教程:使用 Azure 门户创建 NAT 网关并测试 NAT 服务Tutorial: Create a NAT Gateway using the Azure portal and test the NAT service

在本教程中,你将创建一个 NAT 网关来为 Azure 中的虚拟机提供出站连接。In this tutorial, you'll create a NAT gateway to provide outbound connectivity for virtual machines in Azure. 为了测试该 NAT 网关,你将部署源和目标虚拟机。To test the NAT gateway, you deploy a source and destination virtual machine. 你将通过从源虚拟机的公共 IP 地址与目标虚拟机建立出站连接,来测试 NAT 网关。You'll test the NAT gateway by making outbound connections to a public IP address from the source to the destination virtual machine. 为简单起见,本教程将源和目标部署在同一资源组中的两个不同虚拟网络内。This tutorial deploys source and destination in two different virtual networks in the same resource group for simplicity only.

如果你愿意,可以使用 Azure CLIAzure PowerShell 而不是门户来完成这些步骤。If you prefer, you can do these steps using the Azure CLI or Azure PowerShell instead of the portal.

登录 AzureSign in to Azure

登录到 Azure 门户Sign in to the Azure portal.

准备出站流量的源Prepare the source for outbound traffic

后续步骤将引导你配置整个测试环境,并执行测试本身。We'll guide you through configuration of a full test environment and the execution of the tests itself in the next steps. 我们从源开始。源使用我们在后续步骤中创建的 NAT 网关资源。We'll start with the source, which will use the NAT gateway resource we create in later steps.

虚拟网络和参数Virtual network and parameters

在部署 VM 并使用 NAT 网关之前,需要创建资源组和虚拟网络。Before you deploy a VM and can use your NAT gateway, we need to create the resource group and virtual network.

在本部分中,你需要将步骤中的以下参数替换为以下信息:In this section you'll need to replace the following parameters in the steps with the information below:

参数Parameter ValueValue
<resource-group-name> myResourceGroupNATmyResourceGroupNAT
<virtual-network-name> myVNetsourcemyVNetsource
<region-name> 中国东部 2China East 2
<IPv4-address-space> 192.168.0.0/16192.168.0.0/16
<subnet-name> mySubnetsourcemySubnetsource
<subnet-address-range> 192.168.0.0/24192.168.0.0/24

创建虚拟网络Create the virtual network

在本部分,请创建虚拟网络和子网。In this section, you'll create a virtual network and subnet.

  1. 在屏幕的左上方选择“创建资源”>“网络”>“虚拟网络”,或者在搜索框中搜索“虚拟网络”。 On the upper-left side of the screen, select Create a resource > Networking > Virtual network or search for Virtual network in the search box.

  2. 在“创建虚拟网络” 的“基本信息”选项卡中输入或选择以下信息 :In Create virtual network, enter or select this information in the Basics tab:

    设置Setting Value
    项目详细信息Project Details
    订阅Subscription 选择 Azure 订阅Select your Azure subscription
    资源组Resource Group 选择“新建” ,输入 <resource-group-name> ,然后选择“确定”,或根据参数选择现有 <resource-group-name>Select Create new, enter <resource-group-name>, then select OK, or select an existing <resource-group-name> based on parameters.
    实例详细信息Instance details
    名称Name 输入 <virtual-network-name>Enter <virtual-network-name>
    区域Region 选择 <region-name>Select <region-name>
  3. 选择“IP 地址”选项卡 ,或选择页面底部的“下一步: IP 地址”按钮。Select the IP Addresses tab or select the Next: IP Addresses button at the bottom of the page.

  4. 在“IP 地址” 选项卡上,输入以下信息:In the IP Addresses tab, enter this information:

    设置Setting Value
    IPv4 地址空间IPv4 address space 输入 <IPv4-address-space>Enter <IPv4-address-space>
  5. 在“子网名称” 下,选择词语“默认” 。Under Subnet name, select the word default.

  6. 在“编辑子网”中输入以下信息: In Edit subnet, enter this information:

    设置Setting Value
    子网名称Subnet name 输入 <subnet-name>Enter <subnet-name>
    子网地址范围Subnet address range 输入 <subnet-address-range>Enter <subnet-address-range>
  7. 选择“保存”。 Select Save.

  8. 选择“查看 + 创建” 选项卡,或选择“查看 + 创建” 按钮。Select the Review + create tab or select the Review + create button.

  9. 选择“创建” 。Select Create.

