建立、變更或刪除公用 IP 位址Create, change, or delete a public IP address

了解公用 IP 位址,以及如何建立、變更和刪除公用 IP 位址。Learn about a public IP address and how to create, change, and delete one. 公用 IP 位址是可加以設定的資源。A public IP address is a resource with its own configurable settings. 將公用 IP 位址指派給支援公用 IP 位址的 Azure 資源,可以:Assigning a public IP address to an Azure resource that supports public IP addresses enables:

  • 啟用從網路網路到資源的輸入通訊;資源包括 Azure 虛擬機器 (VM)、Azure 應用程式閘道、Azure Load Balancer、Azure VPN 閘道等等。Inbound communication from the Internet to the resource, such as Azure Virtual Machines (VM), Azure Application Gateways, Azure Load Balancers, Azure VPN Gateways, and others. 即使未將公用 IP 位址指派給該虛擬機器,只要虛擬機器是負載平衡器後端集區的一部分,且已將公用 IP 位址指派給負載平衡器,就可以讓您與來自網際網路的虛擬機器等資源進行通訊。You can still communicate with some resources, such as VMs, from the Internet, if a VM doesn't have a public IP address assigned to it, as long as the VM is part of a load balancer back-end pool, and the load balancer is assigned a public IP address. 若要判斷資源是否可以將公用 IP 位址指派給特定的 Azure 服務,或者是否可以透過不同 Azure 資源的公用 IP 位址與其進行通訊,請參閱服務的說明文件。To determine whether a resource for a specific Azure service can be assigned a public IP address, or whether it can be communicated with through the public IP address of a different Azure resource, see the documentation for the service.
  • 使用可預測 IP 位址對網際網路進行輸出連線。Outbound connectivity to the Internet using a predictable IP address. 例如,虛擬機器不需有指派的公用 IP 位址,即可對網際網路進行輸出通訊,但其位址是由 Azure 轉譯而成的網路位址 (依預設是無法預測的公用位址)。For example, a virtual machine can communicate outbound to the Internet without a public IP address assigned to it, but its address is network address translated by Azure to an unpredictable public address, by default. 指派公用 IP 位址給資源,可讓您知道輸出連線所使用的 IP 位址。Assigning a public IP address to a resource enables you to know which IP address is used for the outbound connection. 雖然可預測,但位址可能根據選擇的指派方法而有所變更。Though predictable, the address can change, depending on the assignment method chosen. 如需詳細資訊,請參閱<建立公用 IP 位址>。For more information, see Create a public IP address. 若要深入了解 Azure 資源的輸出連線,請參閱了解輸出連線To learn more about outbound connections from Azure resources, see Understand outbound connections.

開始之前Before you begin

注意

本文已更新為使用新的 Azure PowerShell Az 模組。This article has been updated to use the new Azure PowerShell Az module. AzureRM 模組在至少 2020 年 12 月之前都還會持續收到錯誤 (Bug) 修正,因此您仍然可以持續使用。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要深入了解新的 Az 模組和 AzureRM 的相容性,請參閱新的 Azure PowerShell Az 模組簡介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 如需 Az 模組安裝指示,請參閱安裝 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

在完成本文任一節的步驟之前,請先完成下列工作︰Complete the following tasks before completing steps in any section of this article:

