軟體定義的網路基礎結構計劃Plan a Software Defined Network Infrastructure

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

檢視的下列資訊,以協助計劃軟體定義網路 (SDN) 基礎結構部署。Review the following information to help plan your Software Defined Network (SDN) infrastructure deployment. 您檢視這項資訊之後,請查看部署軟體定義網路基礎結構,如部署的資訊。After you review this information, see Deploy a Software Defined Network infrastructure for deployment information.

注意

本主題中,除了下列 SDN 計劃 content 使用。In addition to this topic, the following SDN planning content is available.

資訊有關 HYPER-V 網路模擬 (HNV),您可以用來虛擬化 Microsoft SDN 部署網路,請查看HYPER-V 網路模擬For information about Hyper-V Network Virtualization (HNV), which you can use to virtualize networks in a Microsoft SDN deployment, see Hyper-V Network Virtualization.

必要條件Prerequisites

本主題描述一些硬體和軟體的必要條件,包括:This topic describes a number of hardware and software prerequisites, including:

  • 實體網路Physical network
    您需要存取實體網路裝置設定 Vlan、路由、BGP 資料中心橋接 (ETS) 使用 RDMA 技術,如果和資料中心橋接 (PFC) 使用 RoCE 如果為 RDMA 技術。You need access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology. 本主題層級 3 參數上顯示手動切換設定,以及對等 BGP 日路由器或路由並遠端存取伺服器 (RRAS) 一樣。This topic shows manual switch configuration as well as BGP Peering on Layer-3 switches / routers or a Routing and Remote Access Server (RRAS) virtual machine.

  • 實體運算主機Physical compute hosts
    這些主機執行 HYPER-V,才能主機 SDN 基礎結構和承租人虛擬電腦。These hosts run Hyper-V and are required to host SDN infrastructure and tenant virtual machines. 為獲得最佳效能,稍後中所述的下列主機中需要特定網路硬體網路硬體一節。Specific network hardware is required in these hosts for best performance, which is described later in the Network hardware section.

實體網路設定Physical Network Configuration

每個實體運算主機需要網路連接到實體切換連接埠來連接一或多個網路介面卡。Each physical compute host requires network connectivity through one or more network adapters attached to a physical switch port(s). 網路可以選擇備份層級 2 多個網路邏輯區段分成VLANThe network is segregated into multiple logical network segments optionally backed by a Layer-2 VLAN. IP 子網路首碼和 VLAN Id 如下所示範例,而且必須自訂您的環境根據從您的網路系統管理員指導方針。The IP subnet prefixes and VLAN IDs shown below are examples and must be customized for your environment based on guidance from your network administrator. 如果有任何的邏輯網路標記或處於存取模式 VLAN ID 0 這些網路設定時,使用的邏輯子網路中 System Center 一樣 Manager 或 PowerShell 指令碼設定檔。If any of your logical networks are untagged or in access mode, use VLAN ID 0 for these networks when configuring the logical subnets in either System Center Virtual Machine Manager or PowerShell script configuration files.

重要

Windows Server 2016 軟體定義網路支援 IPv4 位址底圖和覆疊。Windows Server 2016 Software Defined Networking supports IPv4 addressing for the underlay and the overlay. 不支援 IPv6。IPv6 is not supported.

管理和 HNV 提供者邏輯網路Management and HNV Provider logical networks

所有實體都計算主機需要邏輯管理網路和 HNV 提供者邏輯網路的存取權。All physical compute hosts need to have access to the Management logical network and the HNV Provider logical network. 如果邏輯網路使用 Vlan,必須連接到 trunked 切換連接埠,這些 Vlan 存取實體運算主機。If the logical networks use VLANs, the physical compute hosts must to be connected to a trunked switch port which has access to these VLANs. 同樣地,運算主機上的實體網路介面卡不能啟動任何 VLAN 篩選。Similarly, the physical network adapters on the compute host must not have any VLAN filtering activated. 如果您正在使用 Switch-Embedded 小組(設定),並在您的主機運算有多個 NIC 小組成員(亦即網路介面卡),您必須連接所有 NIC 小組成員該特定主機相同層級 2 廣播網域。If you are using Switch-Embedded Teaming (SET) and have multiple NIC team members (i.e. network adapters) in your compute hosts, you must connect all of the NIC team members for that particular host to the same Layer-2 broadcast domain.

