RAS 閘道中的新功能What's New in RAS Gateway

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

您可以使用此主題 multitenant、 Windows Server 2016 中的邊框閘道通訊協定 (BGP) 可路由器 RAS 閘道,是軟體為基礎,了解新功能。You can use this topic to learn about new features for RAS Gateway, which is a software-based, multitenant, Border Gateway Protocol (BGP) capable router in Windows Server 2016. RAS 閘道 Multitenant BGP 路由器是雲端服務提供者 (Csp) 和主機多個承租人 virtual 網路使用 HYPER-V 網路模擬針對企業設計。The RAS Gateway Multitenant BGP router is designed for Cloud Service Providers (CSPs) and Enterprises that host multiple tenant virtual networks using Hyper-V Network Virtualization.

注意

在 Windows Server 2012 R2,名稱為 RAS 閘道 RRAS 閘道;在系統中心一樣管理員 RAS 閘道為 Windows 伺服器閘道]。In Windows Server 2012 R2, RAS Gateway is named RRAS Gateway; and in System Center Virtual Machine Manager, RAS Gateway is named Windows Server Gateway.

本主題包含下列各節。This topic contains the following sections.

連接至網站選項Site-to-site Connectivity Options

RAS 閘道現在支援三種類型的 VPN 網站-連接: 網際網路金鑰交換版本 (IKEv2) 2-網站 virtual 私人網路 (VPN)、 層級 3 (L3) VPN 和一般路由封裝 (GRE) 的通道。RAS Gateway now supports three types of VPN site-to-site connections: Internet Key Exchange version 2 (IKEv2) site-to-site virtual private networking (VPN), Layer 3 (L3) VPN, and Generic Routing Encapsulation (GRE) tunnels.

如需 GRE 的詳細資訊,請查看在 Windows Server 2016 的 GRE 通道For more information about GRE, see GRE Tunneling in Windows Server 2016.

閘道集區Gateway Pools

您可以在 Windows Server 2016 建立閘道集區的不同類型。In Windows Server 2016, you can create gateway pools of different types. 閘道集區包含許多 RAS 閘道的執行個體與路由實體和 virtual 網路間網路流量。Gateway pools contain many instances of RAS Gateway, and route network traffic between physical and virtual networks. 閘道集區可以執行任何個人閘道函式-網際網路金鑰交換版本 (IKEv2) 2-網站 virtual 私人網路 (VPN)、 層級 3 (L3) VPN 和一般路由封裝 (GRE) 就會-或集區可以執行這些功能的所有做為混合集區。Gateway pools can perform any of the individual gateway functions - Internet Key Exchange version 2 (IKEv2) site-to-site virtual private networking (VPN), Layer 3 (L3) VPN, and Generic Routing Encapsulation (GRE) tunnels - or the pool can perform all of these functions and act as a mixed pool.

您可以建立閘道集區使用任何您想要根據您的基礎結構需求的邏輯。You can create gateway pools using any logic that you prefer based on your infrastructure requirements. 例如,您可以建立任何下列特徵為基礎的閘道集區。For example, you can create gateway pools based on any of the following characteristics.

  • 通道類型 (IKEv2 VPN、 L3 VPN、 GRE VPN)Tunnel types (IKEv2 VPN, L3 VPN, GRE VPN)

  • 容量Capacity

  • 重複層級 (根據您的帳單計劃的 tenants 可靠性)Redundancy level (reliability based on your billing plan for tenants)

  • 針對的自訂的分離Customized separation for customers

如需詳細資訊,請查看RAS 閘道可用性For more information, see RAS Gateway High Availability.

閘道集區擴充性Gateway Pool Scalability

您可以輕鬆地縮放閘道集區向上或向下新增或移除閘道 Vm 集區中。You can easily scale a gateway pool up or down by adding or removing gateway VMs in the pool. 移除或額外的閘道不會不會中斷集區所提供的服務。Removal or addition of gateways does not disrupt the services that are provided by a pool. 您也可以新增與移除閘道整個集區。You can also add and remove entire pools of gateways.

