Nota
O acesso a esta página requer autorização. Podes tentar iniciar sessão ou mudar de diretório.
O acesso a esta página requer autorização. Podes tentar mudar de diretório.
Aplica-se a: ✔️ VMs do Windows ✔️ Conjuntos de escala flexíveis
Virtual machines (VMs) in Azure can have multiple virtual network interface cards (NICs) attached to them. A common scenario is to have different subnets for front-end and back-end connectivity. You can associate multiple NICs on a VM to multiple subnets, but those subnets must all reside in the same virtual network (vNet). This article details how to create a VM that has multiple NICs attached to it. You also learn how to add or remove NICs from an existing VM. Different VM sizes support a varying number of NICs, so size your VM accordingly.
Observação
If multiple subnets are not required for a scenario, it may be more straightforward to utilize multiple IP configurations on a single NIC. Instructions for this setup can be found here.
Pré-requisitos
Nos exemplos a seguir, substitua nomes de parâmetros de exemplo por seus próprios valores. Example parameter names include myResourceGroup, myVnet, and myVM.
Criar uma VM com vários NICs
Primeiro, crie um grupo de recursos. The following example creates a resource group named myResourceGroup in the EastUs location:
New-AzResourceGroup -Name "myResourceGroup" -Location "EastUS"
Create virtual network and subnets
A common scenario is for a virtual network to have two or more subnets. One subnet may be for front-end traffic, the other for back-end traffic. To connect to both subnets, you then use multiple NICs on your VM.
Define two virtual network subnets with New-AzVirtualNetworkSubnetConfig. The following example defines the subnets for mySubnetFrontEnd and mySubnetBackEnd:
$mySubnetFrontEnd = New-AzVirtualNetworkSubnetConfig -Name "mySubnetFrontEnd" ` -AddressPrefix "192.168.1.0/24" $mySubnetBackEnd = New-AzVirtualNetworkSubnetConfig -Name "mySubnetBackEnd" ` -AddressPrefix "192.168.2.0/24"Create your virtual network and subnets with New-AzVirtualNetwork. The following example creates a virtual network named myVnet:
$myVnet = New-AzVirtualNetwork -ResourceGroupName "myResourceGroup" ` -Location "EastUs" ` -Name "myVnet" ` -AddressPrefix "192.168.0.0/16" ` -Subnet $mySubnetFrontEnd,$mySubnetBackEnd
Create multiple NICs
Create two NICs with New-AzNetworkInterface. Attach one NIC to the front-end subnet and one NIC to the back-end subnet. The following example creates NICs named myNic1 and myNic2:
$frontEnd = $myVnet.Subnets|?{$_.Name -eq 'mySubnetFrontEnd'}
$myNic1 = New-AzNetworkInterface -ResourceGroupName "myResourceGroup" `
-Name "myNic1" `
-Location "EastUs" `
-SubnetId $frontEnd.Id
$backEnd = $myVnet.Subnets|?{$_.Name -eq 'mySubnetBackEnd'}
$myNic2 = New-AzNetworkInterface -ResourceGroupName "myResourceGroup" `
-Name "myNic2" `
-Location "EastUs" `
-SubnetId $backEnd.Id
Typically you also create a network security group to filter network traffic to the VM and a load balancer to distribute traffic across multiple VMs.
Criar a máquina virtual
Now start to build your VM configuration. Each VM size has a limit for the total number of NICs that you can add to a VM. For more information, see Windows VM sizes.
