流量管理員的運作方式How Traffic Manager Works

Azure 流量管理員可讓您控制流量分散到應用程式端點的方式。Azure Traffic Manager enables you to control the distribution of traffic across your application endpoints. 端點是裝載於 Azure 內部或外部的任何網際網路對向服務。An endpoint is any Internet-facing service hosted inside or outside of Azure.

流量管理員提供兩大優點︰Traffic Manager provides two key benefits:

當用戶端嘗試連接至服務時,它必須先將服務的 DNS 名稱解析為 IP 位址。When a client attempts to connect to a service, it must first resolve the DNS name of the service to an IP address. 然後用戶端才能連接到該 IP 位址以存取服務。The client then connects to that IP address to access the service.

最重要的一點是了解流量管理員是在 DNS 層級上運作。The most important point to understand is that Traffic Manager works at the DNS level. 流量管理員會使用 DNS,根據流量路由方法的規則,將用戶端導向特定的服務端點。Traffic Manager uses DNS to direct clients to specific service endpoints based on the rules of the traffic-routing method. 用戶端會直接連接至選取的端點。Clients connect to the selected endpoint directly. 流量管理員不是 Proxy 或閘道。Traffic Manager is not a proxy or a gateway. 流量管理員看不到在用戶端與服務之間傳遞的流量。Traffic Manager does not see the traffic passing between the client and the service.

流量管理員範例Traffic Manager example

Contoso Corp 開發出新的合作夥伴入口網站。Contoso Corp have developed a new partner portal. 此入口網站的 URL 是 https://partners.contoso.com/login.aspxThe URL for this portal is https://partners.contoso.com/login.aspx. 應用程式裝載於 Azure 的三個區域。The application is hosted in three regions of Azure. 為了改善可用性和最佳化全域效能,他們使用流量管理員將用戶端流量分配給最靠近的可用端點。To improve availability and maximize global performance, they use Traffic Manager to distribute client traffic to the closest available endpoint.

若要達成這個設定,要完成下列步驟︰To achieve this configuration, they complete the following steps:

  1. 部署三個服務執行個體。Deploy three instances of their service. 這些部署的 DNS 名稱為 'contoso-us.cloudapp.net'、'contoso-eu.cloudapp.net' 和 'contoso-asia.cloudapp.net'。The DNS names of these deployments are 'contoso-us.cloudapp.net', 'contoso-eu.cloudapp.net', and 'contoso-asia.cloudapp.net'.
  2. 建立名為 'contoso.trafficmanager.net' 的流量管理員設定檔,並設定為在這三個端點之間使用「效能」流量路由方法。Create a Traffic Manager profile, named 'contoso.trafficmanager.net', and configure it to use the 'Performance' traffic-routing method across the three endpoints.
  3. 使用 DNS CNAME 記錄,將虛名網域名稱 'partners.contoso.com' 設定成指向 'contoso.trafficmanager.net'。Configure their vanity domain name, 'partners.contoso.com', to point to 'contoso.trafficmanager.net', using a DNS CNAME record.

流量管理員 DNS 組態


虛名網域配合 Azure 流量管理員使用時,您必須使用 CNAME 將虛名網域名稱指向流量管理員網域名稱。When using a vanity domain with Azure Traffic Manager, you must use a CNAME to point your vanity domain name to your Traffic Manager domain name. DNS 標準不允許您在網域的「頂點」(或根) 上建立 CNAME。DNS standards do not allow you to create a CNAME at the 'apex' (or root) of a domain. 因此,您無法建立 'contoso.com' 的 CNAME (有時稱為「裸」網域)。Thus you cannot create a CNAME for 'contoso.com' (sometimes called a 'naked' domain). 您只能為 'contoso.com' 下的網域建立 CNAME,例如 'www.contoso.com'。You can only create a CNAME for a domain under 'contoso.com', such as 'www.contoso.com'. 為因應這項限制,我們建議您將 DNS 網域裝載於 Azure DNS,並使用別名記錄來指向您的流量管理員設定檔。To work around this limitation, we recommend hosting your DNS domain on Azure DNS and using Alias records to point to your traffic manager profile. 或是,您可以使用簡單的 HTTP 重新導向,將 'contoso.com' 的要求指向至替代名稱,例如 'www.contoso.com'。Alternatively you can use a simple HTTP redirect to direct requests for 'contoso.com' to an alternative name such as 'www.contoso.com'.

用戶端連接如何使用流量管理員How clients connect using Traffic Manager

接續上述範例,當用戶端要求頁面 https://partners.contoso.com/login.aspx 時,用戶端會執行下列步驟來解析 DNS 名稱,然後建立連接︰Continuing from the previous example, when a client requests the page https://partners.contoso.com/login.aspx, the client performs the following steps to resolve the DNS name and establish a connection:


  1. 用戶端會將 DNS 查詢傳送至已設定的遞迴 DNS 服務,以解析名稱 'partners.contoso.com'。The client sends a DNS query to its configured recursive DNS service to resolve the name 'partners.contoso.com'. 遞迴 DNS 服務 (有時稱為「本機 DNS」服務) 不直接裝載 DNS 網域。A recursive DNS service, sometimes called a 'local DNS' service, does not host DNS domains directly. 相反地,用戶端不負責連絡網際網路上解析 DNS 名稱所需的各種授權 DNS 服務。Rather, the client off-loads the work of contacting the various authoritative DNS services across the Internet needed to resolve a DNS name.

