source/locale/zh_CN/LC_MESSAGES/networking_and_traffic.po - cloudstack-docs-admin - Git at Google

 # SOME DESCRIPTIVE TITLE.
 # Copyright (C)
 # This file is distributed under the same license as the Apache CloudStack
 # Administration Documentation package.
 #
 # Translators:
 msgid ""
 msgstr ""
 "Project-Id-Version: Apache CloudStack Administration RTD\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2016-08-22 13:55+0200\n"
 "PO-Revision-Date: 2014-06-30 12:05+0000\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: Chinese (China) (http://www.transifex.com/projects/p"
 "/apache-cloudstack-administration-rtd/language/zh_CN/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=utf-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Generated-By: Babel 2.3.4\n"

 #: ../../networking_and_traffic.rst:18
 msgid "Managing Networks and Traffic"
 msgstr "网络和流量管理"

 #: ../../networking_and_traffic.rst:20
 msgid ""
 "In a CloudStack, guest VMs can communicate with each other using shared "
 "infrastructure with the security and user perception that the guests have"
 " a private LAN. The CloudStack virtual router is the main component "
 "providing networking features for guest traffic."
 msgstr "在CLOUDSTACK中，客户虚拟机之间可以在共享构架下相互通讯，并且可以在一个私有LAN中实现安全和用户互通。CLOUDSTACK的虚拟路由器是实现客户网络功能的主要组件。"

 #: ../../networking/guest_traffic.rst:18
 msgid "Guest Traffic"
 msgstr "来宾流量"

 #: ../../networking/guest_traffic.rst:20
 msgid ""
 "A network can carry guest traffic only between VMs within one zone. "
 "Virtual machines in different zones cannot communicate with each other "
 "using their IP addresses; they must communicate with each other by "
 "routing through a public IP address."
 msgstr "在同一个区域内，客户虚拟机之间可以互访，但在不同的区域内，客户虚拟机之间不可以通过（内网）IP地址互访，而只能通过公网IP路由才可以互连。"

 #: ../../networking/guest_traffic.rst:25
 msgid "See a typical guest traffic setup given below:"
 msgstr "下图是一个典型的来宾流量设置："

 #: ../../networking/guest_traffic.rst:27
 msgid "|guest-traffic-setup.png|"
 msgstr "|guest-traffic-setup.png|"

 #: ../../networking/guest_traffic.rst:29
 msgid ""
 "Typically, the Management Server automatically creates a virtual router "
 "for each network. A virtual router is a special virtual machine that runs"
 " on the hosts. Each virtual router in an isolated network has three "
 "network interfaces. If multiple public VLAN is used, the router will have"
 " multiple public interfaces. Its eth0 interface serves as the gateway for"
 " the guest traffic and has the IP address of 10.1.1.1. Its eth1 interface"
 " is used by the system to configure the virtual router. Its eth2 "
 "interface is assigned a public IP address for public traffic. If multiple"
 " public VLAN is used, the router will have multiple public interfaces."
 msgstr ""
 "通常，管理服务会自动为每一个网络建立一个虚拟路由。一个虚拟路由实际上就是运行在物理主机上的一台特殊的虚拟机。每一台在一个独立网络中的虚拟路由有3个网口。如果使用多个公共"
 " VLAN，相应的这台路由器就有多个公共的网口。 它的 eth0 网口是提供客户机通信的网关服务的，它的IP地址是 10.1.1.1。eth1 "
 "网口是为系统来配置这个虚拟路由而提供的。eth2 网口被赋予一个公共 IP 地址用来实现外部的公共通信。 同样如果使用了多个公共 VLAN "
 "接入，这台路由器将会拥有多个公共的网口。"

 #: ../../networking/guest_traffic.rst:40
 msgid ""
 "The virtual router provides DHCP and will automatically assign an IP "
 "address for each guest VM within the IP range assigned for the network. "
 "The user can manually reconfigure guest VMs to assume different IP "
 "addresses."
 msgstr "虚拟路由器提供DHCP功能，能自动的为每一个客户虚拟机在预先定义好的IP范围之内分配IP地址。用户也可以为虚拟机手工配置不同的IP地址。"

 #: ../../networking/guest_traffic.rst:45
 msgid ""
 "Source NAT is automatically configured in the virtual router to forward "
 "outbound traffic for all guest VMs"
 msgstr "Source NAT功能是在虚拟路由里自动配置好的，它可以转发所有来宾虚拟机的外出流量。"

 #: ../../networking/networking_in_pod.rst:18
 msgid "Networking in a Pod"
 msgstr "一个提供点里的网络"

 #: ../../networking/networking_in_pod.rst:20
 msgid ""
 "The figure below illustrates network setup within a single pod. The hosts"
 " are connected to a pod-level switch. At a minimum, the hosts should have"
 " one physical uplink to each switch. Bonded NICs are supported as well. "
 "The pod-level switch is a pair of redundant gigabit switches with 10 G "
 "uplinks."
 msgstr "下图演示了一个单提供点的网络配置。主机均连接到提供点层级的交换机。每一个主机至少有一个物理网卡连接到交换机。当然，这种环境也支持网卡绑定。提供点层级的交换机由两个1000M冗余组成，它们通过10G线路上联。"

 #: ../../networking/networking_in_pod.rst:26
 msgid "|networksinglepod.png|"
 msgstr "|networksinglepod.png|"

 #: ../../networking/networking_in_pod.rst:28
 msgid "Servers are connected as follows:"
 msgstr "服务器以如下形式连接："

 #: ../../networking/networking_in_pod.rst:30
 msgid ""
 "Storage devices are connected to only the network that carries management"
 " traffic."
 msgstr "存储设备只与管理网络连接。"

 #: ../../networking/networking_in_pod.rst:33
 msgid ""
 "Hosts are connected to networks for both management traffic and public "
 "traffic."
 msgstr "主机同时与管理网络和公共网络连接。"

 #: ../../networking/networking_in_pod.rst:36
 msgid "Hosts are also connected to one or more networks carrying guest traffic."
 msgstr "主机也与一个或多个来宾网络连接。"

 #: ../../networking/networking_in_pod.rst:39
 msgid ""
 "We recommend the use of multiple physical Ethernet cards to implement "
 "each network interface as well as redundant switch fabric in order to "
 "maximize throughput and improve reliability."
 msgstr "我们推荐用多个物理网卡以改进性能，也推荐用冗余的光纤交换机以改进网络可靠性。"

 #: ../../networking/networking_in_zone.rst:18
 msgid "Networking in a Zone"
 msgstr "一个区域里的网络"

 #: ../../networking/networking_in_zone.rst:20
 msgid "The following figure illustrates the network setup within a single zone."
 msgstr "下图说明了一个单一区域内的网络设置。"

 #: ../../networking/networking_in_zone.rst:22
 msgid "|networksetupzone.png|"
 msgstr "|networksetupzone.png|"

 #: ../../networking/networking_in_zone.rst:24
 msgid ""
 "A firewall for management traffic operates in the NAT mode. The network "
 "typically is assigned IP addresses in the 192.168.0.0/16 Class B private "
 "address space. Each pod is assigned IP addresses in the 192.168.\\*.0/24 "
 "Class C private address space."
 msgstr ""
 "用于管理通信的防火墙工作在NAT模式。通常是分配给网络中的IP地址192.168.0.0/16 "
 "B类私有地址空间。每个机柜（POD）分配的IP地址是192.168.*.0/24 C类私有地址空间。"

 #: ../../networking/networking_in_zone.rst:29
 msgid ""
 "Each zone has its own set of public IP addresses. Public IP addresses "
 "from different zones do not overlap."
 msgstr "每个区域都有自己的一套公网IP地址。来自不同区域的公网IP地址不重叠。"

 #: ../../networking/basic_zone_config.rst:19
 msgid "Basic Zone Physical Network Configuration"
 msgstr "基本区域物理网络配置"

 #: ../../networking/basic_zone_config.rst:21
 msgid ""
 "In a basic network, configuring the physical network is fairly "
 "straightforward. You only need to configure one guest network to carry "
 "traffic that is generated by guest VMs. When you first add a zone to "
 "CloudStack, you set up the guest network through the Add Zone screens."
 msgstr ""
 "在一个基本的网络中，物理网络的配置非常直接明了。你只需要配置一个客户网络（虚拟）以承载由客户虚拟机产生的流量。当你首次增加一个区域（Zone）到 "
 "CloudStack 中，你通过添加域（Add Zone）页面来设置客户网络（虚拟）。"

 #: ../../networking/advanced_zone_config.rst:19
 msgid "Advanced Zone Physical Network Configuration"
 msgstr "高级区域物理网络的配置"

 #: ../../networking/advanced_zone_config.rst:21
 msgid ""
 "Within a zone that uses advanced networking, you need to tell the "
 "Management Server how the physical network is set up to carry different "
 "kinds of traffic in isolation."
 msgstr "在使用复杂网络的区域中，你需要告知管理服务器，为了实现隔离不同类型的通讯，物理网络是如何设置的。"

 #: ../../networking/advanced_zone_config.rst:27
 msgid "Configure Guest Traffic in an Advanced Zone"
 msgstr "在高级域中设置客户通信"

 #: ../../networking/advanced_zone_config.rst:29
 msgid ""
 "These steps assume you have already logged in to the CloudStack UI. To "
 "configure the base guest network:"
 msgstr "下面的步骤假定你已经登录进入 CloudStack 的界面。设置基本的客户网络："

 #: ../../networking/advanced_zone_config.rst:32
 msgid ""
 "In the left navigation, choose Infrastructure. On Zones, click View More,"
 " then click the zone to which you want to add a network."
 msgstr "在左边的导航栏，选择基础架构。在区域界面点击查看全部，然后点击你要添加网络的区域。"

 #: ../../networking/advanced_zone_config.rst:35
 #: ../../networking/advanced_zone_config.rst:87
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:145
 msgid "Click the Network tab."
 msgstr "点击网络选项卡。"

 #: ../../networking/advanced_zone_config.rst:37
 #: ../../networking/advanced_zone_config.rst:89
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:147
 msgid "Click Add guest network."
 msgstr "点击 添加来宾网络。"

 #: ../../networking/advanced_zone_config.rst:39
 msgid "The Add guest network window is displayed:"
 msgstr "添加来宾网络窗口显示："

 #: ../../networking/advanced_zone_config.rst:41
 msgid "|addguestnetwork.png|"
 msgstr "|addguestnetwork.png|"

 #: ../../networking/advanced_zone_config.rst:43
 #: ../../networking/site_to_site_vpn.rst:66
 #: ../../networking/virtual_private_cloud_config.rst:189
 msgid "Provide the following information:"
 msgstr "填写以下内容："

 #: ../../networking/advanced_zone_config.rst:45
 msgid "**Name**: The name of the network. This will be user-visible"
 msgstr ""

 #: ../../networking/advanced_zone_config.rst:47
 msgid ""
 "**Display Text**: The description of the network. This will be user-"
 "visible"
 msgstr "**Display Text**：网络的描述。用户可见"

 #: ../../networking/advanced_zone_config.rst:50
 msgid "**Zone**: The zone in which you are configuring the guest network."
 msgstr "**Zone**: 这里的区域是指你要配置客户网络的区域。"

 #: ../../networking/advanced_zone_config.rst:52
 msgid ""
 "**Network offering**: If the administrator has configured multiple "
 "network offerings, select the one you want to use for this network"
 msgstr "**网络提议**: 如果管理员已经配置了多个网络方案，可以选择你需要的那个"

 #: ../../networking/advanced_zone_config.rst:55
 msgid "**Guest Gateway**: The gateway that the guests should use"
 msgstr "**Guest gateway**：虚拟机需要使用的网关"

 #: ../../networking/advanced_zone_config.rst:57
 msgid "**Guest Netmask**: The netmask in use on the subnet the guests will use"
 msgstr "**Guest Netmask**：客户虚拟机会使用的子网掩码"

 #: ../../networking/advanced_zone_config.rst:60
 #: ../../networking/global_server_load_balancing.rst:371
 #: ../../networking/ip_forwarding_and_firewalling.rst:215
 #: ../../networking/multiple_subnets_in_shared_network.rst:95
 #: ../../networking/persistent_networks.rst:94
 #: ../../networking/portable_ips.rst:84
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:115
 #: ../../networking/security_groups.rst:72
 #: ../../networking/site_to_site_vpn.rst:157
 #: ../../networking/site_to_site_vpn.rst:180
 #: ../../networking/virtual_private_cloud_config.rst:211
 #: ../../networking/virtual_private_cloud_config.rst:281
 #: ../../networking/virtual_private_cloud_config.rst:457
 #: ../../networking/virtual_private_cloud_config.rst:481
 msgid "Click OK."
 msgstr "点击确定。"

 #: ../../networking/advanced_zone_config.rst:64
 msgid "Configure Public Traffic in an Advanced Zone"
 msgstr "在高级区域中配置公共通信"

 #: ../../networking/advanced_zone_config.rst:66
 msgid ""
 "In a zone that uses advanced networking, you need to configure at least "
 "one range of IP addresses for Internet traffic."
 msgstr "在一个使用高级网络配置的区域中，你需要配置至少一个用于Internet通信的IP地址范围。"

 #: ../../networking/advanced_zone_config.rst:71
 msgid "Configuring a Shared Guest Network"
 msgstr "配置共享的客户网络"

 #: ../../networking/advanced_zone_config.rst:73
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:131
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:54
 msgid "Log in to the CloudStack UI as administrator."
 msgstr "作为管理员登录到CloudStack用户界面。"

 #: ../../networking/advanced_zone_config.rst:75
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:133
 #: ../../networking/multiple_subnets_in_shared_network.rst:54
 msgid "In the left navigation, choose Infrastructure."
 msgstr "在左边的导航，选择基础架构。"

 #: ../../networking/advanced_zone_config.rst:77
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:135
 msgid "On Zones, click View More."
 msgstr "在区域页面，点击查看全部。"

 #: ../../networking/advanced_zone_config.rst:79
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:137
 msgid "Click the zone to which you want to add a guest network."
 msgstr "选择要添加客户网络的那个区域。"

 #: ../../networking/advanced_zone_config.rst:81
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:139
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:62
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:132
 msgid "Click the Physical Network tab."
 msgstr "点击物理网络标签卡。"

 #: ../../networking/advanced_zone_config.rst:83
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:141
 msgid "Click the physical network you want to work with."
 msgstr "选择您要操作的物理网络。"

 #: ../../networking/advanced_zone_config.rst:85
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:143
 msgid "On the Guest node of the diagram, click Configure."
 msgstr "在客户节点界面，点击配置。"

 #: ../../networking/advanced_zone_config.rst:91
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:149
 msgid "The Add guest network window is displayed."
 msgstr "现实添加客户网络窗口。"

 #: ../../networking/advanced_zone_config.rst:93
 #: ../../networking/external_firewalls_and_load_balancers.rst:482
 #: ../../networking/global_server_load_balancing.rst:393
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:151
 #: ../../networking/multiple_subnets_in_shared_network.rst:75
 #: ../../networking/portable_ips.rst:70
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:79
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:89
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:107
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:142
 #: ../../networking/virtual_private_cloud_config.rst:248
 #: ../../networking/virtual_private_cloud_config.rst:541
 #: ../../networking/virtual_private_cloud_config.rst:1064
 #: ../../networking/virtual_private_cloud_config.rst:1332
 msgid "Specify the following:"
 msgstr "指定以下信息："

 #: ../../networking/advanced_zone_config.rst:95
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:153
 msgid "**Name**: The name of the network. This will be visible to the user."
 msgstr "**Name**: 要建立的网络的名字。这个是用户可见的"

 #: ../../networking/advanced_zone_config.rst:97
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:156
 msgid ""
 "**Description**: The short description of the network that can be "
 "displayed to users."
 msgstr "**描述**: 提供一个简短的方案描述。 "