创建源虚拟机Create source virtual machine

现在,我们将创建一个 VM 来使用 NAT 服务。We'll now create a VM to use the NAT service. 此 VM 将某个公共 IP 用作实例级公共 IP,使你能够访问此 VM。This VM has a public IP to use as an instance-level Public IP to allow you to access the VM. NAT 服务可识别流的方向,并会替代子网中的默认 Internet 目标。NAT service is flow direction aware and will replace the default Internet destination in your subnet. VM 的公共 IP 地址不会用于出站连接。The VM's public IP address won't be used for outbound connections.

为了测试 NAT 网关,我们将某个公共 IP 地址资源分配为实例级公共 IP,以便从外部访问此 VM。To test the NAT gateway, we'll assign a public IP address resource as an instance-level Public IP to access this VM from the outside. 此地址仅用于访问此 VM,以进行测试。This address is only used to access it for the test. 我们将演示 NAT 服务如何优先于其他出站选项。We'll demonstrate how the NAT service takes precedence over other outbound options.

也可以不使用公共 IP 创建此 VM,而是在练习中创建另一个 VM 作为没有公共 IP 的 Jumpbox。You could also create this VM without a public IP and create another VM to use as a jumpbox without a public IP as an exercise.

  1. 在门户的左上方选择“创建资源” > “计算” > “Ubuntu Server 18.04 LTS”,或者在市场搜索中搜索“Ubuntu Server 18.04 LTS”。 On the upper-left side of the portal, select Create a resource > Compute > Ubuntu Server 18.04 LTS, or search for Ubuntu Server 18.04 LTS in the Marketplace search.

  2. 在“创建虚拟机”中,在“基本信息”选项卡中输入或选择以下值: In Create a virtual machine, enter or select the following values in the Basics tab:

    • 订阅 > 资源组:选择“myResourceGroupNAT”。Subscription > Resource Group: Select myResourceGroupNAT.
    • 实例详细信息 > 虚拟机名称:输入 myVMsourceInstance Details > Virtual machine name: enter myVMsource.
    • 在“实例详细信息” > “区域”中,选择“中国东部 2”。 Instance Details > Region > select China East 2.
    • 管理员帐户 > 身份验证输入:选择“密码”。Administrator account > Authentication enter: Select Password.
    • 管理员帐户:输入“用户名”、“密码”和“确认密码”信息。 Administrator account > Enter the Username, Password, and Confirm password information.
    • 入站端口规则 > 公共入站端口:选择“允许所选端口”。Inbound port rules > Public inbound ports: Select Allow selected ports.
    • 入站端口规则 > 选择入站端口:选择“SSH (22)”Inbound port rules > Select inbound ports: Select SSH (22)
    • 选择“网络”选项卡,或选择“下一步: 磁盘”,然后选择“下一步: 网络”。Select the Networking tab, or select Next: Disks, then Next: Networking.
  3. 在“网络”选项卡中,确保选中以下项:In the Networking tab make sure the following are selected:

    • 虚拟网络myVnetsourceVirtual network: myVnetsource
    • 子网mySubnetsourceSubnet: mySubnetsource
    • 公共 IP:选择“新建”。Public IP > Select Create new. 在“创建公共 IP 地址”窗口中的“名称”字段内输入 myPublicIPsourceVMIn the Create public IP address window, enter myPublicIPsourceVM in the Name field. 为“SKU”选择“标准”。 Select Standard for the SKU. 将剩余的字段保留默认值,然后单击“确定”。Leave the rest at the defaults and click OK.
    • NIC 网络安全组:选择“基本”。NIC network security group: Select Basic.
    • 公共入站端口:选择“允许所选端口”。Public inbound ports: Select Allow selected ports.
    • 选择入站端口:确认已选择“SSH”。Select inbound ports: Confirm SSH is selected.
  4. 在“管理”选项卡的“监视”下,将“启动诊断”设置为“关闭” 。In the Management tab, under Monitoring, set Boot diagnostics to Off.

  5. 选择“查看 + 创建”。Select Review + create.

  6. 检查设置并单击“创建”。Review the settings and click Create.

创建 NAT 网关Create the NAT Gateway

可对 NAT 网关使用一个或多个公共 IP 地址资源和/或公共 IP 前缀。You can use one or more public IP address resources, public IP prefixes, or both with NAT gateway. 我们将添加公共 IP 资源、公共 IP 前缀和 NAT 网关资源。We'll add a public IP resource, public IP prefix, and a NAT gateway resource.

