡¼ dos modeÀÇ ÈÀÏÀ» ÀÐÀ¸¸é ÁÙ³¡¿¡ ^MÀÌ ³ªÅ¸³³´Ï´Ù. ¸í·É¾î ¸ðµå¿¡¼.. :%s/^M//g %s´Â ġȯ¸í·ÉÀÔ´Ï´Ù. %s///mode À§¿¡¼ mode¿¡ g¸¦ ½è´Âµ¥, ÀÌ°ÍÀº globalÀÇ ¾àÀÚ·Î ÈÀÏ ...
ls * µð·ºÅ丮¾ÈÀÇ ³»¿ëÀ» ¿¶÷Çϱâ À§ÇÑ ¸í·É -a "."À¸·Î ½ÃÀÛÇÏ´Â ÆÄÀϵéÀ» Æ÷ÇÔÇÏ¿© µð·ºÅ丮ÀÇ ¸ðµç ³»¿ëÀ» Ãâ·Â. -l ÆÄÀÏÀÇ ¸ðµå ,¸µÅ©¼ö, »ç¿ëÀÚ¸í, ±×·ì¸í, ¹ÙÀÌÆ®¼ö, ÃÖÁ¾¼öÁ¤½Ã°£ÀÇ Á¤º¸¸¦ Ãâ·ÂÇÑ´Ù...
¼¹öÀÌÀüÀ̳ª ¹é¾÷½Ã ¾ÐÃà¹æ¹ý ========================================================================= ¢Ã tar zcvfp ¾ÐÃàµÉÆÄÀϸí.tgz ¾ÐÃàÇÒµð·ºÅ丮¸í => ¾ÐÃàÇÒ ¶§ ¢Ã tar zxvfp ¾ÐÃàÆÄÀϸí.tgz ¾Ð...
1. µð·ºÅ丮 Àüü ¹é¾÷À» ÇϽʽÿÀ. telnet À¸·Î Á¢¼ÓÇÑ ´ÙÀ½ ȨÆäÀÌÁö°¡ ÀÖ´Â ÃÖ»óÀ§ µð·ºÅ丮¿¡¼ tar cvpf ¹À»ÆÄÀϸí.tar * ÀÌ¿Í °°ÀÌ Çϸé ÇÏÀ§µð·ºÅ丮±îÁö ÇÑ°³ÀÇ ÆÄÀÏ·Î ¹¾î Áý´Ï´Ù. ÀÌ°ÍÀ»...
http://ipwhois.nic.or.kr/ ipÇÒ´ç
/etc/security/limits.conf ÆÄÀÏÀ» ºÁº¸¼¼¿ä. ¾Æ·¡ ¿¹¹®Àº user ±×·ì »ç¿ëÀÚ´Â µ¿ÀϾÆÀ̵ð·Î µ¿½ÃÁ¢¼ÓÇÏÁö ¸øÇÏ°Ô ÇÑ°ÍÀÔ´Ï´Ù. (Ưº°È÷ ¼ºñ½º¸¦ Àç°¡µ¿ÇÒ ÇÊ¿ä¾øÀÌ ¹Ù·Î Àû¿ëµË´Ï´Ù.) @user - ...
0.telnet deamonÀ» Á×À̰ųª 1./etc/passwd¸¦ ¼öÁ¤Çϰųª 2./etc/nologinÀ» ¸¸µé°Å³ª 3..bashrc¸¦ ¼öÁ¤Çϰųª ÇÏ¸é µË´Ï´Ù. º¸¾È ¼øÀ§´Â À§¿¡¼ ¾Æ·¡ÂÊÀ¸·Î ¾àÇØÁý´Ï´Ù. 1¿¡ ´ëÇѼ³¸í--------------------------...
[ ÀÚ·á½Ç ]
±¤°í¼º ±ÛÀ̳ª ºÒ¹ýÀÚ·á ¾÷·Îµå¸¦ ±ÝÇÕ´Ï´Ù.
|
»ç¼³IP·Î ¼¹ö¸¦ ±¸Ãà
|
À̸§ : »ç¿ëÀÚ ¹øÈ£ : 27 Á¶È¸ : 428750
¾÷·Îµå : 2001-01-27 09:33:11
|
|
Virtual Server via NAT
This page contains information about how to setup a virtual server via NAT.
Network address translation
Due to the shortage of IP address in IPv4 and some security reasons, more and more networks use internal IP addresses (such as 10.0.0.0/255.0.0.0, 172.16.0.0/255.240.0.0 and 192.168.0.0/255.255.0.0) which cannot be used in the Internet. The need for network address translation arises when hosts in internal networks want to access the Internet and be accessed in the Internet.