 #: ../../networking/advanced_zone_config.rst:100
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:159
 msgid "**VLAN ID**: The unique ID of the VLAN."
 msgstr "**VLAN ID**: VLAN 的ID。"

 #: ../../networking/advanced_zone_config.rst:102
 msgid "**Isolated VLAN ID**: The unique ID of the Secondary Isolated VLAN."
 msgstr "**Isolated VLAN ID**: 二级独立 VLAN 的 ID。"

 #: ../../networking/advanced_zone_config.rst:105
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:167
 msgid "**Scope**: The available scopes are Domain, Account, Project, and All."
 msgstr "**Scope**: 可用的范围，包括域，帐户，项目和其他所以。"

 #: ../../networking/advanced_zone_config.rst:108
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:170
 msgid ""
 "**Domain**: Selecting Domain limits the scope of this guest network to "
 "the domain you specify. The network will not be available for other "
 "domains. If you select Subdomain Access, the guest network is available "
 "to all the sub domains within the selected domain."
 msgstr "**Domain**: 域，指定客户网络范围的域。指定域中的网络相对其他域是隔离不可见的。如果指定子域访问，域中的客户网络将在所有的子域中可用。"

 #: ../../networking/advanced_zone_config.rst:114
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:176
 msgid ""
 "**Account**: The account for which the guest network is being created "
 "for. You must specify the domain the account belongs to."
 msgstr "**Account**: 这里的帐户是为建立客户网络所指定的。必须指定域中所属的帐户。"

 #: ../../networking/advanced_zone_config.rst:118
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:180
 msgid ""
 "**Project**: The project for which the guest network is being created "
 "for. You must specify the domain the project belongs to."
 msgstr "**Project**: 项目是客户网络所建立的项目。必须为这个项目指定域。"

 #: ../../networking/advanced_zone_config.rst:122
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:184
 msgid ""
 "**All**: The guest network is available for all the domains, account, "
 "projects within the selected zone."
 msgstr "**All**:  选择它，会让客户网络对这个区域（Zone）中的所有域，帐户和项目都可用。"

 #: ../../networking/advanced_zone_config.rst:125
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:187
 msgid ""
 "**Network Offering**: If the administrator has configured multiple "
 "network offerings, select the one you want to use for this network."
 msgstr "**网络提议**:  如果管理员已经配置了多个网络方案，可以选择你需要的那个。"

 #: ../../networking/advanced_zone_config.rst:129
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:191
 msgid "**Gateway**: The gateway that the guests should use."
 msgstr "**Guest gateway**:  虚拟机需要使用的网关。"

 #: ../../networking/advanced_zone_config.rst:131
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:193
 msgid "**Netmask**: The netmask in use on the subnet the guests will use."
 msgstr "**Netmask**:  虚拟机子网要使用的网络掩码。"

 #: ../../networking/advanced_zone_config.rst:133
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:195
 msgid ""
 "**IP Range**: A range of IP addresses that are accessible from the "
 "Internet and are assigned to the guest VMs."
 msgstr "**IP Range**:  定义公网IP范围，这些IP用来访问公网或是从公网访问客户虚拟机。"

 #: ../../networking/advanced_zone_config.rst:136
 msgid ""
 "If one NIC is used, these IPs should be in the same CIDR in the case of "
 "IPv6."
 msgstr "如果使用了网卡，这些IP应该在相同的IPv6的CIDR中。"

 #: ../../networking/advanced_zone_config.rst:139
 msgid ""
 "**IPv6 CIDR**: The network prefix that defines the guest network subnet. "
 "This is the CIDR that describes the IPv6 addresses in use in the guest "
 "networks in this zone. To allot IP addresses from within a particular "
 "address block, enter a CIDR."
 msgstr "**IPv6 CIDR**:  用于定义网络子网的网络前缀。"

 #: ../../networking/advanced_zone_config.rst:144
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:198
 msgid ""
 "**Network Domain**: A custom DNS suffix at the level of a network. If you"
 " want to assign a special domain name to the guest VM network, specify a "
 "DNS suffix."
 msgstr "**网络域**:  如果你想为客户虚机网络定义一个域名，在此处输入后缀名。"

 #: ../../networking/advanced_zone_config.rst:148
 #: ../../networking/global_server_load_balancing.rst:415
 #: ../../networking/global_server_load_balancing.rst:439
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:202
 #: ../../networking/site_to_site_vpn.rst:310
 msgid "Click OK to confirm."
 msgstr "点击确定。"

 #: ../../networking/multiple_guest_networks.rst:18
 msgid "Using Multiple Guest Networks"
 msgstr "使用多个来宾网络"

 #: ../../networking/multiple_guest_networks.rst:20
 msgid ""
 "In zones that use advanced networking, additional networks for guest "
 "traffic may be added at any time after the initial installation. You can "
 "also customize the domain name associated with the network by specifying "
 "a DNS suffix for each network."
 msgstr "在使用高级网络的资源域里, 额外的来宾网络可以在初始安装后任何时间添加. 你还可以通过指定DNS后缀为每个网络自定义关联的域名."

 #: ../../networking/multiple_guest_networks.rst:25
 msgid ""
 "A VM's networks are defined at VM creation time. A VM cannot add or "
 "remove networks after it has been created, although the user can go into "
 "the guest and remove the IP address from the NIC on a particular network."
 msgstr "一个虚机的网络在其创建时定义. 当一个虚机创建以后, 就不能对其网络添加删除, 即便用户可以进入客户虚机删除指定网卡的IP地址."

 #: ../../networking/multiple_guest_networks.rst:30
 msgid ""
 "Each VM has just one default network. The virtual router's DHCP reply "
 "will set the guest's default gateway as that for the default network. "
 "Multiple non-default networks may be added to a guest in addition to the "
 "single, required default network. The administrator can control which "
 "networks are available as the default network."
 msgstr ""
 "每一个虚机只有一个默认的网络. 在这个默认网络里, 虚拟路由器的DHCP响应将设置客户的默认网关. 除了单一,必须的默认网络, "
 "多个非默认的网络也可以添加到客户虚机里. 管理员可以控制哪个网络作为默认的网络."

 #: ../../networking/multiple_guest_networks.rst:36
 msgid ""
 "Additional networks can either be available to all accounts or be "
 "assigned to a specific account. Networks that are available to all "
 "accounts are zone-wide. Any user with access to the zone can create a VM "
 "with access to that network. These zone-wide networks provide little or "
 "no isolation between guests.Networks that are assigned to a specific "
 "account provide strong isolation."
 msgstr ""
 "附加的网络可以给所有账户使用或者分配给特定的账户. 对所有账户都可用的网络在整个资源域有效. "
 "任何可以访问这个资源域的用户都可以使用这个网络创建虚机. 这些资源域一级的网络基本不提供客户之间的隔离. 分配给特定帐户的网络提供强制隔离的功能."

 #: ../../networking/multiple_guest_networks.rst:45
 msgid "Adding an Additional Guest Network"
 msgstr "增添一个虚拟机的网络"

 #: ../../networking/acquiring_an_ip_address.rst:20
 #: ../../networking/external_firewalls_and_load_balancers.rst:255
 #: ../../networking/ip_forwarding_and_firewalling.rst:59
 #: ../../networking/ip_forwarding_and_firewalling.rst:132
 #: ../../networking/ip_forwarding_and_firewalling.rst:245
 #: ../../networking/ip_reservation_in_guest_networks.rst:108
 #: ../../networking/multiple_guest_networks.rst:47
 #: ../../networking/multiple_guest_networks.rst:97
 #: ../../networking/multiple_guest_networks.rst:135
 #: ../../networking/multiple_guest_networks.rst:153
 #: ../../networking/multiple_guest_networks.rst:173
 #: ../../networking/multiple_subnets_in_shared_network.rst:52
 #: ../../networking/portable_ips.rst:58 ../../networking/portable_ips.rst:90
 #: ../../networking/releasing_an_ip_address.rst:24
 #: ../../networking/remote_access_vpn.rst:61
 #: ../../networking/security_groups.rst:62
 #: ../../networking/security_groups.rst:124
 #: ../../networking/site_to_site_vpn.rst:56
 #: ../../networking/site_to_site_vpn.rst:166
 #: ../../networking/site_to_site_vpn.rst:186
 #: ../../networking/site_to_site_vpn.rst:248
 #: ../../networking/site_to_site_vpn.rst:379 ../../networking/static_nat.rst:36
 #: ../../networking/virtual_private_cloud_config.rst:179
 #: ../../networking/virtual_private_cloud_config.rst:223
 #: ../../networking/virtual_private_cloud_config.rst:333
 #: ../../networking/virtual_private_cloud_config.rst:382
 #: ../../networking/virtual_private_cloud_config.rst:494
 #: ../../networking/virtual_private_cloud_config.rst:664
 #: ../../networking/virtual_private_cloud_config.rst:731
 #: ../../networking/virtual_private_cloud_config.rst:790
 #: ../../networking/virtual_private_cloud_config.rst:850
 #: ../../networking/virtual_private_cloud_config.rst:1016
 #: ../../networking/virtual_private_cloud_config.rst:1229
 #: ../../networking/virtual_private_cloud_config.rst:1284
 #: ../../networking/virtual_private_cloud_config.rst:1362
 #: ../../networking/virtual_private_cloud_config.rst:1390
 msgid "Log in to the CloudStack UI as an administrator or end user."
 msgstr "使用管理员或者终端用户账号登录CloudStack UI。"

 #: ../../networking/acquiring_an_ip_address.rst:22
 #: ../../networking/external_firewalls_and_load_balancers.rst:257
 #: ../../networking/ip_forwarding_and_firewalling.rst:61
 #: ../../networking/ip_forwarding_and_firewalling.rst:134
 #: ../../networking/ip_reservation_in_guest_networks.rst:110
 #: ../../networking/multiple_guest_networks.rst:49
 #: ../../networking/multiple_guest_networks.rst:179
 #: ../../networking/portable_ips.rst:92
 #: ../../networking/releasing_an_ip_address.rst:26
 #: ../../networking/security_groups.rst:64
 #: ../../networking/site_to_site_vpn.rst:58
 #: ../../networking/site_to_site_vpn.rst:168
 #: ../../networking/site_to_site_vpn.rst:188
 #: ../../networking/site_to_site_vpn.rst:250
 #: ../../networking/site_to_site_vpn.rst:381 ../../networking/static_nat.rst:38
 #: ../../networking/virtual_private_cloud_config.rst:181
 #: ../../networking/virtual_private_cloud_config.rst:225
 #: ../../networking/virtual_private_cloud_config.rst:335
 #: ../../networking/virtual_private_cloud_config.rst:384
 #: ../../networking/virtual_private_cloud_config.rst:496
 #: ../../networking/virtual_private_cloud_config.rst:666
 #: ../../networking/virtual_private_cloud_config.rst:733
 #: ../../networking/virtual_private_cloud_config.rst:792
 #: ../../networking/virtual_private_cloud_config.rst:852
 #: ../../networking/virtual_private_cloud_config.rst:1018
 #: ../../networking/virtual_private_cloud_config.rst:1231
 #: ../../networking/virtual_private_cloud_config.rst:1286
 #: ../../networking/virtual_private_cloud_config.rst:1364
 #: ../../networking/virtual_private_cloud_config.rst:1392
 msgid "In the left navigation, choose Network."
 msgstr "在左侧的导航栏，选择网络。"

 #: ../../networking/multiple_guest_networks.rst:51
 msgid "Click Add guest network. Provide the following information:"
 msgstr "地阿基添加来宾网络。提供以下信息："

 #: ../../networking/multiple_guest_networks.rst:53
 msgid "**Name**: The name of the network. This will be user-visible."
 msgstr "**Name**：网络的名称。对于最终用户可见。"

 #: ../../networking/multiple_guest_networks.rst:55
 msgid ""
 "**Display Text**: The description of the network. This will be user-"
 "visible."
 msgstr "**Display Text**:网络的描述信息。对于最终用户可见。"

 #: ../../networking/multiple_guest_networks.rst:58
 msgid ""
 "**Zone**. The name of the zone this network applies to. Each zone is a "
 "broadcast domain, and therefore each zone has a different IP range for "
 "the guest network. The administrator must configure the IP range for each"
 " zone."
 msgstr "**Zone**：此网络所应用到zone的名称。每个zone都是一个广播域，因此每个zone中的来宾网络都有不同的IP范围。管理员必须为每个zone配置IP范围。"

 #: ../../networking/multiple_guest_networks.rst:63
 msgid ""
 "**Network offering**: If the administrator has configured multiple "
 "network offerings, select the one you want to use for this network."
 msgstr "**Network offering**: 如果管理员已经配置了多个网络，选择一个你想使用的。"

 #: ../../networking/multiple_guest_networks.rst:67
 msgid "**Guest Gateway**: The gateway that the guests should use."
 msgstr "**Guest Gateway**: 来宾网络的网关。"

 #: ../../networking/multiple_guest_networks.rst:69
 msgid "**Guest Netmask**: The netmask in use on the subnet the guests will use."
 msgstr "**Guest Netmask**: 来宾网络的子网掩码。"

 #: ../../networking/multiple_guest_networks.rst:72
 msgid "Click Create."
 msgstr "点击创建。"

 #: ../../networking/multiple_guest_networks.rst:76
 msgid "Reconfiguring Networks in VMs"
 msgstr "在VMs中重新配置网络"

 #: ../../networking/multiple_guest_networks.rst:78
 msgid ""
 "CloudStack provides you the ability to move VMs between networks and "
 "reconfigure a VM's network. You can remove a VM from a network and add to"
 " a new network. You can also change the default network of a virtual "
 "machine. With this functionality, hybrid or traditional server loads can "
 "be accommodated with ease."
 msgstr "CloudStack能让你在不同网络间移动VMs和重新配置VM的网络。你可以从一个网络中移除一个VM，再将其移动到另一个网络。你同样可以修改虚拟机的默认我拿过来，使用这个功能，混合和传统的服务器负载可以被轻松缓解。"

 #: ../../networking/multiple_guest_networks.rst:84
 msgid "This feature is supported on XenServer, VMware, and KVM hypervisors."
 msgstr "XenServer、VMware和KVM hypervisors支持这个特性。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:428
 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:97
 #: ../../networking/multiple_guest_networks.rst:88
 msgid "Prerequisites"
 msgstr "先决条件"

 #: ../../networking/multiple_guest_networks.rst:90
 msgid ""
 "Ensure that vm-tools are running on guest VMs for adding or removing "
 "networks to work on VMware hypervisor."
 msgstr "确保虚拟机上安装了vm-tools以便通过VMware hypervisor添加或移除网络。"

 #: ../../networking/multiple_guest_networks.rst:95
 msgid "Adding a Network"
 msgstr "添加网络"

 #: ../../networking/multiple_guest_networks.rst:99
 #: ../../networking/multiple_guest_networks.rst:137
 #: ../../networking/multiple_guest_networks.rst:155
 msgid "In the left navigation, click Instances."
 msgstr "在左侧的导航菜单中，点击实例。"

 #: ../../networking/multiple_guest_networks.rst:101
 #: ../../networking/multiple_guest_networks.rst:139
 #: ../../networking/multiple_guest_networks.rst:157
 msgid "Choose the VM that you want to work with."
 msgstr "选择你要处理的VM。"

 #: ../../networking/multiple_guest_networks.rst:103
 #: ../../networking/multiple_guest_networks.rst:141
 #: ../../networking/multiple_guest_networks.rst:159
 msgid "Click the NICs tab."
 msgstr "点击网络适配器标签。"

 #: ../../networking/multiple_guest_networks.rst:105
 msgid "Click Add network to VM."
 msgstr "将网络添加到 VM"

 #: ../../networking/multiple_guest_networks.rst:107
 msgid "The Add network to VM dialog is displayed."
 msgstr "显示添加网络对话框。"