本部分详细介绍如何使用 NAT 网关资源创建并配置 NAT 服务的以下组件:This section details how you can create and configure the following components of the NAT service using the NAT gateway resource:

  • 一个公共 IP 池和公共 IP 前缀,供 NAT 网关资源转换的出站流使用。A public IP pool and public IP prefix to use for outbound flows translated by the NAT gateway resource.
  • 将空闲超时从默认值 4 分钟更改为 10 分钟。Change the idle timeout from the default of 4 minutes to 10 minutes.

创建公共 IP 地址Create a public IP address

  1. 在门户的左上方选择“创建资源” > “网络” > “公共 IP 地址”,或者在市场搜索中搜索“公共 IP 地址”。 On the upper-left side of the portal, select Create a resource > Networking > Public IP address, or search for Public IP address in the Marketplace search.

  2. 在“创建公共 IP 地址”中,输入或选择以下信息:In Create public IP address, enter or select this information:

    设置Setting ValueValue
    IP 版本IP Version 选择“IPv4”。Select IPv4.
    SKUSKU 选择“标准”。Select Standard.
    名称Name 输入 myPublicIPsourceEnter myPublicIPsource.
    订阅Subscription 选择订阅。Select your subscription.
    资源组Resource group 选择“myResourceGroupNAT”。Select myResourceGroupNAT.
    位置Location 选择“中国东部 2”。Select China East 2.
  3. 将剩余的字段保留默认设置,然后选择 “创建”Leave the rest of the defaults and select Create.

创建公共 IP 前缀Create a public IP prefix

  1. 在门户的左上方选择“创建资源” > “网络” > “公共 IP 前缀”,或者在市场搜索中搜索“公共 IP 前缀”。 On the upper-left side of the portal, select Create a resource > Networking > Public IP prefix, or search for Public IP prefix in the Marketplace search.

  2. 在“创建公共 IP 前缀”中,在“基本信息”选项卡中输入或选择以下值: In Create a public IP prefix, enter or select the following values in the Basics tab:

    • 订阅 > 资源组:选择“myResourceGroupNAT”>Subscription > Resource Group: Select myResourceGroupNAT>
    • 实例详细信息 > 名称:输入 myPublicIPprefixsourceInstance details > Name: enter myPublicIPprefixsource.
    • 实例详细信息 > 区域:选择“中国东部 2”。Instance details > Region: Select China East 2.
    • 实例详细信息 > 前缀大小:选择“/31 (2 个地址)”Instance details > Prefix size: Select /31 (2 addresses)
  3. 将剩余的字段保留默认值,然后选择“查看 + 创建”。Leave the rest the defaults and select Review + create.

  4. 检查设置,然后选择“创建”。Review the settings, and then select Create.

创建 NAT 网关资源Create a NAT gateway resource

  1. 在门户的左上方选择“创建资源” > “网络” > “NAT 网关”,或者在市场搜索中搜索“NAT 网关”。 On the upper-left side of the portal, select Create a resource > Networking > NAT gateway, or search for NAT gateway in the Marketplace search.

  2. 在“创建网络地址转换(NAT)网关”中,在“基本信息”选项卡中输入或选择以下值: In Create network address translation (NAT) gateway, enter or select the following values in the Basics tab:

    • 订阅 > 资源组:选择“myResourceGroupNAT”。Subscription > Resource Group: Select myResourceGroupNAT.
    • 实例详细信息 > NAT 网关名称:输入 myNATgatewayInstance details > NAT gateway name: enter myNATgateway.
    • 实例详细信息 > 区域:选择“中国东部 2”。Instance details > Region: Select China East 2.
    • 实例详细信息 > 空闲超时(分钟) :输入 10Instance details > Idle timeout (minutes): enter 10.
    • 选择“公共 IP”选项卡,或选择“下一步: 公共 IP”。Select the Public IP tab, or select Next: Public IP.
  3. 在“公共 IP”选项卡中,输入或选择以下值:In the Public IP tab, enter or select the following values:

    • 公共 IP 地址:选择“myPublicIPsource”。Public IP addresses: Select myPublicIPsource.
    • 公共 IP 前缀:选择“myPublicIPprefixsource”。Public IP Prefixes: Select myPublicIPprefixsource.
    • 选择“子网”选项卡,或选择“下一步: 子网”。Select the Subnet tab, or select Next: Subnet.
  4. 在“子网”选项卡中,输入或选择以下值:In the Subnet tab, enter or select the following values:

    • 虚拟网络:选择“myResourceGroupNAT” > “myVnetsource”。 Virtual Network: Select myResourceGroupNAT > myVnetsource.
    • 子网名称:选中“mySubnetsource”旁边的复选框。Subnet name: Select the box next to mySubnetsource.
  5. 选择“查看 + 创建”。Select Review + create.

