您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

如何为高级 Azure Redis 缓存配置虚拟网络支持How to configure Virtual Network Support for a Premium Azure Redis Cache

Azure Redis 缓存具有不同的缓存产品/服务,从而在缓存大小和功能的选择上具有灵活性,其中包括高级层功能,如群集、暂留和虚拟网络支持。Azure Redis Cache has different cache offerings, which provide flexibility in the choice of cache size and features, including Premium tier features such as clustering, persistence, and virtual network support. VNet 是云中的专用网络。A VNet is a private network in the cloud. 为 Azure Redis 缓存实例配置了 VNet 后,该实例不可公开寻址,而只能从 VNet 中的虚拟机和应用程序进行访问。When an Azure Redis Cache instance is configured with a VNet, it is not publicly addressable and can only be accessed from virtual machines and applications within the VNet. 本文说明如何为高级 Azure Redis 缓存实例配置虚拟网络支持。This article describes how to configure virtual network support for a premium Azure Redis Cache instance.

备注

Azure Redis 缓存同时支持经典 VNet 和Resource Manager VNet。Azure Redis Cache supports both classic and Resource Manager VNets.

有关其他高级缓存功能的信息,请参阅 Azure Redis 缓存高级层简介For information on other premium cache features, see Introduction to the Azure Redis Cache Premium tier.

为何使用 VNet?Why VNet?

Azure 虚拟网络 (VNet) 部署增强了 Azure Redis 缓存的安全性和隔离性,并提供子网、访问控制策略以及其他进一步限制访问的功能。Azure Virtual Network (VNet) deployment provides enhanced security and isolation for your Azure Redis Cache, as well as subnets, access control policies, and other features to further restrict access.

虚拟网络支持Virtual network support

在创建缓存期间,可在“新建 Redis 缓存”边栏选项卡中配置虚拟网络 (VNet) 支持。Virtual Network (VNet) support is configured on the New Redis Cache blade during cache creation.

若要创建高级缓存,请登录到 Azure 门户,并单击“创建资源” > “数据库” > “Redis 缓存”。To create a premium cache, sign-in to the Azure portal and click Create a resource > Databases > Redis Cache.

创建缓存

备注

除了在 Azure 门户中创建缓存以外,也可以使用 Resource Manager 模板、PowerShell 或 Azure CLI 创建。In addition to creating caches in the Azure portal, you can also create them using Resource Manager templates, PowerShell, or Azure CLI. 有关创建 Azure Redis 缓存的详细信息,请参阅创建缓存For more information about creating an Azure Redis Cache, see Create a cache.

若要配置高级功能,请先在“定价层”下拉列表中选择一个高级定价层。To configure premium features, first select one of the premium pricing tiers in the Pricing tier drop-down list. 若要详细了解每个定价层,请单击“查看全部定价详细信息”,并从“选择你的定价层”边栏选项卡中选择一个定价层。For more information about each pricing tier, click View full pricing details and select a pricing tier from the Choose your pricing tier blade.

选择定价层

选择高级定价层后,可以通过选择与缓存相同的订阅和位置的 VNet 来配置 Redis VNet 集成。Once you have selected a premium pricing tier, you can configure Redis VNet integration by selecting a VNet that is in the same subscription and location as your cache. 要使用新 VNet,请先创建 VNet,方法是遵循使用 Azure 门户创建虚拟网络使用 Azure 门户创建虚拟网络(经典))中的步骤,并返回“新 Redis 缓存”边栏选项卡来创建和配置高级缓存。To use a new VNet, create it first by following the steps in Create a virtual network using the Azure portal or Create a virtual network (classic) by using the Azure portal and then return to the New Redis Cache blade to create and configure your premium cache.

要为新缓存配置 VNet,请单击“新建 Redis 缓存”边栏选项卡上的“虚拟网络”,并从下拉列表中选择所需的 VNet。To configure the VNet for your new cache, click Virtual Network on the New Redis Cache blade, and select the desired VNet from the drop-down list.

虚拟网络

从“子网”下拉列表中选择所需的子网,并指定所需的“静态 IP 地址”。Select the desired subnet from the Subnet drop-down list, and specify the desired Static IP address. 如果使用经典 VNet,则“静态 IP 地址”字段是可选的;如果未指定任何地址,将从选定的子网中选择一个。If you are using a classic VNet the Static IP address field is optional, and if none is specified, one is chosen from the selected subnet.