 #: ../../networking/multiple_guest_networks.rst:109
 msgid ""
 "In the drop-down list, select the network that you would like to add this"
 " VM to."
 msgstr "在下拉列表里选择你要添加给VM的网络。"

 #: ../../networking/multiple_guest_networks.rst:112
 msgid ""
 "A new NIC is added for this network. You can view the following details "
 "in the NICs page:"
 msgstr "这样就为这个网络添加了一个新网卡。你可以在网卡页面查看下列信息："

 #: ../../networking/multiple_guest_networks.rst:115
 msgid "ID"
 msgstr "ID"

 #: ../../networking/multiple_guest_networks.rst:117
 msgid "Network Name"
 msgstr "网络名称"

 #: ../../networking/multiple_guest_networks.rst:119
 msgid "Type"
 msgstr "类型"

 #: ../../networking/multiple_guest_networks.rst:121
 #: ../../networking/site_to_site_vpn.rst:236
 #: ../../networking/site_to_site_vpn.rst:316
 msgid "IP Address"
 msgstr "IP地址"

 #: ../../networking/multiple_guest_networks.rst:123
 #: ../../networking/site_to_site_vpn.rst:318
 msgid "Gateway"
 msgstr "网关"

 #: ../../networking/multiple_guest_networks.rst:125
 msgid "Netmask"
 msgstr "子网掩码"

 #: ../../networking/multiple_guest_networks.rst:127
 msgid "Is default"
 msgstr "默认的"

 #: ../../networking/multiple_guest_networks.rst:129
 msgid "CIDR (for IPv6)"
 msgstr "CIDR（IPv6）"

 #: ../../networking/multiple_guest_networks.rst:133
 msgid "Removing a Network"
 msgstr "移除网络"

 #: ../../networking/multiple_guest_networks.rst:143
 msgid "Locate the NIC you want to remove."
 msgstr "找到你要移除的网卡上。"

 #: ../../networking/multiple_guest_networks.rst:145
 msgid "Click Remove NIC button. |remove-nic.png|"
 msgstr "点击移除网卡按钮。|remove-nic.png|"

 #: ../../networking/multiple_guest_networks.rst:147
 #: ../../networking/multiple_guest_networks.rst:165
 msgid "Click Yes to confirm."
 msgstr "点击Yes确认。"

 #: ../../networking/multiple_guest_networks.rst:151
 msgid "Selecting the Default Network"
 msgstr "选择默认网络"

 #: ../../networking/multiple_guest_networks.rst:161
 msgid "Locate the NIC you want to work with."
 msgstr "找到你想要的网卡。"

 #: ../../networking/multiple_guest_networks.rst:163
 msgid "Click the Set default NIC button. |set-default-nic.png|."
 msgstr "点击设置为默认网卡按钮。 |set-default-nic.png|."

 #: ../../networking/multiple_guest_networks.rst:168
 msgid "Changing the Network Offering on a Guest Network"
 msgstr "在来宾网络上更改网络方案"

 #: ../../networking/multiple_guest_networks.rst:170
 msgid ""
 "A user or administrator can change the network offering that is "
 "associated with an existing guest network."
 msgstr "用户或者管理员可以更改与之相关的来宾网络的网络方案。"

 #: ../../networking/multiple_guest_networks.rst:175
 msgid ""
 "If you are changing from a network offering that uses the CloudStack "
 "virtual router to one that uses external devices as network service "
 "providers, you must first stop all the VMs on the network."
 msgstr "如果你将使用CloudStack虚拟路由的一个网络方案改成使用公共网络设备作为网络服务商，那么你必须先关掉该网络中的所有虚机。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:112
 #: ../../networking/multiple_guest_networks.rst:181
 msgid "Click the name of the network you want to modify."
 msgstr "点击你要修改的网络名称。"

 #: ../../networking/multiple_guest_networks.rst:183
 msgid "In the Details tab, click Edit. |edit-icon.png|"
 msgstr "在  详细  页签，点击 编辑按钮。|edit-icon.png|"

 #: ../../networking/multiple_guest_networks.rst:185
 msgid "In Network Offering, choose the new network offering, then click Apply."
 msgstr "在网络方案中，选择新的网络方案，然后点击应用。"

 #: ../../networking/multiple_guest_networks.rst:188
 msgid ""
 "A prompt is displayed asking whether you want to keep the existing CIDR. "
 "This is to let you know that if you change the network offering, the CIDR"
 " will be affected."
 msgstr "这时会有一个提示问你是否保持已存在的CIDR不变。这是让你了解如果你改变网络了方案，那么CIDR会受到影响。"

 #: ../../networking/multiple_guest_networks.rst:192
 msgid ""
 "If you upgrade between virtual router as a provider and an external "
 "network device as provider, acknowledge the change of CIDR to continue, "
 "so choose Yes."
 msgstr "如果你将虚拟路由升级到外网设备，在看到变更CIDR以继续时，请选择Yes。"

 #: ../../networking/multiple_guest_networks.rst:196
 msgid ""
 "Wait for the update to complete. Don't try to restart VMs until the "
 "network change is complete."
 msgstr "等待更新完成。在网络变更完成之前不要试图重启虚拟机。"

 #: ../../networking/multiple_guest_networks.rst:199
 msgid "If you stopped any VMs, restart them."
 msgstr "如果你停止了任何VMs，请重启他们。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:18
 msgid "IP Reservation in Isolated Guest Networks"
 msgstr "隔离的来宾网络中的预留IP"

 #: ../../networking/ip_reservation_in_guest_networks.rst:20
 msgid ""
 "In isolated guest networks, a part of the guest IP address space can be "
 "reserved for non-CloudStack VMs or physical servers. To do so, you "
 "configure a range of Reserved IP addresses by specifying the CIDR when a "
 "guest network is in Implemented state. If your customers wish to have "
 "non-CloudStack controlled VMs or physical servers on the same network, "
 "they can share a part of the IP address space that is primarily provided "
 "to the guest network."
 msgstr ""
 "在隔离的来宾网络中，来宾IP地址空间中的一部分可以被保留下来以供非CloudStack "
 "VMs或者物理服务器使用。要真么做，你应该在来宾网络应用状态时依靠指定CIDR来配置一个预留IP地址范围。如果你的客户希望在同一个网络中有非CloudStack控制的VMs或者物理服务器，它们可以共享一部分主要为来宾网络提供的IP地址空间。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:28
 msgid ""
 "In an Advanced zone, an IP address range or a CIDR is assigned to a "
 "network when the network is defined. The CloudStack virtual router acts "
 "as the DHCP server and uses CIDR for assigning IP addresses to the guest "
 "VMs. If you decide to reserve CIDR for non-CloudStack purposes, you can "
 "specify a part of the IP address range or the CIDR that should only be "
 "allocated by the DHCP service of the virtual router to the guest VMs "
 "created in CloudStack. The remaining IPs in that network are called "
 "Reserved IP Range. When IP reservation is configured, the administrator "
 "can add additional VMs or physical servers that are not part of "
 "CloudStack to the same network and assign them the Reserved IP addresses."
 " CloudStack guest VMs cannot acquire IPs from the Reserved IP Range."
 msgstr "在高级域中，定义一个网络时要给其赋予一个IP地址范围或CIDR。CloudStack虚拟路由器起着DHCP的作用，并通过CIDR来给客户虚拟机分配IP地址。如果为了预留CIDR不用于cloudstack，应当进行说明，即部分IP地址范围或CIDR仅能被DHCP服务分配给在cloudstack中创建的虚拟机。剩下的IP地址被称作预留IP地址范围。当预留的IP被配置时，管理员可以增加额外的虚拟机或并不属于cloudstack的物理服务器到同一个网络，可以将预留的IP地址指定给他们。cloudstack的客户虚拟机不能够从预留的IP地址中获得地址。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:43
 msgid "IP Reservation Considerations"
 msgstr "IP预留事项"

 #: ../../networking/ip_reservation_in_guest_networks.rst:45
 msgid ""
 "Consider the following before you reserve an IP range for non-CloudStack "
 "machines:"
 msgstr "在给非cloudstack内的机器预留IP地址时，要考虑以下几个方面："

 #: ../../networking/ip_reservation_in_guest_networks.rst:48
 msgid "IP Reservation is supported only in Isolated networks."
 msgstr "IP预留仅在隔离网络内支持"

 #: ../../networking/ip_reservation_in_guest_networks.rst:50
 msgid ""
 "IP Reservation can be applied only when the network is in Implemented "
 "state."
 msgstr "仅当网络在实施状态时，IP预留才能被应用。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:53
 msgid "No IP Reservation is done by default."
 msgstr "默认不做IP预留。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:55
 msgid "Guest VM CIDR you specify must be a subset of the network CIDR."
 msgstr "指定客户的CIDR必须是网络CIDR的子网。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:57
 msgid ""
 "Specify a valid Guest VM CIDR. IP Reservation is applied only if no "
 "active IPs exist outside the Guest VM CIDR."
 msgstr "指定一个有效的客户虚拟机CIDR。只有不活动的IP在客户虚拟机CIDR存在时，IP预留才能被应用。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:60
 msgid ""
 "You cannot apply IP Reservation if any VM is alloted with an IP address "
 "that is outside the Guest VM CIDR."
 msgstr "如果任一虚拟机被分配了客户虚拟机CIDR之外的IP地址时，IP预留将不能应用。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:63
 msgid ""
 "To reset an existing IP Reservation, apply IP reservation by specifying "
 "the value of network CIDR in the CIDR field."
 msgstr "为重置一个已存在的IP预留，通过在CIDR框指定CIDR值就可应用IP预留。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:66
 msgid ""
 "For example, the following table describes three scenarios of guest "
 "network creation:"
 msgstr "例如，下表描述了客户网络创建的三种情形："

 #: ../../networking/ip_reservation_in_guest_networks.rst:72
 msgid "Case"
 msgstr "案例"

 #: ../../networking/ip_reservation_in_guest_networks.rst:72
 #: ../../networking/remote_access_vpn.rst:124
 #: ../../networking/site_to_site_vpn.rst:211
 #: ../../networking/site_to_site_vpn.rst:274
 #: ../../networking/site_to_site_vpn.rst:406
 #: ../../networking/virtual_private_cloud_config.rst:323
 #: ../../networking/virtual_private_cloud_config.rst:354
 #: ../../networking/virtual_private_cloud_config.rst:521
 #: ../../networking/virtual_private_cloud_config.rst:756
 #: ../../networking/virtual_private_cloud_config.rst:814
 #: ../../networking/virtual_private_cloud_config.rst:875
 #: ../../networking/virtual_private_cloud_config.rst:1041
 #: ../../networking/virtual_private_cloud_config.rst:1309
 msgid "CIDR"
 msgstr "CIDR"

 #: ../../networking/ip_reservation_in_guest_networks.rst:72
 msgid "Network CIDR"
 msgstr "网络CIDR"

 #: ../../networking/ip_reservation_in_guest_networks.rst:72
 msgid "Reserved IP Range for Non-CloudStack VMs"
 msgstr "非cloudstack虚拟机的IP预留范围"

 #: ../../networking/ip_reservation_in_guest_networks.rst:72
 msgid "Description"
 msgstr "描述"

 #: ../../networking/ip_reservation_in_guest_networks.rst:74
 #: ../../networking/virtual_private_cloud_config.rst:325
 msgid "1"
 msgstr "1"

 #: ../../networking/ip_reservation_in_guest_networks.rst:74
 #: ../../networking/ip_reservation_in_guest_networks.rst:75
 #: ../../networking/ip_reservation_in_guest_networks.rst:78
 msgid "10.1.1.0/24"
 msgstr "10.1.1.0/24"

 #: ../../networking/ip_reservation_in_guest_networks.rst:74
 #: ../../networking/ip_reservation_in_guest_networks.rst:78
 msgid "None"
 msgstr "无"

 #: ../../networking/ip_reservation_in_guest_networks.rst:74
 msgid "No IP Reservation."
 msgstr "无"

 #: ../../networking/ip_reservation_in_guest_networks.rst:75
 #: ../../networking/virtual_private_cloud_config.rst:326
 msgid "2"
 msgstr "2"

 #: ../../networking/ip_reservation_in_guest_networks.rst:75
 msgid "10.1.1.0/26"
 msgstr "10.1.1.0/26"

 #: ../../networking/ip_reservation_in_guest_networks.rst:75
 msgid "10.1.1.64 to 10.1.1.254"
 msgstr "10.1.1.64-10.1.1.254"

 #: ../../networking/ip_reservation_in_guest_networks.rst:75
 msgid ""
 "IP Reservation configured by the UpdateNetwork API with "
 "guestvmcidr=10.1.1.0/26 or enter 10.1.1.0/26 in the CIDR field in the UI."
 msgstr "在界面的CIDR框内输入10.1.1.0/26或通过UpdateNetwork的API配置为guestvmcidr=10.1.1.0/26，进行IP预留配置"

 #: ../../networking/ip_reservation_in_guest_networks.rst:78
 msgid "3"
 msgstr "3"

 #: ../../networking/ip_reservation_in_guest_networks.rst:78
 msgid ""
 "Removing IP Reservation by the UpdateNetwork API with "
 "guestvmcidr=10.1.1.0/24 or enter 10.1.1.0/24 in the CIDR field in the UI."
 msgstr ""
 "在界面的CIDR框内输入10.1.1.0/24或通过UpdateNetwork "
 "API配置为guestvmcidr=10.1.1.0/24，进行IP预留清除"

 #: ../../networking/ip_reservation_in_guest_networks.rst:85
 #: ../../networking/palo_alto_config.rst:467
 #: ../../networking/security_groups.rst:91
 msgid "Limitations"
 msgstr "局限性"

 #: ../../networking/ip_reservation_in_guest_networks.rst:87
 msgid ""
 "The IP Reservation is not supported if active IPs that are found outside "
 "the Guest VM CIDR."
 msgstr "如果在客户虚拟机CIDR外发现活动的IP地址，IP预留将不被支持。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:90
 msgid ""
 "Upgrading network offering which causes a change in CIDR (such as "
 "upgrading an offering with no external devices to one with external "
 "devices) IP Reservation becomes void if any. Reconfigure IP Reservation "
 "in the new re-implemeted network."
 msgstr "在IP预留中，引起CIDR变化的网络升级方案都将无效，如将无外部设备的方案升级到带有外部设备的方案。在新实施的网络中，要重新配置IP预留。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:97
 msgid "Best Practices"
 msgstr "最佳实践"

 #: ../../networking/ip_reservation_in_guest_networks.rst:99
 msgid ""
 "Apply IP Reservation to the guest network as soon as the network state "
 "changes to Implemented. If you apply reservation soon after the first "
 "guest VM is deployed, lesser conflicts occurs while applying reservation."
 msgstr "一旦网络状态变为实施，应尽快应用IP预留到客户网络。如果在第一台客户虚拟机部署后应用IP预留，则会在应用IP会有较少的冲突发生。"

 #: ../../networking/ip_reservation_in_guest_networks.rst:106
 msgid "Reserving an IP Range"
 msgstr "预留一个IP范围"

 #: ../../networking/ip_reservation_in_guest_networks.rst:114
 msgid "In the Details tab, click Edit. |ip-edit-icon.png|"
 msgstr ""

 #: ../../networking/ip_reservation_in_guest_networks.rst:116
 msgid "The CIDR field changes to editable one."
 msgstr "CIDR框将变为可编辑状态"

 #: ../../networking/ip_reservation_in_guest_networks.rst:118
 msgid "In CIDR, specify the Guest VM CIDR."
 msgstr "在CIDR框，说明客户虚拟机的CIDR"

 #: ../../networking/ip_reservation_in_guest_networks.rst:120
 msgid "Click Apply."
 msgstr "点击应用"