  6. 检查设置,然后选择“创建”。Review the settings, and then select Create.

发往 Internet 目标的所有出站流量现在将使用该 NAT 服务。All outbound traffic to Internet destinations is now using the NAT service. 无需配置 UDR。It isn't necessary to configure a UDR.

准备出站流量的目标Prepare destination for outbound traffic

现在,我们将为 NAT 服务转换的出站流量创建目标,以便对其进行测试。We'll now create a destination for the outbound traffic translated by the NAT service to allow you to test it.

目标的虚拟网络和参数Virtual network and parameters for destination

在为目标部署 VM 之前,需要创建一个虚拟网络,可将目标虚拟机置于其中。Before you deploy a VM for the destination, we need to create a virtual network where the destination virtual machine can reside. 以下步骤与针对源 VM 执行的步骤相同,只是需要做出一些轻微的更改来公开目标终结点。The following are the same steps as for the source VM with some small changes to expose the destination endpoint.

在本部分中,你需要将步骤中的以下参数替换为以下信息:In this section you'll need to replace the following parameters in the steps with the information below:

参数Parameter ValueValue
<resource-group-name> myResourceGroupNATmyResourceGroupNAT
<virtual-network-name> myVNetdestinationmyVNetdestination
<region-name> 中国东部 2China East 2
<IPv4-address-space> 10.1.0.0/1610.1.0.0/16
<subnet-name> mySubnetdestinationmySubnetdestination
<subnet-address-range> 10.1.0.0/2410.1.0.0/24

创建虚拟网络Create the virtual network

在本部分,请创建虚拟网络和子网。In this section, you'll create a virtual network and subnet.

  1. 在屏幕的左上方选择“创建资源”>“网络”>“虚拟网络”,或者在搜索框中搜索“虚拟网络”。 On the upper-left side of the screen, select Create a resource > Networking > Virtual network or search for Virtual network in the search box.

  2. 在“创建虚拟网络” 的“基本信息”选项卡中输入或选择以下信息 :In Create virtual network, enter or select this information in the Basics tab:

    设置Setting Value
    项目详细信息Project Details
    订阅Subscription 选择 Azure 订阅Select your Azure subscription
    资源组Resource Group 选择“新建” ,输入 <resource-group-name> ,然后选择“确定”,或根据参数选择现有 <resource-group-name>Select Create new, enter <resource-group-name>, then select OK, or select an existing <resource-group-name> based on parameters.
    实例详细信息Instance details
    名称Name 输入 <virtual-network-name>Enter <virtual-network-name>
    区域Region 选择 <region-name>Select <region-name>
  3. 选择“IP 地址”选项卡 ,或选择页面底部的“下一步: IP 地址”按钮。Select the IP Addresses tab or select the Next: IP Addresses button at the bottom of the page.

  4. 在“IP 地址” 选项卡上,输入以下信息:In the IP Addresses tab, enter this information:

    设置Setting Value
    IPv4 地址空间IPv4 address space 输入 <IPv4-address-space>Enter <IPv4-address-space>
  5. 在“子网名称” 下,选择词语“默认” 。Under Subnet name, select the word default.

  6. 在“编辑子网”中输入以下信息: In Edit subnet, enter this information:

    设置Setting Value
    子网名称Subnet name 输入 <subnet-name>Enter <subnet-name>
    子网地址范围Subnet address range 输入 <subnet-address-range>Enter <subnet-address-range>
  7. 选择“保存”。 Select Save.

  8. 选择“查看 + 创建” 选项卡,或选择“查看 + 创建” 按钮。Select the Review + create tab or select the Review + create button.

  9. 选择“创建” 。Select Create.

创建目标虚拟机Create destination virtual machine

  1. 在门户的左上方选择“创建资源” > “计算” > “Ubuntu Server 18.04 LTS”,或者在市场搜索中搜索“Ubuntu Server 18.04 LTS”。 On the upper-left side of the portal, select Create a resource > Compute > Ubuntu Server 18.04 LTS, or search for Ubuntu Server 18.04 LTS in the Marketplace search.

