軟體定義網路 (SDN)Software Defined Networking (SDN)

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

您可以使用本主題以深入了解在 Windows Server Datacenter edition、 System Center 2016 和 Microsoft Azure 會提供的軟體定義網路 (SDN) 技術。You can use this topic to learn about the Software Defined Networking (SDN) technologies that are provided in Windows Server Datacenter edition, System Center 2016, and Microsoft Azure.

軟體定義網路概觀Software Defined Networking Overview

軟體定義網路 (SDN) 提供的集中設定及管理 virtual 實體網路的裝置,例如路由器、 參數和閘道資料中心的方法。Software Defined Networking (SDN) provides a method to centrally configure and manage physical and virtual network devices such as routers, switches, and gateways in your datacenter. HYPER-V Virtual 切換、 HYPER-V 網路模擬,和 RAS 閘道 virtual 網路元素的設計 SDN 基礎結構的不可或缺的項目。Virtual network elements such as Hyper-V Virtual Switch, Hyper-V Network Virtualization, and RAS Gateway are designed to be integral elements of your SDN infrastructure.

注意

HYPER-V 主機和虛擬機器 (VMs) 執行 SDN 基礎結構伺服器,例如 Network Controller and 軟體負載平衡節點,您必須安裝 Windows Server 2016 Datacenter edition。For Hyper-V hosts and virtual machines (VMs) that run SDN infrastructure servers, such as Network Controller and Software Load Balancing nodes, you must install Windows Server 2016 Datacenter edition. HYPER-V 主機包含只承租人工作負載 Vm 連接 SDN\ 控制網路,您可以執行 Windows Server 2016 Standard edition。For Hyper-V hosts that contain only tenant workload VMs that are connected to SDN-controlled networks, you can run Windows Server 2016 Standard edition.

當您仍然可以使用您現有的實體參數、 路由器,與其他硬體裝置時,您可以達到 virtual 網路之間的實體網路的深度整合這些裝置的設計與軟體定義網路的相容性。While you can still use your existing physical switches, routers, and other hardware devices, you can achieve deeper integration between the virtual network and the physical network if these devices are designed for compatibility with software defined networking.

SDN 可能是因為網路飛機的管理、 控制和資料平面-不再繫結至網路的裝置,但的其他項目,例如 System Center 2016 datacenter 管理軟體的抽象使用。SDN is possible because the network planes - the management, control, and data planes - are no longer bound to the network devices themselves, but are abstracted for use by other entities, such as datacenter management software like System Center 2016.

SDN 可讓您動態管理您的資料中心網路提供符合您的應用程式和工作負載的自動、 中央的方式。SDN allows you to dynamically manage your datacenter network to provide an automated, centralized way to meet the requirements of your applications and workloads. 網路定義軟體提供下列功能。Software defined networking provides the following capabilities.

  • 抽象應用程式和基本的實體網路,透過虛擬化網路的工作負載的能力。The ability to abstract your applications and workloads from the underlying physical network, which is accomplished by virtualizing the network. 如同使用 HYPER-V server 模擬,抽象非常一致,您的應用程式和工作負載的非受到干擾的方式。Just as with server virtualization using Hyper-V, the abstractions are consistent and work with your applications and workloads in a non-disruptive manner. 例如,軟體定義網路提供您實體網路項目,例如 IP 位址、 參數及負載平衡器 virtual 抽象。For example, software defined networking provides virtual abstractions for your physical network elements, such as IP addresses, switches, and load balancers.

  • 集中定義的功能和管理 virtual 和實體網路,包括這兩種網路類型間的流量控制項原則。The ability to centrally define and control policies that govern both physical and virtual networks, including traffic flow between these two network types.

  • 實作一致的方式,縮放比例,網路原則,即使在您的部署新工作負載或將工作負載 virtual 或實體網路上的能力。The ability to implement network policies in a consistent manner at scale, even as you deploy new workloads or move workloads across virtual or physical networks.

Windows Server 技術軟體定義網路Windows Server Technologies for Software Defined Networking

Windows Server 包含下列網路功能軟體定義技術。Windows Server includes the following software defined networking technologies.