  • 如果您還沒有 Azure 帳戶,請註冊免費試用帳戶If you don't already have an Azure account, sign up for a free trial account.
  • 如果使用入口網站,請開啟 https://portal.azure.com ,並使用您的 Azure 帳戶來登入。If using the portal, open https://portal.azure.com, and log in with your Azure account.
  • 如果使用 PowerShell 命令來完成這篇文章中的工作,請在 Azure Cloud Shell (英文) 中執行命令,或從您的電腦執行 PowerShell。If using PowerShell commands to complete tasks in this article, either run the commands in the Azure Cloud Shell, or by running PowerShell from your computer. Azure Cloud Shell 是免費的互動式 Shell,可讓您用來執行本文中的步驟。The Azure Cloud Shell is a free interactive shell that you can use to run the steps in this article. 它具有預先安裝和設定的共用 Azure 工具,可與您的帳戶搭配使用。It has common Azure tools preinstalled and configured to use with your account. 本教學課程需要 Azure PowerShell 模組 1.0.0 版或更新版本。This tutorial requires the Azure PowerShell module version 1.0.0 or later. 執行 Get-Module -ListAvailable Az 來了解安裝的版本。Run Get-Module -ListAvailable Az to find the installed version. 如果您需要升級,請參閱安裝 Azure PowerShell 模組If you need to upgrade, see Install Azure PowerShell module. 如果您在本機執行 PowerShell,則也需要執行 Connect-AzAccount 以建立與 Azure 的連線。If you are running PowerShell locally, you also need to run Connect-AzAccount to create a connection with Azure.
  • 如果使用命令列介面 (CLI) 命令來完成這篇文章中的工作,請在 Azure Cloud Shell (英文) 中執行命令,或從您的電腦執行 CLI。If using Azure Command-line interface (CLI) commands to complete tasks in this article, either run the commands in the Azure Cloud Shell, or by running the CLI from your computer. 本教學課程需要 Azure CLI 2.0.31 版或更新版本。This tutorial requires the Azure CLI version 2.0.31 or later. 執行 az --version 來了解安裝的版本。Run az --version to find the installed version. 如果您需要安裝或升級,請參閱安裝 Azure CLIIf you need to install or upgrade, see Install Azure CLI. 如果您在本機執行 Azure CLI,則也需要執行 az login 以建立與 Azure 的連線。If you are running the Azure CLI locally, you also need to run az login to create a connection with Azure.

您登入或連線到 Azure 的帳戶必須指派為網路參與者角色,或為已指派權限中所列適當動作的自訂角色The account you log into, or connect to Azure with, must be assigned to the network contributor role or to a custom role that is assigned the appropriate actions listed in Permissions.

公用 IP 位址需要少許費用。Public IP addresses have a nominal charge. 若要檢視價格,請閱讀 IP 位址價格頁面。To view the pricing, read the IP address pricing page.

建立公用 IP 位址Create a public IP address

  1. 在入口網站的左上角,選取 [+ 建立資源]。At the top, left corner of the portal, select + Create a resource.

  2. 在 [搜尋 Marketplace] 方塊中,輸入「公用 IP 位址」。Enter public ip address in the Search the Marketplace box. 當「公用 IP 位址」出現於搜尋結果時,將其選取。When Public IP address appears in the search results, select it.

  3. 在 [公用 IP 位址] 下方,選取 [建立]。Under Public IP address, select Create.

  4. 在 [建立公用 IP 位址] 下方,輸入或選取下列設定的值,然後選取 [建立]:Enter, or select values for the following settings, under Create public IP address, then select Create:

    設定Setting 必要項?Required? 詳細資料Details
    名稱Name Yes 名稱必須是您選取的資源群組中唯一的名稱。The name must be unique within the resource group you select.
    SKUSKU Yes 在 SKU 推出之前所建立的公用 IP 位址全都是基本 SKU 的公用 IP 位址。All public IP addresses created before the introduction of SKUs are Basic SKU public IP addresses. 建立公用 IP 位址之後,即無法變更 SKU。You cannot change the SKU after the public IP address is created. 獨立虛擬機器、可用性設定組內的虛擬機器,或虛擬機器擴展集,可以使用基本或標準 SKU。A standalone virtual machine, virtual machines within an availability set, or virtual machine scale sets can use Basic or Standard SKUs. 不允許混用可用性設定組或擴展集內虛擬機器之間的 SKU。Mixing SKUs between virtual machines within availability sets or scale sets is not allowed. 基本 SKU:如果您要在支援可用性區域的區域中建立公用 IP 位址,可用性區域設定依預設會設為「無」。Basic SKU: If you are creating a public IP address in a region that supports availability zones, the Availability zone setting is set to None by default. 基本公用 Ip 不支援可用性區域。Basic Public IPs do not support Availability zones. 標準 SKU:標準 SKU 公用 IP 可與虛擬機器或負載平衡器前端建立關聯。Standard SKU: A Standard SKU public IP can be associated to a virtual machine or a load balancer front end. 如果您要在支援可用性區域的區域中建立公用 IP 位址,可用性區域設定依預設會設為「區域備援」。If you're creating a public IP address in a region that supports availability zones, the Availability zone setting is set to Zone-redundant by default. 如需可用性區域的詳細資訊,請參閱可用性區域設定。For more information about availability zones, see the Availability zone setting. 如果您要將位址與標準負載平衡器建立關聯,則需要標準 SKU。The standard SKU is required if you associate the address to a Standard load balancer. 若要深入了解標準負載平衡器,請參閱 Azure 負載平衡器標準 SKUTo learn more about standard load balancers, see Azure load balancer standard SKU. 當您將標準 SKU 的公用 IP 位址指派給虛擬機器的網路介面時,必須使用網路安全性群組明確地允許預定的流量。When you assign a standard SKU public IP address to a virtual machine’s network interface, you must explicitly allow the intended traffic with a network security group. 在建立和關聯網路安全性群組並明確地允許所要流量前,與資源進行的通訊都會失敗。Communication with the resource fails until you create and associate a network security group and explicitly allow the desired traffic.
    IP 版本IP Version Yes 選取 IPv4 或 IPv6。Select IPv4 or IPv6. 公用的 IPv4 位址可指派給數個 Azure 資源,而 IPv6 公用 IP 位址只可指派給網際網路面向的負載平衡器。While public IPv4 addresses can be assigned to several Azure resources, an IPv6 public IP address can only be assigned to an Internet-facing load balancer. 負載平衡器可將 IPv6 的流量負載分散到 Azure 虛擬機器。The load balancer can load balance IPv6 traffic to Azure virtual machines. 深入了解將 IPv6 流量負載分散到虛擬機器Learn more about load balancing IPv6 traffic to virtual machines. 如果您選取標準 SKU,則無法選擇 IPv6If you selected the Standard SKU, you do not have the option to select IPv6. 使用標準 SKU 時,您只能建立 IPv4 位址。You can only create an IPv4 address when using the Standard SKU.
    IP 位址指派IP address assignment Yes 動態: 只有在公用 IP 位址與 Azure 資源相關聯,且第一次啟動資源之後,才會指派動態位址。Dynamic: Dynamic addresses are assigned only after a public IP address is associated to an Azure resource, and the resource is started for the first time. 動態位址指派給資源時可以變更 (例如指派給虛擬機器,而虛擬機器停止 (解除配置),然後再重新開機)。Dynamic addresses can change if they're assigned to a resource, such as a virtual machine, and the virtual machine is stopped (deallocated), and then restarted. 如果虛擬機器已重新開機或停止 (但未解除配置),則位址維持不變。The address remains the same if a virtual machine is rebooted or stopped (but not deallocated). 當公用 IP 位址資源與其所關聯的資源中斷關聯時,便會釋放動態位址。Dynamic addresses are released when a public IP address resource is dissociated from a resource it is associated to. 靜態︰ 建立公用 IP 位址時會指派靜態位址。Static: Static addresses are assigned when a public IP address is created. 刪除公用 IP 位址資源之前,不會釋出靜態位址。Static addresses are not released until a public IP address resource is deleted. 如果位址與資源沒有關聯,您可以在位址建立後變更指派方法。If the address is not associated to a resource, you can change the assignment method after the address is created. 如果位址與資源相關聯,您可能無法變更指派方法。If the address is associated to a resource, you may not be able to change the assignment method. 如果您選取 IPv6 作為 IP 版本,則指派方法為「動態」。If you select IPv6 for the IP version, the assignment method is Dynamic. 如果您為 SKU 選取標準,則指派方法為「靜態」。If you select Standard for SKU, the assignment method is Static.
    閒置逾時 (分鐘)Idle timeout (minutes) No 不需依賴用戶端傳送保持連線訊息,讓 TCP 或 HTTP 連線保持開啟的分鐘數。How many minutes to keep a TCP or HTTP connection open without relying on clients to send keep-alive messages. 如果您選取 IPv6 作為 IP 版本,則無法變更此值。If you select IPv6 for IP Version, this value can't be changed.
