创建和修改 ExpressRoute 线路的对等互连Create and modify peering for an ExpressRoute circuit

本文可帮助你使用 Azure 门户为 Azure 资源管理器 (ARM) ExpressRoute 线路创建和管理路由配置。This article helps you create and manage routing configuration for an Azure Resource Manager (ARM) ExpressRoute circuit, using the Azure portal. 还可以检查状态,以及更新、删除和取消预配 ExpressRoute 线路的对等互连。You can also check the status, update, or delete and deprovision peerings for an ExpressRoute circuit. 如果想使用不同的方法处理线路,请从以下列表中选择一篇文章进行参阅:If you want to use a different method to work with your circuit, select an article from the following list:

可以为 ExpressRoute 线路配置一个或两个对等互连(Azure 专用和 Azure 公共)。You can configure one or two peerings (Azure private and Azure public) for an ExpressRoute circuit. 可以按照所选的任意顺序配置对等互连。You can configure peerings in any order you choose. 但是,必须确保一次只完成一个对等互连的配置。However, you must make sure that you complete the configuration of each peering one at a time. 有关路由域和对等互连的详细信息,请参阅关于线路和对等互连For more information about routing domains and peerings, see About circuits and peerings.

配置先决条件Configuration prerequisites

  • 在开始配置之前,请务必查看先决条件页、路由要求页和工作流页。Make sure that you have reviewed the prerequisites page, the routing requirements page, and the workflows page before you begin configuration.
  • 必须有一个活动的 ExpressRoute 线路。You must have an active ExpressRoute circuit. 在继续下一步之前,请按说明 创建 ExpressRoute 线路 ,并通过连接提供商启用该线路。Follow the instructions to Create an ExpressRoute circuit and have the circuit enabled by your connectivity provider before you proceed. 若要配置对等互连,ExpressRoute 线路必须处于已预配且已启用状态。In order to configure peering(s), the ExpressRoute circuit must be in a provisioned and enabled state.
  • 如果计划使用共享密钥/MD5 哈希,请确保在隧道两端都使用该哈希,并将最大字母数字字符数限制为 25。If you plan to use a shared key/MD5 hash, be sure to use this on both sides of the tunnel and limit the number of alphanumeric characters to a maximum of 25. 不支持特殊字符。Special characters are not supported.

这些说明只适用于由提供第 2 层连接服务的服务提供商创建的线路。These instructions only apply to circuits created with service providers offering Layer 2 connectivity services. 如果服务提供商提供第 3 层托管服务(通常是 IPVPN,如 MPLS),则连接服务提供商会配置和管理路由。If you are using a service provider that offers managed Layer 3 services (typically an IPVPN, like MPLS), your connectivity provider configures and manages routing for you.

Important

我们目前无法通过服务管理门户播发服务提供商配置的对等互连。We currently do not advertise peerings configured by service providers through the service management portal. 我们正在努力不久就实现这一功能。We are working on enabling this capability soon. 请在配置 BGP 对等互连之前与服务提供商协商。Check with your service provider before configuring BGP peerings.

Azure 专用对等互连Azure private peering

本文介绍了如何为 ExpressRoute 线路创建、获取、更新和删除 Azure 专用对等互连配置。This section helps you create, get, update, and delete the Azure private peering configuration for an ExpressRoute circuit.

创建 Azure 专用对等互连To create Azure private peering

  1. 配置 ExpressRoute 线路。Configure the ExpressRoute circuit. 在继续之前,请确保线路完全由连接提供商设置。Ensure that the circuit is fully provisioned by the connectivity provider before continuing.

    如果连接服务提供商提供第 3 层托管服务,可以请求连接服务提供商启用 Azure 专用对等互连。If your connectivity provider offers managed Layer 3 services, you can ask your connectivity provider to enable Azure private peering for you. 在这种情况下,不需要遵循后续部分中所列的说明。In that case, you won't need to follow the instructions listed in the next sections. 但是,如果连接提供商未为你管理路由,则在创建线路后,请继续执行后续步骤。However, if your connectivity provider does not manage routing for you, after creating your circuit, proceed with the next steps.

    线路 - 提供商状态:未预配Circuit - Provider status: Not provisioned

    线路 - 提供商状态:已预配Circuit - Provider status: Provisioned

  2. 配置线路的 Azure 专用对等互连。Configure Azure private peering for the circuit. 在继续执行后续步骤之前,请确保已准备好以下各项:Make sure that you have the following items before you proceed with the next steps:

    • 主链路的 /30 子网。A /30 subnet for the primary link. 此子网不能是保留给虚拟网络使用的任何地址空间的一部分。The subnet must not be part of any address space reserved for virtual networks. 在此子网中,Microsoft 将第二个可用的 IP 用于其路由器时,你将为你的路由器分配第一个可用的 IP 地址。From this subnet you will assign the first useable IP address to your router as Microsoft uses the second useable IP for its router.
    • 辅助链路的 /30 子网。A /30 subnet for the secondary link. 此子网不能是保留给虚拟网络使用的任何地址空间的一部分。The subnet must not be part of any address space reserved for virtual networks. 在此子网中,Microsoft 将第二个可用的 IP 用于其路由器时,你将为你的路由器分配第一个可用的 IP 地址。From this subnet you will assign the first useable IP address to your router as Microsoft uses the second useable IP for its router.
    • 用于建立此对等互连的有效 VLAN ID。A valid VLAN ID to establish this peering on. 请确保线路中没有其他对等互连使用同一个 VLAN ID。Ensure that no other peering in the circuit uses the same VLAN ID. 主要链接和次要链接必须使用相同的 VLAN ID。For both Primary and Secondary links you must use the same VLAN ID.
    • 对等互连的 AS 编号。AS number for peering. 可以使用 2 字节和 4 字节 AS 编号。You can use both 2-byte and 4-byte AS numbers. 可以使用专用 AS 编号建立对等互连(65515 到 65520 之间的数字除外)。You can use a private AS number for this peering except for the number from 65515 to 65520, inclusively.
    • 设置专用对等互连时,必须通过 BGP 将路由从本地边缘路由器播发到 Azure。You must advertise the routes from your on-premises Edge router to Azure via BGP when you set up the private peering.
    • 可选 - MD5 哈希(如果选择使用)。Optional - An MD5 hash if you choose to use one.
  3. 选择“Azure 专用”对等互连行,如下面的示例中所示:Select the Azure Private peering row, as shown in the following example:

    选择“专用对等互连”行Select the private peering row

  4. 配置专用对等互连。Configure private peering. 指定所有参数后,请保存配置。Save the configuration once you have specified all parameters.

    配置专用对等互连

  5. 成功接受配置后,会看到类似于以下示例的内容:After the configuration has been accepted successfully, you see something similar to the following example:

    已保存专用对等互连

查看 Azure 专用对等互连详细信息To view Azure private peering details

可以通过选择对等互连查看 Azure 专用对等互连的属性。You can view the properties of Azure private peering by selecting the peering.

查看专用对等互连属性View private peering properties

更新 Azure 专用对等互连配置To update Azure private peering configuration

可以选择用于对等互连的行并修改对等互连属性。You can select the row for peering and modify the peering properties. 更新后,保存所做的更改。After updating, save your changes.

更新专用对等互连

删除 Azure 专用对等互连To delete Azure private peering

可以通过选择“删除”图标来删除对等互连配置,如下图中所示:You can remove your peering configuration by selecting the delete icon, as shown in the following image:

删除专用对等互连

Azure 公共对等互连Azure public peering

本文介绍了如何为 ExpressRoute 线路创建、获取、更新和删除 Azure 公共对等互连配置。This section helps you create, get, update, and delete the Azure public peering configuration for an ExpressRoute circuit.

创建 Azure 公共对等互连To create Azure public peering

  1. 配置 ExpressRoute 线路。Configure ExpressRoute circuit. 在进一步继续之前,请确保线路完全由连接提供商设置。Ensure that the circuit is fully provisioned by the connectivity provider before continuing further. 如果连接服务提供商提供第 3 层托管服务,可以请求连接服务提供商启用 Azure 公共对等互连。If your connectivity provider offers managed Layer 3 services, you can ask your connectivity provider to enable Azure public peering for you. 在这种情况下,不需要遵循后续部分中所列的说明。In that case, you won't need to follow instructions listed in the next sections. 但是,如果连接服务提供商不为你管理路由,请在创建线路后按照后续步骤继续配置。However, if your connectivity provider does not manage routing for you, after creating your circuit, continue your configuration using the next steps.

    列出公共对等互连

  2. 配置线路的 Azure 公共对等互连。Configure Azure public peering for the circuit. 在继续执行后续步骤之前,请确保已准备好以下各项:Make sure that you have the following items before you proceed with the next steps:

    • 主链路的 /30 子网。A /30 subnet for the primary link. 这必须是有效的公共 IPv4 前缀。This must be a valid public IPv4 prefix. 在此子网中,Microsoft 将第二个可用的 IP 用于其路由器时,你将为你的路由器分配第一个可用的 IP 地址。From this subnet you will assign the first useable IP address to your router as Microsoft uses the second useable IP for its router.
    • 辅助链路的 /30 子网。A /30 subnet for the secondary link. 这必须是有效的公共 IPv4 前缀。This must be a valid public IPv4 prefix. 在此子网中,Microsoft 将第二个可用的 IP 用于其路由器时,你将为你的路由器分配第一个可用的 IP 地址。From this subnet you will assign the first useable IP address to your router as Microsoft uses the second useable IP for its router.
    • 用于建立此对等互连的有效 VLAN ID。A valid VLAN ID to establish this peering on. 请确保线路中没有其他对等互连使用同一个 VLAN ID。Ensure that no other peering in the circuit uses the same VLAN ID. 主要链接和次要链接必须使用相同的 VLAN ID。For both Primary and Secondary links you must use the same VLAN ID.
    • 对等互连的 AS 编号。AS number for peering. 可以使用 2 字节和 4 字节 AS 编号。You can use both 2-byte and 4-byte AS numbers.
    • 可选 - MD5 哈希(如果选择使用)。Optional - An MD5 hash if you choose to use one.
  3. 选择“Azure 公共”对等互连行,如下图中所示:Select the Azure public peering row, as shown in the following image:

    选择公共对等互连行

  4. 配置公共对等互连。Configure public peering. 下图显示了一个配置示例:The following image shows a configuration example:

    配置公共对等互连

  5. 指定所有参数后,请保存配置。Save the configuration once you have specified all parameters. 成功接受配置后,会看到类似于以下示例的内容:After the configuration has been accepted successfully, you see something similar to the following example:

    保存公共对等互连配置

查看 Azure 公共对等互连详细信息To view Azure public peering details

通过选择对等互连查看 Azure 公共对等互连的属性。View the properties of Azure public peering by selecting the peering.

更新 Azure 公共对等互连配置To update Azure public peering configuration

选择对等互连所对应的行,然后修改对等互连属性。Select the row for peering, then modify the peering properties.

删除 Azure 公共对等互连To delete Azure public peering

通过选择“删除”图标来删除对等互连配置。Remove your peering configuration by selecting the delete icon.

后续步骤Next steps

下一步,将 VNet 链接到 ExpressRoute 线路Next step, Link a VNet to an ExpressRoute circuit.