ARM模式下建立Express Route

衡子發表於2016-05-09
模式Express

在Azure的ARM模式下,建立Express Route的命令和ASM模式下是有一些區別的。

本文將介紹在ARM模式下,如果建立Express Route的Circuit。

1. 檢視支援的Service Provider

Get-AzureRmExpressRouteServiceProvider 

Name              : Beijing Telecom Ethernet
Id                : /subscriptions//resourceGroups//providers/Microsoft.Network/expressRouteServiceProviders/
ProvisioningState : Succeeded
Type              : Microsoft.Network/expressRouteServiceProviders
PeeringLocations  : [
                      "Beijing"
                    ]
BandwidthsOffered : [
                      {
                        "OfferName": "50Mbps",
                        "ValueInMbps": 50
                      },
                      {
                        "OfferName": "100Mbps",
                        "ValueInMbps": 100
                      },
                      {
                        "OfferName": "200Mbps",
                        "ValueInMbps": 200
                      },
                      {
                        "OfferName": "500Mbps",
                        "ValueInMbps": 500
                      },
                      {
                        "OfferName": "1Gbps",
                        "ValueInMbps": 1000
                      },
                      {
                        "OfferName": "2Gbps",
                        "ValueInMbps": 2000
                      },
                      {
                        "OfferName": "5Gbps",
                        "ValueInMbps": 5000
                      },
                      {
                        "OfferName": "10Gbps",
                        "ValueInMbps": 10000
                      }
                    ]

Name              : Shanghai Telecom Ethernet
Id                : /subscriptions//resourceGroups//providers/Microsoft.Network/expressRouteServiceProviders/
ProvisioningState : Succeeded
Type              : Microsoft.Network/expressRouteServiceProviders
PeeringLocations  : [
                      "Shanghai"
                    ]
BandwidthsOffered : [
                      {
                        "OfferName": "50Mbps",
                        "ValueInMbps": 50
                      },
                      {
                        "OfferName": "100Mbps",
                        "ValueInMbps": 100
                      },
                      {
                        "OfferName": "200Mbps",
                        "ValueInMbps": 200
                      },
                      {
                        "OfferName": "500Mbps",
                        "ValueInMbps": 500
                      },
                      {
                        "OfferName": "1Gbps",
                        "ValueInMbps": 1000
                      },
                      {
                        "OfferName": "2Gbps",
                        "ValueInMbps": 2000
                      },
                      {
                        "OfferName": "5Gbps",
                        "ValueInMbps": 5000
                      },
                      {
                        "OfferName": "10Gbps",
                        "ValueInMbps": 10000
                      }
                    ]

 

可以看到,北京和上海兩個可以提供Express Route的Peer Location。

2. 建立Express Route

New-AzureRmExpressRouteCircuit -Name hwarmer01 -ResourceGroupName hwarm01 -Location "China East" -SkuTier Standard -SkuFamily MeteredData -ServiceProviderName "Shanghai Telecom Ethernet" -BandwidthInMbps 50 -PeeringLocation Shanghai


Name                             : hwarmer01
ResourceGroupName                : hwarm01
Location                         : chinaeast
Id                               : /subscriptions/42e8b20d-29ec-40a5-b020-b2229f3dda56/resourceGroups/hwarm01/providers/Microsoft
                                   .Network/expressRouteCircuits/hwarmer01
Etag                             : W/"b1115f44-1b41-452f-a799-a241f826a609"
ProvisioningState                : Succeeded
Sku                              : {
                                     "Name": "Standard_MeteredData",
                                     "Tier": "Standard",
                                     "Family": "MeteredData"
                                   }
CircuitProvisioningState         : Enabled
ServiceProviderProvisioningState : NotProvisioned
ServiceProviderNotes             : 
ServiceProviderProperties        : {
                                     "ServiceProviderName": "Shanghai Telecom Ethernet",
                                     "PeeringLocation": "Shanghai",
                                     "BandwidthInMbps": 50
                                   }
ServiceKey                       : a3b8f231-2bb2-43ce-8db2-14475c317933
Peerings                         : []
Authorizations                   : []