    DNS 名稱標籤DNS name label No 在您建立名稱的 Azure 位置 (跨越所有訂用帳戶和所有位置) 中必須是唯一的。Must be unique within the Azure location you create the name in (across all subscriptions and all customers). Azure 會在其 DNS 中自動登錄名稱和 IP 位址,以便您連線至具有此名稱的資源。Azure automatically registers the name and IP address in its DNS so you can connect to a resource with the name. Azure 會將 location.cloudapp.azure.com (其中 location 是您選取的位置) 之類的預設子網路附加至您提供的名稱 ,以建立完整的 DNS 名稱。Azure appends a default subnet such as location.cloudapp.azure.com (where location is the location you select) to the name you provide, to create the fully qualified DNS name. 如果您選擇兩個位址版本都建立,則會指派相同的 DNS 名稱給 IPv4 和 IPv6 位址。If you choose to create both address versions, the same DNS name is assigned to both the IPv4 and IPv6 addresses. Azure 預設 DNS 包含 IPv4 A 和 IPv6 AAAA 名稱記錄,並且會在查詢 DNS 名稱時回應這兩個記錄。Azure's default DNS contains both IPv4 A and IPv6 AAAA name records and responds with both records when the DNS name is looked up. 用戶端選擇要與哪一個位址 (IPv4 或 IPv6) 通訊。The client chooses which address (IPv4 or IPv6) to communicate with. 可改為 (或同時) 使用具有預設尾碼的 DNS 名稱標籤,您可以使用 Azure DNS 服務來設定 DNS 名稱,其具有解析為公用 IP 位址的自訂尾碼。Instead of, or in addition to, using the DNS name label with the default suffix, you can use the Azure DNS service to configure a DNS name with a custom suffix that resolves to the public IP address. 如需詳細資訊,請參閱使用具有 Azure 公用 IP 位址的 Azure DNSFor more information, see Use Azure DNS with an Azure public IP address.
    建立 IPv6 (或 IPv4) 位址Create an IPv6 (or IPv4) address No 顯示 IPv6 或 IPv4 取決於您選取的 IP 版本Whether IPv6 or IPv4 is displayed is dependent on what you select for IP Version. 例如,如果您選取 IPv4 作為 IP 版本,則此處會顯示 IPv6For example, if you select IPv4 for IP Version, IPv6 is displayed here. 如果您為 SKU 選取「標準」,則無法建立 IPv6 位址。If you select Standard for SKU, you don't have the option to create an IPv6 address.
    名稱 (僅在您核取 [建立 IPv6 (或 IPv4) 位址] 核取方塊時顯示)Name (Only visible if you checked the Create an IPv6 (or IPv4) address checkbox) 是 (如果您選取 [建立 IPv6] (或 IPv4) 核取方塊)。Yes, if you select the Create an IPv6 (or IPv4) checkbox. 該名稱必須與此清單中的第一個名稱不同。The name must be different than the name you enter for the first Name in this list. 如果您選擇同時建立 IPv4 和 IPv6 位址,則入口網站會建立兩個個別的公用 IP 位址資源,並各指派一個 IP 位址版本。If you choose to create both an IPv4 and an IPv6 address, the portal creates two separate public IP address resources, one with each IP address version assigned to it.
    IP 位址指派 (僅在您核取 [建立 IPv6 (或 IPv4) 位址] 核取方塊時顯示)IP address assignment (Only visible if you checked the Create an IPv6 (or IPv4) address checkbox) 是 (如果您選取 [建立 IPv6] (或 IPv4) 核取方塊)。Yes, if you select the Create an IPv6 (or IPv4) checkbox. 如果核取方塊顯示建立 IPv4 位址,表示您可以選擇指派方法。If the checkbox says Create an IPv4 address, you can select an assignment method. 如果核取方塊顯示建立 IPv6 位址,表示您無法選擇指派方法,因為指派方法必須為動態If the checkbox says Create an IPv6 address, you cannot select an assignment method, as it must be Dynamic.
    訂閱Subscription Yes 所在的訂用帳戶必須與您想要與公用 IP 位址建立關聯的資源相同。Must exist in the same subscription as the resource you want to associate the public IP address to.
    資源群組Resource group Yes 所在的資源群組可以與您想要與公用 IP 位址建立關聯的資源相同或不同。Can exist in the same, or different, resource group as the resource you want to associate the public IP address to.
    位置Location Yes 所在的位置 (也稱為區域) 必須與您想要與公用 IP 位址建立關聯的資源相同。Must exist in the same location, also referred to as region, as the resource you want to associate the public IP address to.
    可用性區域Availability zone No 只有在您選取受支援的位置時,才會出現此設定。This setting only appears if you select a supported location. 如需受支援位置的清單,請參閱可用性區域概觀For a list of supported locations, see Availability zones overview. 如果您選取基本 SKU,則會自動為您選取「無」。If you selected the Basic SKU, None is automatically selected for you. 如果您想要保證特定區域,可選取特定區域。If you prefer to guarantee a specific zone, you may select a specific zone. 或選擇非區域備援。Either choice is not zone-redundant. 如果您選取標準 SKU:系統會自動為您選取區域備援,並針對區域失敗進行資料路徑復原。If you selected the Standard SKU: Zone-redundant is automatically selected for you and makes your data path resilient to zone failure. 如果您希望保證對區域失敗無法復原的特定區域,則可選取特定區域。If you prefer to guarantee a specific zone, which is not resilient to zone failure, you may select a specific zone.