Set your VM credentials to the
$credvariable as follows:$cred = Get-CredentialDefine your VM with New-AzVMConfig. The following example defines a VM named myVM and uses a VM size that supports more than two NICs (Standard_DS3_v2):
$vmConfig = New-AzVMConfig -VMName "myVM" -VMSize "Standard_DS3_v2"Create the rest of your VM configuration with Set-AzVMOperatingSystem and Set-AzVMSourceImage. The following example creates a Windows Server 2016 VM:
$vmConfig = Set-AzVMOperatingSystem -VM $vmConfig ` -Windows ` -ComputerName "myVM" ` -Credential $cred ` -ProvisionVMAgent ` -EnableAutoUpdate $vmConfig = Set-AzVMSourceImage -VM $vmConfig ` -PublisherName "MicrosoftWindowsServer" ` -Offer "WindowsServer" ` -Skus "2016-Datacenter" ` -Version "latest"Attach the two NICs that you previously created with Add-AzVMNetworkInterface:
$vmConfig = Add-AzVMNetworkInterface -VM $vmConfig -Id $myNic1.Id -Primary $vmConfig = Add-AzVMNetworkInterface -VM $vmConfig -Id $myNic2.IdCreate your VM with New-AzVM:
New-AzVM -VM $vmConfig -ResourceGroupName "myResourceGroup" -Location "EastUs"Add routes for secondary NICs to the OS by completing the steps in Configure the operating system for multiple NICs.
Add a NIC to an existing VM
To add a virtual NIC to an existing VM, you deallocate the VM, add the virtual NIC, then start the VM. Different VM sizes support a varying number of NICs, so size your VM accordingly. If needed, you can resize a VM.
Deallocate the VM with Stop-AzVM. The following example deallocates the VM named myVM in myResourceGroup:
Stop-AzVM -Name "myVM" -ResourceGroupName "myResourceGroup"Get the existing configuration of the VM with Get-AzVm. The following example gets information for the VM named myVM in myResourceGroup:
$vm = Get-AzVm -Name "myVM" -ResourceGroupName "myResourceGroup"The following example creates a virtual NIC with New-AzNetworkInterface named myNic3 that is attached to mySubnetBackEnd. The virtual NIC is then attached to the VM named myVM in myResourceGroup with Add-AzVMNetworkInterface:
# Get info for the back end subnet $myVnet = Get-AzVirtualNetwork -Name "myVnet" -ResourceGroupName "myResourceGroup" $backEnd = $myVnet.Subnets|?{$_.Name -eq 'mySubnetBackEnd'} # Create a virtual NIC $myNic3 = New-AzNetworkInterface -ResourceGroupName "myResourceGroup" ` -Name "myNic3" ` -Location "EastUs" ` -SubnetId $backEnd.Id # Get the ID of the new virtual NIC and add to VM $nicId = (Get-AzNetworkInterface -ResourceGroupName "myResourceGroup" -Name "MyNic3").Id Add-AzVMNetworkInterface -VM $vm -Id $nicId | Update-AzVm -ResourceGroupName "myResourceGroup"Primary virtual NICs
One of the NICs on a multi-NIC VM needs to be primary. If one of the existing virtual NICs on the VM is already set as primary, you can skip this step. The following example assumes that two virtual NICs are now present on a VM and you wish to add the first NIC (
[0]) as the primary:# List existing NICs on the VM and find which one is primary $vm.NetworkProfile.NetworkInterfaces # Set NIC 0 to be primary $vm.NetworkProfile.NetworkInterfaces[0].Primary = $true $vm.NetworkProfile.NetworkInterfaces[1].Primary = $false # Update the VM state in Azure Update-AzVM -VM $vm -ResourceGroupName "myResourceGroup"Start the VM with Start-AzVm:
Start-AzVM -ResourceGroupName "myResourceGroup" -Name "myVM"Add routes for secondary NICs to the OS by completing the steps in Configure the operating system for multiple NICs.
Remove a NIC from an existing VM
To remove a virtual NIC from an existing VM, you deallocate the VM, remove the virtual NIC, then start the VM.