重要

将 Azure Redis 缓存部署到Resource Manager VNet 时,缓存必须位于专用子网中,其中只能包含 Azure Redis 缓存实例,而不能包含其他任何资源。When deploying an Azure Redis Cache to a Resource Manager VNet, the cache must be in a dedicated subnet that contains no other resources except for Azure Redis Cache instances. 如果尝试将 Azure Redis 缓存部署到包含其他资源的Resource Manager VNet 子网,部署会失败。If an attempt is made to deploy an Azure Redis Cache to a Resource Manager VNet to a subnet that contains other resources, the deployment fails.

虚拟网络

重要

Azure 会保留每个子网中的某些 IP 地址,但是这些地址不能使用。Azure reserves some IP addresses within each subnet, and these addresses can't be used. 子网的第一个和最后一个 IP 地址仅为协议一致性而保留,其他三个地址用于 Azure 服务。The first and last IP addresses of the subnets are reserved for protocol conformance, along with three more addresses used for Azure services. 有关详细信息,请参阅使用这些子网中的 IP 地址是否有任何限制?For more information, see Are there any restrictions on using IP addresses within these subnets?

除了 Azure VNET 基础结构使用的 IP 地址外,子网中的每个 Redis 实例还会针对负载均衡器使用每分片两个 IP 地址和一个附加 IP 地址。In addition to the IP addresses used by the Azure VNET infrastructure, each Redis instance in the subnet uses two IP addresses per shard and one additional IP address for the load balancer. 非群集缓存视为具有一个分片。A non-clustered cache is considered to have one shard.

创建缓存之后,可以在“资源菜单”中单击“虚拟网络”,查看 VNet 的配置。After the cache is created, you can view the configuration for the VNet by clicking Virtual Network from the Resource menu.

虚拟网络

若要在使用 VNet 时连接到 Azure Redis 缓存实例,请在连接字符串中指定缓存的主机名,如以下示例所示:To connect to your Azure Redis cache instance when using a VNet, specify the host name of your cache in the connection string as shown in the following example:

private static Lazy<ConnectionMultiplexer> lazyConnection = new Lazy<ConnectionMultiplexer>(() =>
{
    return ConnectionMultiplexer.Connect("contoso5premium.redis.cache.windows.net,abortConnect=false,ssl=true,password=password");
});

public static ConnectionMultiplexer Connection
{
    get
    {
        return lazyConnection.Value;
    }
}

Azure Redis 缓存 VNet 常见问题Azure Redis Cache VNet FAQ

以下列表包含有关 Azure Redis 缓存缩放的常见问题的解答。The following list contains answers to commonly asked questions about the Azure Redis Cache scaling.

Azure Redis 缓存和 VNet 有哪些常见的错误配置问题?What are some common misconfiguration issues with Azure Redis Cache and VNets?

在 VNet 中托管 Azure Redis 缓存时,将使用下表中的端口。When Azure Redis Cache is hosted in a VNet, the ports in the following tables are used.

重要

如果下表中的端口受阻,则缓存可能无法正常工作。If the ports in the following tables are blocked, the cache may not function correctly. 在 VNet 中使用 Azure Redis 缓存时,阻止这些端口中的一个或多个是最常见的错误配置问题。Having one or more of these ports blocked is the most common misconfiguration issue when using Azure Redis Cache in a VNet.

出站端口要求Outbound port requirements

有 7 个出站端口要求。There are seven outbound port requirements.

  • 必要时,可通过客户端的本地审核设备执行到 Internet 的所有出站连接。If desired, all outbound connections to the internet can be made through a client's on-premises auditing device.
  • 3 个端口将流量路由到服务 Azure 存储和 Azure DNS 的 Azure 终结点。Three of the ports route traffic to Azure endpoints servicing Azure Storage and Azure DNS.
  • 剩余端口用途不同,针对内部 Redis 子网通信。The remaining port ranges and for internal Redis subnet communications. 内部 Redis 子网通信不需要子网 NSG 规则。No subnet NSG rules are required for internal Redis subnet communications.
端口Port(s) 方向Direction 传输协议Transport Protocol 目的Purpose 本地 IPLocal IP 远程 IPRemote IP
80、44380, 443 出站Outbound TCPTCP Azure 存储/PKI (Internet) 上的 Redis 依赖关系Redis dependencies on Azure Storage/PKI (Internet) (Redis 子网)(Redis subnet) *
5353 出站Outbound TCP/UDPTCP/UDP DNS (Internet/VNet) 上的 Redis 依赖关系Redis dependencies on DNS (Internet/VNet) (Redis 子网)(Redis subnet) *
84438443 出站Outbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)
10221-1023110221-10231 出站Outbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)
2022620226 出站Outbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)
13000-1399913000-13999 出站Outbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)
15000-1599915000-15999 出站Outbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)
6379-63806379-6380 出站Outbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)