  2. 在“创建虚拟机”中,在“基本信息”选项卡中输入或选择以下值: In Create a virtual machine, enter or select the following values in the Basics tab:

    • 订阅 > 资源组:选择“myResourceGroupNAT”。Subscription > Resource Group: Select myResourceGroupNAT.
    • 实例详细信息 > 虚拟机名称:输入 myVMdestinationInstance Details > Virtual machine name: enter myVMdestination.
    • 在“实例详细信息” > “区域”中,选择“中国东部 2”。 Instance Details > Region > select China East 2.
    • 管理员帐户 > 身份验证输入:选择“密码”。Administrator account > Authentication enter: Select Password.
    • 管理员帐户:输入“用户名”、“密码”和“确认密码”信息。 Administrator account > Enter the Username, Password, and Confirm password information.
    • 入站端口规则 > 公共入站端口:选择“允许所选端口”。Inbound port rules > Public inbound ports: Select Allow selected ports.
    • 入站端口规则 > 选择入站端口:选择“SSH (22)”和“HTTP (80)”。 Inbound port rules > Select inbound ports: Select SSH (22) and HTTP (80).
    • 选择“网络”选项卡,或选择“下一步: 磁盘”,然后选择“下一步: 网络”。Select the Networking tab, or select Next: Disks, then Next: Networking.
  3. 在“网络”选项卡中,确保选中以下项:In the Networking tab make sure the following are selected:

    • 虚拟网络myVnetdestinationVirtual network: myVnetdestination
    • 子网mySubnetdestinationSubnet: mySubnetdestination
    • 公共 IP:选择“新建”。Public IP > Select Create new. 在“创建公共 IP 地址”窗口中的“名称”字段内输入 myPublicIPdestinationVMIn the Create public IP address window, enter myPublicIPdestinationVM in the Name field. 为“SKU”选择“标准”。 Select Standard for SKU. 将剩余的字段保留默认值,然后单击“确定”。Leave the rest at the defaults and click OK.
    • NIC 网络安全组:选择“基本”。NIC network security group: Select Basic.
    • 公共入站端口:选择“允许所选端口”。Public inbound ports: Select Allow selected ports.
    • 选择入站端口:确认已选择“SSH”和“HTTP”。 Select inbound ports: Confirm SSH and HTTP is selected.
  4. 在“管理”选项卡的“监视”下,将“启动诊断”设置为“关闭” 。In the Management tab, under Monitoring, set Boot diagnostics to Off.

  5. 选择“查看 + 创建”。Select Review + create.

  6. 检查设置,然后选择“创建”。Review the settings, and then select Create.

在目标 VM 上准备 Web 服务器和测试有效负载Prepare a web server and test payload on destination VM

首先需要发现目标 VM 的 IP 地址。First we need to discover the IP address of the destination VM.

  1. 在门户左侧选择“资源组”。On the left side of the portal, select Resource groups.
  2. 选择“myResourceGroupNAT”。Select myResourceGroupNAT.
  3. 选择“myVMdestination”。Select myVMdestination.
  4. 在“概述”中,复制“公共 IP 地址”值并将其粘贴到记事本中,以便可以用它访问 VM。 In Overview, copy the Public IP address value, and paste into notepad so you can use it to access the VM.

重要

复制该公共 IP 地址并将其粘贴到记事本中,以便可以在后续步骤中使用它。Copy the public IP address, and then paste it into a notepad so you can use it in subsequent steps. 指明这是目标虚拟机。Indicate this is the destination virtual machine.

登录到目标 VMSign in to destination VM

ssh <username>@<ip-address-destination>

登录后,复制并粘贴以下命令。Copy and paste the following commands once you've logged in.

sudo apt-get -y update && \
sudo apt-get -y upgrade && \
sudo apt-get -y dist-upgrade && \
sudo apt-get -y autoremove && \
sudo apt-get -y autoclean && \
sudo apt-get -y install nginx && \
sudo ln -sf /dev/null /var/log/nginx/access.log && \
sudo touch /var/www/html/index.html && \
sudo rm /var/www/html/index.nginx-debian.html && \
sudo dd if=/dev/zero of=/var/www/html/100k bs=1024 count=100

这些命令将更新虚拟机,安装 nginx,并创建 100 KB 大小的文件。These commands will update your virtual machine, install nginx, and create a 100-KBytes file. 将使用 NAT 服务从源 VM 中检索此文件。This file will be retrieved from the source VM using the NAT service.

关闭与目标 VM 建立的 SSH 会话。Close the SSH session with the destination VM.