規劃用途的 IP 位址,每個實體運算主機必須管理邏輯網路從指定至少一個 IP 位址。For IP Address planning purposes, each physical compute host must have at least one IP address assigned from the Management logical network. 網路控制器會自動指派完全兩個 IP 位址,從 HNV 提供者邏輯網路。The network controller automatically assigns exactly two IP addresses from the HNV Provider logical network. 如果實體運算主機執行的其他基礎結構虛擬電腦(例如,Network Controller、SLB 日 MUX 或閘道)該主機必須為每個裝載的基礎結構虛擬電腦指派管理邏輯網路從其他 IP 位址。If the physical compute host is running additional infrastructure virtual machines (for example, Network Controller, SLB/MUX, or Gateway) that host must have an additional IP address assigned from the Management logical network for each of the infrastructure virtual machines hosted.

此外,每個 SLB 日 MUX 基礎結構一樣必須保留 HNV 提供者邏輯網路的 IP 位址。Additionally, each SLB/MUX infrastructure virtual machine must have an IP address reserved from the HNV Provider logical network.

重要

這些 SLB 日 MUX IP 位址必須從指定外 HNV 提供者邏輯網路設定的 IP 位址集區。These SLB/MUX IP addresses must be assigned from outside the IP address pool that is configured for the HNV Provider logical network. 若要這樣做可能會導致重複您網路上的 IP 位址。Failure to do this may result in duplicate IP addresses on your network.

Network Controller 需要從做為的其餘部分 IP 位址管理網路保留地址。The Network Controller requires a reserved address from the Management network to serve as the REST IP address. 您必須手動建立主機 A 記錄 DNS 中的其餘部分 IP 位址。You must manually create the HOST A record in DNS for the REST IP address.

DHCP 伺服器可以自動指派用於管理網路的 IP 位址,或是您以手動方式可以指定靜態 IP 位址。A DHCP server can automatically assign IP addresses for the Management network or you can manually assign static IP address. 會自動 SDN 堆疊會從指定透過,並由 Network Controller IP 集區的個人 HYPER-V 主機的指派 HNV 提供者網路的 IP 位址。The SDN stack automatically assigns IP addresses for the HNV provider network for the individual Hyper-V hosts from an IP Pool specified through and managed by the Network Controller.

Fabric 系統管理員靜態指派 SLB 日 MUX 透過 PowerShell 指令碼或 VMM 使用 HNV 提供者 IP 位址。The fabric administrator statically assigns the HNV Provider IP addresses used by the SLB/MUX via PowerShell scripts or VMM. Network Controller 實體運算主機指派 HNV 提供者 IP 位址只之後網路控制器主機代理程式接收網路原則的特定承租人一樣。The Network Controller assigns an HNV Provider IP address to a physical compute host only after the Network Controller Host Agent receives network policy for a specific tenant virtual machine.

範例網路拓撲Sample network topology

自訂子網路首碼、VLAN Id 和閘道 IP 位址,根據您的網路系統管理員指導方針。Customize the subnet prefixes, VLAN IDs, and gateway IP addresses based on your network administrator's guidance.

網路的名稱Network Name 子網路Subnet 面具Mask 在主幹 VLAN IDVLAN ID on trunk 閘道Gateway 保留Reservations
(範例)(examples)
管理Management 10.184.108.010.184.108.0 2424 77 10.184.108.110.184.108.1 10.184.108.1-路由器10.184.108.1 - Router

10.184.108.4-network Controller10.184.108.4 - Network Controller

10.184.108.10-運算主機 110.184.108.10 - Compute host 1

10.184.108.11-運算主機 210.184.108.11 - Compute host 2

10.184.108.X-運算主機 X10.184.108.X - Compute host X
HNV 提供者HNV Provider 10.10.56.010.10.56.0 2323 1111 10.10.56.110.10.56.1 10.10.56.1-路由器10.10.56.1 - Router

10.10.56.2-MUX1 SLB 日10.10.56.2 - SLB/MUX1

適用於閘道和軟體負載平衡器邏輯網路Logical Networks for Gateways and the Software Load Balancer

其他邏輯網路需要建立並提供閘道和 SLB 使用量。Additional logical networks need to be created and provisioned for gateway and SLB usage. 同樣地,您需要使用您的網路管理員以取得正確的 IP 首碼、VLAN Id 和閘道 IP 位址這些網路。Once again, you need to work with your network administrator to obtain the correct IP prefixes, VLAN IDs, and gateway IP addresses for these networks.

