網路功能Networking

適用於:Windows Server (半年通道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

提示

尋找舊版 Windows Server 的相關資訊嗎?Looking for information about older versions of Windows Server? 請查看我們其他位於 docs.microsoft.com 的 Windows Server 文件庫。您也可以搜尋這個網站以取得特定資訊。Check out our other Windows Server libraries on docs.microsoft.com. You can also search this site for specific information.

Icon depicting two networked computers 網路功能是軟體定義資料中心 (SDDC) 平台的一個基本組件,而 Windows Server 2016 提供新的和改進的軟體定義網路 (SDN) 技術,可協助您針對整個組織移至可完全實現的 SDDC 解決方案。Networking is a foundational part of the Software Defined Datacenter (SDDC) platform, and Windows Server 2016 provides new and improved Software Defined Networking (SDN) technologies to help you move to a fully realized SDDC solution for your organization.

當您將網路當成軟體定義的資源來管理時,您可以說明應用程式的基礎結構需求一次,然後選擇應用程式執行的位置 (內部部署或在雲端中)。When you manage networks as a software defined resource, you can describe an application’s infrastructure requirements one time, and then choose where the application runs - on premises or in the cloud.

這種一致性表示您的應用程式現在能夠輕易地進行擴充,而您可以隨時隨地順暢地執行應用程式,並在安全性、效能、服務品質及可用性方面具有同等的信心。This consistency means that your applications are now easier to scale, and you can seamlessly run applications - anywhere - with equal confidence about security, performance, quality of service, and availability.

注意

若要下載 Windows Server,請參閱 Windows Server 評估版To download Windows Server, see Windows Server Evaluations.

Windows Server 2016 新增了下列新的網路技術:Windows Server 2016 adds the following new networking technologies:

  • 軟體定義網路:網路控制站提供集中式、可程式化的自動化點,可以管理、設定、監視和疑難排解資料中心內的虛擬和實體網路基礎結構。Software Defined Networking: Network Controller provides a centralized, programmable point of automation to manage, configure, monitor, and troubleshoot virtual and physical network infrastructure in your datacenter. 網路控制站讓您能夠使用網路功能虛擬化,輕鬆地部署虛擬機器 (VM) 來取得軟體負載平衡 (SLB),以針對您的租用戶來將網路流量負載最佳化,以及使用 RAS 閘道,為租用戶在網際網路、內部及雲端資源之間提供他們所需的連線選項。Network Controller allows you to use Network Function Virtualization to easily deploy virtual machines (VMs) for Software Load Balancing (SLB) to optimize network traffic loads for your tenants, and RAS Gateways to provide tenants with the connectivity options they need between Internet, on-prem, and cloud resources. 您也可以使用網路控制站,來管理 VM 和 Hyper-V 主機上的資料中心防火牆。You can also use Network Controller to manage Datacenter Firewall on VMs and Hyper-V hosts.

  • 網路平台︰使用現有網路平台技術的新功能,您可以使用 DNS 原則來自訂 DNS 伺服器對於查詢的回應、使用交集的 NIC 來處理合併的遠端直接記憶體存取 (RDMA) 和乙太網路流量、使用交換器內嵌小組 (SET) 來建立連線到 RDMA NIC 的 Hyper-V 虛擬交換器,以及使用 IP 位址管理 (IPAM) 來管理 DNS 區域和伺服器及 DHCP 和 IP 位址。Network Platform: Using new features for existing Network Platform technologies, you can use DNS Policy to customize your DNS server responses to queries, use a converged NIC that handles combined Remote Direct Memory Access (RDMA) and Ethernet traffic, use Switch Embedded Teaming (SET) to create Hyper-V Virtual Switches connected to RDMA NICs, and use IP Address Management (IPAM) to manage DNS zones and servers as well as DHCP and IP addresses.

如需詳細資訊,請參閱 Windows Server 支援的網路功能案例For more information, see Windows Server Supported Networking Scenarios.

下列章節提供 SDN 技術和網路平台技術的相關資訊。The following sections provide information about SDN technologies and Network Platform technologies.