入站端口要求Inbound port requirements

有 8 个入站端口范围要求。There are eight inbound port range requirements. 这些范围内的入站请求是指从同一 VNET 上托管的其他服务入站或者来自 Redis 子网通信内部。Inbound requests in these ranges are either inbound from other services hosted in the same VNET or internal to the Redis subnet communications.

端口Port(s) 方向Direction 传输协议Transport Protocol 目的Purpose 本地 IPLocal IP 远程 IPRemote IP
6379、63806379, 6380 入站Inbound TCPTCP 与 Redis 的客户端通信、Azure 负载均衡Client communication to Redis, Azure load balancing (Redis 子网)(Redis subnet) (Redis 子网)、虚拟网络、Azure 负载均衡器(Redis subnet), Virtual Network, Azure Load Balancer
84438443 入站Inbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)
85008500 入站Inbound TCP/UDPTCP/UDP Azure 负载均衡Azure load balancing (Redis 子网)(Redis subnet) Azure 负载均衡器Azure Load Balancer
10221-1023110221-10231 入站Inbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)、Azure 负载均衡器(Redis subnet), Azure Load Balancer
13000-1399913000-13999 入站Inbound TCPTCP 与 Redis 群集的客户端通信、Azure 负载均衡Client communication to Redis Clusters, Azure load balancing (Redis 子网)(Redis subnet) 虚拟网络、Azure 负载均衡器Virtual Network, Azure Load Balancer
15000-1599915000-15999 入站Inbound TCPTCP 与 Redis 群集的客户端通信、Azure 负载均衡Client communication to Redis Clusters, Azure load Balancing (Redis 子网)(Redis subnet) 虚拟网络、Azure 负载均衡器Virtual Network, Azure Load Balancer
1600116001 入站Inbound TCP/UDPTCP/UDP Azure 负载均衡Azure load balancing (Redis 子网)(Redis subnet) Azure 负载均衡器Azure Load Balancer
2022620226 入站Inbound TCPTCP Redis 内部通信Internal communications for Redis (Redis 子网)(Redis subnet) (Redis 子网)(Redis subnet)

其他 VNET 网络连接要求Additional VNET network connectivity requirements

在虚拟网络中,可能一开始不符合 Azure Redis 缓存的网络连接要求。There are network connectivity requirements for Azure Redis Cache that may not be initially met in a virtual network. 在虚拟网络中使用时,Azure Redis 缓存需要以下所有项才能正常运行。Azure Redis Cache requires all the following items to function properly when used within a virtual network.

  • 与全球 Azure 存储终结点建立的出站网络连接。Outbound network connectivity to Azure Storage endpoints worldwide. 这包括位于 Azure Redis 缓存实例区域的终结点,以及位于其他 Azure 区域的存储终结点。This includes endpoints located in the same region as the Azure Redis Cache instance, as well as storage endpoints located in other Azure regions. Azure 存储终结点在以下 DNS 域下解析:table.core.windows.netblob.core.windows.netqueue.core.windows.netfile.core.windows.netAzure Storage endpoints resolve under the following DNS domains: table.core.windows.net, blob.core.windows.net, queue.core.windows.net, and file.core.windows.net.
  • ocsp.msocsp.commscrl.microsoft.comcrl.microsoft.com 建立的出站网络连接。需要此连接才能支持 SSL 功能。Outbound network connectivity to ocsp.msocsp.com, mscrl.microsoft.com, and crl.microsoft.com. This connectivity is needed to support SSL functionality.
  • 虚拟网络的 DNS 设置必须能够解析前面几点所提到的所有终结点和域。The DNS configuration for the virtual network must be capable of resolving all of the endpoints and domains mentioned in the earlier points. 确保已针对虚拟网络配置并维护有效的 DNS 基础结构即可符合这些 DNS 要求。These DNS requirements can be met by ensuring a valid DNS infrastructure is configured and maintained for the virtual network.
  • 到以下 Azure 监视终结点的出站网络连接,这些终结点在下列 DNS 域下进行解析:shoebox2-black.shoebox2.metrics.nsatc.net、north-prod2.prod2.metrics.nsatc.net、azglobal-black.azglobal.metrics.nsatc.net、shoebox2-red.shoebox2.metrics.nsatc.net、east-prod2.prod2.metrics.nsatc.net、azglobal-red.azglobal.metrics.nsatc.net。Outbound network connectivity to the following Azure Monitoring endpoints, which resolve under the following DNS domains: shoebox2-black.shoebox2.metrics.nsatc.net, north-prod2.prod2.metrics.nsatc.net, azglobal-black.azglobal.metrics.nsatc.net, shoebox2-red.shoebox2.metrics.nsatc.net, east-prod2.prod2.metrics.nsatc.net, azglobal-red.azglobal.metrics.nsatc.net.