轉送邏輯網路Transit logical network

RAS 閘道和 SLB 日 MUX 使用轉送邏輯網路 BGP 等資訊和北日南(外部-內部)承租人流量換貨。The RAS Gateway and SLB/MUX use the Transit logical network to exchange BGP peering information and North/South (external-internal) tenant traffic. 子網路中的大小通常是小型比其他人。The size of this subnet will typically be smaller than the others. RAS 閘道或 SLB 日 MUX 虛擬電腦執行的實體運算主機需要有連接到使用這些 Vlan trunked 使用者且無障礙子網路上的計算主機的網路介面卡連接切換連接埠。Only physical compute hosts that run RAS Gateway or SLB/MUX virtual machines need to have connectivity to this subnet with these VLANs trunked and accessible on the switch ports to which the compute hosts' network adapters are connected. 每個 SLB 日 MUX 或 RAS 閘道一樣靜態指派一個 IP 位址的轉送邏輯網路。Each SLB/MUX or RAS Gateway virtual machine is statically assigned one IP address from the Transit logical network.

公開 VIP 邏輯網路Public VIP logical network

必須具有路由雲端環境(通常是網際網路路由)以外的 IP 子網路首碼公用 VIP 邏輯網路。The Public VIP logical network is required to have IP subnet prefixes that are routable outside of the cloud environment (typically Internet routable). 這會用外部用來存取包括前端 VIP 網站-閘道 virtual 網路中的資源前端 IP 位址。These will be the front-end IP addresses used by external clients to access resources in the virtual networks including the front end VIP for the Site-to-site gateway.

私人 VIP 邏輯網路Private VIP logical network

不需要為它用於 Vip 只從內部雲端,例如 SLB 管理程式或服務私人存取會路由以外雲端式邏輯 VIP 私人網路。The Private VIP logical network is not required to be routable outside of the cloud as it is used for VIPs that are only accessed from internal cloud clients, such as the SLB Mananger or private services.

GRE VIP 邏輯網路GRE VIP logical network

子網路在於僅供定義 Vip 指派給閘道虛擬電腦執行 S2S GRE 連接類型您 SDN fabric GRE VIP 網路。The GRE VIP network is a subnet that exists solely for defining VIPs that are assigned to gateway virtual machines running on your SDN fabric for a S2S GRE connection type. 不需要在您的路由器或實體參數預先設定並需要不需要指定 VLAN 此網路。This network does not need to be pre-configured in your physical switches or router and need not have a VLAN assigned.

範例網路拓撲Sample network topology

自訂子網路首碼、VLAN Id 和閘道 IP 位址,根據您的網路系統管理員指導方針。Customize the subnet prefixes, VLAN IDs, and gateway IP addresses based on your network administrator's guidance.

網路的名稱Network Name 子網路Subnet 面具Mask 在主幹 VLAN IDVLAN ID on trunk 閘道Gateway 保留Reservations
(範例)(examples)
移動Transit 10.10.10.010.10.10.0 2424 1010 10.10.10.110.10.10.1 10.10.10.1-路由器10.10.10.1 - router
公開 VIPPublic VIP 41.40.40.041.40.40.0 2727 NANA 41.40.40.141.40.40.1 41.40.40.1-路由器41.40.40.1 - router
41.40.40.2-SLB 日 MUX VIP41.40.40.2 - SLB/MUX VIP
41.40.40.3-IPSec S2S VPN VIP41.40.40.3 - IPSec S2S VPN VIP
私人 VIPPrivate VIP 20.20.20.020.20.20.0 2727 NANA 20.20.20.120.20.20.1 20.20.20.1-預設 GW(路由器)20.20.20.1 - default GW (router)
GRE VIPGRE VIP 31.30.30.031.30.30.0 2424 NANA 31.30.30.131.30.30.1 31.30.30.1-預設 GW31.30.30.1 - default GW

邏輯網路所需的 RDMA 為基礎的儲存空間Logical networks required for RDMA-based storage

如果您是使用 RDMA 根據儲存空間,然後您將需要在您運算與儲存空間的主機定義 VLAN 和子網路的每個實體的介面卡。If you are using RDMA based storage, then you will need to define a VLAN and subnet for each physical adapter in your compute and storage hosts. 通常您將有兩個實體的介面卡每個節點此組態。Typically you will have two physical adapters per node for this configuration.

重要

最實體參數需要 RDMA 標記以便品質服務設定正確套用 VLAN 上傳送的資料傳輸。Most physical switches require RDMA traffic to be sent on a tagged VLAN in order for quality of service settings to be applied correctly. 無法將 RDMA 資料傳輸到標記 VLAN 或實體存取模式連接埠。Do not place RDMA traffic onto an untagged VLAN or on a physical access-mode port.