此處的ServiceKey是和電信建立Express Route的憑證。需要把這個Key提供給電信。

其中狀態是:ServiceProviderProvisioningState : NotProvisioned

當狀態變成Provisioned狀態時,電信的部署就完成了。

 

3. 建立BGP的private Peering關係

$er = Get-AzureRmExpressRouteCircuit 

Add-AzureRmExpressRouteCircuitPeeringConfig -Name "AzurePrivatePeering" -ExpressRouteCircuit $er -PeeringType AzurePrivatePeering -PeerASN 65525 -PrimaryPeerAddressPrefix "10.0.0.0/30" -SecondaryPeerAddressPrefix "10.0.0.4/30" -VlanId 666

更新配置:

Set-AzureRmExpressRouteCircuit -ExpressRouteCircuit $er

4. 建立BGP的public Peering關係

Add-AzureRmExpressRouteCircuitPeeringConfig -Name "AzurePublicPeering" -ExpressRouteCircuit $er -PeeringType AzurePublicPeering -PeerASN 65525 -PrimaryPeerAddressPrefix "192.168.201.0/30" -SecondaryPeerAddressPrefix "192.168.201.4/30" -VlanId 667 -SharedKey "A1B2C3D4"

5. 建立Vnet的ER Gateway

首先新增Gateway Subnet:

Add-AzureRmVirtualNetworkSubnetConfig -Name 'GatewaySubnet' -AddressPrefix 172.17.253.0/27 -VirtualNetwork $vnet 
Set-AzureRmVirtualNetwork -VirtualNetwork $vnet

新增Local Network,此項配置可以不需要配置

New-AzureRmLocalNetworkGateway -Name hwmylocal01 -ResourceGroupName hwarm01 -Location 'China East' -GatewayIpAddress '1.1.1.1' -AddressPrefix '10.100.1.0/24'

建立Gateway的IPConfig:

$vnet = Get-AzureRmVirtualNetwork -Name hwarmvnet01 -ResourceGroupName hwarm01 
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name 'GatewaySubnet' -VirtualNetwork $vnet 
$hwgwpip = New-AzureRmPublicIpAddress -Name hwgwpip1 -ResourceGroupName hwarm01 -Location "China East" -AllocationMethod Dynamic 
$hwgwipconfig = New-AzureRmVirtualNetworkGatewayIpConfig -Name hwgwipconfig -SubnetId $subnet.Id -PublicIpAddressId $hwgwpip.Id

建立ER的Gateway:

New-AzureRmVirtualNetworkGateway -Name hwergw01 -ResourceGroupName hwarm01 -Location "China East" -GatewayType ExpressRoute -VpnType RouteBased -GatewaySku Standard -IpConfigurations $hwgwipconfig -EnableBgp $true

6. 將VNET的Gateway與ExpressRoute的Circuit關聯:

$cir = Get-AzureRmExpressRouteCircuit -Name hwarmer01 -ResourceGroupName hwarm01 
$gw = Get-AzureRmVirtualNetworkGateway -Name hwergw01 -ResourceGroupName hwarm01 
$conn = New-AzureRmVirtualNetworkGatewayConnection -Name "hwerc" -ResourceGroupName "hwarm01" -Location "China East" -VirtualNetworkGateway1 $gw -PeerId $circuit.Id -ConnectionType ExpressRoute

 7. 如果VNET的Gateway與ExpressRoute的Circuit不在一個Subscription,需要做授權:

Add-AzureRmExpressRouteCircuitAuthorization -Name hwerau -ExpressRouteCircuit $cir
Set-AzureRmExpressRouteCircuit -ExpressRouteCircuit $cir

完成後,會得到一個Authorization-key,通過這個Key可以把其他訂閱的Vnet Gateway和此Express Route Circuit關聯。

相關文章