軟體定義網路技術Software Defined Networking technologies

軟體定義網路 (SDN)Software Defined Networking (SDN)

您可以使用本主題來了解 Windows Server、System Center 和 Microsoft Azure 中提供的 SDN 技術。You can use this topic to learn about the SDN technologies that are provided in Windows Server, System Center, and Microsoft Azure.

注意

對於執行 SDN 基礎結構伺服器的 Hyper-V 主機和虛擬機器 (VM),例如網路控制卡和軟體負載平衡節點,您必須安裝 Windows Server 2016 Datacenter Edition。For Hyper-V hosts and virtual machines (VMs) that run SDN infrastructure servers, such as Network Controller and Software Load Balancing nodes, you must install Windows Server 2016 Datacenter edition. 對於只包含連線到 SDN\ 控制網路之租用戶工作負載 VM 的 Hyper-V 主機,您可以執行 Windows Server 2016 Standard Edition。For Hyper-V hosts that contain only tenant workload VMs that are connected to SDN-controlled networks, you can run Windows Server 2016 Standard edition.

使用指令碼部署軟體定義網路的基礎結構Deploy a Software Defined Network infrastructure using scripts

本指南提供如何在測試實驗室環境中,使用虛擬網路和閘道來部署網路控制站的相關指示。This guide provides instructions on how to deploy Network Controller with virtual networks and gateways in a test lab environment.

網路控制站Network Controller

網路控制站提供集中式、可程式化的自動化點,可以管理、設定、監視和疑難排解資料中心內的虛擬和實體網路基礎結構。Network Controller provides a centralized, programmable point of automation to manage, configure, monitor, and troubleshoot virtual and physical network infrastructure in your datacenter.

SDN 的軟體負載平衡 (SLB)Software Load Balancing (SLB) for SDN

要在 Windows Server 2016 中部署軟體定義網路 (SDN) 的雲端服務提供者 (CSP) 和企業,可以使用軟體負載平衡 (SLB),將租用戶和租用戶客戶網路流量平均地分散到虛擬網路資源。Cloud Service Providers (CSPs) and Enterprises that are deploying Software Defined Networking (SDN) in Windows Server 2016 can use Software Load Balancing (SLB) to evenly distribute tenant and tenant customer network traffic among virtual network resources. Windows Server SLB 讓多部伺服器能夠裝載相同的工作負載,並提供高度可用性和延展性。The Windows Server SLB enables multiple servers to host the same workload, providing high availability and scalability.

適用於 SDN 的 RAS 閘道RAS Gateway for SDN

RAS 閘道是 Windows Server 2016 中以軟體為基礎、多租用戶、具備邊界閘道通訊協定 (BGP) 功能的路由器,專為使用 Hyper-V 網路虛擬化裝載多個租用戶虛擬網路的雲端服務提供者 (CSP) 和企業而設計。RAS Gateway, which is a software-based, multitenant, Border Gateway Protocol (BGP) capable router in Windows Server 2016, is designed for Cloud Service Providers (CSPs) and Enterprises that host multiple tenant virtual networks using Hyper-V Network Virtualization.

網路函式虛擬化Network Function Virtualization

在軟體定義的資料中心,已將越來越多由硬體設備 (例如負載平衡器、防火牆、路由器、交換器等) 所執行的網路功能虛擬化為虛擬設備。In software defined datacenters, network functions that are being performed by hardware appliances (such as load balancers, firewalls, routers, switches, and so on) are increasingly being virtualized as virtual appliances. 這個「網路功能虛擬化」是伺服器虛擬化和網路虛擬化的自然進展。This "network function virtualization" is a natural progression of server virtualization and network virtualization.

資料中心防火牆概觀Datacenter Firewall Overview

資料中心防火牆是一個網路層、5-Tuple (通訊協定、來源和目的地連接埠號碼,以及來源和目的地 IP 位址)、可設定狀態、多租用戶的防火牆。Datacenter Firewall is a network layer, 5-tuple (protocol, source and destination port numbers, source and destination IP addresses), stateful, multitenant firewall.

網路技術Networking Technologies

下表提供 Windows Server 2016 中一些網路技術的連結。The following table provides links to some of the networking technologies in Windows Server 2016.

網路的新功能What's New in Networking

您可以運用下列章節來探索 Windows Server 2016 中的新網路技術,以及現有技術的新功能。You can use the following sections to discover new networking technologies and new features for existing technologies in Windows Server 2016.