網路的名稱Network Name 子網路Subnet 面具Mask 在主幹 VLAN IDVLAN ID on trunk 閘道Gateway 保留Reservations
(範例)(examples)
Storage1Storage1 10.60.36.010.60.36.0 2525 88 10.60.36.110.60.36.1 10.60.36.1-路由器10.60.36.1 - router
10.60.36.x-運算主機 x10.60.36.x - Compute host x
10.60.36.y-運算主機 y10.60.36.y - compute host y
10.60.36.v-運算叢集10.60.36.v - compute cluster
10.60.36.w-儲存叢集10.60.36.w - storage cluster
Storage2Storage2 10.60.36.12810.60.36.128 2525 99 10.60.36.12910.60.36.129 10.60.36.129-路由器10.60.36.129 - router
10.60.36.x-運算主機 x10.60.36.x - compute host x
10.60.36.y-運算主機 y10.60.36.y - compute host y
10.60.36.v-運算叢集10.60.36.v - compute cluster
10.60.36.w-儲存叢集10.60.36.w - storage cluster

適用於設定選項的相關詳細資訊,請查看設定範例一節。For more information about configuring switches, see the Configuration Examples section.

尚基礎結構Routing infrastructure

如果您要部署使用指令碼,管理 HNV 提供者、傳輸、SDN 基礎結構和 VIP 子網路,必須路由彼此實體網路上。If you are deploying your SDN infrastructure using scripts, the Management, HNV Provider, Transit, and VIP subnets must be routable to each other on the physical network.

路由資訊 \ (例如 hop\ 下一步) 的 VIP 子網路 SLB 日 MUX 和 RAS 閘道通知進入實體網路使用內部 BGP 對等。Routing information (e.g. next-hop) for the VIP subnets is advertised by the SLB/MUX and RAS Gateways into the physical network using internal BGP peering. VIP 邏輯網路不需要指定 VLAN,且不會預先設定的層級 2 切換(例如上架狀切換)。The VIP logical networks do not have a VLAN assigned and is not pre-configured in the Layer-2 switch (e.g. Top-of-Rack switch).

您需要使用 SDN 基礎結構收到通知 SLB 日 MUXes 和 RAS 閘道 VIP 邏輯網路路徑路由器上建立的 BGP 對等。You need to create a BGP peer on the router that is used by your SDN infrastructure to receive routes for the VIP logical networks advertised by the SLB/MUXes and RAS Gateways. BGP 外面只需要發生(從 SLB 日 MUX 或 RAS 閘道外部 BGP 等)的方式。BGP peering only needs to occur one way (from SLB/MUX or RAS Gateway to external BGP peer). 上方的第一個層路由,您可以使用靜態路徑或其他動態路由通訊協定 OSPF,例如不過,上文所述,VIP 邏輯網路的 IP 子網路首碼執行需要會路由傳送至外部 BGP 等實體網路的。Above the first layer of routing you can use static routes or another dynamic routing protocol such as OSPF, however, as previously stated, the IP subnet prefix for the VIP logical networks do need to be routable from the physical network to the external BGP peer.

BGP 外面通常會在受管理的切換或網路基礎結構的一部分路由器設定。BGP peering is typically configured in a managed switch or router as part of the network infrastructure. BGP 對等也可能會在 Windows Server 的遠端存取伺服器 (RAS) 角色路由僅模式安裝設定。The BGP peer could also be configured on a Windows Server with the Remote Access Server (RAS) role installed in a Routing Only mode. 必須設定網路基礎結構此 BGP 路由器等其 ASN 及允許從已指派給 SDN 元件 ASN 對等 \(SLB 日 MUX 和 RAS Gateways\)。This BGP router peer in the network infrastructure must be configured to have its own ASN and allow peering from an ASN that is assigned to the SDN components (SLB/MUX and RAS Gateways). 您必須從您的實體路由器,或該路由器控制網路系統管理員取得下列資訊:You must obtain the following information from your physical router, or from the network administrator in control of that router:

  • 路由器 ASNRouter ASN
  • 路由器 IP 位址Router IP address
  • ASN 使用 SDN 元件(可從 [私人 ASN 範圍任何為數字)ASN for use by SDN components (can be any AS number from the private ASN range)

注意

不支援四個位元組 ASNs SLB 日 MUX。Four byte ASNs are not supported by the SLB/MUX. 您必須將有兩個位元組 ASNs 配置 SLB 日 MUX 和路由器 wo 的連接。You must allocate two byte ASNs to the SLB/MUX and the router wo which it connects. 您可以針對您的環境中使用 4 位元組 ASNs。You can use 4 byte ASNs elsewhere in your environment.

