Azure vnet对等是否支持通过驻留在集线器vnet中的多个虚拟设备的流量? [英] Does Azure vnet peering support traffic passing through multiple virtual appliances that reside in the Hub vnet?

问题描述

如上面的链接图所示，当客户端(vnet A)需要ping服务器(vnet C)时，是否可以强制流量通过集线器vnet(vnet B)内的两个设备?

As shown in the above linked diagram, when the client (vnet A) needs to ping server (vnet C), is it possible to force that traffic to go through the two appliances inside the Hub vnet (vnet B)?

UDR1强制流量通过虚拟设备路由器1，UDR2强制流量从路由器1到路由器2，一旦流量从路由器2出来，它将到达服务器，这是通过对等自身完成的.

UDR1 forces traffic to go through Virtual Appliance Router 1, and UDR2 forces traffic out from Router 1 to Router 2, once traffic comes out of Router 2, it will arrive at server, this is done via peering itself.

UDR3和UDR4用于返回流量.

UDR3 and UDR4 are for return traffic.

路由器1上的tcpdump显示流量进入，然后路由器1将该流量转发到路由器2，但是尽管UDR 2，在路由器2上也没有看到流量.

tcpdump on Router 1 shows traffic coming in, and then Router 1 forwards that traffic out to Router 2, but there is no traffic seen on Router 2, despite UDR 2.

但是，从客户端到服务器的ping操作确实有效，这意味着Azure正在执行传递，这导致流量绕过路由器2.

However, pinging from client to server does work, this means Azure is doing the delivery, which causes the traffic to bypass Router 2.

对等vnet环境中是否支持多个虚拟设备?当所有流量都在同一vnet内时，将支持该功能，并且可以正常工作.

Is multiple virtual appliances supported in a peered vnet environment? It is supported when all traffic is within the same vnet, this is tested working.

推荐答案

两个虚拟设备实际上是否与图表位于同一子网中?为了使UDR正常工作，它们必须位于不同的子网中.否则，您将在保留IP上循环流量.

Are the two virtual appliances actually in the same subnet as per the diagram? For the UDRs to work, they would need to be in different subnets. You're looping the traffic on the reserved IPs otherwise. 

您是否可以选择允许在两个对等节点上启用转发流量?

Do you have the option to allow forwarded traffic enabled on both peerings?

Joe

这篇关于Azure vnet对等是否支持通过驻留在集线器vnet中的多个虚拟设备的流量?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！