BranchCacheBranchCache

BranchCache 是廣域網路 (WAN) 頻寬最佳化技術。BranchCache is a wide area network (WAN) bandwidth optimization technology. 為了在使用者存取遠端伺服器的內容時將 WAN 頻寬最佳化,BranchCache 會從總公司或託管的雲端內容伺服器擷取內容,並在分公司快取內容,讓分公司的用戶端電腦可從本機存取內容而非透過 WAN。To optimize WAN bandwidth when users access content on remote servers, BranchCache fetches content from your main office or hosted cloud content servers and caches the content at branch office locations, allowing client computers at branch offices to access the content locally rather than over the WAN.

WindowsServer 2016 核心網路指南Core Network Guide for Windows Server 2016

了解如何利用「核心網路指南」部署 Windows Server 網路,以及利用「核心網路附屬指南」將功能新增至您的網路部署。Learn how to deploy a Windows Server network with the Core Network Guide, as well as add features to your network deployment with Core Network Companion Guides.

DirectAccessDirectAccess

DirectAccess 可允許遠端使用者連線至組織網路資源。DirectAccess allows connectivity for remote users to organization network resources.

DirectAccess 文件現在位於 Windows Server 2016 目錄的遠端存取和伺服器管理區段中,遠端存取下方。DirectAccess documentation is now located in the Remote access and server management section of the Windows Server 2016 table of contents, under Remote Access. 如需詳細資訊,請參閱 DirectAccessFor more information, see DirectAccess.

網域名稱系統 (DNS)Domain Name System (DNS)

網域名稱系統 (DNS) 是其中一個構成 TCP/IP 通訊協定的業界標準套件,而且 DNS 用戶端和 DNS 伺服器可以一起為電腦和使用者提供電腦名稱到 IP 位址對應名稱解析服務。Domain Name System (DNS) is one of the industry-standard suite of protocols that comprise TCP/IP, and together the DNS Client and DNS Server provide computer name-to-IP address mapping name resolution services to computers and users.

動態主機設定通訊協定 (DHCP)Dynamic Host Configuration Protocol (DHCP)

動態主機設定通訊協定 (DHCP) 是會自動提供網際網路通訊協定 (IP) 主機及其 IP 位址和其他相關設定資訊 (例如子網路遮罩與預設閘道) 的用戶端/伺服器通訊協定。Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information, such as the subnet mask and default gateway.

Hyper-V 網路虛擬化Hyper-V Network Virtualization

Hyper-V 網路虛擬化 (HNV) 可以在共用的實體網路基礎結構之上將客戶網路虛擬化。Hyper-V Network Virtualization (HNV) enables virtualization of customer networks on top of a shared physical network infrastructure.

Hyper-V 虛擬交換器Hyper-V Virtual Switch

Hyper-V 虛擬交換器是一種軟體式 Layer-2 乙太網路交換器,安裝 Hyper-V 伺服器角色時會隨附在 Hyper-V 管理員中。The Hyper-V Virtual Switch is a software-based layer-2 Ethernet network switch that is available in Hyper-V Manager when you install the Hyper-V server role. 交換器包含以程式設計方式管理和可擴充的功能,將虛擬機器連線到虛擬網路和實體網路。The switch includes programmatically managed and extensible capabilities to connect virtual machines to both virtual networks and the physical network. 此外,Hyper-V 虛擬交換器提供安全性、隔離以及服務層級的原則強化。In addition, Hyper-V Virtual Switch provides policy enforcement for security, isolation, and service levels.

Hyper-V 虛擬交換器文件現在位於 Windows Server 2016 目錄的「虛擬化」區段。Hyper-V Virtual Switch documentation is now located in the Virtualization section of the Windows Server 2016 table of contents. 如需詳細資訊,請參閱 Hyper-V 虛擬交換器For more information, see Hyper-V Virtual Switch.