Deallocate the VM with Stop-AzVM. The following example deallocates the VM named myVM in myResourceGroup:
Stop-AzVM -Name "myVM" -ResourceGroupName "myResourceGroup"Get the existing configuration of the VM with Get-AzVm. The following example gets information for the VM named myVM in myResourceGroup:
$vm = Get-AzVm -Name "myVM" -ResourceGroupName "myResourceGroup"Get information about the NIC remove with Get-AzNetworkInterface. The following example gets information about myNic3:
# List existing NICs on the VM if you need to determine NIC name $vm.NetworkProfile.NetworkInterfaces $nicId = (Get-AzNetworkInterface -ResourceGroupName "myResourceGroup" -Name "myNic3").IdRemove the NIC with Remove-AzVMNetworkInterface and then update the VM with Update-AzVm. The following example removes myNic3 as obtained by
$nicIdin the preceding step:Remove-AzVMNetworkInterface -VM $vm -NetworkInterfaceIDs $nicId | ` Update-AzVm -ResourceGroupName "myResourceGroup"Start the VM with Start-AzVm:
Start-AzVM -Name "myVM" -ResourceGroupName "myResourceGroup"
Create multiple NICs with templates
Azure Resource Manager templates provide a way to create multiple instances of a resource during deployment, such as creating multiple NICs. Resource Manager templates use declarative JSON files to define your environment. For more information, see overview of Azure Resource Manager. You can use copy to specify the number of instances to create:
"copy": {
"name": "multiplenics",
"count": "[parameters('count')]"
}
For more information, see creating multiple instances by using copy.
You can also use copyIndex() to append a number to a resource name. You can then create myNic1, MyNic2 and so on. The following code shows an example of appending the index value:
"name": "[concat('myNic', copyIndex())]",
You can read a complete example of creating multiple NICs by using Resource Manager templates.
Add routes for secondary NICs to the OS by completing the steps in Configure the operating system for multiple NICs.
Configure guest OS for multiple NICs
Azure assigns a default gateway to the first (primary) network interface attached to the virtual machine. O Azure não atribui um gateway predefinido a interfaces de rede (secundárias) adicionais ligadas a uma máquina virtual. Por conseguinte, não pode comunicar com recursos que estejam fora da sub-rede em que se encontre uma interface de rede secundária, por predefinição. No entanto, as interfaces de rede secundárias podem se comunicar com recursos fora de sua sub-rede, embora as etapas para habilitar a comunicação sejam diferentes para sistemas operacionais diferentes.
From a Windows command prompt, run the
route printcommand, which returns output similar to the following output for a virtual machine with two attached network interfaces:=========================================================================== Interface List 3...00 0d 3a 10 92 ce ......Microsoft Hyper-V Network Adapter #3 7...00 0d 3a 10 9b 2a ......Microsoft Hyper-V Network Adapter #4 ===========================================================================In this example, Microsoft Hyper-V Network Adapter #4 (interface 7) is the secondary network interface that doesn't have a default gateway assigned to it.
From a command prompt, run the
ipconfigcommand to see which IP address is assigned to the secondary network interface. In this example, 192.168.2.4 is assigned to interface 7. Nenhum endereço de gateway padrão é retornado para a interface de rede secundária.To route all traffic destined for addresses outside the subnet of the secondary network interface to the gateway for the subnet, run the following command:
route add -p 0.0.0.0 MASK 0.0.0.0 192.168.2.1 METRIC 5015 IF 7The gateway address for the subnet is the first IP address (ending in .1) in the address range defined for the subnet. If you don't want to route all traffic outside the subnet, you could add individual routes to specific destinations, instead. For example, if you only wanted to route traffic from the secondary network interface to the 192.168.3.0 network, you enter the command:
route add -p 192.168.3.0 MASK 255.255.255.0 192.168.2.1 METRIC 5015 IF 7To confirm successful communication with a resource on the 192.168.3.0 network, for example, enter the following command to ping 192.168.3.4 using interface 7 (192.168.2.4):
ping 192.168.3.4 -S 192.168.2.4You may need to open ICMP through the Windows firewall of the device you're pinging with the following command:
netsh advfirewall firewall add rule name=Allow-ping protocol=icmpv4 dir=in action=allowTo confirm the added route is in the route table, enter the
route printcommand, which returns output similar to the following text:=========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 15 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.4 5015The route listed with 192.168.1.1 under Gateway, is the route that is there by default for the primary network interface. The route with 192.168.2.1 under Gateway, is the route you added.
Próximos passos
Review Windows VM sizes when you're trying to create a VM that has multiple NICs. Pay attention to the maximum number of NICs that each VM size supports.