適用於 SDN RAS 閘道RAS Gateway for SDN

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

若要深入了解 RAS 閘道,也就是軟體、multitenant,邊境閘道通訊協定 (BGP) 可路由器專為雲端服務提供者 (Csp) 和主機多個承租人 virtual 網路使用 HYPER-V 網路模擬針對企業設計的 Windows Server 2016 中,您可以使用此主題。You can use this topic to learn about RAS Gateway, which is a software-based, multitenant, Border Gateway Protocol (BGP) capable router in Windows Server 2016 that is designed for Cloud Service Providers (CSPs) and Enterprises that host multiple tenant virtual networks using Hyper-V Network Virtualization.

在 Windows Server 2016 RAS 閘道傳送網路流量之間的實體網路和 VM 網路資源,無論資源的所在位置。In Windows Server 2016, RAS Gateway routes network traffic between the physical network and VM network resources, regardless of where the resources are located. 您可以使用 RAS 閘道,將在相同的實體位置或網際網路上許多不同的所在位置的實體和 virtual 網路間網路流量。You can use RAS Gateway to route network traffic between physical and virtual networks at the same physical location or at many different physical locations over the Internet.

Multitenancy」是雲端基礎結構支援一樣工作負載的多個 tenants、尚未隔離它們各,相同的基礎結構所有的工作負載執行時的能力。Multitenancy is the ability of a cloud infrastructure to support the virtual machine workloads of multiple tenants, yet isolate them from each other, while all of the workloads run on the same infrastructure. 多個工作負載的個人承租人可以連接和管理遠端電腦上,但這些系統不執行的工作負載的其他 tenants、連接,也可以其他 tenants 遠端管理。The multiple workloads of an individual tenant can interconnect and be managed remotely, but these systems do not interconnect with the workloads of other tenants, nor can other tenants remotely manage them.

適用於安裝 SDN RAS 閘道必要條件Prerequisites for installing RAS Gateway for SDN

您無法使用 Windows 介面當您想要使用的 SDN multitenant 模式部署 RAS 閘道安裝遠端存取。You cannot use the Windows interface to install Remote Access when you want to deploy RAS Gateway in multitenant mode for use with SDN. 您必須改用 Windows PowerShell。Instead, you must use Windows PowerShell.

但您可以使用 Windows PowerShell 來安裝 RAS 閘道之前,您必須使用 Windows PowerShell 來新增執行Windows 功能。But before you can install RAS Gateway by using Windows PowerShell, you must use Windows PowerShell to add the RemoteAccess Windows feature. 若要這樣做,請在 Windows PowerShell 命令提示字元中執行下列命令。To do so, run the following command at the Windows PowerShell prompt.

Add-WindowsFeature -Name RemoteAccess -IncludeAllSubFeature -IncludeManagementTools

新增此命令執行功能,以及對於該功能的 Windows PowerShell 命令。This command adds the RemoteAccess feature and the Windows PowerShell commands for the feature.

您加入後執行以您的伺服器,您可以安裝遠端存取 multitenant 模式 RAS 閘道和邊境閘道通訊協定 (BGP)。After you have added RemoteAccess to your server, you can install Remote Access as a RAS Gateway with multitenant mode and Border Gateway Protocol (BGP).

如需詳細資訊,查看 Windows PowerShell 參考主題安裝-執行For more information, see the Windows PowerShell reference topic Install-RemoteAccess.

RAS 閘道功能RAS Gateway Features

以下是 Windows Server 2016 RAS 閘道功能。Following are RAS Gateway features in Windows Server 2016. 您可以部署 RAS 閘道一次使用所有的這些功能的可用性集區中。You can deploy RAS Gateway in high availability pools that use all of these features at one time.

  • 網站-VPNSite-to-site VPN. 此 RAS 閘道功能可讓您使用的網站來 VPN 連接透過網際網路連接兩個實體的不同位置的網路。This RAS Gateway feature allows you to connect two networks at different physical locations across the Internet by using a site-to-site VPN connection. 主機在其 datacenter 許多 tenants Csp,RAS 閘道提供可讓您存取及管理他們的資源從遠端網站,以網站 VPN 連接到 tenants 和,可在您的資料中心 virtual 資源和實體網路間網路流量 multitenant 閘道方案。For CSPs that host many tenants in their datacenter, RAS Gateway provides a multitenant gateway solution that allows your tenants to access and manage their resources over site-to-site VPN connections from remote sites, and that allows network traffic flow between virtual resources in your datacenter and their physical network.

  • 點對網站 VPNPoint-to-site VPN. 此 RAS 閘道功能可讓組織員工或從遠端位置連接至您組織的網路系統管理員。This RAS Gateway feature allows organization employees or administrators to connect to your organization's network from remote locations. Multitenant 部署,承租人網路系統管理員可以存取 virtual 網路資源,CSP datacenter 使用點對網站 VPN 連接。For multitenant deployments, tenant network administrators can use point-to-site VPN connections to access virtual network resources at the CSP datacenter.

  • GRE 通道GRE Tunneling. 一般路由封裝 (GRE) 根據承租人 virtual 網路之間外部網路的通道讓連接。Generic Routing Encapsulation (GRE) based tunnels enable connectivity between tenant virtual networks and external networks. 因為 GRE 通訊協定輕量型與支援 GRE 是可在大部分的網路的裝置上使用它將會變成的資料加密不需要理想選擇的通道。Since the GRE protocol is lightweight and support for GRE is available on most of network devices it becomes an ideal choice for tunneling where encryption of data is not required. 支援網站 (S2S) 通道 GRE 下轉接承租人 virtual 網路與承租人外部網路使用多承租人閘道,之間的稍後本主題中所述GRE support in Site to Site (S2S) tunnels solves the problem of forwarding between tenant virtual networks and tenant external networks using a multi-tenant gateway, as described later in this topic.

  • 動態路由的邊境上閘道通訊協定 (BGP)Dynamic routing with Border Gateway Protocol (BGP). BGP 減少需要手動路由路由器設定,因為它是動態路由通訊協定,並自動學習所使用的網站 VPN 連接連接之間的路徑。BGP reduces the need for manual route configuration on routers because it is a dynamic routing protocol, and automatically learns routes between sites that are connected by using site-to-site VPN connections. 如果您的組織會有多個網站使用 BGP 支援路由器,例如 RAS 閘道器連接,BGP 可路由器自動計算,並使用有效路徑彼此干擾網路或失敗。If your organization has multiple sites that are connected by using BGP-enabled routers such as RAS Gateway, BGP allows the routers to automatically calculate and use valid routes to each other in the event of network disruption or failure. 如需詳細資訊,請查看RFC 4271For more information, see RFC 4271.