您或您的網路系統管理員必須設定接受來自 ASN 及 IP 位址或使用您的 RAS 閘道和 SLB 日 MUXes 轉送邏輯網路子網路位址 BGP 路由器等。You or your network administrator must configure the BGP router peer to accept connections from the ASN and IP address or subnet address of the Transit logical network that your RAS gateway and SLB/MUXes are using.

如需詳細資訊,請查看邊境閘道通訊協定與 #40;BGP 和 #41;.For more information, see Border Gateway Protocol (BGP).

預設閘道Default gateways

設定為多個網路,例如實體主機閘道虛擬電腦連接的電腦必須只有一個預設閘道設定。Machines that are configured to connect to multiple networks, such as the physical hosts and gateway virtual machines must only have one default gateway configured. 預設閘道通常會在連接到網際網路時所使用的介面卡設定。The default gateway will typically be configured on the adapter used to reach all the way to the Internet.

虛擬的電腦,來選擇要使用做為預設閘道網路使用下列的規則:For virtual machines, use the following rules to decide which network to use as the default gateway:

  1. 如果一樣已連接到轉送網路,或是否多重傳輸及任何其他網路做預設閘道轉送網路。Use the Transit network as the default gateway if a virtual machine is connected to the Transit network, or if it is multi-homed to the Transit and any other network.
  2. 如果一樣只連接到管理網路,做預設閘道管理網路。Use the Management network as the default gateway if a virtual machine is only connected to the Management network.
  3. 不得預設閘道用於 HNV 提供者網路。The HNV Provider network must never be used as a default gateway. 僅限虛擬電腦已連接此網路將 SLB 日 MUXes 和 RAS 閘道。The only virtual machines connected to this network will be the SLB/MUXes and RAS Gateways.
  4. 虛擬電腦將不會直接連接到 Storage1、Storage2、公用 VIP 或 VIP 私人網路。Virtual Machines will never be connected directly to the Storage1, Storage2, Public VIP or Private VIP networks.

HYPER-V 主機和儲存節點,做為預設閘道使用管理網路。For Hyper-V hosts and storage nodes, use the Management network as the default gateway. 儲存空間的網路不會必須預設閘道指派。The storage networks must never have a default gateway assigned.

網路上的硬體Network hardware

規劃網路硬體部署,您可以使用下列的各節。You can use the following sections to plan network hardware deployment.

網路介面卡 (Nic)Network Interface Cards (NICs)

若要達到最佳效能,在您使用您的 HYPER-V 主機與儲存空間主機網路介面卡需要特定功能。To achieve best performance, specific capabilities are required in the network interface cards you use in your Hyper-V hosts and storage hosts.

遠端直接記憶體存取 (RDMA) 是核心略過技巧,可讓大量的資料傳輸不需要 CPU 主機。Remote Direct Memory Access (RDMA) is a kernel bypass technique that makes it possible to transfer large amounts of data without involving the host CPU. DMA 引擎網路介面卡上的執行傳輸,因為 CPU 不會被用於記憶體移動的區域。Because the DMA engine on the network adapter performs the transfer, the CPU is not used for the memory movement. 這樣會釋放 CPU 執行其他工作。This frees the CPU to perform other work.

切換 Embedded 小組(設定)是另一個方法 NIC 小組方案,您可以在 Windows Server 2016 中包含 HYPER-V 和軟體所定義網路 (SDN) 堆疊的環境中使用。Switch Embedded Teaming (SET) is an alternative NIC Teaming solution that you can use in environments that include Hyper-V and the Software Defined Networking (SDN) stack in Windows Server 2016. 設定 HYPER-V Virtual 開關切換至整合 NIC 小組的某些功能。SET integrates some NIC Teaming functionality into the Hyper-V Virtual Switch.

如需詳細資訊,請查看遠端直接記憶體存取和 #40;RDMA 與 #41;切換 Embedded 小組與 #40; 以及設定與 #41;.For more information, see Remote Direct Memory Access (RDMA) and Switch Embedded Teaming (SET).