 #: ../../networking/ip_reservation_in_guest_networks.rst:122
 msgid ""
 "Wait for the update to complete. The Network CIDR and the Reserved IP "
 "Range are displayed on the Details page."
 msgstr "等待更新完成。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:18
 msgid "Reserving Public IP Addresses and VLANs for Accounts"
 msgstr "为账户预留公共IP地址及VLANS"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:20
 msgid ""
 "CloudStack provides you the ability to reserve a set of public IP "
 "addresses and VLANs exclusively for an account. During zone creation, you"
 " can continue defining a set of VLANs and multiple public IP ranges. This"
 " feature extends the functionality to enable you to dedicate a fixed set "
 "of VLANs and guest IP addresses for a tenant."
 msgstr "CloudStack可以让你能够独立的为账户预留一部分公共IP地址和VLANS。在创建区域阶段，你可以继续定义一部分VLANS以及多个公共IP范围。这种功能扩展特性可以让你能够为客户预留固定的一部分VLAN和客户IP地址"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:26
 msgid ""
 "Note that if an account has consumed all the VLANs and IPs dedicated to "
 "it, the account can acquire two more resources from the system. "
 "CloudStack provides the root admin with two configuration parameter to "
 "modify this default behavior: use.system.public.ips and "
 "use.system.guest.vlans. These global parameters enable the root admin to "
 "disallow an account from acquiring public IPs and guest VLANs from the "
 "system, if the account has dedicated resources and these dedicated "
 "resources have all been consumed. Both these configurations are "
 "configurable at the account level."
 msgstr "注意，如果一个账户使用了所有分配给他的VLAN和IP，这个账户可以从系统获得二个以上的资源。CloudStack为根管理员提供了二个参数可以进行控制，分别是use.system.public.ips和use.system.guest.vlans。当一个账户分配了资源并且这些资源已经被消耗掉时，这二个全局参数可以使根管理员拒绝此账户从公共IP和来宾VLAN获取资源。二个配置都能在帐户级别进行配置。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:36
 msgid "This feature provides you the following capabilities:"
 msgstr "这些特性可提供以下的功能："

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:38
 msgid ""
 "Reserve a VLAN range and public IP address range from an Advanced zone "
 "and assign it to an account"
 msgstr "从一个高级区域中预留一个VLAN范围和公共IP地址，并可以将其指定给一个账户。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:41
 msgid "Disassociate a VLAN and public IP address range from an account"
 msgstr "将一个VLAN和IP地址从一个账户解除联系。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:43
 msgid "View the number of public IP addresses allocated to an account"
 msgstr "查看分配给帐户的公共IP地址。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:45
 msgid ""
 "Check whether the required range is available and is conforms to account "
 "limits."
 msgstr "检查需要的范围是否可用并且要符合帐户限制。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:48
 msgid "The maximum IPs per account limit cannot be superseded."
 msgstr "不能超过每个账户最大的IP限制数。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:52
 msgid "Dedicating IP Address Ranges to an Account"
 msgstr "分配IP地址给一个账户"

 #: ../../networking/global_server_load_balancing.rst:317
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:56
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:126
 msgid "In the left navigation bar, click Infrastructure."
 msgstr "在左侧导航栏中，点击基础架构"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:58
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:128
 msgid "In Zones, click View All."
 msgstr "在区域中，点击查看全部"

 #: ../../networking/global_server_load_balancing.rst:321
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:60
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:130
 msgid "Choose the zone you want to work with."
 msgstr "选择你要设置的区域。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:64
 msgid "In the Public node of the diagram, click Configure."
 msgstr "在图的公共节点上，点击配置。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:66
 msgid "Click the IP Ranges tab."
 msgstr "点击IP范围页签。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:68
 msgid ""
 "You can either assign an existing IP range to an account, or create a new"
 " IP range and assign to an account."
 msgstr "或者指定一个已经的IP范围给帐户，或创建一个新的IP范围并指定给一个帐户。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:71
 msgid "To assign an existing IP range to an account, perform the following:"
 msgstr "要指定一个已有IP范围给帐户，按以下操作进行"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:73
 msgid "Locate the IP range you want to work with."
 msgstr "确定需要分配的IP范围"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:75
 msgid "Click Add Account |addAccount-icon.png| button."
 msgstr "点击添加帐户按钮。|addAccount-icon.png| "

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:77
 msgid "The Add Account dialog is displayed."
 msgstr "会弹出添加帐户对话框。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:81
 msgid "**Account**: The account to which you want to assign the IP address range."
 msgstr "**帐户**: 即需要指定IP地址范围的帐户"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:84
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:112
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:150
 msgid "**Domain**: The domain associated with the account."
 msgstr "**域**: 与帐户关联的域名"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:86
 msgid "To create a new IP range and assign an account, perform the following:"
 msgstr "要指定一个新的IP范围给帐户，按以下操作进行"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:91
 msgid "**Gateway**"
 msgstr "**网关**"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:93
 msgid "**Netmask**"
 msgstr "**掩码**"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:95
 msgid "**VLAN**"
 msgstr "**VLAN**"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:97
 msgid "**Start IP**"
 msgstr "**起始IP**"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:99
 msgid "**End IP**"
 msgstr "**结束IP**"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:101
 msgid "**Account**: Perform the following:"
 msgstr "**帐户**: 按以下操作进行："

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:103
 msgid "Click Account."
 msgstr "点击帐户"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:105
 msgid "The Add Account page is displayed."
 msgstr "会显示添加帐户页"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:109
 msgid "**Account**: The account to which you want to assign an IP address range."
 msgstr ""

 #: ../../networking/ip_forwarding_and_firewalling.rst:88
 #: ../../networking/ip_forwarding_and_firewalling.rst:163
 #: ../../networking/ip_forwarding_and_firewalling.rst:276
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:117
 #: ../../networking/remote_access_vpn.rst:155
 #: ../../networking/security_groups.rst:210
 #: ../../networking/virtual_private_cloud_config.rst:644
 msgid "Click Add."
 msgstr "点击 添加"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:121
 msgid "Dedicating VLAN Ranges to an Account"
 msgstr "确定需要分配的IP范围"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:123
 msgid ""
 "After the CloudStack Management Server is installed, log in to the "
 "CloudStack UI as administrator."
 msgstr "安装好CloudStack管理端后，使用管理员帐号登录CloudStack用户界面。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:61
 #: ../../networking/public_ips_and_vlans_for_accounts.rst:134
 msgid "In the Guest node of the diagram, click Configure."
 msgstr "在图中的来宾节点上，点击配置"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:136
 msgid "Select the Dedicated VLAN Ranges tab."
 msgstr "选择分配VLAN范围页签"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:138
 msgid "Click Dedicate VLAN Range."
 msgstr "点击分配VLAN范围"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:140
 msgid "The Dedicate VLAN Range dialog is displayed."
 msgstr "会弹出分配VLAN对话框。"

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:144
 msgid "**VLAN Range**: The VLAN range that you want to assign to an account."
 msgstr ""

 #: ../../networking/public_ips_and_vlans_for_accounts.rst:147
 msgid ""
 "**Account**: The account to which you want to assign the selected VLAN "
 "range."
 msgstr ""

 #: ../../networking/multiple_ips_on_single_nic.rst:18
 msgid "Configuring Multiple IP Addresses on a Single NIC"
 msgstr "在单网卡配置多个IP地址"

 #: ../../networking/multiple_ips_on_single_nic.rst:20
 msgid ""
 "CloudStack provides you the ability to associate multiple private IP "
 "addresses per guest VM NIC. In addition to the primary IP, you can assign"
 " additional IPs to the guest VM NIC. This feature is supported on all the"
 " network configurations: Basic, Advanced, and VPC. Security Groups, "
 "Static NAT and Port forwarding services are supported on these additional"
 " IPs."
 msgstr "CloudStack能够让你给每个客户虚拟机网卡配置多个私有IP地址，除主IP地址外，你可以指定额外的IP地址到客户虚拟机网卡。在所有的网络配置中，如基础配置，高级配置，VPC，均支持这一功能。安全组，静态NAT及端口转发服务在额外的IP地址上也都被支持。"

 #: ../../networking/multiple_ips_on_single_nic.rst:27
 msgid ""
 "As always, you can specify an IP from the guest subnet; if not specified,"
 " an IP is automatically picked up from the guest VM subnet. You can view "
 "the IPs associated with for each guest VM NICs on the UI. You can apply "
 "NAT on these additional guest IPs by using network configuration option "
 "in the CloudStack UI. You must specify the NIC to which the IP should be "
 "associated."
 msgstr "当然，你也可以从来宾子网中指定一个IP，如果没有指定，将会从来宾虚拟机子网中自动选择一个。可以从UI中查看每一个与来宾虚拟机网卡关联的IP地址。也可以在CloudStack界面中通过网络配置选项在那些额外的来宾虚拟机上应用NAT。但必须指明网卡与哪一个IP关联。"

 #: ../../networking/multiple_ips_on_single_nic.rst:34
 msgid ""
 "This feature is supported on XenServer, KVM, and VMware hypervisors. Note"
 " that Basic zone security groups are not supported on VMware."
 msgstr "在XenServer，KVM和VMware虚拟机中，都支持这些功能。注意，VMware不支持基础区域的安全组。"

 #: ../../networking/multiple_ips_on_single_nic.rst:39
 msgid "Use Cases"
 msgstr "使用案例"

 #: ../../networking/multiple_ips_on_single_nic.rst:41
 msgid "Some of the use cases are described below:"
 msgstr "一些使用案例见以下描述"

 #: ../../networking/multiple_ips_on_single_nic.rst:43
 msgid ""
 "Network devices, such as firewalls and load balancers, generally work "
 "best when they have access to multiple IP addresses on the network "
 "interface."
 msgstr "网络设备，如防火墙或负责均衡设备，一般来讲，当他们在网络接口上接入更多的IP地址时，他们能够更好的工作。"

 #: ../../networking/multiple_ips_on_single_nic.rst:47
 msgid ""
 "Moving private IP addresses between interfaces or instances. Applications"
 " that are bound to specific IP addresses can be moved between instances."
 msgstr "在接口和实例中迁移IP地址。绑定到特定IP地址的应用可以在实例中迁移。"

 #: ../../networking/multiple_ips_on_single_nic.rst:51
 msgid ""
 "Hosting multiple SSL Websites on a single instance. You can install "
 "multiple SSL certificates on a single instance, each associated with a "
 "distinct IP address."
 msgstr "在单个实例上开启多个SSL网站。可以在单个实例上安装多个SSL认证，每一个认证都关联一个单独的IP地址。"

 #: ../../networking/multiple_ips_on_single_nic.rst:57
 #: ../../networking/portable_ips.rst:48
 #: ../../networking/virtual_private_cloud_config.rst:1127
 msgid "Guidelines"
 msgstr "指南"

 #: ../../networking/multiple_ips_on_single_nic.rst:59
 msgid ""
 "To prevent IP conflict, configure different subnets when multiple "
 "networks are connected to the same VM."
 msgstr "为防止IP冲突，当多个网络连接至同一个虚拟机时，要配置不同的子网。"

 #: ../../networking/multiple_ips_on_single_nic.rst:64
 msgid "Assigning Additional IPs to a VM"
 msgstr "指定额外的IP给虚拟机"

 #: ../../networking/multiple_ips_on_single_nic.rst:66
 msgid "Log in to the CloudStack UI."
 msgstr "登录到CloudStack的界面"

 #: ../../networking/multiple_ips_on_single_nic.rst:68
 msgid "In the left navigation bar, click Instances."
 msgstr "在左侧导航栏，点击实例"

 #: ../../networking/multiple_ips_on_single_nic.rst:70
 msgid "Click the name of the instance you want to work with."
 msgstr "点击拟配置的实例"

 #: ../../networking/multiple_ips_on_single_nic.rst:72
 msgid "In the Details tab, click NICs."
 msgstr "在详细 页签，点击网卡"

 #: ../../networking/multiple_ips_on_single_nic.rst:74
 msgid "Click View Secondary IPs."
 msgstr "点击查看二级地址"

 #: ../../networking/multiple_ips_on_single_nic.rst:76
 msgid "Click Acquire New Secondary IP, and click Yes in the confirmation dialog."
 msgstr "点击获取新二级IP，在确认对话框点击确定。"

 #: ../../networking/multiple_ips_on_single_nic.rst:79
 msgid ""
 "You need to configure the IP on the guest VM NIC manually. CloudStack "
 "will not automatically configure the acquired IP address on the VM. "
 "Ensure that the IP address configuration persist on VM reboot."
 msgstr "需要手动配置来宾虚拟机的网卡。在虚拟机上，CloudStack不会自动配置获取IP。确保在虚拟机重启IP地址配置仍有效。"

 #: ../../networking/multiple_ips_on_single_nic.rst:83
 msgid ""
 "Within a few moments, the new IP address should appear with the state "
 "Allocated. You can now use the IP address in Port Forwarding or StaticNAT"
 " rules."
 msgstr "稍等一会，新的IP地址会出现，状态栏为会显示为分配。现在可以在端口转发或静态NAT规则中使用此IP地址了。"

 #: ../../networking/multiple_ips_on_single_nic.rst:89
 msgid "Port Forwarding and StaticNAT Services Changes"
 msgstr "更改端口转发和静态NAT服务"

 #: ../../networking/multiple_ips_on_single_nic.rst:91
 msgid ""
 "Because multiple IPs can be associated per NIC, you are allowed to select"
 " a desired IP for the Port Forwarding and StaticNAT services. The default"
 " is the primary IP. To enable this functionality, an extra optional "
 "parameter 'vmguestip' is added to the Port forwarding and StaticNAT APIs "
 "(enableStaticNat, createIpForwardingRule) to indicate on what IP address "
 "NAT need to be configured. If vmguestip is passed, NAT is configured on "
 "the specified private IP of the VM. if not passed, NAT is configured on "
 "the primary IP of the VM."
 msgstr ""
 "因为每一个网卡都可关联至多IP，CloudStack可以允许为端口转发及静态NAT服务选择一个目标IP。默认为主IP。为开启此功能，另一个可选的配置参数"
 "  虚拟机来宾IP 需要被加至端口转发及静态NAT "
 "的API中去（开启静态NAT，创建IP端口转发），以示IP地址NAT需要配置。如果虚拟机来宾IP "
 "没有设置，NAT会配置在虚拟机的私有IP上，如果设置了，NAT会配置在虚拟机的主IP上。"

 #: ../../networking/multiple_ip_ranges.rst:18
 msgid "About Multiple IP Ranges"
 msgstr "关于多IP范围"

 #: ../../networking/multiple_ip_ranges.rst:20
 msgid "The feature can only be implemented on IPv4 addresses."
 msgstr "这些功能仅能在IPV4的地址是实现。"

 #: ../../networking/multiple_ip_ranges.rst:22
 msgid ""
 "CloudStack provides you with the flexibility to add guest IP ranges from "
 "different subnets in Basic zones and security groups-enabled Advanced "
 "zones. For security groups-enabled Advanced zones, it implies multiple "
 "subnets can be added to the same VLAN. With the addition of this feature,"
 " you will be able to add IP address ranges from the same subnet or from a"
 " different one when IP address are exhausted. This would in turn allows "
 "you to employ higher number of subnets and thus reduce the address "
 "management overhead. To support this feature, the capability of "
 "``createVlanIpRange`` API is extended to add IP ranges also from a "
 "different subnet."
 msgstr "在基础区域以及高级区域的开启安全组，CloudStack能够让你从不同的子网添加来宾IP范围。对于高级区域的开启安全组，多个子网可被加至同一个VLAN。随着此功能的增加，当IP地址耗尽时，你能够从同一个子网或从不同的子网添加IP范围。这会允许你添加更多的子网，因此减少了了地址管理的问题。为支持这一特性，创建VLANIP范围的API被加以扩展，这样就能从不同的子网添加IP范围"