如何验证 VNET 中缓存是否正常工作?How can I verify that my cache is working in a VNET?

重要

连接到 VNET 中托管的 Azure Redis 缓存实例时,缓存客户端必须位于同一 VNET 中或已启用 VNET 对等互连的 VNET 中。When connecting to an Azure Redis Cache instance that is hosted in a VNET, your cache clients must be in the same VNET or in a VNET with VNET peering enabled. 这包括任何测试应用程序或诊断 ping 工具。This includes any test applications or diagnostic pinging tools. 无论客户端应用程序在哪里托管,都必须配置网络安全组,这样客户端的网络流量才能到达 Redis 实例。Regardless of where the client application is hosted, Network security groups must be configured such that the client's network traffic is allowed to reach the Redis instance.

端口需求按上一部分所述进行配置后,可以通过执行以下步骤验证缓存是否正常运行。Once the port requirements are configured as described in the previous section, you can verify that your cache is working by performing the following steps.

  • 重新启动所有缓存节点。Reboot all of the cache nodes. 如果无法访问所有所需的缓存依赖项(如入站端口需求出站端口需求中所述),缓存将无法成功重启。If all of the required cache dependencies can't be reached (as documented in Inbound port requirements and Outbound port requirements), the cache won't be able to restart successfully.
  • 重启缓存节点后(依据 Azure 门户里的缓存状态),可以执行以下测试:Once the cache nodes have restarted (as reported by the cache status in the Azure portal), you can perform the following tests:

    • 使用 tcping,对与缓存位于同一 VNET 中的计算机的缓存终结点(使用 6380 端口)执行 ping 操作。ping the cache endpoint (using port 6380) from a machine that is within the same VNET as the cache, using tcping. 例如:For example:

      tcping.exe contosocache.redis.cache.windows.net 6380

      如果 tcping 工具报告该端口已打开,则可使用缓存连接 VNET 中的客户端。If the tcping tool reports that the port is open, the cache is available for connection from clients in the VNET.

    • 进行测试的另一种方法是创建测试缓存客户端(可以是使用 StackExchange.Redis 的简单控制台应用程序),使其连接到缓存,以便添加和检索缓存的某些项。Another way to test is to create a test cache client (which could be a simple console application using StackExchange.Redis) that connects to the cache and adds and retrieves some items from the cache. 将示例客户端应用程序安装到与缓存位于同一 VNET 中的 VM 上,并运行以验证与缓存的连接性。Install the sample client application onto a VM that is in the same VNET as the cache and run it to verify connectivity to the cache.

尝试连接到 VNET 中的 Redis 缓存时,为何会收到指出远程证书无效的错误?When trying to connect to my Redis cache in a VNET, why am I getting an error stating the remote certificate is invalid?

尝试连接到 VNET 中的 Redis 缓存时,会收到类似于以下内容的证书验证错误:When trying to connect to a Redis cache in a VNET, you see a certificate validation error such as this:

{"No connection is available to service this operation: SET mykey; The remote certificate is invalid according to the validation procedure.; …"}

这可能是因为你在通过 IP 地址来连接主机。The cause could be you are connecting to the host by the IP address. 建议使用主机名。We recommend using the hostname. 换而言之,请使用以下方法:In other words, use the following:

[mycachename].redis.windows.net:6380,password=xxxxxxxxxxxxxxxxxxxx,ssl=True,abortConnect=False

避免使用类似于以下连接字符串的 IP 地址:Avoid using the IP address similar to the following connection string:

10.128.2.84:6380,password=xxxxxxxxxxxxxxxxxxxx,ssl=True,abortConnect=False

如果无法解析 DNS 名称,某些客户端库包括了 sslHost(这是由 StackExchange.Redis 客户端提供的)之类的配置选项。If you are unable to resolve the DNS name, some client libraries include configuration options like sslHost which is provided by the StackExchange.Redis client. 这允许你替代用于证书验证的主机名。This allows you to override the hostname used for certificate validation. 例如:For example:

10.128.2.84:6380,password=xxxxxxxxxxxxxxxxxxxx,ssl=True,abortConnect=False;sslHost=[mycachename].redis.windows.net

是否可以对标准或基本缓存使用 VNet?Can I use VNets with a standard or basic cache?

只能对高级缓存使用 VNet。VNets can only be used with premium caches.

为什么在某些子网中创建 Redis 缓存失败,而在其他子网中不会失败?Why does creating a Redis cache fail in some subnets but not others?

如果要将 Azure Redis 缓存部署到Resource Manager VNet,缓存必须位于不包含任何其他资源类型的专用子网中。If you are deploying an Azure Redis Cache to a Resource Manager VNet, the cache must be in a dedicated subnet that contains no other resource type. 如果尝试将 Azure Redis 缓存部署到包含其他资源的Resource Manager VNet 子网,部署会失败。If an attempt is made to deploy an Azure Redis Cache to a Resource Manager VNet subnet that contains other resources, the deployment fails. 必须先删除该子网中的现有资源,才能创建新的 Redis 缓存。You must delete the existing resources inside the subnet before you can create a new Redis cache.

只要有足够的可用 IP 地址,就可以将多种类型的资源部署到经典 VNet。You can deploy multiple types of resources to a classic VNet as long as you have enough IP addresses available.

子网地址空间有哪些要求?What are the subnet address space requirements?

Azure 会保留每个子网中的某些 IP 地址,但是这些地址不能使用。Azure reserves some IP addresses within each subnet, and these addresses can't be used. 子网的第一个和最后一个 IP 地址仅为协议一致性而保留,其他三个地址用于 Azure 服务。The first and last IP addresses of the subnets are reserved for protocol conformance, along with three more addresses used for Azure services. 有关详细信息,请参阅使用这些子网中的 IP 地址是否有任何限制?For more information, see Are there any restrictions on using IP addresses within these subnets?

除了 Azure VNET 基础结构使用的 IP 地址外,子网中的每个 Redis 实例还会针对负载均衡器使用每分片两个 IP 地址和一个附加 IP 地址。In addition to the IP addresses used by the Azure VNET infrastructure, each Redis instance in the subnet uses two IP addresses per shard and one additional IP address for the load balancer. 非群集缓存视为具有一个分片。A non-clustered cache is considered to have one shard.

在 VNET 中托管缓存时,是否可以使用所有缓存功能?Do all cache features work when hosting a cache in a VNET?

如果缓存是 VNET 的一部分,则只有 VNET 中的客户端可以访问缓存。When your cache is part of a VNET, only clients in the VNET can access the cache. 因此,以下缓存管理功能目前不起作用。As a result, the following cache management features don't work at this time.

  • Redis 控制台 - 由于 Redis 控制台在本地浏览器中运行(这在 VNET 的外部),因此它无法连接到缓存。Redis Console - Because Redis Console runs in your local browser, which is outside the VNET, it can't connect to your cache.

将 ExpressRoute 用于 Azure Redis 缓存Use ExpressRoute with Azure Redis Cache

客户可以将 Azure ExpressRoute 线路连接到虚拟网络基础结构,从而将其本地网络扩展到 Azure。Customers can connect an Azure ExpressRoute circuit to their virtual network infrastructure, thus extending their on-premises network to Azure.

默认情况下,新创建的 ExpressRoute 线路不会在 VNET 上执行强制隧道(默认路由播发,0.0.0.0/0)。By default, a newly created ExpressRoute circuit does not perform forced tunneling (advertisement of a default route, 0.0.0.0/0) on a VNET. 因此,允许出站 Internet 连接直接来自 VNET,而且客户端应用程序能够连接到其他 Azure 终结点(包括 Azure Redis 缓存)。As a result, outbound Internet connectivity is allowed directly from the VNET and client applications are able to connect to other Azure endpoints including Azure Redis Cache.