Network address translation is a feature by which IP addresses are mapped from one group to another. When the address mapping is N-to-N, it is called static network address translation; when the mapping is M-to-N (M>N), it is called dynamic network address translation. Network address port translation is an extension to basic NAT, in that many network addresses and their TCP/UDP ports are translated to a single network address and its TCP/UDP ports. This is N-to-1 mapping, in which way Linux IP Masquerading was implemented. More description about network address translation is in rfc1631 and draft-rfced-info-srisuresh-05.txt.
Virtual server via NAT on Linux is done by network address port translation. The code is implemented on Linux IP Masquerading codes, and some of Steven Clarke's port forwarding codes are reused.
How does a virtual server via NAT work?
First consider the following figure,
When a user accesses the service provided by the server cluster, the request packet destined for virtual IP address (the external IP address for the load balancer) arrives at the load balancer. The load balancer examines the packet's destination address and port number. If they are matched for a virtual server service according to the virtual server rule table, a real server is chosen from the cluster by a scheduling algorithm, and the connection is added into the hash table which record the established connection. Then, the destination address and the port of the packet are rewritten to those of the chosen server, and the packet is forwarded to the server. When the incoming packet belongs to this connection and the chosen server can be found in the hash table, the packet will be rewritten and forwarded to the chosen server. When the reply packets come back, the load balancer rewrites the source address and port of the packets to those of the virtual service. After the connection terminates or timeouts, the connection record will be removed in the hash table.
Confused? Let me give an example to make it clear. In the example, computers are configured as follows:
Note real servers can run any OS that supports TCP/IP, the default route of real servers must be the virtual server (172.16.0.1 in this example). The ipfwadm utility is used to make the virtual server accept packets from real servers. In the example above, the command is as follows:
echo 1 > /proc/sys/net/ipv4/ip_forward
ipfwadm -F -a m -S 172.16.0.0/24 -D 0.0.0.0/0
The following figure illustrates the rules specified in the Linux box with virtual server support.
Protocol Virtual IP Address Port Real IP Address Port Weight
TCP 202.103.106.5 80 172.16.0.2 80 1
172.16.0.3 8000 2
TCP 202.103.106.5 21 172.16.0.3 21 1
All traffic destined for IP address 202.103.106.5 Port 80 is load-balanced over real IP address 172.16.0.2 Port 80 and 172.16.0.3 Port 8000. Traffic destined for IP address 202.103.106.5 Port 21 is port-forwarded to real IP address 172.16.0.3 Port 21.
Packet rewriting works as follows.
The incoming packet for web service would has source and destination addresses as:
SOURCE 202.100.1.2:3456 DEST 202.103.106.5:80
The load balancer will choose a real server, e.g. 172.16.0.3:8000. The packet would be rewritten and forwarded to the server as:
SOURCE 202.100.1.2:3456 DEST 172.16.0.3:8000
Replies get back to the load balancer as:
SOURCE 172.16.0.3:8000 DEST 202.100.1.2:3456
The packets would be written back to the virtual server address and returned to the client as:
SOURCE 202.103.106.5:80 DEST 202.100.1.2:3456
How to build the kernel
First, get a fresh copy of the Linux kernel source of the right version. Second, apply the virtual server patch to the kernel. Third, make sure the following kernel compile options at least are selected.
Kernel Compile Options:
Code maturity level options --->
[*] Prompt for development and/or incomplete code/drivers
Networking options --->
[*] Network firewalls
....
[*] IP: forwarding/gatewaying
....
[*] IP: firewalling
....
[*] IP: masquerading
....
[*] IP: ipportfw masq & virtual server support
And, you have to choice one scheduling algorithm.
Virtual server scheduling algorithm
(X) WeightedRoundRobin
( ) LeastConnection
( ) WeightedLeastConnection
Finally, rebuild the kernel. Once you have your kernel properly built, update your system kernel and reboot.
At last, build ippfvsadm utility from ippfvsadm.c program. And, the virtual server rules can be specified by ippfvsadm. For example, for the rules in the table above, we can use the following commands.
ippfvsadm -A -t 202.103.106.5:80 -R 172.16.0.2:80 -w 1
ippfvsadm -A -t 202.103.106.5:80 -R 172.16.0.3:8000 -w 2
ippfvsadm -A -t 202.103.106.5:21 -R 172.16.0.3:21
How to build the 2.2.9 kernel
Kernel Compile Options:
Code maturity level options --->
[*] Prompt for development and/or incomplete code/drivers
Networking options --->
[*] Network firewalls
....
[*] IP: forwarding/gatewaying
....
[*] IP: firewalling
[*] IP: always defragment (required for masquerading) (NEW)
....
[*] IP: masquerading
....
[*] IP: masquerading virtual server support
(EXPERIMENTAL)(NEW)
(12) IP masquerading table size (the Nth power of 2)(NEW)
IPVS: round-robin scheduling(NEW)
IPVS: weighted round-robin scheduling(NEW)
IPVS: weighted least-connection scheduling(NEW)
IPVS: persistent client connection scheduling(NEW)
Once you have your kernel properly built, update your system kernel and reboot. At last, cd the ipvsadm source and type "make install" to install ipvsadm into your system directory.