若要進行了造成 VXLAN 或 NVGRE 封裝標頭承租人 virtual 網路流量的負荷,MTU 的層級 2 fabric 網路(參數和主機)必須設為大於或等於 1674 位元組 \(包括層級 2 乙太網路 headers\)。To account for the overhead in tenant virtual network traffic caused by VXLAN or NVGRE encapsulation headers, the MTU of the Layer-2 fabric network (switches and hosts) must be set to greater than or equal to 1674 Bytes (including Layer-2 Ethernet headers). Nic 支援新的EncapOverhead關鍵字進階介面卡將會自動透過網路控制器主機代理程式 MTU。NICs that support the new EncapOverhead advanced adapter keyword will set the MTU automatically through the network controller Host Agent. Nic 並支援新的EncapOverhead需要在使用每個實體主機上手動設定 MTU 大小關鍵字JumboPacket (or equivalent) 關鍵字。NICs that do not support the new EncapOverhead keyword need to set the MTU size manually on each physical host using the JumboPacket (or equivalent) keyword.

切換Switches

選取實體切換和路由器,您的環境,請確定它支援下列設定的功能。When selecting a physical switch and router for your environment make sure it supports the following set of capabilities.

  • Switchport MTU 設定 (required)Switchport MTU settings (required)
  • 設定 MTU > = 1674 位元組 \(包括 L2-乙太網路 Header\)MTU set to >= 1674 Bytes (including L2-Ethernet Header)
  • L3 通訊協定 (required)L3 protocols (required)
  • ECMPECMP
  • BGP (IETF RFC 4271)-based ECMPBGP (IETF RFC 4271)-based ECMP

實作應該支援下列 IETF 標準必須聲明。Implementations should support the MUST statements in the following IETF standards.

  • RFC 2545:「BGP-4 多重通訊協定擴充功能 IPv6 間網域路由」RFC 2545: "BGP-4 Multiprotocol extensions for IPv6 Inter-Domain Routing"
  • RFC 4760:「多重通訊協定擴充功能 BGP-4]RFC 4760: "Multiprotocol Extensions for BGP-4"
  • RFC 4893:」為八四 BGP 支援號碼的空間]RFC 4893: "BGP Support for Four-octet AS Number Space"
  • RFC 4456:「BGP 路由反映:完整的替代方案 Mesh 內部 BGP (IBGP)」RFC 4456: "BGP Route Reflection: An Alternative to Full Mesh Internal BGP (IBGP)"
  • RFC 4724:「優雅重新開機機制 BGP」RFC 4724: "Graceful Restart Mechanism for BGP"

下列標記通訊協定所需項目。The following tagging protocols are required.

  • VLAN-隔離各種不同類型的資料傳輸VLAN - Isolation of various types of traffic
  • 802.1q 主幹802.1q trunk

下列項目提供連結控制。The following items provide Link control.

  • 服務品質 \ (如果您使用 RoCE\,只需 PFC)Quality of service (PFC only required if using RoCE)
  • 增強流量 (802.1Qaz) 選取項目Enhanced Traffic Selection (802.1Qaz)
  • 優先順序根據流量控制 \(802.1 p 日 Q 和 802.1Qbb\)Priority Based Flow Control (802.1p/Q and 802.1Qbb)

下列項目提供可用性和冗餘。The following items provide availability and redundancy.

  • 切換可用性(必要)Switch availability (required)
  • 可用性路由器,才能執行閘道功能。A highly available router is required to perform gateway functions. 您可以使用多底座 switch\ 路由器或 VRRP 類似技術。You can do this by using a multi-chassis switch\ router or technologies like VRRP.

下列項目提供管理功能。The following items provide management capabilities.

監視Monitoring

  • SNMP v1 或 SNMP v2(如果實體切換監視使用 Network Controller 必要)SNMP v1 or SNMP v2 (required if using Network Controller for physical switch monitoring)
  • SNMP Mib \(如果您使用 Network Controller 的實體切換 monitoring\ 必填)SNMP MIBs (required if you are using Network Controller for physical switch monitoring)
  • MIB-II (RFC 1213)、LLDP,介面 MIB (RFC 2863),如果-MIB,IP MIB、IP-轉寄-MIB、Q-橋接器-MIB、橋接器-MIB、LLDB-MIB、實體-MIB、IEEE8023-延遲-MIBMIB-II (RFC 1213), LLDP, Interface MIB (RFC 2863), IF-MIB, IP-MIB, IP-FORWARD-MIB, Q-BRIDGE-MIB, BRIDGE-MIB, LLDB-MIB, Entity-MIB, IEEE8023-LAG-MIB

下圖顯示範例四個節點設定。The following diagrams show a sample four node setup. 目的清晰度、的第一個圖表顯示網路控制器、第二個會顯示加網路控制器上的軟體負載平衡器和第三個圖表顯示網路控制器、軟體負載平衡器,以及閘道。For clarity purposes, the first diagram shows just the network controller, the second shows the network controller plus the software load balancer, and the third diagram shows the network controller, software load balancer, and the gateway.