 #: ../../networking/multiple_ip_ranges.rst:33
 msgid ""
 "Ensure that you manually configure the gateway of the new subnet before "
 "adding the IP range. Note that CloudStack supports only one gateway for a"
 " subnet; overlapping subnets are not currently supported."
 msgstr "确实在添加IP范围前，手动配置了子网的网关。注意，CloudStack仅支持一个子网有一个网关。不支持重叠的子网。"

 #: ../../networking/multiple_ip_ranges.rst:37
 msgid ""
 "Use the ``deleteVlanRange`` API to delete IP ranges. This operation fails"
 " if an IP from the remove range is in use. If the remove range contains "
 "the IP address on which the DHCP server is running, CloudStack acquires a"
 " new IP from the same subnet. If no IP is available in the subnet, the "
 "remove operation fails."
 msgstr "使用删除VLAN范围的API删除IP范围。如果拟删除的IP在被使用时，此操作会失败。如果删除的范围包含DHCP服务器拟分配的IP地址CloudStack会从同一个子网下获取新的IP。如果在子网内没有可供利用的IP时，删除操作会失败。"

 #: ../../networking/multiple_ip_ranges.rst:43
 msgid "This feature is supported on KVM, xenServer, and VMware hypervisors."
 msgstr "在KVM, xenServer以及VMware虚拟机中，都支持这项功能。 "

 #: ../../networking/elastic_ips.rst:18
 msgid "About Elastic IPs"
 msgstr ""

 #: ../../networking/elastic_ips.rst:20
 msgid ""
 "Elastic IP (EIP) addresses are the IP addresses that are associated with "
 "an account, and act as static IP addresses. The account owner has the "
 "complete control over the Elastic IP addresses that belong to the "
 "account. As an account owner, you can allocate an Elastic IP to a VM of "
 "your choice from the EIP pool of your account. Later if required you can "
 "reassign the IP address to a different VM. This feature is extremely "
 "helpful during VM failure. Instead of replacing the VM which is down, the"
 " IP address can be reassigned to a new VM in your account."
 msgstr "弹性IP（EIP）地址是指与帐户关联的IP地址，能起到静态IP地址的作用。帐户所有者能完全控制隶属于此账户的弹性IP。作为帐户拥有者，你可以从你帐户的EIP池中选择一个IP分配给虚拟机。如果后续需要，你可以继续分配此IP地址给另一个虚拟机。在VM宕机时，此功能特别有用。此IP地址可以重新指定给一个新的虚拟机，而不是取代已经宕机的虚拟机。"

 #: ../../networking/elastic_ips.rst:29
 msgid ""
 "Similar to the public IP address, Elastic IP addresses are mapped to "
 "their associated private IP addresses by using StaticNAT. The EIP service"
 " is equipped with StaticNAT (1:1) service in an EIP-enabled basic zone. "
 "The default network offering, "
 "DefaultSharedNetscalerEIPandELBNetworkOffering, provides your network "
 "with EIP and ELB network services if a NetScaler device is deployed in "
 "your zone. Consider the following illustration for more details."
 msgstr "与公共IP地址一样，弹性IP地址通过使用静态NAT关联至与之相关的私有IP地址。在起用了EIP的基础域中，EIP的服务与静态NAT的服务一一对应。默认的网络方案，默认共享EIP与负载均衡网络方案，在区域部署了NetScaler设备的前提下，能够提供EIP以及ELB网络服务。参见以下更详细的说明。"

 #: ../../networking/elastic_ips.rst:37
 msgid "|eip-ns-basiczone.png|"
 msgstr "|eip-ns-basiczone.png|"

 #: ../../networking/elastic_ips.rst:39
 msgid ""
 "In the illustration, a NetScaler appliance is the default entry or exit "
 "point for the CloudStack instances, and firewall is the default entry or "
 "exit point for the rest of the data center. Netscaler provides LB "
 "services and staticNAT service to the guest networks. The guest traffic "
 "in the pods and the Management Server are on different subnets / VLANs. "
 "The policy-based routing in the data center core switch sends the public "
 "traffic through the NetScaler, whereas the rest of the data center goes "
 "through the firewall."
 msgstr "在图中，NetScaler设备对CloudStack的实例而言是一个默认的入口或出口，防火墙是剩余数据中心的出口或入口。Netscaler对来宾网络提供负载均衡以及静态NAT的服务。在机架和管理服务器上，来宾流量是不同的子网或VLAN。在数据中心的核心交换机的基础路由策略是通过NetScaler转发公共流量，其他数据中心的流量则通过防火墙。"

 #: ../../networking/elastic_ips.rst:48
 msgid "The EIP work flow is as follows:"
 msgstr "EIP的工作流如下："

 #: ../../networking/elastic_ips.rst:50
 msgid ""
 "When a user VM is deployed, a public IP is automatically acquired from "
 "the pool of public IPs configured in the zone. This IP is owned by the "
 "VM's account."
 msgstr "当部署一个用户虚拟机时，会从区域配置的IP中自动获得一个公共IP。这个IP为虚拟机帐户所拥有。"

 #: ../../networking/elastic_ips.rst:54
 msgid ""
 "Each VM will have its own private IP. When the user VM starts, Static NAT"
 " is provisioned on the NetScaler device by using the Inbound Network "
 "Address Translation (INAT) and Reverse NAT (RNAT) rules between the "
 "public IP and the private IP."
 msgstr "每一个虚拟机都有自己的私有IP。当来客户虚拟机启动时，通过使用在公共IP和私有IP之间的入口网络地址转换（INAT）以及预留地址转换（RNAT），NetScaler设备可以提供静态NAT"

 #: ../../networking/elastic_ips.rst:60
 msgid ""
 "Inbound NAT (INAT) is a type of NAT supported by NetScaler, in which the "
 "destination IP address is replaced in the packets from the public "
 "network, such as the Internet, with the private IP address of a VM in the"
 " private network. Reverse NAT (RNAT) is a type of NAT supported by "
 "NetScaler, in which the source IP address is replaced in the packets "
 "generated by a VM in the private network with the public IP address."
 msgstr "入口网络地址转换（INAT）是NetScaler支持的一类NAT类型，在此类型中，来自公共网络（如Internet)的数据包中的目标IP地址被私有网络中虚拟机的私有地址取代。预留地址转换（RNAT）也是NetScaler支持的一类NAT类型，私有网络中虚拟机产生的数据包中的源IP地址被公共IP地址取代。"

 #: ../../networking/elastic_ips.rst:67
 msgid "This default public IP will be released in two cases:"
 msgstr "默认的公共IP在两种情况下会被释放："

 #: ../../networking/elastic_ips.rst:69
 msgid ""
 "When the VM is stopped. When the VM starts, it again receives a new "
 "public IP, not necessarily the same one allocated initially, from the "
 "pool of Public IPs."
 msgstr "当虚拟机停止时。当虚拟机启动时，可以重新获取一个新的公共IP，并不必须是从公共IP地址池中最初分配的那一个。"

 #: ../../networking/elastic_ips.rst:73
 msgid ""
 "The user acquires a public IP (Elastic IP). This public IP is associated "
 "with the account, but will not be mapped to any private IP. However, the "
 "user can enable Static NAT to associate this IP to the private IP of a VM"
 " in the account. The Static NAT rule for the public IP can be disabled at"
 " any time. When Static NAT is disabled, a new public IP is allocated from"
 " the pool, which is not necessarily be the same one allocated initially."
 msgstr "当用户获取公共IP（弹性IP）时。这些公共IP与帐户相关联，但不与任何私有IP相关。然而，用户可以开启静态NAT将帐户中虚拟机的私有IP与之关联。对应公共IP的静态NAT规则可随时取消。当静态NAT关闭时，会从地址池中分配的一个新的公共IP，并不必须是最初分配的那一个。"

 #: ../../networking/elastic_ips.rst:81
 msgid ""
 "For the deployments where public IPs are limited resources, you have the "
 "flexibility to choose not to allocate a public IP by default. You can use"
 " the Associate Public IP option to turn on or off the automatic public IP"
 " assignment in the EIP-enabled Basic zones. If you turn off the automatic"
 " public IP assignment while creating a network offering, only a private "
 "IP is assigned to a VM when the VM is deployed with that network "
 "offering. Later, the user can acquire an IP for the VM and enable static "
 "NAT."
 msgstr "对部署而言，公共IP会受限于资源，可以灵活的选择默认不分配公共IP。可以在开启了EIP的基础区域中，通过关联公共IP选项来打开或关闭自动公共IP指定。如果在创建网络方案时，你关闭了自动公共IP指定，则在使用此网络方案部署时，仅会分配一个私有IP给虚拟机。此后，用户虚拟机可以获取一个IP，并可以开启静态NAT。"

 #: ../../networking/elastic_ips.rst:90
 msgid ""
 "For more information on the Associate Public IP option, see `\"Creating a"
 " New Network Offering\" <networking.html#creating-a-new-network-"
 "offering>`_."
 msgstr ""
 "要了解更多关于关联公共IP的选项，请参考`\"创建一个新的网络方案\" <networking.html#creating-a-new-"
 "network-offering>`_."

 #: ../../networking/elastic_ips.rst:94
 msgid ""
 "The Associate Public IP feature is designed only for use with user VMs. "
 "The System VMs continue to get both public IP and private by default, "
 "irrespective of the network offering configuration."
 msgstr "设计关联公共IP的功能，仅是为使用用户虚拟机。系统虚拟机仍然默认会获取公共IP和私有IP，与网络配置并不相关。"

 #: ../../networking/elastic_ips.rst:98
 msgid ""
 "New deployments which use the default shared network offering with EIP "
 "and ELB services to create a shared network in the Basic zone will "
 "continue allocating public IPs to each user VM."
 msgstr "在基础区域中，使用默认具有EIP和ELB服务的网络方案来创建共享网络时，仍然会给每一个用户虚拟机分配公共IP。"

 #: ../../networking/portable_ips.rst:18
 msgid "Portable IPs"
 msgstr "端口IP"

 #: ../../networking/portable_ips.rst:21
 msgid "About Portable IP"
 msgstr "关于端口IP"

 #: ../../networking/portable_ips.rst:23
 msgid ""
 "Portable IPs in CloudStack are region-level pool of IPs, which are "
 "elastic in nature, that can be transferred across geographically "
 "separated zones. As an administrator, you can provision a pool of "
 "portable public IPs at region level and are available for user "
 "consumption. The users can acquire portable IPs if admin has provisioned "
 "portable IPs at the region level they are part of. These IPs can be use "
 "for any service within an advanced zone. You can also use portable IPs "
 "for EIP services in basic zones."
 msgstr "在CloudStack中，端口IP是地域级的IP地址池，其天然具有弹性，亦即可以在地理隔离的区域中进行转发。作为管理员,可以在地域级提供IP地址池供用户使用。如果在用户所属的地域，其管理员提供了端口IP，用户就可以获取此类IP。在高级区域内，这些IP可用于任一服务。也可以在基础区域中为EIP服务使用端口IP。"

 #: ../../networking/portable_ips.rst:32
 msgid "The salient features of Portable IP are as follows:"
 msgstr "端口IP的主要功能如下："

 #: ../../networking/portable_ips.rst:34
 msgid "IP is statically allocated"
 msgstr "IP是静态分配的。"

 #: ../../networking/portable_ips.rst:36
 msgid "IP need not be associated with a network"
 msgstr "IP与网络无关。"

 #: ../../networking/portable_ips.rst:38
 msgid "IP association is transferable across networks"
 msgstr "IP关联是可以通过网络转发的。"

 #: ../../networking/portable_ips.rst:40
 msgid "IP is transferable across both Basic and Advanced zones"
 msgstr "IP可以在基础区域和高级区域中转发。"

 #: ../../networking/portable_ips.rst:42
 msgid "IP is transferable across VPC, non-VPC isolated and shared networks"
 msgstr "IP可通过VPC，非VPC隔离和共享网络进行转发。"

 #: ../../networking/portable_ips.rst:44
 msgid "Portable IP transfer is available only for static NAT."
 msgstr "端口IP转发仅对静态NAT可用。"

 #: ../../networking/portable_ips.rst:50
 msgid ""
 "Before transferring to another network, ensure that no network rules "
 "(Firewall, Static NAT, Port Forwarding, and so on) exist on that portable"
 " IP."
 msgstr "在转发至另一网络前，确保没有网络规则（如防火墙，静态NAT，端口转发等等）不存在于端口IP。"

 #: ../../networking/portable_ips.rst:56
 msgid "Configuring Portable IPs"
 msgstr "配置端口IP"

 #: ../../networking/portable_ips.rst:60
 msgid "In the left navigation, click Regions."
 msgstr "在左侧导航栏中，点击地域"

 #: ../../networking/portable_ips.rst:62
 msgid "Choose the Regions that you want to work with."
 msgstr "选择拟修改的地域。"

 #: ../../networking/portable_ips.rst:64
 msgid "Click View Portable IP."
 msgstr "点击查看端口IP"

 #: ../../networking/portable_ips.rst:66
 msgid "Click Portable IP Range."
 msgstr "点击端口IP范围"

 #: ../../networking/portable_ips.rst:68
 msgid "The Add Portable IP Range window is displayed."
 msgstr "会出现 添加端口IP范围的窗口"

 #: ../../networking/portable_ips.rst:72
 msgid ""
 "**Start IP/ End IP**: A range of IP addresses that are accessible from "
 "the Internet and will be allocated to guest VMs. Enter the first and last"
 " IP addresses that define a range that CloudStack can assign to guest "
 "VMs."
 msgstr ""
 "**起始IP/结束IP**: "
 "从Internet可以访问的一个IP地址范围，将会分配给客户虚拟机。输入起始IP以及结束IP，定义CloudStack指定给客户虚拟机的IP范围。"

 #: ../../networking/portable_ips.rst:77
 msgid ""
 "**Gateway**: The gateway in use for the Portable IP addresses you are "
 "configuring."
 msgstr "**网关**: 配置端口IP地址所使用的网关。"

 #: ../../networking/portable_ips.rst:80
 msgid "**Netmask**: The netmask associated with the Portable IP range."
 msgstr "**掩码**: 与端口IP范围关联的掩码。"

 #: ../../networking/portable_ips.rst:82
 msgid "**VLAN**: The VLAN that will be used for public traffic."
 msgstr "**VLAN**: 公共流量拟使用的VLAN。"

 #: ../../networking/portable_ips.rst:88
 msgid "Acquiring a Portable IP"
 msgstr "获取端口IP。"

 #: ../../networking/acquiring_an_ip_address.rst:24
 #: ../../networking/ip_forwarding_and_firewalling.rst:63
 #: ../../networking/portable_ips.rst:94
 #: ../../networking/releasing_an_ip_address.rst:28
 #: ../../networking/static_nat.rst:40
 msgid "Click the name of the network where you want to work with."
 msgstr "点击拟修改的网络名称。"

 #: ../../networking/acquiring_an_ip_address.rst:26
 #: ../../networking/external_firewalls_and_load_balancers.rst:262
 #: ../../networking/ip_forwarding_and_firewalling.rst:65
 #: ../../networking/portable_ips.rst:96
 #: ../../networking/releasing_an_ip_address.rst:30
 #: ../../networking/remote_access_vpn.rst:84 ../../networking/static_nat.rst:42
 msgid "Click View IP Addresses."
 msgstr "点击查看IP地址。"

 #: ../../networking/acquiring_an_ip_address.rst:28
 #: ../../networking/portable_ips.rst:98
 msgid "Click Acquire New IP."
 msgstr "点击获取新IP。"

 #: ../../networking/acquiring_an_ip_address.rst:30
 #: ../../networking/portable_ips.rst:100
 msgid "The Acquire New IP window is displayed."
 msgstr "获取新IP的窗口会出现。"

 #: ../../networking/acquiring_an_ip_address.rst:32
 #: ../../networking/portable_ips.rst:102
 msgid "Specify whether you want cross-zone IP or not."
 msgstr "说明是否需要IP跨区。"