IP 位址管理 (IPAM)IP Address Management (IPAM)

IP 位址管理 (IPAM) 是一個整合的工具套件,能夠在您 IP 位址基礎結構的端對端規劃、部署、管理及監視上提供豐富的使用者體驗。IP Address Management (IPAM) is an integrated suite of tools to enable end-to-end planning, deploying, managing and monitoring of your IP address infrastructure, with a rich user experience. IPAM 會自動探索您網路上的 IP 位址基礎結構伺服器和網域名稱系統 (DNS) 伺服器,並可讓您從中央介面管理這些伺服器。IPAM automatically discovers IP address infrastructure servers and Domain Name System (DNS) servers on your network and enables you to manage them from a central interface.

網路負載平衡Network Load Balancing

網路負載平衡 (NLB) 會使用 TCP/IP 網路通訊協定,將流量分散到數台伺服器。Network Load Balancing (NLB) distributes traffic across several servers using the TCP/IP networking protocol. 針對非 SDN 的部署,NLB 可藉由在負載增加時新增額外的伺服器,來確保無狀態應用程式 (例如,執行 Internet Information Services (IIS) 的網頁伺服器) 是可擴充的。For non-SDN deployments, NLB ensures that stateless applications, such as Web servers running Internet Information Services (IIS), are scalable by adding more servers as the load increases.

高效能網路功能High-Performance Networking

Windows Server 2016 中的網路卸載和最佳化技術包含「僅限軟體」(SO) 功能和技術、「硬體和軟體」(SH) 整合功能和技術,以及「僅限硬體」(HO) 功能和技術。Network offload and optimization technologies in Windows Server 2016 include Software Only (SO) features and technologies, Software and Hardware (SH) integrated features and technologies, and Hardware Only (HO) features and technologies.

此外也提供下列卸載和最佳化技術文件。The following offload and optimization technology documentation is also available.

網路原則伺服器Network Policy Server

網路原則伺服器 (NPS) 可讓您建立並執行全組織網路存取原則,以用於連線要求驗證與授權。Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for connection request authentication and authorization.

網路殼層 (Netsh)Network Shell (Netsh)

您可以使用網路殼層 (netsh) 網路公用程式來管理 Windows Server 2016 和 Windows 10 中的網路技術。You can use the Network Shell (netsh) networking utility to manage networking technologies in Windows Server 2016 and Windows 10.

網路子系統效能調整Network Subsystem Performance Tuning

本主題提供如何為您的伺服器工作負載選擇正確的網路介面卡、訂購網路介面卡、網路相關效能計數器、效能調整網路介面卡以及相關網路技術 (例如,接收端調整 (RSS)、接收端聯合 (RSC) 及其他項目) 的相關資訊。This topic provides information about choosing the right network adapter for your server workload, ordering network interfaces, network related performance counters, and performance tuning network adapters and related networking technologies, such as Receive Side Scaling (RSS), Receive Side Coalescing (RSC), and others.

NIC 小組NIC Teaming

NIC 小組可讓您將實體的乙太網路介面卡群組為一或多個以軟體為基礎的虛擬網路介面卡。NIC Teaming allows you to group physical Ethernet network adapters into one or more software-based virtual network adapters. 這些虛擬網路介面卡可在網路介面卡故障時,提供快速的效能與容錯。These virtual network adapters provide fast performance and fault tolerance in the event of a network adapter failure.

服務品質 (QoS) 原則Quality of Service (QoS) Policy

您可以透過建立 QoS 設定檔並使用群組原則發佈其設定,來使用 QoS 原則做為整體 Active Directory 基礎結構的網路頻寬管理中心點。You can use QoS Policy as a central point of network bandwidth management across your entire Active Directory infrastructure by creating QoS profiles, whose settings are distributed with Group Policy.

遠端存取Remote Access

您可以使用遠端存取技術,例如 DirectAccess 和虛擬私人網路 (VPN) 來提供遠端網路使用者連線至內部網路資源。You can use Remote Access technologies, such as DirectAccess and Virtual Private Networking (VPN) to provide remote workers with connectivity to internal network resources. 此外,您還可以使用遠端存取做為區域網路 (LAN) 路由以及用於 Web 應用程式 Proxy。In addition, you can use Remote Access for local area network (LAN) routing, and for Web Application Proxy. 這可為您公司網路內部的 Web 應用程式提供反向 Proxy 功能,以允許任何裝置上的使用者從公司網路外部存取這些應用程式。which provides reverse proxy functionality for web applications inside your corporate network to allow users on any device to access them from outside the corporate network.