儲存空間網路和 vNICs 並不在這些圖表 shonwn。Storage networks and vNICs are not shonwn in these diagrams. 如果您打算使用 smb 存放裝置,這些都是需要。If you plan to use SMB-based storage, these are required.

(假設正確的網路連接存在正確邏輯網路)任何實體運算主機上進行轉散發基礎結構和承租人虛擬電腦。Both the infrastructure and tenant virtual machines can be redistributed across any physical compute host (assuming the correct network connectivity exists for the correct logical networks).

網路控制器部署Network Controller deployment

部署 Network Controller 之前,您必須檢視安裝與軟體需求,以及設定安全性群組和動態 DNS 登記。Before you deploy Network Controller, you must review installation and software requirements, as well as configuring security groups and dynamic DNS registration. 如需詳細資訊,請查看安裝和準備需求部署 Network Controller 的For more information, see Installation and Preparation Requirements for Deploying Network Controller.

設定是高度提供三個 Network Controller 節點虛擬電腦上設定。The setup is highly available with three Network Controller nodes configured on virtual machines. 也會顯示為兩個 tenants 承租人 2 virtual 網路分為兩個 virtual 子網路模擬 web 層和資料庫層。Also shown is two tenants with Tenant 2's virtual network broken into two virtual subnets to simulate a web tier and a database tier.

SDN NC 計劃

網路控制器和軟體負載平衡器部署Network controller and software load balancer deployment

可用性,有兩個或更多 SLB 日 MUX 節點。For high availablity, there are two or more SLB/MUX nodes.

SDN NC 計劃

Network Controller、軟體負載平衡器,以及 RAS 閘道部署Network Controller, Software Load Balancer, and RAS Gateway deployment

有三種閘道虛擬電腦。有兩種是使用中狀態,並有重複。There are three gateway virtual machines; two are active, and one is redundant.

SDN NC 計劃

TP5 為基礎的部署自動化、Active Directory 必須中提供,且可以從這些子網路。For TP5-based deployment automation, Active Directory must be available and reachable from these subnets. 如需有關 Active Directory 的詳細資訊,請查看Active Directory Domain Services 概觀For more information about Active Directory, see Active Directory Domain Services Overview.

重要

如果您使用 VMM 部署,確保您的基礎結構虛擬電腦 (VMM Server 廣告日 DNS,SQL Server 等) 無法裝載任何圖表中顯示的四個主機上。If you deploy using VMM, ensure your infrastructure virtual machines (VMM Server, AD/DNS, SQL Server, etc.) are not hosted on any of the four hosts shown in the diagrams.

切換設定範例Switch configuration examples

若要設定您的路由器或實體切換,會有各種不同的模式開關切換至和廠商範例設定檔的一組Microsoft SDN Github 存放庫To help configure your physical switch or router, a set of sample configuration files for a variety of switch models and vendors are available at the Microsoft SDN Github repository. 提供詳細讀我及測試的命令列介面 (CLI) 參數特定的命令。A detailed readme and tested command line interface (CLI) commands for specific switches are provided.

計算Compute

所有 HYPER-V 主機必須都已安裝 Windows Server 2016、HYPER-V 功能,並建立一個以上的實體介面卡的外部 HYPER-V virtual 切換連接管理邏輯網路。All Hyper-V hosts must have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network. 主機必須可透過指派給管理主機但 vNIC 管理 IP 位址。The host must be reachable via a Management IP address assigned to the Management Host vNIC.

可使用任何相容於 HYPER-V,共用或本機存放裝置類型。Any storage type that is compatible with Hyper-V, shared or local may be used.

提示

如果您使用的相同名稱的所有 virtual 參數,但是並不一定,是便利。It is convenient if you use the same name for all your virtual switches, but it is not mandatory. 如果您要部署的指令碼,查看意見相關的vSwitchName變數 config.psd1 檔案中。If you plan to deploy with scripts, see the comment associated with the vSwitchName variable in the config.psd1 file.