如需詳細資訊,請查看RAS 閘道可用性For more information, see RAS Gateway High Availability.

M + N 閘道集區冗餘M+N Gateway Pool Redundancy

每個閘道集區是 M + N 備援。Every gateway pool is M+N redundant. 這表示已 ' 數目的作用中閘道虛擬 (Vm) 「 n 」 多待命閘道 Vm 的備份。This means that an 'M' number of active gateway virtual machines (VMs) are backed up by an 'N' number of standby gateway VMs. M + N 冗餘為您提供更具彈性判斷您需要時部署 RAS 閘道可靠性的層級。M+N redundancy provides you with more flexibility in determining the level of reliability that you require when you deploy RAS Gateway. 您現在可以設定最多待命 Vm 視需要而非只有一個待命 RAS 閘道依據作用中 RAS 閘道 VM-的選項是 \ [僅設定與 Windows Server 2012 R2 的。Rather than using only one standby RAS Gateway per active RAS Gateway VM - which is the only configuration option with Windows Server 2012 R2 - you can now configure as many standby VMs as you require. 網路控制器閘道服務管理員功能有效率使用待命 RAS 閘道 VM 容量如果主動 RAS 閘道 VM 失敗或遺失連接提供可靠容錯移轉。The Network Controller Gateway Service Manager feature efficiently uses the standby RAS Gateway VM capacity to provide reliable failover if an active RAS Gateway VM fails or loses connectivity.

如需詳細資訊,請查看RAS 閘道可用性For more information, see RAS Gateway High Availability.

之前的路徑反映Route Reflector

邊境閘道通訊協定 (BGP) 路由反映現在已隨附 RAS 閘道,並提供所需的之前的路徑同步處理路由器之間 BGP 完整網格拓撲的另一個方法。The Border Gateway Protocol (BGP) Route Reflector is now included with RAS Gateway, and provides an alternative to BGP full mesh topology that is required for route synchronization between routers. 完整網格同步處理的所有 BGP 路由器必須與所有其他路由器路由拓撲都連接。With full mesh synchronization, all BGP routers must connect with all other routers in the routing topology. 當您使用之前的路徑反映時,不過,路由反映是與其他路由器,稱為 BGP 戶端,藉以簡化路由同步處理和降低網路流量的所有連接只有路由器。When you use Route Reflector, however, the Route Reflector is the only router that connects with all of the other routers, called BGP clients, thereby simplifying route synchronization and reducing network traffic. 之前的路徑反映學習所有路徑、 計算最佳路徑,並重新其 BGP 戶端的最佳路由分配。The Route Reflector learns all routes, calculates best routes, and redistributes the best routes to its BGP clients.

與 Windows Server 2016,您可以設定個人承租人遠端存取通道在多個 RAS 閘道 VM 終止。With Windows Server 2016, you can configure an individual tenant's remote access tunnels to terminate on more than one RAS Gateway VM. 這提供提高的彈性的雲端服務提供者所面臨環境的其中一個 RAS 閘道 VM 不符合所有的承租人連接的頻寬需求。This provides increased flexibility for Cloud Service Providers when faced with circumstances where one RAS Gateway VM cannot meet all of the bandwidth requirements of the tenant connections.

這項功能,但是引進了其他複雜的之前的路徑管理及生效路徑承租人遠端網站和雲端的資料中心他們 virtual 資源之間同步處理。This capability, however, introduces the additional complexity of route management and effective synchronization of routes between the tenant remote sites and their virtual resources in the cloud datacenter. 連接 tenants 提供多個 RAS 閘道也引進了在企業結束時,每個承租人網站會有不同路由鄰居的位置設定的其他複雜。Providing tenants with connections to multiple RAS Gateways also introduces additional complexity in configuration at the Enterprise end, where each tenant site will have separate routing neighbors.