Network ControllerNetwork Controller

新的 Windows Server 2016 中 Network Controller 提供管理、 設定、 監視,以及疑難排解 virtual 兩自動化和實體網路基礎結構資料中心的集中、 程式化的點。New in Windows Server 2016, Network Controller provides a centralized, programmable point of automation to manage, configure, monitor, and troubleshoot both virtual and physical network infrastructure in your datacenter. 您可以使用網路控制器,請將網路基礎結構,而不是執行手動設定網路的裝置和服務的設定。Using Network Controller, you can automate the configuration of network infrastructure instead of performing manual configuration of network devices and services.

Network Controller 的高度可用和擴充伺服器角色,並提供程式設計可進行通訊的 Network Controller 的網路介面 (API)-Southbound API-以及一個可讓您與 Network Controller 的第二個 API-Northbound API-一個應用程式。Network Controller is a highly available and scalable server role, and provides one application programming interface (API) - the Southbound API - that allows Network Controller to communicate with the network, and a second API - the Northbound API - that allows you to communicate with Network Controller.

使用 Windows PowerShell、 代表狀態傳輸 (將) API 或管理應用程式,您可以使用 Network Controller 管理下列實體和 virtual 網路基礎結構。Using Windows PowerShell, the Representational State Transfer (REST) API, or a management application, you can use Network Controller to manage the following physical and virtual network infrastructure.

  • HYPER-V Vm 和 virtual 切換Hyper-V VMs and virtual switches

  • 實體網路切換Physical network switches

  • 實體網路路由器Physical network routers

  • 防火牆軟體Firewall software

  • VPN 閘道,包括遠端存取服務 (RAS) Multitenant 閘道VPN Gateways, including Remote Access Service (RAS) Multitenant Gateways

  • 負載平衡器Load Balancers

如需詳細資訊,請查看Network ControllerFor more information, see Network Controller.

HYPER-V 網路模擬Hyper-V Network Virtualization

HYPER-V 網路模擬可協助您使用 virtual 網路抽象應用程式和實體網路的工作負載。Hyper-V Network Virtualization helps you abstract your applications and workloads from the physical network by using virtual networks. 網路 virtual 提供共用實體網路 fabric,藉此駕駛資源使用量上執行時的必要 multitenant 隔離。Virtual networks provide the necessary multitenant isolation while running on a shared physical network fabric, thereby driving up resource utilization. 若要確保,您可以執行向前您現有的投資,您可以設定在現有的網路 gear virtual 網路。To ensure that you can carry forward your existing investments, you can set up virtual networks on existing networking gear. 此外,virtual 網路的區域網路 (Vlan) 相容。In addition, virtual networks are compatible with virtual Local Area Networks (VLANs).

如需詳細資訊,請查看HYPER-V 網路模擬For more information, see Hyper-V Network Virtualization.

HYPER-V Virtual 開關切換至Hyper-V Virtual Switch

HYPER-V Virtual 切換是軟體層級 2 乙太網路切換之後,您已安裝於 HYPER-V 伺服器角色 HYPER-V 管理員中可用的。The Hyper-V Virtual Switch is a software-based layer-2 Ethernet network switch that is available in Hyper-V Manager after you have installed the Hyper-V server role. 切換包含程式受管理和延伸虛擬電腦連接到 virtual 網路和實體網路功能。The switch includes programmatically managed and extensible capabilities to connect virtual machines to both virtual networks and the physical network. 此外,HYPER-V Virtual 切換提供原則執法的安全性、隔離與服務層級。In addition, Hyper-V Virtual Switch provides policy enforcement for security, isolation, and service levels.

在 Windows Server 2016 HYPER-V Virtual 切換,您也可以部署切換 Embedded 小組 (設定) 和遠端直接記憶體存取 (RDMA)。In Hyper-V Virtual Switch in Windows Server 2016, you can also deploy Switch Embedded Teaming (SET) and Remote Direct Memory Access (RDMA). 如需詳細資訊,請查看區段遠端直接記憶體存取 (RDMA) 和切換 Embedded 小組 (設定)本主題中。For more information, see the section Remote Direct Memory Access (RDMA) and Switch Embedded Teaming (SET) in this topic.

如需 HYPER-V Virtual 切換的詳細資訊,請查看HYPER-V Virtual 切換For more information about Hyper-V Virtual Switch, see Hyper-V Virtual Switch.