  2. 為了解析 DNS 名稱,遞迴 DNS 服務會尋找 'contoso.com' 網域的名稱伺服器。To resolve the DNS name, the recursive DNS service finds the name servers for the 'contoso.com' domain. 然後,連絡這些名稱伺服器來要求 'partners.contoso.com' DNS 記錄。It then contacts those name servers to request the 'partners.contoso.com' DNS record. Contoso.com DNS 伺服器會傳回指向 contoso.trafficmanager.net 的 CNAME 記錄。The contoso.com DNS servers return the CNAME record that points to contoso.trafficmanager.net.

  3. 接下來,遞迴 DNS 服務會尋找 'trafficmanager.net' 網域的名稱伺服器 (由 Azure 流量管理員服務提供)。Next, the recursive DNS service finds the name servers for the 'trafficmanager.net' domain, which are provided by the Azure Traffic Manager service. 然後,將 'contoso.trafficmanager.net' DNS 記錄的要求傳送至這些 DNS 伺服器。It then sends a request for the 'contoso.trafficmanager.net' DNS record to those DNS servers.

  4. 流量管理員名稱伺服器接收要求。The Traffic Manager name servers receive the request. 它們會根據下列項目來選擇端點︰They choose an endpoint based on:

    • 每個端點已設定的狀態 (不會傳回已停用的端點)The configured state of each endpoint (disabled endpoints are not returned)
    • 每個端點目前的健康狀態,由流量管理員健康狀態檢查所決定。The current health of each endpoint, as determined by the Traffic Manager health checks. 如需詳細資訊,請參閱 流量管理員端點監視For more information, see Traffic Manager Endpoint Monitoring.
    • 所選的流量路由方法。The chosen traffic-routing method. 如需詳細資訊,請參閱流量管理員路由方法For more information, see Traffic Manager Routing Methods.
  5. 選擇的端點會傳回成為另一筆 DNS CNAME 記錄。The chosen endpoint is returned as another DNS CNAME record. 在此例子中,我們假設傳回 contoso us.cloudapp.net。In this case, let us suppose contoso-us.cloudapp.net is returned.

  6. 接下來,遞迴 DNS 服務會尋找 'cloudapp.net' 網域的名稱伺服器。Next, the recursive DNS service finds the name servers for the 'cloudapp.net' domain. 它會連絡這些名稱伺服器,以要求 'contoso-us.cloudapp.net' DNS 記錄。It contacts those name servers to request the 'contoso-us.cloudapp.net' DNS record. 將會傳回一筆 DNS 'A' 記錄,內含美國地區服務端點的 IP 位址。A DNS 'A' record containing the IP address of the US-based service endpoint is returned.

  7. 遞迴 DNS 服務會合併結果,並傳回單一 DNS 回應給用戶端。The recursive DNS service consolidates the results and returns a single DNS response to the client.

  8. 用戶端收到 DNS 結果,然後連接至指定的 IP 位址。The client receives the DNS results and connects to the given IP address. 用戶端會直接連接至應用程式服務端點,而不透過流量管理員。The client connects to the application service endpoint directly, not through Traffic Manager. 因為它是 HTTPS 端點,用戶端會執行必要的 SSL/TLS 交握,然後提出 '/login.aspx' 頁面的 HTTP GET 要求。Since it is an HTTPS endpoint, the client performs the necessary SSL/TLS handshake, and then makes an HTTP GET request for the '/login.aspx' page.

遞迴 DNS 服務會快取它收到的 DNS 回應。The recursive DNS service caches the DNS responses it receives. 用戶端裝置上的 DNS 解析程式也會快取結果。The DNS resolver on the client device also caches the result. 快取功能會使用快取中的資料,而不查詢其他名稱伺服器,因而可以更快回應後續的 DNS 查詢。Caching enables subsequent DNS queries to be answered more quickly by using data from the cache rather than querying other name servers. 快取持續時間取決於每一筆 DNS 記錄的「存留時間」(TTL) 屬性。The duration of the cache is determined by the 'time-to-live' (TTL) property of each DNS record. 較短的值會導致快取更快到期,因此需要更多次往返於流量管理員的名稱伺服器。Shorter values result in faster cache expiry and thus more round-trips to the Traffic Manager name servers. 較長的值表示從失敗端點引開流量會花費更長的時間。Longer values mean that it can take longer to direct traffic away from a failed endpoint. 流量管理員允許您將流量管理員 DNS 回應中使用的 TTL,設定為最低是 0 秒及最高是 2,147,483,647 秒 (符合 RFC-1035 的最大範圍),讓您選擇最能平衡應用程式需求的值。Traffic Manager allows you to configure the TTL used in Traffic Manager DNS responses to be as low as 0 seconds and as high as 2,147,483,647 seconds (the maximum range compliant with RFC-1035), enabling you to choose the value that best balances the needs of your application.


後續步驟Next steps

深入了解「流量管理員」的 端點監視和自動容錯移轉Learn more about Traffic Manager endpoint monitoring and automatic failover.

深入了解「流量管理員」的 流量路由方法Learn more about Traffic Manager traffic routing methods.