什麼是 Azure 虛擬網路的 IPv6?What is IPv6 for Azure Virtual Network?

Azure 虛擬網路 (VNet) 的 IPv6 可讓您在 Azure 中裝載應用程式,並在虛擬網路內以及網際網路之間建立 IPv6 和 IPv4 連線。IPv6 for Azure Virtual Network (VNet) enables you to host applications in Azure with IPv6 and IPv4 connectivity both within a virtual network and to and from the Internet. 由於公用 IPv4 位址耗盡,行動裝置和物聯網 (IoT) 的新網路通常會建置在 IPv6 上。Due to the exhaustion of public IPv4 addresses, new networks for mobility and Internet of Things (IoT) are often built on IPv6. 即使是成立很久的 ISP 和行動網路也都正在轉換為 IPv6。Even long established ISP and mobile networks are being transformed to IPv6. 僅適用於 IPv4 的服務會發現其在現有市場和新興市場都處於真正的劣勢。IPv4-only services can find themselves at a real disadvantage in both existing and emerging markets. 雙重堆疊的 IPv4/IPv6 連線能力讓 Azure 裝載的服務能夠利用全球可用的雙重堆疊服務跨越這項技術缺口,輕鬆地與現有的 IPv4 和這些新的 IPv6 裝置與網路連線。Dual stack IPv4/IPv6 connectivity enables Azure-hosted services to traverse this technology gap with globally available, dual-stacked services that readily connect with both the existing IPv4 and these new IPv6 devices and networks.

Azure 的原始 IPv6 連線能力可讓您輕鬆地為裝載於 Azure 中的應用程式提供雙重堆疊 (IPv4/IPv6) 網際網路連線能力。Azure's original IPv6 connectivity makes it easy to provide dual stack (IPv4/IPv6) Internet connectivity for applications hosted in Azure. 其可讓您使用已負載平衡的 IPv6 連線,針對輸入和輸出起始的連線簡單地部署 VM。It allows for simple deployment of VMs with load balanced IPv6 connectivity for both inbound and outbound initiated connections. 這項功能仍然可供使用,這裡有詳細資訊。This feature is still available and more information is available here. Azure 虛擬網路的 IPv6 有更完整的功能,可讓您在 Azure 中部署完整的 IPv6 解決方案架構。IPv6 for Azure virtual network is much more full featured- enabling full IPv6 solution architectures to be deployed in Azure.

下圖說明 Azure 中的簡單雙重堆疊 (IPv4/IPv6) 部署:The following diagram depicts a simple dual stack (IPv4/IPv6) deployment in Azure:

IPv6 網路部署圖表

優點Benefits

Azure VNET 的 IPv6 優點:IPv6 for Azure VNET benefits:

  • 協助擴展 Azure 裝載的應用程式並觸及到不斷成長的行動裝置和物聯網市場。Helps expand the reach of your Azure-hosted applications into the growing mobile and Internet of Things markets.
  • 雙重堆疊的 IPv4/IPv6 VM 可提供最大的服務部署彈性。Dual stacked IPv4/IPv6 VMs provide maximum service deployment flexibility. 單一服務執行個體可以與支援 IPv4 和 IPv6 的網際網路用戶端連線。A single service instance can connect with both IPv4 and IPv6-capable Internet clients.
  • 建置於成立很久且穩定的 Azure VM 對網際網路 IPv6 連線能力之上。Builds on long-established, stable Azure VM-to-Internet IPv6 connectivity.
  • 預設是安全的,因為只有在部署中明確要求時,才會建立網際網路的 IPv6 連線能力。Secure by default since IPv6 connectivity to the Internet is only established when you explicitly request it in your deployment.

功能Capabilities

適用於 Azure VNet 的 IPv6 包含下列功能:IPv6 for Azure VNet includes the following capabilities:

  • Azure 客戶可以定義自己的 IPv6 虛擬網路位址空間,以符合其應用程式、客戶或緊密整合到其內部部署 IP 空間的需求。Azure customers can define their own IPv6 virtual network address space to meet the needs of their applications, customers, or seamlessly integrate into their on-premises IP space.
  • 具有雙重堆疊子網路的雙重堆疊 (IPv4 和 IPv6) 虛擬網路,可讓應用程式與其虛擬網路或網際網路中的 IPv4 和 IPv6 資源連線。Dual stack (IPv4 and IPv6) virtual networks with dual stack subnets enable applications to connect with both IPv4 and IPv6 resources in their virtual network or - the Internet.