內部 DNS 服務與 #40; Idn 和 #41;Internal DNS Service (iDNS)

裝載的虛擬機器 (VMs) 和應用程式需要 DNS 通訊在自己的網路和網際網路上的外部資源。Hosted virtual machines (VMs) and applications require DNS to communicate within their own networks and with external resources on the Internet. 與 Idn,您可以使用 DNS 名稱解析服務提供 tenants 其名稱隔離的本機空間,以及網際網路資源。With iDNS, you can provide tenants with DNS name resolution services for their isolated, local name space and for Internet resources.

如需詳細資訊,請查看內部 DNS 服務與 #40; Idn 和 #41;適用於 SDNFor more information, see Internal DNS Service (iDNS) for SDN.

網路功能模擬Network Function Virtualization

在今天的軟體定義資料中心硬體裝置(例如負載平衡器、防火牆、路由器、參數,等等)來執行網路功能的越來越正在擬化檔案為 virtual 裝置。In today's software defined datacenters, network functions that are being performed by hardware appliances (such as load balancers, firewalls, routers, switches, and so on) are increasingly being virtualized as virtual appliances. 這「網路功能模擬」是伺服器模擬和網路模擬自然進展。This "network function virtualization" is a natural progression of server virtualization and network virtualization. 快速新興,建立的全新市場 virtual 裝置。Virtual appliances are quickly emerging and creating a brand new market. 他們繼續產生興趣取得待發這兩個模擬平台和雲端服務。They continue to generate interest and gain momentum in both virtualization platforms and cloud services.

可使用下列網路功能模擬技術。The following Network Function Virtualization technologies are available.

  • 軟體負載平衡器 (SLB) 和網路位址轉譯 (NAT)Software Load Balancer (SLB) and Network Address Translation (NAT). 東西與北南層級 4 負載平衡器和 NAT 支援直接伺服器傳回,與退貨網路流量可以略過負載平衡多工器美化處理能力。The north-south and east-west layer 4 load balancer and NAT enhances throughput by supporting Direct Server Return, with which the return network traffic can bypass the Load Balancing multiplexer. 如需詳細資訊,請查看軟體負載平衡 (SLB) SDN 的For more information, see Software Load Balancing (SLB) for SDN.

  • Datacenter 防火牆Datacenter Firewall. 這個分散式的防火牆提供細微存取控制清單 (Acl),讓您用於防火牆原則,在 VM 介面層級或子網路層級。This distributed firewall provides granular access control lists (ACLs), enabling you to apply firewall policies at the VM interface level or at the subnet level.

    如需詳細資訊,請查看Datacenter 防火牆概觀For more information, see Datacenter Firewall Overview.

  • RAS 閘道RAS Gateway. 您可以使用閘道橋接網路 virtual 與非擬化檔案網路; 間的流量具體而言,您可以部署至網站 VPN 閘道、 轉接閘道和閘道一般路由封裝 (GRE)。You can use gateways for bridging traffic between virtual networks and non-virtualized networks; specifically, you can deploy site-to-site VPN gateways, forwarding gateways, and Generic Routing Encapsulation (GRE) gateways. 此外,M + N 冗餘閘道的支援。In addition, M+N redundancy of gateways is supported. 如需詳細資訊,請查看適用於 SDN RAS 閘道For more information, see RAS Gateway for SDN.

如需詳細資訊,請查看網路功能模擬For more information, see Network Function Virtualization.

遠端直接記憶體存取 (RDMA) 並切換 Embedded 小組 (設定)Remote Direct Memory Access (RDMA) and Switch Embedded Teaming (SET)

在 Windows Server 2016,您可以讓 RDMA 繫結至 HYPER-V Virtual 切換或不需要切換 Embedded 小組 (設定) 網路介面卡上。In Windows Server 2016, you can enable RDMA on network adapters that are bound to a Hyper-V Virtual Switch with or without Switch Embedded Teaming (SET). 這可讓您使用較少的網路介面卡,當您想要使用 RDMA 和一次。This allows you to use fewer network adapters when you want to use RDMA and SET at the same time.

設定為替代 NIC 小組方案,您可以在 Windows Server 2016 中包含 HYPER-V 和軟體所定義網路 (SDN) 堆疊的環境中使用。SET is an alternative NIC Teaming solution that you can use in environments that include Hyper-V and the Software Defined Networking (SDN) stack in Windows Server 2016. 設定整合部分功能小組 NIC HYPER-V Virtual 開關切換至。SET integrates some of the NIC Teaming functionality into the Hyper-V Virtual Switch.