命令Commands

雖然入口網站提供建立兩個公用 IP 位址資源 (一個 IPv4 和一個 IPv6) 的選項,但下列的 CLI 和 PowerShell 命令則是會以其中一個 IP 版本的位址建立一個資源。Though the portal provides the option to create two public IP address resources (one IPv4 and one IPv6), the following CLI and PowerShell commands create one resource with an address for one IP version or the other. 如果您想要兩個公用 IP 位址資源 (每個 IP 版本各一個),您必須執行該命令兩次,並針對公用 IP 位址資源指定不同名稱和版本。If you want two public IP address resources, one for each IP version, you must run the command twice, specifying different names and versions for the public IP address resources.

ToolTool 命令Command
CLICLI az network public-ip createaz network public-ip create
PowerShellPowerShell New-AzPublicIpAddressNew-AzPublicIpAddress

檢視、變更公用 IP 位址的設定,或刪除公用 IP 位址View, change settings for, or delete a public IP address

  1. 在 Azure 入口網站頂端包含「搜尋資源」文字的方塊中,輸入「公用 ip 位址」。In the box that contains the text Search resources at the top of the Azure portal, type public ip address. 當「公用 IP 位址」出現於搜尋結果時,將其選取。When Public IP addresses appear in the search results, select it.

  2. 選取您要檢視、變更設定,或從清單中刪除的公用 IP 位址名稱。Select the name of the public IP address you want to view, change settings for, or delete from the list.

  3. 根據您要檢視、刪除或變更公用 IP 位址,完成下列其中一個選項。Complete one of the following options, depending on whether you want to view, delete, or change the public IP address.

