负载均衡器常见问题解答Load Balancer frequently asked questions

存在哪些类型的负载均衡器?What types of Load Balancer exist?

内部负载均衡器(用于均衡 VNET 中的流量)和外部负载均衡器(用于均衡进出 Internet 连接的终结点的流量)。Internal load balancers which balance traffic within a VNET and external load balancers which balance traffic to and from an internet connected endpoint. 有关详细信息,请参阅负载均衡器类型For more information, see Load Balancer Types.

对于这两种类型,Azure 提供了基本 SKU 和标准 SKU,它们具有不同的功能、性能、安全性和运行状况跟踪功能。For both these types, Azure offers a Basic SKU and Standard SKU that have different functional, performance, security and health tracking capabilities. SKU 比较一文中介绍了这些差异。These differences are explained in our SKU Comparison article.

如何从基本负载均衡器升级到标准负载均衡器?How can I upgrade from a Basic to a Standard Load Balancer?

有关自动化脚本和升级负载均衡器 SKU 的指南,请参阅从“基本”升级到“标准”一文。See the upgrade from Basic to Standard article for an automated script and guidance on upgrading a Load Balancer SKU.

Azure 中有哪些不同的负载均衡选项?What are the different load-balancing options in Azure?

请参阅负载均衡器技术指南,了解可用的负载均衡服务以及每个服务的建议用途。See the load balancer technology guide for the available load-balancing services and recommended uses for each.

在哪里可以找到负载均衡器 ARM 模板?Where can I find Load Balancer ARM templates?

有关常见部署的 ARM 模板,请参阅 Azure 负载均衡器快速入门模板列表See the list of Azure Load Balancer quickstart templates for ARM templates of common deployments.

入站 NAT 规则与负载均衡规则有何不同?How are inbound NAT rules different from load-balancing rules?

NAT 规则用于指定要将流量路由到其中的后端资源。NAT rules are used to specify a backend resource to route traffic to. 例如,将特定负载均衡器端口配置为将 RDP 流量发送到特定 VM。For example, configuring a specific load balancer port to send RDP traffic to a specific VM. 负载均衡规则用于指定要将流量路由到其中的后端资源池,从而在每个实例之间均衡负载。Load-balancing rules are used to specify a pool of backend resources to route traffic to, balancing the load across each instance. 例如,负载均衡器规则可以跨 Web 服务器池在负载均衡器的端口 80 上路由 TCP 数据包。For example, a load balancer rule can route TCP packets on port 80 of the load balancer across a pool of web servers.

IP 168.63.129.16 是什么?What is IP 168.63.129.16?

标记为 Azure 基础结构负载均衡器的主机的虚拟 IP 地址,从其进行 Azure 运行状况探测。The virtual IP address for the host tagged as the Azure infrastructure Load Balancer where the Azure Health Probes originate. 配置后端实例时,这些实例必须允许来自此 IP 地址的流量才能成功响应运行状况探测。When configuring backend instances, they must allow traffic from this IP address to successfully respond to health probes. 此规则不与负载均衡器前端的访问交互。This rule does not interact with access to your Load Balancer frontend. 如果不使用 Azure 负载均衡器,则可重写此规则。If you're not using the Azure Load Balancer, you can override this rule. 可在此处详细了解服务标记。You can learn more about service tags here.

是否可以将全局 VNET 对等互连用于基本负载均衡器?Can I use Global VNET peering with Basic Load Balancer?

否。No. 基本负载均衡器不支持全局 VNET 对等互连。Basic Load Balancer does not support Global VNET peering. 可改用标准负载均衡器。You can use a Standard Load Balancer instead. 有关无缝升级,请参阅从“基本”升级到“标准”一文。See the upgrade from Basic to Standard article for seamless upgrade.

如何发现 Azure VM 使用的公共 IP?How can I discover the public IP that an Azure VM uses?

有多种方法来确定出站连接的公共源 IP 地址。There are many ways to determine the public source IP address of an outbound connection. OpenDNS 提供了一种服务可以向你显示 VM 的公共 IP 地址。OpenDNS provides a service that can show you the public IP address of your VM. 使用 nslookup 命令,可以将名称 myip.opendns.com 的 DNS 查询发送到 OpenDNS 解析程序。By using the nslookup command, you can send a DNS query for the name myip.opendns.com to the OpenDNS resolver. 该服务返回用于发送此查询的源 IP 地址。The service returns the source IP address that was used to send the query. 在 VM 中运行以下查询时,返回的是用于该 VM 的公共 IP。When you run the following query from your VM, the response is the public IP used for that VM:

nslookup myip.opendns.com resolver1.opendns.com

如何连接到同一区域中的 Azure 存储?How do connections to Azure Storage in the same region work?

通过上述方案进行出站连接时不一定要连接到与 VM 位于同一区域的存储。Having outbound connectivity via the scenarios above is not necessary to connect to Storage in the same region as the VM. 如果不想这样做,请按上述说明使用网络安全组 (NSG)。If you do not want this, use network security groups (NSGs) as explained above. 若要连接到其他区域的存储,则需要使用出站连接。For connectivity to Storage in other regions, outbound connectivity is required. 请注意,当从同一区域中的虚拟机连接到存储时,存储诊断日志中的源 IP 地址将是内部提供程序地址,而不是虚拟机的公共 IP 地址。Please note that when connecting to Storage from a VM in the same region, the source IP address in the Storage diagnostic logs will be an internal provider address, and not the public IP address of your VM. 如果要将对存储帐户的访问限制至同一区域中一个或多个虚拟网络子网中的 VM,请在配置存储帐户防火墙时使用虚拟网络服务终结点,而不是公共 IP 地址。If you wish to restrict access to your Storage account to VMs in one or more Virtual Network subnets in the same region, use Virtual Network service endpoints and not your public IP address when configuring your storage account firewall. 配置了服务终结点后,将在存储诊断日志中看到虚拟网络专用 IP 地址,而不是内部提供程序地址。Once service endpoints are configured, you will see your Virtual Network private IP address in your Storage diagnostic logs and not the internal provider address.