主機運算需求Host compute requirements
如下表範例部署中使用的四個實體主機上的硬體和軟體的最低需求。The following table shows the minimum hardware and software requirements for the four physical hosts used in the example deployment.

主機Host 硬體需求Hardware Requirements 軟體需求Software Requirements
實體 hyper-v 主機Physical Hyper-v host 4 核心 2.66 GHz CPU4-Core 2.66 GHz CPU

32 GB 的 RAM32 GB of RAM

300 GB 磁碟空間300 GB Disk Space

1 Gb/秒(或更快)實體網路介面卡1 Gb/s (or faster) physical network adapter
作業系統:Windows Server 2016OS: Windows Server 2016

安裝 HYPER-V 角色Hyper-V Role installed

SDN 基礎結構一樣角色需求SDN infrastructure virtual machine role requirements

角色Role vCPU 需求vCPU requirements 記憶體需求Memory requirements 磁碟需求Disk requirements
網路控制器(三個節點)Network controller (three node) 4 vCPUs4 vCPUs 4 GB 分鐘 (建議 8 GB)4 GB min (8 GB recommended) 作業系統的磁碟機 75 GB75 GB for the OS drive
SLB MUX(三個節點)SLB/MUX (three node) 8 vCPUs8 vCPUs 建議 8 GB8 GB recommended 作業系統的磁碟機 75 GB75 GB for the OS drive
RAS 閘道RAS Gateway

(單一集區的三個節點閘道、兩個主動式一個被動式)(single pool of three node gateways, two active, one passive)
8 vCPUs8 vCPUs 建議 8 GB8 GB recommended 作業系統的磁碟機 75 GB75 GB for the OS drive
適用於對等 SLB 日 MUX RAS 閘道 BGP 路由器RAS Gateway BGP router for SLB/MUX peering

(或者使用 ToR 切換為 BGP 路由器)(alternatively use ToR switch as BGP Router)
2 vCPUs2 vCPUs 使用 2 GB2 GB 作業系統的磁碟機 75 GB75 GB for the OS drive

如果您使用 VMM 部署,其他的基礎結構一樣的資源將會需要 VMM 和其他非 SDN 基礎結構。If you use VMM for deployment, additional infrastructure virtual machine resources are required for VMM and other non-SDN infrastructure. 如需詳細資訊,請查看適用於系統中心 Technical Preview 最小值硬體建議。For additional information, see Minimum Hardware Recommendations for System Center Technical Preview.

延伸您的基礎結構Extending your infrastructure

您的基礎結構的大小和資源需求的相關承租人工作負載虛擬機器想要主機上。The sizing and resource requirements for your infrastructure are dependent on the tenant workload virtual machines that you plan to host. CPU、記憶體及需求磁碟的基礎結構虛擬電腦 (例如:網路控制器,請 SLB,閘道等) 上一個表格中所列。The CPU, memory, and disk requirements for the infrastructure virtual machines (for example: network controller, SLB, gateway, etc.) are listed in the previous table. 您可以新增多個這些分攤為所需的基礎結構虛擬電腦。You can add more of these infrastructure virtual machines to scale out as needed. 不過,HYPER-V 主機上執行的任何承租人虛擬電腦都有自己的 CPU、記憶體及,您必須考慮磁碟需求。However, any tenant virtual machines running on the Hyper-V hosts have their own CPU, memory, and disk requirements that you must consider.

當承租人工作負載虛擬機器開始使用太多資源實體 HYPER-V 主機時,您可以透過新增額外的實體主機延伸您的基礎結構。When the tenant workload virtual machines begin to consume too many resources on the physical Hyper-V hosts, you can extend your infrastructure by adding additional physical hosts. 這可以使用一樣管理員或使用 PowerShell 指令碼(根據您一開始部署方式基礎結構)來建立新的伺服器資源透過網路控制器。This can be done with Virtual Machine Manager or by using PowerShell scripts (depending on how you initially deployed the infrastructure) to create new server resources through the network controller. 如果您需要新增額外的 HNV 提供者網路的 IP 位址,您可以建立新邏輯子網路(以對應 IP 集區中),可以使用主機。If you need to add additional IP addresses for the HNV Provider network, you can create new logical subnets (with corresponding IP Pools) that the hosts can use.

也了See Also

安裝和部署 Network Controller 準備需求Installation and Preparation Requirements for Deploying Network Controller
軟體定義網路與 #40;SDN 與 #41;Software Defined Networking (SDN)