    • 檢視:[概觀] 區段會顯示公用 IP 位址的主要設定,例如和該位址關聯的網路介面 (如果位址與網路介面關聯)。View: The Overview section shows key settings for the public IP address, such as the network interface it's associated to (if the address is associated to a network interface). 入口網站不會顯示位址版本 (IPv4 或 IPv6)。The portal does not display the version of the address (IPv4 or IPv6). 若要檢視版本資訊,請使用 PowerShell 或 CLI 命令來檢視公用 IP 位址。To view the version information, use the PowerShell or CLI command to view the public IP address. 如果 IP 位址版本是 IPv6 時,指派的位址不會顯示在入口網站、PowerShell 或 CLI 。If the IP address version is IPv6, the assigned address is not displayed by the portal, PowerShell, or the CLI.
    • 刪除:若要刪除公用 IP 位址,請在 [概觀] 區段中選取 [刪除]。Delete: To delete the public IP address, select Delete in the Overview section. 如果位址目前與 IP 組態相關聯,則無法加以刪除。If the address is currently associated to an IP configuration, it cannot be deleted. 如果位址目前與組態相關聯,請選取 [解除關聯] 來解除位址與 IP 組態的關聯。If the address is currently associated with a configuration, select Dissociate to dissociate the address from the IP configuration.
    • 變更:選取 [組態]。Change: select Configuration. 使用建立公用 IP 位址中步驟 4 的資訊來變更設定。Change settings using the information in step 4 of Create a public IP address. 若要將 IPv4 位址的指派從靜態變更為動態,您必須先解除公用 IPv4 位址與相關聯 IP 組態的關聯。To change the assignment for an IPv4 address from static to dynamic, you must first dissociate the public IPv4 address from the IP configuration it's associated to. 您可以接著將指派方法變更為動態,然後選取 [關聯] 讓 IP 位址與相同 IP 組態、不同組態建立關聯,您也可以讓它解除關聯。You can then change the assignment method to dynamic and select Associate to associate the IP address to the same IP configuration, a different configuration, or you can leave it dissociated. 若要解除公用 IP 位址的關聯,請在 [概觀] 區段中,選取 [解除關聯]。To dissociate a public IP address, in the Overview section, select Dissociate.

    警告

    當您將指派方法從靜態變更為動態時,您會遺失已指派給公用 IP 位址的 IP 位址。When you change the assignment method from static to dynamic, you lose the IP address that was assigned to the public IP address. 雖然 Azure 公用 DNS 伺服器會維護靜態或動態位址與任何 DNS 名稱標籤 (如果您定義一個位置) 之間的對應,但是動態 IP 位址可能會在虛擬機器處於停止 (已解除配置) 狀態後啟動時變更。While the Azure public DNS servers maintain a mapping between static or dynamic addresses and any DNS name label (if you defined one), a dynamic IP address can change when the virtual machine is started after being in the stopped (deallocated) state. 若要防止位址變更,請指派靜態 IP 位址。To prevent the address from changing, assign a static IP address.

命令Commands

ToolTool 命令Command
CLICLI az network public-ip list 可列出公用 IP 位址、az network public-ip show 可顯示設定;az network public-ip update 可進行更新;az network public-ip delete 可進行刪除az network public-ip list to list public IP addresses, az network public-ip show to show settings; az network public-ip update to update; az network public-ip delete to delete
PowerShellPowerShell Get-azpublicipaddress以取出公用 IP 位址物件, 並查看其設定, get-azpublicipaddress以更新設定;移除-get-azpublicipaddress以刪除Get-AzPublicIpAddress to retrieve a public IP address object and view its settings, Set-AzPublicIpAddress to update settings; Remove-AzPublicIpAddress to delete

指派公用 IP 位址Assign a public IP address

了解如何將公用 IP 位址指派給下列資源:Learn how to assign a public IP address to the following resources:

PermissionsPermissions

若要針對公用 IP 位址執行工作,您的帳戶必須指派為網路參與者角色,或為已指派下表所列適當動作的自訂角色:To perform tasks on public IP addresses, your account must be assigned to the network contributor role or to a custom role that is assigned the appropriate actions listed in the following table:

ActionAction 名稱Name
Microsoft.Network/publicIPAddresses/readMicrosoft.Network/publicIPAddresses/read 讀取公用 IP 位址Read a public IP address
Microsoft.Network/publicIPAddresses/writeMicrosoft.Network/publicIPAddresses/write 建立或更新公用 IP 位址Create or update a public IP address
Microsoft.Network/publicIPAddresses/deleteMicrosoft.Network/publicIPAddresses/delete 刪除公用 IP 位址Delete a public IP address
Microsoft.Network/publicIPAddresses/join/actionMicrosoft.Network/publicIPAddresses/join/action 將公用 IP 位址與資源建立關聯Associate a public IP address to a resource

後續步驟Next steps