在控制平面 BGP 路由反映這些問題,並讓企業 tenants 透明 CSP 內部 fabric 部署。A BGP Route Reflector in the control plane addresses these problems and makes the CSP internal fabric deployment transparent to the Enterprise tenants. 以下是一些重點 BGP 路由反映隨附 RAS 閘道並整合 Network Controller 的相關。Following are some key points about the BGP Route Reflector that is included with RAS Gateway and integrated with Network Controller.

  • 在軟體定義網路部署 A 路由反映是位於 RAS 閘道之間 Network Controller 的控制項平面邏輯實體。A Route Reflector in a Software Defined Networking deployment is a logical entity that sits on the control plane between the RAS Gateways and the Network Controller. 這不會但是,參與資料平面路由。It does not, however, participate in data plane routing.

  • 當您新增新的承租人資料中心時,Network Controller 會自動設定的第一個承租人 RAS 閘道為路由反映。When you add a new tenant to your datacenter, Network Controller automatically configures the first tenant RAS Gateway as a Route Reflector.

  • 每個承租人對應路由反映程式,而且位於 RAS 閘道 Vm 該承租人相關聯的其中一個。Each tenant has a corresponding Route Reflector, and it resides on one of the RAS Gateway VMs that are associated with that tenant.

  • 之前的路徑反映承租人作為路由反映 RAS 閘道 Vm 承租人相關聯的所有。A tenant Route Reflector acts as the Route Reflector for all of the RAS Gateway VMs that are associated with the tenant. 承租人閘道 RAS 閘道之前的路徑反映以外的之前的路徑反映戶端。Tenant gateways other than the RAS Gateway Route Reflector are the Route Reflector Clients. 之前的路徑反映程式執行之前的路徑同步所有路由反映戶端之間,可能是實際資料路徑路由。The Route Reflector performs route synchronization between all Route Reflector Clients so that the actual data path routing can occur.

  • A 路由反映不提供 RAS 閘道設定時,它之前的路徑反映服務。A Route Reflector does not provide route reflector services for the RAS Gateway upon which it is configured.

  • 更新企業路徑對應至承租人的企業網站 Network Controller A 路由反映。A Route Reflector updates Network Controller with the Enterprise routes that correspond to the tenant's Enterprise sites. 這可讓網路所需的 HYPER-V 網路模擬原則設定端點-資料路徑存取承租人 virtual 網路上的控制器。This allows Network Controller to configure the required Hyper-V Network Virtualization policies on the tenant virtual network for End-to-End Data Path access.

  • 如果您的企業針對使用 BGP 路由客戶位址空間,RAS 閘道之前的路徑反映是針對所有網站的對應承租人只外部 BGP (eBGP) 鄰居。If your Enterprise customers use BGP Routing in the Customer Address space, the RAS Gateway Route Reflector is the only external BGP (eBGP) neighbor for all of the sites of the corresponding tenant. 也是如此無論企業承租人的通道結束點。This is true regardless of the Enterprise tenant's tunnel termination points. 亦即,不論 CSP 中的 RAS 閘道 VM datacenter 終止承租人網站的網站來 VPN 通道,針對所有承租人網站 eBGP 等,路由反映。In other words, no matter which RAS Gateway VM in the CSP datacenter terminates the site-to-site VPN tunnel for a tenant site, the eBGP Peer for all the tenant sites is the Route Reflector.

如需詳細資訊,請查看RAS 閘道部署架構意見主題網際網路工程設計工作推動 (IETF) 要求和RFC 4456 BGP 路由反映: 另一種方式來完整 Mesh 內部 BGP (IBGP)For more information, see RAS Gateway Deployment Architecture and the Internet Engineering Task Force (IETF) Request for Comments topic RFC 4456 BGP Route Reflection: An Alternative to Full Mesh Internal BGP (IBGP).