    重要

    IPv6 子網路的大小必須正好是 /64。The subnets for IPv6 must be exactly /64 in size. 這可確保萬一日後您決定啟用子網路到內部部署網路的路由時,能夠保有相容性 (因為某些路由器只能接受 /64 IPv6 路由)。This ensures future compatibility should you decide to enable routing of the subnet to an on-premises network since some routers can only accept /64 IPv6 routes.

  • 使用網路安全性群組的 IPv6 規則來保護您的資源。Protect your resources with IPv6 rules for Network Security Groups.
    • 而且 Azure 平台的分散式阻斷服務 (DDoS) 保護會延伸到網際網路對向的公用 IPAnd the Azure platform's Distributed Denial of Service (DDoS) protections are extended to Internet-facing Public IP's
  • 使用使用者定義的路由來自訂虛擬網路中的 IPv6 流量路由 (特別是在利用網路虛擬設備來擴充您的應用程式時)。Customize the routing of IPv6 traffic in your virtual network with User-Defined Routes- especially when leveraging Network Virtual Appliances to augment your application.
  • Linux 和 Windows 虛擬機器都可以使用 Azure VNET 的 IPv6Linux and Windows Virtual Machines can all use IPv6 for Azure VNET
  • 標準 IPv6 公用 Load Balancer 支援,可建立具有復原性、可擴縮的應用程式,其內含:Standard IPv6 public Load Balancer support to create resilient, scalable applications, which include:
    • 選擇性的 IPv6 健康情況探查,可用來判斷哪個後端集區執行個體狀況良好,進而可以接收新的流程。Optional IPv6 health probe to determine which backend pool instances are health and thus can receive new flows.
    • 選擇性輸出規則,可完全透過宣告來控制輸出連線,以針對您的特定需求擴縮和調整此功能。Optional outbound rules which provide full declarative control over outbound connectivity to scale and tune this ability to your specific needs.
    • 選擇性的多個前端設定,可讓單一負載平衡器使用多個 IPv6 公用 IP 位址,相同的前端通訊協定和連接埠可跨前端位址重複使用。Optional multiple front-end configurations which enable a single load balancer to use multiple IPv6 public IP addresses- the same frontend protocol and port can be reused across frontend addresses.
    • 選擇性的 IPv6 連接埠,可使用負載平衡規則的 浮動 IP 功能在後端執行個體上重複使用Optional IPv6 ports can be reused on backend instances using the Floating IP feature of load-balancing rules
    • 注意:負載平衡不會執行任何通訊協定轉譯 (無 NAT64)。Note: Load balancing does not perform any protocol translation (no NAT64).
    • 注意:IPv6 只能負載平衡到 Azure VM 上的主要網路介面 (NIC)。Note: IPv6 can be load balanced only to the primary network interface (NIC) on Azure VMs.
  • 標準 IPv6 內部 Load Balancer 支援,以在 Azure VNET 中建立具有復原性的多層式應用程式。Standard IPv6 internal Load Balancer support to create resilient multi-tier applications within Azure VNETs.
  • 基本的 IPv6 公用 Load Balancer 支援,可與舊版部署相容Basic IPv6 public Load Balancer support for compatibility with legacy deployments
  • 保留的 Ipv6 公用 IP 位址和位址範圍 提供穩定且可預測的 ipv6 位址,可輕鬆地篩選您的公司和客戶的 azure 託管應用程式。Reserved IPv6 Public IP addresses and address ranges provide stable, predictable IPv6 addresses which ease filtering of your azure-hosted applications for your company and your customers.
  • 執行個體層級的公用 IP 可直接對個別 VM 提供 IPv6 網際網路連線能力。Instance-level Public IP provides IPv6 Internet connectivity directly to individual VMs.
  • 將 IPv6 新增至現有的僅限 IPv4 部署 - 這項功能可讓您輕鬆地將 IPv6 連線能力新增至現有的僅限 IPv4 部署,而不需要重新建立部署。Add IPv6 to Existing IPv4-only deployments- this feature enables you to easily add IPv6 connectivity to existing IPv4-only deployments without the need to recreate deployments. 在此程序中,IPv4 網路流量不會受到影響,因此,視您的應用程式和作業系統而定,您甚至可以將 IPv6 新增到即時服務。The IPv4 network traffic is unaffected during this process so depending on your application and OS you may be able to add IPv6 even to live services.
  • 讓網際網路用戶端使用其選擇、具有 Azure DNS IPv6 (AAAA) 記錄支援的通訊協定,順暢地存取雙重堆疊應用程式。Let Internet clients seamlessly access your dual stack application using their protocol of choice with Azure DNS support for IPv6 (AAAA) records.
  • 建立雙重堆疊應用程式,以使用 IPv6 的虛擬機器擴展集自動擴縮為您的負載。Create dual stack applications that automatically scale to your load with virtual machine scale sets with IPv6.
  • 虛擬網路 (VNET) 對等互連 - 區域內和全域對等互連 - 可讓您順暢地連線雙重堆疊 VNET - 對等互連網路中 VM 上的 IPv4 和 IPv6 端點都能夠彼此通訊。Virtual Network (VNET) Peering - both within-regional and global peering - enables you to seemlessly connect dual stack VNETs- both the IPv4 and IPv6 endpoints on VMs in the peered networks will be able to communicate with each other. 當您將部署轉換成雙重堆疊時,甚至可以將雙重堆疊與僅限 IPv4 的 VNET 對等互連。You can even peer dual stack with IPv4-only VNETs as you are transitioning your deployments to dual stack.
  • IPv6 疑難排解和診斷適用於負載平衡器計量/警示和網路監看員功能,例如封包擷取、NSG 流量記錄、連線疑難排解和連線監視。IPv6 Troubleshooting and Diagnostics are available with load balancer metrics/alerting and Network Watcher features such as packet capture, NSG flow logs, connection troubleshooting and connection monitoring.