 #: ../../networking/portable_ips.rst:104
 msgid "Click Yes in the confirmation dialog."
 msgstr "在确认对话框中点击确定。"

 #: ../../networking/acquiring_an_ip_address.rst:40
 #: ../../networking/portable_ips.rst:106
 msgid ""
 "Within a few moments, the new IP address should appear with the state "
 "Allocated. You can now use the IP address in port forwarding or static "
 "NAT rules."
 msgstr "稍等一会，新的IP地址会出现，状态栏为会显示为分配。现在可以在端口转发或静态NAT规则中使用此IP地址了。"

 #: ../../networking/portable_ips.rst:112
 msgid "Transferring Portable IP"
 msgstr "便携式IP"

 #: ../../networking/portable_ips.rst:114
 msgid ""
 "An IP can be transferred from one network to another only if Static NAT "
 "is enabled. However, when a portable IP is associated with a network, you"
 " can use it for any service in the network."
 msgstr "IP要从一个网络转换至另一网络的话，只需启用静态NAT。但是，当一个portable IP对应一个网络的时候，你可以在网络中为任何服务使用它 。"

 #: ../../networking/portable_ips.rst:118
 msgid "To transfer a portable IP across the networks, execute the following API:"
 msgstr "要跨网络转换一个portable IP，执行下列API："

 #: ../../networking/portable_ips.rst:125
 msgid ""
 "Replace the UUID with appropriate UUID. For example, if you want to "
 "transfer a portable IP to network X and VM Y in a network, execute the "
 "following:"
 msgstr "用正确的UUID替换此处的UUID。比如，如果你想转换一个portable IP至X网络和一个网络中的VM Y，请执行下列操作："

 #: ../../networking/multiple_subnets_in_shared_network.rst:18
 msgid "Multiple Subnets in Shared Network"
 msgstr "共享网络中的多子网"

 #: ../../networking/multiple_subnets_in_shared_network.rst:20
 msgid ""
 "CloudStack provides you with the flexibility to add guest IP ranges from "
 "different subnets in Basic zones and security groups-enabled Advanced "
 "zones. For security groups-enabled Advanced zones, it implies multiple "
 "subnets can be added to the same VLAN. With the addition of this feature,"
 " you will be able to add IP address ranges from the same subnet or from a"
 " different one when IP address are exhausted. This would in turn allows "
 "you to employ higher number of subnets and thus reduce the address "
 "management overhead. You can delete the IP ranges you have added."
 msgstr ""
 "CloudStack为你提供了在基本zones和启用了安全组的高级zones不同的子网中灵活的添加来宾IP段功能 "
 "。在启用了安全组的高级zones中，这意味着多子网可以被添加到同一个VLAN。这个特性还意味着，当IP地址用尽的时候，你可以从同一个子网或从不同的子网添加IP地址范围。这将允许你使用更多的子网，降低地址管理工作量。你也可以删除已经添加的IP地址范围。"

 #: ../../networking/global_server_load_balancing.rst:255
 #: ../../networking/ip_forwarding_and_firewalling.rst:107
 #: ../../networking/multiple_subnets_in_shared_network.rst:32
 msgid "Prerequisites and Guidelines"
 msgstr "先决条件和指南"

 #: ../../networking/multiple_subnets_in_shared_network.rst:34
 msgid "This feature can only be implemented:"
 msgstr "这个特性只能被实现在："

 #: ../../networking/multiple_subnets_in_shared_network.rst:36
 msgid "on IPv4 addresses"
 msgstr "IPv4地址"

 #: ../../networking/multiple_subnets_in_shared_network.rst:38
 msgid "if virtual router is the DHCP provider"
 msgstr "如果虚拟路由是由DHCP提供的"

 #: ../../networking/multiple_subnets_in_shared_network.rst:40
 msgid "on KVM, xenServer, and VMware hypervisors"
 msgstr "在KVM，XenServer和VMware hypervisors"

 #: ../../networking/multiple_subnets_in_shared_network.rst:42
 msgid ""
 "Manually configure the gateway of the new subnet before adding the IP "
 "range."
 msgstr "在添加IP范围之前，手动配置新子网的网关。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:45
 msgid ""
 "CloudStack supports only one gateway for a subnet; overlapping subnets "
 "are not currently supported"
 msgstr "CloudStack只支持一个子网对应一个网关；交叉子网目前不支持。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:50
 msgid "Adding Multiple Subnets to a Shared Network"
 msgstr "给共享网络添加多子网"

 #: ../../networking/multiple_subnets_in_shared_network.rst:56
 msgid ""
 "On Zones, click View More, then click the zone to which you want to work "
 "with.."
 msgstr "在Zones上，点击查看更多，然后点击你要进行操作的zone.."

 #: ../../networking/multiple_subnets_in_shared_network.rst:59
 msgid "Click Physical Network."
 msgstr "点击物理网络。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:63
 msgid "Click Networks."
 msgstr "点击网络。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:65
 msgid "Select the networks you want to work with."
 msgstr "选择你想要操作的网络。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:67
 msgid "Click View IP Ranges."
 msgstr "点击查看IP范围。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:69
 msgid "Click Add IP Range."
 msgstr "点击添加IP范围。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:71
 msgid "The Add IP Range dialog is displayed, as follows:"
 msgstr "显示的添加IP范围对话框如下："

 #: ../../networking/multiple_subnets_in_shared_network.rst:73
 msgid "|add-ip-range.png|"
 msgstr "|add-ip-range.png|"

 #: ../../networking/multiple_subnets_in_shared_network.rst:77
 #: ../../networking/virtual_private_cloud_config.rst:250
 msgid "All the fields are mandatory."
 msgstr "所有的区域必须填写的。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:79
 #: ../../networking/virtual_private_cloud_config.rst:262
 msgid ""
 "**Gateway**: The gateway for the tier you create. Ensure that the gateway"
 " is within the Super CIDR range that you specified while creating the "
 "VPC, and is not overlapped with the CIDR of any existing tier within the "
 "VPC."
 msgstr "**网关**：你创建网络层的网关。确保网关在你创建VPC时指定的超级CIDR范围内，并且不能与已存在VPC的任何网络层的CIDR重叠。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:84
 #: ../../networking/virtual_private_cloud_config.rst:275
 msgid "**Netmask**: The netmask for the tier you create."
 msgstr "**子网掩码**：你创建的网络层的子网掩码。"

 #: ../../networking/multiple_subnets_in_shared_network.rst:86
 #: ../../networking/virtual_private_cloud_config.rst:277
 msgid ""
 "For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is "
 "10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the "
 "tier is 255.255.255.0."
 msgstr ""
 "比如，如果VPC "
 "CIDR是10.0.0.0/16并且该网络层CIDR是10.0.1.0/24，那么这个网络层的网关是10.0.1.1，子网掩码是255.255.255.0."

 #: ../../networking/multiple_subnets_in_shared_network.rst:90
 msgid ""
 "**Start IP/ End IP**: A range of IP addresses that are accessible from "
 "the Internet and will be allocated to guest VMs. Enter the first and last"
 " IP addresses that define a range that CloudStack can assign to guest VMs"
 " ."
 msgstr "**起始/结束IP**：从互联网获得的和将被分配给来宾VMsIP地址范围。输入第一个和最后一个IP地址，该地址范围定义的是CloudStack能分配给来宾VMs的范围。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:18
 msgid "Isolation in Advanced Zone Using Private VLAN"
 msgstr "使用Private VLAN隔离高级Zone中的网络"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:20
 msgid ""
 "Isolation of guest traffic in shared networks can be achieved by using "
 "Private VLANs (PVLAN). PVLANs provide Layer 2 isolation between ports "
 "within the same VLAN. In a PVLAN-enabled shared network, a user VM cannot"
 " reach other user VM though they can reach the DHCP server and gateway, "
 "this would in turn allow users to control traffic within a network and "
 "help them deploy multiple applications without communication between "
 "application as well as prevent communication with other users' VMs."
 msgstr ""
 "在共享网络中的隔离来宾流量能被Private "
 "VLAN（PVLAN）获取。PVLANs提供同一个VLAN里端口间的2层网络隔离。在启用了PVLAN的共享网络，一个用户VM不能到达其他用户VM，但是他们能与DHCP服务器和网关通讯，反过来这样能允许用户去控制网络内部的流量，并且帮助他们像阻止与其他用户VMs通讯一样的去部署无需通讯的多个应用程序。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:29
 msgid "Isolate VMs in a shared networks by using Private VLANs."
 msgstr "使用PVLAN在共享网络中隔离VMs。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:31
 msgid "Supported on KVM, XenServer, and VMware hypervisors"
 msgstr "在KVM，XenServer和VMware hypervisors中支持"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:33
 msgid ""
 "PVLAN-enabled shared network can be a part of multiple networks of a "
 "guest VM."
 msgstr "启用了PVLAN的共享网络可以是来宾VM的多个网络的一部分。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:38
 msgid "About Private VLAN"
 msgstr "关于Private VLAN"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:40
 msgid ""
 "In an Ethernet switch, a VLAN is a broadcast domain where hosts can "
 "establish direct communication with each another at Layer 2. Private VLAN"
 " is designed as an extension of VLAN standard to add further segmentation"
 " of the logical broadcast domain. A regular VLAN is a single broadcast "
 "domain, whereas a private VLAN partitions a larger VLAN broadcast domain "
 "into smaller sub-domains. A sub-domain is represented by a pair of VLANs:"
 " a Primary VLAN and a Secondary VLAN. The original VLAN that is being "
 "divided into smaller groups is called Primary, which implies that all "
 "VLAN pairs in a private VLAN share the same Primary VLAN. All the "
 "secondary VLANs exist only inside the Primary. Each Secondary VLAN has a "
 "specific VLAN ID associated to it, which differentiates one sub-domain "
 "from another."
 msgstr ""
 "在以太网交换机中，VLAN是二层网络中的一个主机之间主机能建立直接通讯的广播域 。Private "
 "VLAN被设计成一个标准的VLAN的延伸，为了进一步细分逻辑广播域。一个规则的VLAN是单一广播域，但是一个 private "
 "VLAN将一个较大的VLAN广播域划分为较小的多个子域。子域表现为一对VLANs：一个主VLAN和一个辅助VLAN。被划分为较小组的原始VLAN叫主，这意味着所有的在private"
 " VLAN中的VLAN对共享着同一个主VLAN。所有的辅助VLANs存在与主VLAN中。每个辅助VLAN有一个特定的区别于其他子域VLAN ID。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:53
 msgid ""
 "Three types of ports exist in a private VLAN domain, which essentially "
 "determine the behaviour of the participating hosts. Each ports will have "
 "its own unique set of rules, which regulate a connected host's ability to"
 " communicate with other connected host within the same private VLAN "
 "domain. Configure each host that is part of a PVLAN pair can be by using "
 "one of these three port designation:"
 msgstr ""
 "在private VLAN中有三种端口类型，它们实质上决定了所包含的主机的流量走势。每组端口都有自己唯一的策略，它能控制配置同一个private "
 "VLAN域中连接到端口的主机与其他已连接主机的通讯。使用下面三种端口定义中的一种来配置每个PVLAN对中的主机："

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:60
 msgid ""
 "**Promiscuous**: A promiscuous port can communicate with all the "
 "interfaces, including the community and isolated host ports that belong "
 "to the secondary VLANs. In Promiscuous mode, hosts are connected to "
 "promiscuous ports and are able to communicate directly with resources on "
 "both primary and secondary VLAN. Routers, DHCP servers, and other trusted"
 " devices are typically attached to promiscuous ports."
 msgstr "**混杂模式（Promiscuous）**：混杂模式的端口能与所有的接口通讯，包括可通讯与隔离属于辅助VLANs的主机端口。在混杂模式中，主机被连接到混在模式端口并且能够直接与主VLAN和辅助VLAN中的资源。典型的连接到混杂模式端口的是路由器，DHCP服务器和其他受信任的设备。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:68
 msgid ""
 "**Isolated VLANs**: The ports within an isolated VLAN cannot communicate "
 "with each other at the layer-2 level. The hosts that are connected to "
 "Isolated ports can directly communicate only with the Promiscuous "
 "resources. If your customer device needs to have access only to a gateway"
 " router, attach it to an isolated port."
 msgstr ""
 "**隔离(Isolated)VLANs**: "
 "隔离模式VLAN中的端口不能与其他二层网络中的端口通讯。连接隔离模式端口上的主机只能直接与混杂模式下的资源通讯。如果你的客户设备只访问网关路由器，请将其附加至隔离端口。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:74
 msgid ""
 "**Community VLANs**: The ports within a community VLAN can communicate "
 "with each other and with the promiscuous ports, but they cannot "
 "communicate with the ports in other communities at the layer-2 level. In "
 "a Community mode, direct communication is permitted only with the hosts "
 "in the same community and those that are connected to the Primary PVLAN "
 "in promiscuous mode. If your customer has two devices that need to be "
 "isolated from other customers' devices, but to be able to communicate "
 "among themselves, deploy them in community ports."
 msgstr ""
 "**Community VLANs**：中的端口能与其他端口和混杂模式下的端口通讯，但是他们不能与二层网络中的其他community "
 "VLAN中的端口通讯。在Community模式下，主机能与同一community中的主机和连接到混杂模式中的主VLAN的主机可以通讯。如果你的客户有两个设备需要与其他客户的设备隔离，但是他们之间又要通讯，请将他们部署至"
 " community 端口。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:84
 msgid "For further reading:"
 msgstr "延伸阅读："

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:86
 msgid ""
 "`Understanding Private VLANs "
 "<http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swpvlan.html#wp1038379>`_"
 msgstr ""
 "`理解 Private VLANs "
 "<http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swpvlan.html#wp1038379>`_"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:89
 msgid ""
 "`Cisco Systems' Private VLANs: Scalable Security in a Multi-Client "
 "Environment <http://tools.ietf.org/html/rfc5517>`_"
 msgstr ""
 "`Cisco Systems' Private VLANs: Scalable Security in a Multi-Client "
 "Environment <http://tools.ietf.org/html/rfc5517>`_"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:92
 msgid ""
 "`Private VLAN (PVLAN) on vNetwork Distributed Switch - Concept Overview "
 "(1010691) <http://kb.vmware.com>`_"
 msgstr ""
 "`Private VLAN (PVLAN) on vNetwork Distributed Switch - Concept Overview "
 "(1010691) <http://kb.vmware.com>`_"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:99
 msgid "Use a PVLAN supported switch."
 msgstr "在支持的交换机上使用PVLAN。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:101
 msgid ""
 "See `Private VLAN Catalyst Switch Support Matrix "
 "<http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml>`_"
 " for more information."
 msgstr ""
 "更多信息，请参考 `Private VLAN Catalyst Switch Support Matrix "
 "<http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml>`_"
 " "

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:105
 msgid ""
 "All the layer 2 switches, which are PVLAN-aware, are connected to each "
 "other, and one of them is connected to a router. All the ports connected "
 "to the host would be configured in trunk mode. Open Management VLAN, "
 "Primary VLAN (public) and Secondary Isolated VLAN ports. Configure the "
 "switch port connected to the router in PVLAN promiscuous trunk mode, "
 "which would translate an isolated VLAN to primary VLAN for the PVLAN-"
 "unaware router."
 msgstr "将所有能识别PVLAN的二层交换机之间互连，并且其中一个要连至一个路由器。主机连接到的所有端口需配置为trunk模式。打开VLAN管理，主VLAN（公共网络）和隔离的辅助VLAN端口。配置交换机连接到路由器的端口为PVLAN混杂trunk，这样可以为不识别PVLAN的路由器转换一个隔离的VLAN到主VLAN。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:113
 msgid ""
 "Note that only Cisco Catalyst 4500 has the PVLAN promiscuous trunk mode "
 "to connect both normal VLAN and PVLAN to a PVLAN-unaware switch. For the "
 "other Catalyst PVLAN support switch, connect the switch to upper switch "
 "by using cables, one each for a PVLAN pair."
 msgstr ""
 "注意只有Cisco Catalyst "
 "4500有PVLAN混杂trunk模式，可以连接所有普通VLAN和PVLAN到不能识别PVLAN的交换机。其他支持PVLAN的Catalyst交换机，在PVALN对中的每个交换机上使用级联线连接到上联交换机。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:118
 msgid "Configure private VLAN on your physical switches out-of-band."
 msgstr "在你的物理交换机上使用带外管理配置private VLAN。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:120
 msgid "Before you use PVLAN on XenServer and KVM, enable Open vSwitch (OVS)."
 msgstr "在XenServer和KVM上使用PVALN之前，请启用Open vSwitch (OVS)。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:123
 msgid ""
 "OVS on XenServer and KVM does not support PVLAN natively. Therefore, "
 "CloudStack managed to simulate PVLAN on OVS for XenServer and KVM by "
 "modifying the flow table."
 msgstr ""
 "XenServer和KVM中的OVS不支持原生的PVLAN。因此，靠修改flow "
 "table，CloudStack为XenServer和KVM模拟OVS中的PVLAN。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:129
 msgid "Creating a PVLAN-Enabled Guest Network"
 msgstr "配置一个启用了PVLAN的来宾网络"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:161
 msgid ""
 "**Secondary Isolated VLAN ID**: The unique ID of the Secondary Isolated "
 "VLAN."
 msgstr "**辅助隔离VLAN ID**：辅助隔离VLAN的唯一ID。"

 #: ../../networking/isolation_in_advanced_zone_with_vlan.rst:164
 msgid ""
 "For the description on Secondary Isolated VLAN, see `About Private VLAN\""
 " <#about-private-vlan>`_."
 msgstr "更多关于辅助隔离VLAN的描述，请参考see `关于 Private VLAN\" <#about-private-vlan>`_."