在源 VM 上准备测试Prepare test on source VM

首先需要发现源 VM 的 IP 地址。First we need to discover the IP address of the source VM.

  1. 在门户左侧选择“资源组”。On the left side of the portal, select Resource groups.
  2. 选择“myResourceGroupNAT”。Select myResourceGroupNAT.
  3. 选择“myVMsource”。Select myVMsource.
  4. 在“概述”中,复制“公共 IP 地址”值并将其粘贴到记事本中,以便可以用它访问 VM。 In Overview, copy the Public IP address value, and paste into notepad so you can use it to access the VM.

重要

复制该公共 IP 地址并将其粘贴到记事本中,以便可以在后续步骤中使用它。Copy the public IP address, and then paste it into a notepad so you can use it in subsequent steps. 指明这是源虚拟机。Indicate this is the source virtual machine.

登录到源 VMLog into source VM

使用在上一步骤中检索到的 IP 地址通过 SSH 连接到虚拟机。Use the IP address retrieved in the previous step to SSH to the virtual machine.

ssh <username>@<ip-address-source>

复制并粘贴以下命令,以准备测试 NAT 服务。Copy and paste the following commands to prepare for testing the NAT service.

sudo apt-get -y update && \
sudo apt-get -y upgrade && \
sudo apt-get -y dist-upgrade && \
sudo apt-get -y autoremove && \
sudo apt-get -y autoclean && \
sudo apt-get install -y nload golang && \
echo 'export GOPATH=${HOME}/go' >> .bashrc && \
echo 'export PATH=${PATH}:${GOPATH}/bin' >> .bashrc && \
. ~/.bashrc &&
go get -u github.com/rakyll/hey

此命令将更新虚拟机,安装 go,安装 GitHub 中的 hey,并更新 shell 环境。This command will update your virtual machine, install go, install hey from GitHub, and update your shell environment.

现已准备好测试 NAT 服务。You're now ready to test the NAT service.

验证 NAT 服务Validate NAT service

登录到源 VM 后,可以使用 curlhey 生成发往目标 IP 地址的请求。While logged into the source VM, you can use curl and hey to generate requests to the destination IP address.

使用 curl 检索 100 KB 大小的文件。Use curl to retrieve the 100-KBytes file. 请将以下示例中的 <ip-address-destination> 替换为前面复制的目标 IP 地址。Replace <ip-address-destination> in the example below with the destination IP address you have previously copied. --output 参数指示将丢弃检索到的文件。The --output parameter indicates that the retrieved file will be discarded.

curl http://<ip-address-destination>/100k --output /dev/null

也可以使用 hey 生成一系列请求。You can also generate a series of requests using hey. 同样,请将 <ip-address-destination> 替换为前面复制的目标 IP 地址。Again, replace <ip-address-destination> with the destination IP address you have previously copied.

hey -n 100 -c 10 -t 30 --disable-keepalive http://<ip-address-destination>/100k

此命令将生成 100 个请求,其中有 10 个是超时为 30 秒且不重复使用 TCP 连接的并发请求。This command will generate 100 requests, 10 concurrently, with a timeout of 30 seconds, and without reusing the TCP connection. 每个请求将检索 100 KB。Each request will retrieve 100 Kbytes. 运行结束时,hey 会报告有关 NAT 服务运行情况的统计信息。At the end of the run, hey will report some statistics about how well the NAT service did.

清理资源Clean up resources

如果不再需要上述资源组、NAT 网关和所有相关资源,请将其删除。When no longer needed, delete the resource group, NAT gateway, and all related resources. 选择包含 NAT 网关的资源组 myResourceGroupNAT,然后选择“删除”。Select the resource group myResourceGroupNAT that contains the NAT gateway, and then select Delete.

后续步骤Next steps

在本教程中,你已创建 NAT 网关、源 VM 和目标 VM,然后测试了 NAT 网关。In this tutorial, you created a NAT gateway, created a source and destination VM, and then tested the NAT gateway.

可以查看 Azure Monitor 中的指标来了解 NAT 服务的运行情况。Review metrics in Azure Monitor to see your NAT service operating. 可以诊断可用 SNAT 端口资源耗尽等问题。Diagnose issues such as resource exhaustion of available SNAT ports. 通过添加更多公共 IP 地址资源和/或公共 IP 前缀资源,可以轻松解决 SNAT 端口资源耗尽的问题。Resource exhaustion of SNAT ports is easily addressed by adding additional public IP address resources or public IP prefix resources or both.