To make the load balancer forward the masquerading packets
echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -A forward -j MASQ -s 172.16.0.0/24 -d 0.0.0.0/0
Add virtual service and link a scheduler to it
ipvsadm -A -t 202.103.106.5:80 -s wlc (Weighted Least-Connection scheduling)
ipvsadm -A -t 202.103.106.5:21 -s wrr (Weighted Round Robing scheduling )
Add real server and select forwarding method
ipvsadm -a -t 202.103.106.5:80 -R 172.16.0.2:80 -m
ipvsadm -a -t 202.103.106.5:80 -R 172.16.0.3:8000 -m -w 2
ipvsadm -a -t 202.103.106.5:21 -R 172.16.0.2:21 -m
Ãâó: www.linuxvirtualserver.org
-------------------------------------------------------------------
°¡»ó¼¹ö ±¸ÃàÇÏ´Â ¹æ¹ýÀº 3°¡Áö°¡ ÀÖ½À´Ï´Ù.
Virtual Server via NAT
Virtual Server via IP Tunneling
Virtual Server via Direct Routing
via NAT¿¡ ´ëÇØ °£´ÜÈ÷ Àû°Ô½À´Ï´Ù.
(A) Linux Box(¶ó¿ìÅÍ¿Í ¿¬°á)
·£Ä«µå¸¦ µÎ°³ ¼³Ä¡ÇÕ´Ï´Ù. Çϳª´Â °øÀÎIP ´Ù¸¥ Çϳª´Â »ç¼³IP
»ç¼³IP´Â ´Ù ¾Æ½Ã°ÚÁö¸¸(10.1./172.16./192.168.) ºÎ¿©ÇÏ½Ã¸é µË´Ï´Ù.
ÀÚ ±×·³.
(B) Real Server(A Linux BoxÀÇ »ç¼³IP¿Í ¿¬°áµÈ ÁøÂ¥ ¼¹ö)
IP Address¸¦ »ç¼³·Î ºÎ¿© ÇÏ°í ¼³Á¤À» ÇϽʽÿÀ.
¦£¦¡¦¡¦¡¦¡¦¡
¦¢ETH0 : °øÀÎ IP
¦¢211.57.21.1
¦¢
¦¢ETH1 : »ç¼³ IP
192.168.1.1
¦¡¦¨¦¡¦ª¦¡¦¡¦¡¦¡¦¡¦¨¦¡¦¡¦¡¦¡
¦¢ ¦¢
¦£¦ª------¦¤ ¦£¦¡¦ª¦¡--¦¤
¦¢Real ¦¢ ¦¢Real ¦¢
¦¢Server 1¦¢ ¦¢Server2 ¦¢
¦¦¦¡¦¡¦¡¦¡¦¥ ¦¦¦¡¦¡¦¡¦¡¦¥
ETH0:»ç¼³IP ETH0:»ç¼³IP
192.168.1.2 192.168.1.3
ÀÌÁ¦¹ö¼´Â ¼¹ö ¼³Á¤¸¸ ÇÏ¸é µË´Ï´Ù.
ÀÏ´Ü ip_forward¸¦ On ½ÃÅ°½Ã±¸¿ä
#echo 1 > /proc/sys/net/ipv4/ip_forward
ip masquerading¸¦ ¼³Á¤ÇÏ°í.
#ipchains -A forward -j MASQ -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0.0.0.0
A¼¹ö¿¡ »ç¼³IP·Î PacketsÀü¼ÛµÉ °øÀÎ IPºÎ¿©
ÆíÀÇ»ó »ý°¢³ª´Â IP·Î Àû°Ú½À´Ï´Ù.
#/sbin/ifconfig eth0:1 211.xx.163.xx netmask 255.255.255.x
#/sbin/route add -host 211.xx.163.xx dev eth0:1
À§¿Í °°ÀÌ Çϸé IP°¡ Çϳª ´õ »ý±âÁÒ..
ÀÚ±×·³.. ¿¬°á Çغ¼±î¿ä?
ipvsadm -A -t 211.xx.163.xx:80 -s wlc(scheduling¹æ½ÄÀä. ManualÂüÁ¶)
ipvsadm -A -t 211.xx.163.xx:21 -s wrr( " )
ipvsadm -a -t 211.xx.163.xx:80 -R 192.168.1.2:80 -m (Web´Â »ç¼³IP x.x.x.2·Î)
ipvsadm -a -t 211.xx.163.xx.21 -R 192.168.1.3:21 -m (ftp´Â »ç¼³IP x.x.x.3·Î)
ÀÌ·¸°Ô ÇÏ¸é µË´Ï´Ù.
|
|
|
Absolute number:36
|
|
|
|
|
|
|
|
|