 #: ../../networking/security_groups.rst:18
 msgid "Security Groups"
 msgstr "安全组"

 #: ../../networking/security_groups.rst:21
 msgid "About Security Groups"
 msgstr "关于安全组"

 #: ../../networking/security_groups.rst:23
 msgid ""
 "Security groups provide a way to isolate traffic to VMs. A security group"
 " is a group of VMs that filter their incoming and outgoing traffic "
 "according to a set of rules, called ingress and egress rules. These rules"
 " filter network traffic according to the IP address that is attempting to"
 " communicate with the VM. Security groups are particularly useful in "
 "zones that use basic networking, because there is a single guest network "
 "for all guest VMs. In advanced zones, security groups are supported only "
 "on the KVM hypervisor."
 msgstr ""
 "安全组提供一种方法来隔离VMs流量。一个安全组是一组依照设置名为入口规则和出口规则来过滤他们进出流量的VMs，这些规则依靠与VM通讯的IP地址来过滤网络流量。安全组在使用基础网络的zones中尤为重要，因为这里只有一个来宾网络。在高级zones中，只有KVM"
 " hypervisor支持安全组。"

 #: ../../networking/security_groups.rst:33
 msgid ""
 "In a zone that uses advanced networking, you can instead define multiple "
 "guest networks to isolate traffic to VMs."
 msgstr "在一个使用高级网络的zone中，你可以改为定义多个来宾网络隔离流量至VMs。"

 #: ../../networking/security_groups.rst:36
 msgid ""
 "Each CloudStack account comes with a default security group that denies "
 "all inbound traffic and allows all outbound traffic. The default security"
 " group can be modified so that all new VMs inherit some other desired set"
 " of rules."
 msgstr ""
 "每个CloudStack账号匹配一个拒绝所有入站流量和允许所有出口流量的默认安全组 "
 "。可以编辑默认的安全组以便所有新VMs的策略继承一些的想要的设置。"

 #: ../../networking/security_groups.rst:41
 msgid ""
 "Any CloudStack user can set up any number of additional security groups. "
 "When a new VM is launched, it is assigned to the default security group "
 "unless another user-defined security group is specified. A VM can be a "
 "member of any number of security groups. Once a VM is assigned to a "
 "security group, it remains in that group for its entire lifetime; you can"
 " not move a running VM from one security group to another."
 msgstr "任何CloudStack用户可以增加任意数量的安全组。当一个新的VM运行起来的时候，它会被添加到默认安全组除非其他用户指定了其他安全组。一个VM可以是任何安全组的成员。一旦VM被添加到一个安全组，它会继承这个组的生命周期；你不能移动一台正在运行的VM到其他安全组。"

 #: ../../networking/security_groups.rst:48
 msgid ""
 "You can modify a security group by deleting or adding any number of "
 "ingress and egress rules. When you do, the new rules apply to all VMs in "
 "the group, whether running or stopped."
 msgstr "你可以通过删除或添加任意的入口和出口策略来修改一个安全组。当你这么做的时候，新的策略会应用到组中的所有VMs，无论是运行的还是关机的。"

 #: ../../networking/security_groups.rst:52
 msgid ""
 "If no ingress rules are specified, then no traffic will be allowed in, "
 "except for responses to any traffic that has been allowed out through an "
 "egress rule."
 msgstr "如果没有指定入口规则，那么流量会被禁止，除了已经允许通过一个出口规则响应任何流量 。"

 #: ../../networking/security_groups.rst:58
 msgid "Adding a Security Group"
 msgstr "添加一个安全组"

 #: ../../networking/security_groups.rst:60
 msgid "A user or administrator can define a new security group."
 msgstr "一个用户或者管理员能定义一个新的安全组。"

 #: ../../networking/security_groups.rst:66
 msgid "In Select view, choose Security Groups."
 msgstr "在选择视图中，选择安全组。"

 #: ../../networking/security_groups.rst:68
 msgid "Click Add Security Group."
 msgstr "点击添加安全组。"

 #: ../../networking/security_groups.rst:70
 msgid "Provide a name and description."
 msgstr "提供一个名称和描述。"

 #: ../../networking/security_groups.rst:74
 msgid "The new security group appears in the Security Groups Details tab."
 msgstr "新的安全组出现在安全组详细信息标签中。"

 #: ../../networking/security_groups.rst:76
 msgid ""
 "To make the security group useful, continue to Adding Ingress and Egress "
 "Rules to a Security Group."
 msgstr "要使安全组生效，继续给这个安全组添加入口和出口策略。"

 #: ../../networking/security_groups.rst:81
 msgid "Security Groups in Advanced Zones (KVM Only)"
 msgstr "高级区域中的安全组（只针对KVM）"

 #: ../../networking/security_groups.rst:83
 msgid ""
 "CloudStack provides the ability to use security groups to provide "
 "isolation between guests on a single shared, zone-wide network in an "
 "advanced zone where KVM is the hypervisor. Using security groups in "
 "advanced zones rather than multiple VLANs allows a greater range of "
 "options for setting up guest isolation in a cloud."
 msgstr "以KVM作为虚拟机时，在单共享广域的网络内，CloudStack可以通过安全组来隔离客户。通过使用安全组而不是多VLAN，可以在云中隔离客户时具有更高的灵活性"

 #: ../../networking/security_groups.rst:93
 msgid "The following are not supported for this feature:"
 msgstr "下列不支持此功能："

 #: ../../networking/security_groups.rst:95
 msgid ""
 "Two IP ranges with the same VLAN and different gateway or netmask in "
 "security group-enabled shared network."
 msgstr "在开启了安全组的共享网络内，同一VLAN内具有不同网关或掩码的二个IP范围，"

 #: ../../networking/security_groups.rst:98
 msgid ""
 "Two IP ranges with the same VLAN and different gateway or netmask in "
 "account-specific shared networks."
 msgstr "在共享网络的特殊帐户内，同一VLAN内具有不同网关或掩码的二个IP范围"

 #: ../../networking/security_groups.rst:101
 msgid "Multiple VLAN ranges in security group-enabled shared network."
 msgstr "在开启了安全组共享网络的多VLAN范围"

 #: ../../networking/security_groups.rst:103
 msgid "Multiple VLAN ranges in account-specific shared networks."
 msgstr "在共享网络的特殊帐户内，多个VLAN范围"

 #: ../../networking/security_groups.rst:105
 msgid ""
 "Security groups must be enabled in the zone in order for this feature to "
 "be used."
 msgstr "为使用此特性，在区域内必须开启安全组"

 #: ../../networking/security_groups.rst:110
 msgid "Enabling Security Groups"
 msgstr "开启安全组"

 #: ../../networking/security_groups.rst:112
 msgid ""
 "In order for security groups to function in a zone, the security groups "
 "feature must first be enabled for the zone. The administrator can do this"
 " when creating a new zone, by selecting a network offering that includes "
 "security groups. The procedure is described in Basic Zone Configuration "
 "in the Advanced Installation Guide. The administrator can not enable "
 "security groups for an existing zone, only when creating a new zone."
 msgstr "使用安全组功能之前，必须先在Zone中启用安全组功能。系统管理员可以在创建一个新的Zone时，通过选择带‘安全组’功能的网络方案进行启用。在高级安装指南的基本Zone配置中有该过程的详细描述。系统管理员不能对现有Zone启用安全组，只能在新建Zone时启用。"

 #: ../../networking/security_groups.rst:122
 msgid "Adding Ingress and Egress Rules to a Security Group"
 msgstr "对安全组添加入口出口规则"

 #: ../../networking/security_groups.rst:126
 msgid "In the left navigation, choose Network"
 msgstr "在左侧的导航栏，选择网络"

 #: ../../networking/security_groups.rst:128
 msgid ""
 "In Select view, choose Security Groups, then click the security group you"
 " want."
 msgstr ""

 #: ../../networking/security_groups.rst:131
 msgid ""
 "To add an ingress rule, click the Ingress Rules tab and fill out the "
 "following fields to specify what network traffic is allowed into VM "
 "instances in this security group. If no ingress rules are specified, then"
 " no traffic will be allowed in, except for responses to any traffic that "
 "has been allowed out through an egress rule."
 msgstr "为增加入口规则，点击入口规则并填写相应内容，以说明在此安全组内何种网络流量可以到达虚拟机实例。如果没有说明入口规则，则不会允许流量进入。也就只有出口规允许的流量了。"

 #: ../../networking/security_groups.rst:137
 msgid ""
 "**Add by CIDR/Account**. Indicate whether the source of the traffic will "
 "be defined by IP address (CIDR) or an existing security group in a "
 "CloudStack account (Account). Choose Account if you want to allow "
 "incoming traffic from all VMs in another security group"
 msgstr ""
 "**通过CIDR帐户添加**. "
 "表明在CloudStack帐户中是否有CIDR定义的流量来源或是已存在的安全组。如果允许来自另一安全组的所有虚拟机的流量进入，则添加此帐户。"

 #: ../../networking/security_groups.rst:143
 msgid ""
 "**Protocol**. The networking protocol that sources will use to send "
 "traffic to the security group. TCP and UDP are typically used for data "
 "exchange and end-user communications. ICMP is typically used to send "
 "error messages or network monitoring data."
 msgstr ""
 "**协议**. "
 "发送源会使用网络协议来发送流量到安全组。TCP和UDP是典型的二种用来数据交换和终端用户交流的协议。ICMP则用来发送错误信息或网络监控数据"

 #: ../../networking/security_groups.rst:148
 msgid ""
 "**Start Port, End Port**. (TCP, UDP only) A range of listening ports that"
 " are the destination for the incoming traffic. If you are opening a "
 "single port, use the same number in both fields."
 msgstr "**开始端口，结束端口**. (仅对TCP，UDP)。目的地为进入流量而设的监听端口范围。如果仅开放了单个端口，则在两者的区域中用同一端口。"

 #: ../../networking/security_groups.rst:152
 msgid ""
 "**ICMP Type, ICMP Code**. (ICMP only) The type of message and error code "
 "that will be accepted."
 msgstr "**ICMP类型，ICMP编码**. (仅对ICMP)。接受的信息及错误码的类型。"

 #: ../../networking/security_groups.rst:155
 msgid ""
 "**CIDR**. (Add by CIDR only) To accept only traffic from IP addresses "
 "within a particular address block, enter a CIDR or a comma-separated list"
 " of CIDRs. The CIDR is the base IP address of the incoming traffic. For "
 "example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr ""
 "**CIDR**. "
 "(仅通过CIDR添加)。为接受来来自特殊地址块的流量，输入一个CIDR，多个时用逗号隔开。CIDR是进入流量的基础IP地址。例如：192.168.0.0/22，为允许所有CIDR，请设为0.0.0.0/0"

 #: ../../networking/security_groups.rst:161
 msgid ""
 "**Account, Security Group**. (Add by Account only) To accept only traffic"
 " from another security group, enter the CloudStack account and name of a "
 "security group that has already been defined in that account. To allow "
 "traffic between VMs within the security group you are editing now, enter "
 "the same name you used in step 7."
 msgstr ""
 "**帐户，安全组**. "
 "(仅通过帐户添加)。为接受来自另一安全组的流量，输入一个CloudStack帐户和在此帐户中已经定义的安全组的名字。为允许你正在编辑的安全组内虚拟机之间的流量，输入你在第7步使用的相同的名字。"

 #: ../../networking/security_groups.rst:167
 msgid "The following example allows inbound HTTP access from anywhere:"
 msgstr "下面这个例子允许内部任何地方的HTTP访问"

 #: ../../networking/security_groups.rst:169
 msgid "|httpaccess.png|"
 msgstr "|httpaccess.png|"

 #: ../../networking/security_groups.rst:171
 msgid ""
 "To add an egress rule, click the Egress Rules tab and fill out the "
 "following fields to specify what type of traffic is allowed to be sent "
 "out of VM instances in this security group. If no egress rules are "
 "specified, then all traffic will be allowed out. Once egress rules are "
 "specified, the following types of traffic are allowed out: traffic "
 "specified in egress rules; queries to DNS and DHCP servers; and responses"
 " to any traffic that has been allowed in through an ingress rule"
 msgstr "为添加一个出口规则，点击出口规则并填写以下内容，以说明在此安全组内的虚拟机，被允许哪一类型的流量送出。如果出口规则没有说明，所以的流量都被允许出去一旦进行了说明，则以下流量可以允许出去：在出口规则中进行说明的，查询DNS和DHCP服务器的，响应来自入口规则允许进入的流量的"

 #: ../../networking/security_groups.rst:180
 msgid ""
 "**Add by CIDR/Account**. Indicate whether the destination of the traffic "
 "will be defined by IP address (CIDR) or an existing security group in a "
 "CloudStack account (Account). Choose Account if you want to allow "
 "outgoing traffic to all VMs in another security group."
 msgstr ""
 "**通过CIDR帐户添加**. "
 "表明流量目的地是否已通过IP地址(CIDR)定义或是CloudStack帐户(Account)内存在的安全组。选择帐户，以允许流量到其安全组内所有虚拟机"

 #: ../../networking/security_groups.rst:186
 msgid ""
 "**Protocol**. The networking protocol that VMs will use to send outgoing "
 "traffic. TCP and UDP are typically used for data exchange and end-user "
 "communications. ICMP is typically used to send error messages or network "
 "monitoring data."
 msgstr "**协议**. 虚拟机发送流量需要的协议。TCP和UDP是典型的二种用来数据交换和终端用户交流的协议。ICMP则用来发送错误信息或网络监控数据"

 #: ../../networking/security_groups.rst:191
 msgid ""
 "**Start Port, End Port**. (TCP, UDP only) A range of listening ports that"
 " are the destination for the outgoing traffic. If you are opening a "
 "single port, use the same number in both fields."
 msgstr "**开始端口，结束端口**. (仅对TCP，UDP) 。目的地为进入流量而设的监听端口范围。如果仅开放了单个端口，则在两者的区域中用同一端口。"