但是,常见的客户配置是使用强制隧道(播发默认路由),以强制出站 Internet 流量改为流向本地。However a common customer configuration is to use forced tunneling (advertise a default route) which forces outbound Internet traffic to instead flow on-premises. 如果出站流量在本地遭到阻止,此流量将断开与 Azure Redis 缓存的连接,这样 Azure Redis 缓存实例将无法与其依赖项通信。This traffic flow breaks connectivity with Azure Redis Cache if the outbound traffic is then blocked on-premises such that the Azure Redis Cache instance is not able to communicate with its dependencies.

解决方法是在包含 Azure Redis 缓存的子网上定义一个或多个用户定义的路由 (UDR)。The solution is to define one (or more) user-defined routes (UDRs) on the subnet that contains the Azure Redis Cache. UDR 定义了要遵循的子网特定路由,而不是默认路由。A UDR defines subnet-specific routes that will be honored instead of the default route.

如果可能,建议使用以下配置:If possible, it is recommended to use the following configuration:

  • ExpressRoute 配置播发 0.0.0.0/0 并默认使用强制隧道将所有输出流量发送到本地。The ExpressRoute configuration advertises 0.0.0.0/0 and by default force tunnels all outbound traffic on-premises.
  • 已应用到包含 Azure Redis 缓存的子网的 UDR 使用公共 Internet 的 TCP/IP 流量工作路由来定义 0.0.0.0/0;例如,通过将下一个跃点类型设置为“Internet”。The UDR applied to the subnet containing the Azure Redis Cache defines 0.0.0.0/0 with a working route for TCP/IP traffic to the public internet; for example by setting the next hop type to 'Internet'.

这些步骤的组合效应是子网级 UDR 将优先于 ExpressRoute 强制隧道,从而确保来自 Azure Redis 缓存的出站 Internet 访问。The combined effect of these steps is that the subnet level UDR takes precedence over the ExpressRoute forced tunneling, thus ensuring outbound Internet access from the Azure Redis Cache.

由于性能原因,从本地应用程序使用 ExpressRoute 连接到 Azure Redis 缓存实例不是典型使用方案(为了获得最佳性能,Azure Redis 缓存客户端应与 Azure Redis 缓存位于同一区域中)。Connecting to an Azure Redis Cache instance from an on-premises application using ExpressRoute is not a typical usage scenario due to performance reasons (for best performance Azure Redis Cache clients should be in the same region as the Azure Redis Cache).

重要

UDR 中定义的路由必须足够明确,以便优先于 ExpressRoute 配置所播发的任何路由。The routes defined in a UDR must be specific enough to take precedence over any routes advertised by the ExpressRoute configuration. 以下示例使用广泛 0.0.0.0/0 地址范围,因此使用更明确的地址范围,有可能意外地被路由播发重写。The following example uses the broad 0.0.0.0/0 address range, and as such can potentially be accidentally overridden by route advertisements using more specific address ranges.

警告

从公共对等路径到专用对等路径未正确交叉播发路由的 ExpressRoute 配置不支持 Azure Redis 缓存。Azure Redis Cache is not supported with ExpressRoute configurations that incorrectly cross-advertise routes from the public peering path to the private peering path. 已配置公共对等互连的 ExpressRoute 配置会收到来自 Microsoft 的大量 Microsoft Azure IP 地址范围的路由播发。ExpressRoute configurations that have public peering configured, receive route advertisements from Microsoft for a large set of Microsoft Azure IP address ranges. 如果这些地址范围在专用对等路径上未正确交叉播发,则结果是来自 Azure Redis 缓存实例子网的所有出站网络数据包都不会正确地使用强制隧道发送到客户的本地网络基础结构。If these address ranges are incorrectly cross-advertised on the private peering path, the result is that all outbound network packets from the Azure Redis Cache instance's subnet are incorrectly force-tunneled to a customer's on-premises network infrastructure. 此网络流将破坏 Azure Redis 缓存。This network flow breaks Azure Redis Cache. 此问题的解决方法是停止从公共对等路径到专用对等路径的交叉播发路由。The solution to this problem is to stop cross-advertising routes from the public peering path to the private peering path.

有关用户定义路由的背景信息,请参阅此概述Background information on user-defined routes is available in this overview.

有关 ExpressRoute 的详细信息,请参阅 ExpressRoute 技术概述For more information about ExpressRoute, see ExpressRoute technical overview.

后续步骤Next steps

了解如何使用更多的高级版缓存功能。Learn how to use more premium cache features.