設定可讓您一和八個實體乙太網路介面卡之間一或多個軟體 virtual 網路介面卡插入群組。SET allows you to group between one and eight physical Ethernet network adapters into one or more software-based virtual network adapters. 這些 virtual 網路介面卡提供快的效能與網路介面卡失敗容錯。These virtual network adapters provide fast performance and fault tolerance in the event of a network adapter failure.
設定成員網路介面卡必須所有安裝在相同的實體 HYPER-V 主機放在團隊。SET member network adapters must all be installed in the same physical Hyper-V host to be placed in a team.

此外,您可以使用 Windows PowerShell 命令讓資料中心橋接 (DCB)、 建立 HYPER-V Virtual 切換與 RDMA virtual NIC (但 vNIC),並建立 HYPER-V Virtual 切換的設定和 RDMA vNICs。In addition, you can use Windows PowerShell commands to enable Data Center Bridging (DCB), create a Hyper-V Virtual Switch with an RDMA virtual NIC (vNIC), and create a Hyper-V Virtual Switch with SET and RDMA vNICs.

如需詳細資訊,請查看遠端直接記憶體存取 (RDMA) 和切換 Embedded 小組 (設定)For more information, see Remote Direct Memory Access (RDMA) and Switch Embedded Teaming (SET).

適用於 SDN RAS 閘道RAS Gateway for SDN

RAS 閘道為軟體,multitenant,邊境閘道通訊協定 (BGP) 可路由器專為雲端服務提供者 (Csp) 和主機多個承租人 virtual 網路使用 HYPER-V 網路模擬針對企業設計的 Windows Server 2016 中。RAS Gateway is a software-based, multitenant, Border Gateway Protocol (BGP) capable router in Windows Server 2016 that is designed for Cloud Service Providers (CSPs) and Enterprises that host multiple tenant virtual networks using Hyper-V Network Virtualization.

RAS 閘道提供閘道集區,M + N 冗餘多種類型的網站來 VPN 連接和 BGP 路由反映為您提供具彈性的設計選擇閘道基礎結構。RAS Gateway provides gateway pools, M+N redundancy, multiple types of site-to-site VPN connections, and BGP Route Reflector to provide you with flexible design choices for your gateway infrastructure.

如需詳細資訊,請查看適用於 SDN RAS 閘道For more information, see RAS Gateway for SDN

軟體負載平衡 (SLB)Software Load Balancing (SLB)

雲端服務提供者 (Csp) 與要部署的軟體定義網路 (SDN) 在 Windows Server 2016 中的企業可以使用軟體負載平衡 (SLB) 平均散發承租人和承租人客戶網路流量分配 virtual 網路資源。Cloud Service Providers (CSPs) and Enterprises that are deploying Software Defined Networking (SDN) in Windows Server 2016 can use Software Load Balancing (SLB) to evenly distribute tenant and tenant customer network traffic among virtual network resources. Windows Server SLB 可讓伺服器多個主機相同的工作負載,可用性和延展性。The Windows Server SLB enables multiple servers to host the same workload, providing high availability and scalability.

如需詳細資訊,請查看軟體負載平衡和 #40;SLB 與 #41;適用於 SDNFor more information, see Software Load Balancing (SLB) for SDN.

Windows Server 容器Windows Server Containers

Windows Server 容器是用來與其他服務的容器主機上執行分開應用程式或服務的輕量型作業系統模擬方法。Windows Server Containers are a lightweight operating system virtualization method used to separate applications or services from other services that are running on the same container host. 若要於此,每個容器會有自己的作業系統,程序,檔案系統、登錄和 IP 位址的檢視。To enable this, each container has its own view of the operating system, processes, file system, registry, and IP addresses. 與 Windows Server 2016,您現在可以連接 Windows Server 容器 virtual 網路。With Windows Server 2016, you can now connect Windows Server containers to virtual networks. 如需詳細資訊,請查看Windows Server 容器For more information, see Windows Server Containers.

請連絡 Datacenter 和雲端網路 product 小組Contact the Datacenter and Cloud Networking product team

如果您感興趣討論 SDN 技術 Microsoft 或 SDN 技巧,有各種不同的方法製作連絡人。If you're interested in discussing SDN technologies with Microsoft or other SDN customers, there are a variety of methods for making contact.

如需詳細資訊,請查看連絡雲端網路功能的小組與 DatacenterFor more information, see Contact the Datacenter and Cloud Networking Team.