「遠端存取」文件現在位於 Windows Server 2016 目錄的遠端存取和伺服器管理區段中。Remote Access documentation is now located in the Remote access and server management section of the Windows Server 2016 table of contents. 如需詳細資訊,請參閱遠端存取For more information, see Remote Access.

如需 Web 應用程式 Proxy (這是遠端存取伺服器角色的角色服務) 的詳細資訊,請參閱 Windows Server 2016 中的 Web 應用程式 ProxyFor more information about Web Application Proxy, which is a role service of the Remote Access server role, see Web Application Proxy in Windows Server 2016.

虛擬私人網路 (VPN)Virtual Private Networking (VPN)

在 Windows Server 2016 中,DirectAccess 和 VPN遠端存取伺服器角色的角色服務。In Windows Server 2016, DirectAccess and VPN is a role service of the Remote Access server role.

將遠端存取安裝為 VPN 伺服器時,您可以使用虛擬私人網路 (VPN) 讓遠端員工透過網際網路連線到您的組織網路,同時也能透過加密連線維護資訊隱私。When you install Remote Access as a VPN server, you can use Virtual Private Networking (VPN) to provide your remote employees with connections to your organization network across the Internet - while also maintaining information privacy with encrypted connections.

運用 Windows Server 2016 遠端存取 VPN (以及 Windows 10 用戶端電腦),您現在可以部署 Always On VPN。With Windows Server 2016 Remote Access VPN - and Windows 10 client computers - you can now deploy Always On VPN. Always On VPN 能讓您管理永遠保持連線的遠端 VPN 用戶端,同時也方便遠端工作者,讓他們不再需要手動連線和中斷連線您組織網路的 VPN。Always On VPN gives you the ability to manage remote VPN clients that are always connected, while also providing convenience for remote workers, who no longer need to manually connect to and disconnect from VPN to your organization network.

如需詳細資訊,請參閱 Windows Server 2016 和 Windows 10 的遠端存取 Always On VPN 部署指南For more information, see Remote Access Always On VPN Deployment Guide for Windows Server 2016 and Windows 10.

注意

VPN 文件現在位於 Windows Server 2016 目錄的遠端存取和伺服器管理區段中,遠端存取下方。VPN documentation is now located in the Remote access and server management section of the Windows Server 2016 table of contents, under Remote Access.

如需 VPN 的詳細資訊,請參閱虛擬私人網路 (VPN)For more information about VPN, see Virtual Private Networking (VPN).

Windows 容器的網路功能Windows Container Networking

Windows 容器網路功能可讓您使用業界標準工具和工作流程,來建立和管理用於連線 Windows 10 和 Windows Server 主機上容器端點的網路。Windows Container Networking allows you to create and manage networks for connecting container endpoints on both Windows 10 and Windows Server hosts by using standard industry tools and workflows. Windows 容器網路支援多拓撲,包括私人、flat-L2 和 routed-L3。Windows container networks support multiple topologies, including private, flat-L2, and routed-L3.

也支援覆疊 (您可以使用 Docker、Kubernetes 或 Windows PowerShell,透過與 Windows 主機網路服務 (HNS) 通訊的外掛程式在本機主機上建立)。Also supported are overlays that you can create locally on the host by using Docker, Kubernetes, or Windows PowerShell through plugins that communicate with the Windows Host Networking Service (HNS). 您可以透過較高層級的協調系統,透過每個節點的 HNS 本機代理程式通訊,來建立及管理多節點叢集網路。You can create and manage multi-node cluster networks through higher level orchestration systems by communicating through a local agent to each node’s HNS.

Windows 網際網路名稱服務 (WINS)Windows Internet Name Service (WINS)

Windows 網際網路名稱服務 (WINS) 是舊版電腦名稱登錄與解析服務,可將電腦 NetBIOS 名稱對應至 IP 位址。Windows Internet Name Service (WINS) is a legacy computer name registration and resolution service that maps computer NetBIOS names to IP addresses. 建議使用 DNS 而不要使用 WINS。Using DNS is recommended over using WINS.

其他資源Additional Resources

您可以在下列位置取得 Windows Server 2016 之前的作業系統網路資源。Networking resources for operating systems earlier than Windows Server 2016 are available at the following locations.