影響範圍Scope

Azure VNET 的 IPv6 是基礎功能集,可讓客戶在 Azure 中裝載雙重堆疊 (IPv4+IPv6) 應用程式。IPv6 for Azure VNET is a foundational feature set which enables customers to host dual stack (IPv4+IPv6) applications in Azure. 我們打算在一段時間後將 IPv6 支援新增至更多 Azure 網路功能,最終則要提供 Azure PaaS 服務的雙重堆疊版本,但在此同時,所有 Azure PaaS 服務都可透過雙重堆疊虛擬機器上的 IPv4 端點來存取。We intend to add IPv6 support to more Azure networking features over time and eventually to offer dual stack versions of Azure PaaS services but in the meantime all Azure PaaS services can be accessed via the IPv4 endpoints on dual stack Virtual Machines.

限制Limitations

目前的 Azure 虛擬網路 IPv6 版本有下列限制:The current IPv6 for Azure virtual network release has the following limitations:

  • Azure 虛擬網路的 IPv6 適用於使用所有部署方法的所有全球性 Azure 商業區域和美國政府區域。IPv6 for Azure virtual network is available in all global Azure Commercial and US Government regions using all deployment methods.
  • 在已啟用 IPv6 的 VNET 中,ExpressRoute 閘道可用於僅限 IPv4 的流量。ExpressRoute gateways CAN be used for IPv4-only traffic in a VNET with IPv6 enabled. 支援 IPv6 流量已在我們的規劃中。Support for IPv6 traffic is on our roadmap.
  • VPN 閘道不能用於已啟用 IPv6 的 VNET,不論是直接進行還是透過與 "UseRemoteGateway" 對等互連都不行。VPN gateways CANNOT be used in a VNET with IPv6 enabled, either directly or peered with "UseRemoteGateway".
  • Azure 平台 (AKS 等) 不支援容器的 IPv6 通訊。The Azure platform (AKS, etc.) does not support IPv6 communication for Containers.
  • 不支援僅限 IPv6 的虛擬機器或虛擬機器擴展集,每個 NIC 都必須包含至少一個 IPv4 IP 設定。IPv6-only Virtual Machines or Virtual Machines Scale Sets are not supported, each NIC must include at least one IPv4 IP configuration.
  • 將 IPv6 新增至現有的 IPv4 部署時,不能將 IPv6 範圍新增至具有現有資源導覽連結的 VNET。When adding IPv6 to existing IPv4 deployments, IPv6 ranges can not be added to a VNET with existing resource navigation links.
  • Azure 公用 DNS 目前支援轉送 IPv6 的正向 DNS,但尚未支援反向 DNS。Forward DNS for IPv6 is supported for Azure public DNS today but Reverse DNS is not yet supported.

定價Pricing

IPv6 Azure 資源和頻寬的收費費率與 IPv4 相同。IPv6 Azure resources and bandwidth are charged at the same rates as IPv4. IPv6 沒有額外或不同的費用。There are no additional or different charges for IPv6. 您可以找到公用 IP 位址網路頻寬Load Balancer 的定價詳細資料。You can find details about pricing for public IP addresses, network bandwidth, or Load Balancer.

後續步驟Next steps