 #: ../../networking/security_groups.rst:195
 msgid ""
 "**ICMP Type, ICMP Code**. (ICMP only) The type of message and error code "
 "that will be sent"
 msgstr "**ICMP类型，ICMP编码**. (仅对ICMP) 。信息及错误码的类型。"

 #: ../../networking/security_groups.rst:198
 msgid ""
 "**CIDR**. (Add by CIDR only) To send traffic only to IP addresses within "
 "a particular address block, enter a CIDR or a comma-separated list of "
 "CIDRs. The CIDR is the base IP address of the destination. For example, "
 "192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr ""
 "**CIDR**. (仅通过CIDR添加) "
 "。为接受来来自特殊地址块的流量，输入一个CIDR，多个时用逗号隔开。CIDR是进入流量的基础IP地址。例如：192.168.0.0/22，为允许所有CIDR，请设为0.0.0.0/0"

 #: ../../networking/security_groups.rst:204
 msgid ""
 "**Account, Security Group**. (Add by Account only) To allow traffic to be"
 " sent to another security group, enter the CloudStack account and name of"
 " a security group that has already been defined in that account. To allow"
 " traffic between VMs within the security group you are editing now, enter"
 " its name."
 msgstr ""
 "**帐户，安全组**. (仅通过帐户添加) "
 "。为接受来自另一安全组的流量，输入一个CloudStack帐户和在此帐户中已经定义的安全组的名字。为允许你正在编辑的安全组内虚拟机之间的流量，输入名字。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:18
 msgid "External Firewalls and Load Balancers"
 msgstr "外部防火墙及负载均衡"

 #: ../../networking/external_firewalls_and_load_balancers.rst:20
 msgid ""
 "CloudStack is capable of replacing its Virtual Router with an external "
 "Juniper SRX device and an optional external NetScaler or F5 load balancer"
 " for gateway and load balancing services. In this case, the VMs use the "
 "SRX as their gateway."
 msgstr ""
 "CloudStack允许通过外部的Jniper SRX "
 "设备和外部NetScaler设备或网关负载均衡设备和负载均衡服务。在此情形下，虚拟机使用SRX作为网关。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:27
 msgid "About Using a NetScaler Load Balancer"
 msgstr "关于使用NetScaler负载均衡器"

 #: ../../networking/external_firewalls_and_load_balancers.rst:29
 msgid ""
 "Citrix NetScaler is supported as an external network element for load "
 "balancing in zones that use isolated networking in advanced zones. Set up"
 " an external load balancer when you want to provide load balancing "
 "through means other than CloudStack's provided virtual router."
 msgstr "在区域中，或高级区域使用隔离网络时，CloudStack支持思杰的NetScaler作为外部网络设备元素作为负责均衡。拟通过其他方案提供负载均衡而不是CloudStack的虚拟路由器时，就可以建立一个外部负载均衡器"

 #: ../../networking/external_firewalls_and_load_balancers.rst:35
 msgid ""
 "In a Basic zone, load balancing service is supported only if Elastic IP "
 "or Elastic LB services are enabled."
 msgstr "在基础区域中，仅在弹性IP或弹性负载均衡服务开启时，才支持负载均衡服务"

 #: ../../networking/external_firewalls_and_load_balancers.rst:38
 msgid ""
 "When NetScaler load balancer is used to provide EIP or ELB services in a "
 "Basic zone, ensure that all guest VM traffic must enter and exit through "
 "the NetScaler device. When inbound traffic goes through the NetScaler "
 "device, traffic is routed by using the NAT protocol depending on the "
 "EIP/ELB configured on the public IP to the private IP. The traffic that "
 "is originated from the guest VMs usually goes through the layer 3 router."
 " To ensure that outbound traffic goes through NetScaler device providing "
 "EIP/ELB, layer 3 router must have a policy-based routing. A policy-based "
 "route must be set up so that all traffic originated from the guest VM's "
 "are directed to NetScaler device. This is required to ensure that the "
 "outbound traffic from the guest VM's is routed to a public IP by using "
 "NAT.For more information on Elastic IP, see `\"About Elastic IP\" "
 "<#about-elastic-ip>`_."
 msgstr ""
 "在基础域中使用NetScaler负载均衡提供EIP或ELB服务时，确保所有的客户虚拟机流量必须通过NetScaler设备进出。当入流量通过NetScaler设备时流量通过使用NAT协议被路由，此NAT协议依赖于公共IP到私有IP的配置。来自客户虚拟机的流量通常要经过3层路由器，为确保出流量通过提供EIP/ELB的NetScaler设备，3层路由器，必须具有基础策略。必有设立一个具有基础策略的路由器可保证所有客户机的流量都能转向NetScaler设备。这也需要确保客户虚拟机的出流量通过使用NAT被路由到公共IP。关于EIP的更多信息，参看`\"关于EIP\""
 " <#about-elastic-ip>`_."

 #: ../../networking/external_firewalls_and_load_balancers.rst:52
 msgid ""
 "The NetScaler can be set up in direct (outside the firewall) mode. It "
 "must be added before any load balancing rules are deployed on guest VMs "
 "in the zone."
 msgstr "NetScaler可以设置成直通模式。它必须在区域中部署客户虚拟机负载均衡规则之前加入。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:56
 msgid ""
 "The functional behavior of the NetScaler with CloudStack is the same as "
 "described in the CloudStack documentation for using an F5 external load "
 "balancer. The only exception is that the F5 supports routing domains, and"
 " NetScaler does not. NetScaler can not yet be used as a firewall."
 msgstr ""
 "CloudStack中NetScaler的功能作用与CloudStack文档中说明的使用F5 "
 "外部负载均衡器的功能作用相同。一点差别就是，F5支持路由域名，而NetScaler无此功能。NetScaler也不可以用作防火墙。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:61
 msgid ""
 "To install and enable an external load balancer for CloudStack "
 "management, see External Guest Load Balancer Integration in the "
 "Installation Guide."
 msgstr "为CLOUDSTACK管理端安装和启用外部负载均衡功能，参阅安装文档里的外部客户负载均衡。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:65
 msgid ""
 "The Citrix NetScaler comes in three varieties. The following summarizes "
 "how these variants are treated in CloudStack."
 msgstr ""

 #: ../../networking/external_firewalls_and_load_balancers.rst:68
 msgid "**MPX**"
 msgstr ""

 #: ../../networking/external_firewalls_and_load_balancers.rst:70
 msgid ""
 "Physical appliance. Capable of deep packet inspection. Can act as "
 "application firewall and load balancer"
 msgstr "物理应用。能够进行深度数据包检测。可作为防火墙和负载均衡应用。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:73
 msgid ""
 "In advanced zones, load balancer functionality fully supported without "
 "limitation. In basic zones, static NAT, elastic IP (EIP), and elastic "
 "load balancing (ELB) are also provided."
 msgstr "在高级区域中，完全支持负载均衡功能，没有限制。在基础区域中，也提供静态NAT，EIP，ELB功能。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:77
 msgid "**VPX**"
 msgstr ""

 #: ../../networking/external_firewalls_and_load_balancers.rst:79
 msgid ""
 "Virtual appliance. Can run as VM on XenServer, ESXi, and Hyper-V "
 "hypervisors. Same functionality as MPX"
 msgstr "虚拟应用，可以运行在XenServer，ESXi以及Hyper-V上虚拟机上。与MPX功能相同。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:82
 msgid ""
 "Supported on ESXi and XenServer. Same functional support as for MPX. "
 "CloudStack will treat VPX and MPX as the same device type."
 msgstr "在ESXi和XenServer上支持。对MPX也支持一些功能。CloudStack将VPX和MPX作为同一类型的设备看待。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:85
 msgid "**SDX**"
 msgstr ""

 #: ../../networking/external_firewalls_and_load_balancers.rst:87
 msgid ""
 "Physical appliance. Can create multiple fully isolated VPX instances on a"
 " single appliance to support multi-tenant usage"
 msgstr "物理应用。可以在单个应用上创建多个完全隔离的VPX实例，以支持多客户使用。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:90
 msgid ""
 "CloudStack will dynamically provision, configure, and manage the life "
 "cycle of VPX instances on the SDX. Provisioned instances are added into "
 "CloudStack automatically - no manual configuration by the administrator "
 "is required. Once a VPX instance is added into CloudStack, it is treated "
 "the same as a VPX on an ESXi host."
 msgstr "CloudStack会动态分配，配置，管理在SDX上的虚拟机实例的生命周期。分配的实例会自动加入到CloudStack，不需要管理员进行手动配置。一旦一个VPX实例加入到CloudStack，将会认为是ESXi主机上的一个VPX。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:98
 msgid "Configuring SNMP Community String on a RHEL Server"
 msgstr "在RHEL服务器上配置SNMP社区字符串"

 #: ../../networking/external_firewalls_and_load_balancers.rst:100
 msgid ""
 "The SNMP Community string is similar to a user id or password that "
 "provides access to a network device, such as router. This string is sent "
 "along with all SNMP requests. If the community string is correct, the "
 "device responds with the requested information. If the community string "
 "is incorrect, the device discards the request and does not respond."
 msgstr "SNMP社区字符串类似于用户ID或用户密码，用来登录网络设备，如路由器。这类字符串随着所有的SNMP请求发送。如果社区字符串正确，设备将反馈相应的字符串若不正确，设备将丢弃请求，不进行处理。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:106
 msgid ""
 "The NetScaler device uses SNMP to communicate with the VMs. You must "
 "install SNMP and configure SNMP Community string for a secure "
 "communication between the NetScaler device and the RHEL machine."
 msgstr "NetScaler设备使用SNMP与虚拟机进行通讯。为保证NetScaler设备与RHEL机器之间安全的通讯，必须安装并配置社区字符串。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:110
 msgid ""
 "Ensure that you installed SNMP on RedHat. If not, run the following "
 "command:"
 msgstr "确保在RedHat上安装了SNMP，如果没有，执行以下命令:"

 #: ../../networking/external_firewalls_and_load_balancers.rst:117
 msgid ""
 "Edit the /etc/snmp/snmpd.conf file to allow the SNMP polling from the "
 "NetScaler device."
 msgstr "编辑/etc/snmp/snmpd.conf 文件，以允许来自NetScaler设备的SNMP查询"

 #: ../../networking/external_firewalls_and_load_balancers.rst:120
 msgid ""
 "Map the community name into a security name (local and mynetwork, "
 "depending on where the request is coming from):"
 msgstr "映射社区名到一个安全的名字（本地，我的网络，依赖于其来源）"

 #: ../../networking/external_firewalls_and_load_balancers.rst:124
 msgid "Use a strong password instead of public when you edit the following table."
 msgstr "编辑下表时，使用一个强密码"

 #: ../../networking/external_firewalls_and_load_balancers.rst:133
 msgid "Setting to 0.0.0.0 allows all IPs to poll the NetScaler server."
 msgstr "设置0.0.0.0以允许所有的IP都可以查询NetScaler设备"

 #: ../../networking/external_firewalls_and_load_balancers.rst:135
 msgid "Map the security names into group names:"
 msgstr "映射一个安全名到组名"

 #: ../../networking/external_firewalls_and_load_balancers.rst:145
 msgid "Create a view to allow the groups to have the permission to:"
 msgstr "创建一个视图，以允许组有权限执行："

 #: ../../networking/external_firewalls_and_load_balancers.rst:151
 msgid ""
 "Grant access with different write permissions to the two groups to the "
 "view you created."
 msgstr "授权不同的写权限给二个组及你创建的视图"

 #: ../../networking/external_firewalls_and_load_balancers.rst:160
 msgid "Unblock SNMP in iptables."
 msgstr "在iptalbes中解除对SNMP的锁定。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:166
 msgid "Start the SNMP service:"
 msgstr "开启SNMP服务："

 #: ../../networking/external_firewalls_and_load_balancers.rst:172
 msgid ""
 "Ensure that the SNMP service is started automatically during the system "
 "startup:"
 msgstr "确保在系统启动时，SNMP服务能够自动启动。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:181
 msgid "Initial Setup of External Firewalls and Load Balancers"
 msgstr "初始化安装外部防火墙和负载均衡"

 #: ../../networking/external_firewalls_and_load_balancers.rst:183
 msgid ""
 "When the first VM is created for a new account, CloudStack programs the "
 "external firewall and load balancer to work with the VM. The following "
 "objects are created on the firewall:"
 msgstr "当为一个新帐户创建一个虚拟机时，CloudStack会设置程序以让外部防火墙和负载均衡与虚拟机共同工作。会在防火墙上创建以下对象："

 #: ../../networking/external_firewalls_and_load_balancers.rst:187
 msgid ""
 "A new logical interface to connect to the account's private VLAN. The "
 "interface IP is always the first IP of the account's private subnet (e.g."
 " 10.1.1.1)."
 msgstr "一个新的逻辑接口，用以连接帐户的私有VLAN。接口的IP通常是私有帐户私有子网的第一个IP。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:191
 msgid ""
 "A source NAT rule that forwards all outgoing traffic from the account's "
 "private VLAN to the public Internet, using the account's public IP "
 "address as the source address"
 msgstr "一个源NAT规则转发帐户从私有VLAN到公共网络的的出口流量，使用帐户的公共IP地址作为源地址。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:195
 msgid ""
 "A firewall filter counter that measures the number of bytes of outgoing "
 "traffic for the account"
 msgstr "防火墙过滤计数器计量帐户出口流量的字节数"

 #: ../../networking/external_firewalls_and_load_balancers.rst:198
 msgid "The following objects are created on the load balancer:"
 msgstr "以下对象会在负载均衡上创建："

 #: ../../networking/external_firewalls_and_load_balancers.rst:200
 msgid "A new VLAN that matches the account's provisioned Zone VLAN"
 msgstr "匹配帐户区域VLAN的私有VLAN。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:202
 msgid ""
 "A self IP for the VLAN. This is always the second IP of the account's "
 "private subnet (e.g. 10.1.1.2)."
 msgstr "一个VLAN的自有IP。经常是帐户私有子网的第二个IP。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:207
 msgid "Ongoing Configuration of External Firewalls and Load Balancers"
 msgstr "继续配置外部防火墙和负载均衡"

 #: ../../networking/external_firewalls_and_load_balancers.rst:209
 msgid ""
 "Additional user actions (e.g. setting a port forward) will cause further "
 "programming of the firewall and load balancer. A user may request "
 "additional public IP addresses and forward traffic received at these IPs "
 "to specific VMs. This is accomplished by enabling static NAT for a public"
 " IP address, assigning the IP to a VM, and specifying a set of protocols "
 "and port ranges to open. When a static NAT rule is created, CloudStack "
 "programs the zone's external firewall with the following objects:"
 msgstr "增加的用户行为(如设置端口转发)会引起防火墙和负载均衡的程序化。一个用户可以请求增加公共IP地址以及转发使用此公共IP地址的虚拟机接受到的流量。这是通过静态NAT功能完成的，静态NAT将一个公共IP地址映射给一个虚拟机，并指定一组特定协议，开放一组特定端口。当静态NAT建立好之后，CLOUDSTACK会在区域的外部防火墙上通过程序定制如下对象："

 #: ../../networking/external_firewalls_and_load_balancers.rst:218
 msgid ""
 "A static NAT rule that maps the public IP address to the private IP "
 "address of a VM."
 msgstr "一条静态NAT规则将虚拟机的私有IP地址映射到公共IP地址。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:221
 msgid ""
 "A security policy that allows traffic within the set of protocols and "
 "port ranges that are specified."
 msgstr "一个安全策略可以允许说明的协议和端口范围内的流量通过。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:224
 msgid ""
 "A firewall filter counter that measures the number of bytes of incoming "
 "traffic to the public IP."
 msgstr "防火墙过滤计数器计量到达此公共IP的流量"

 #: ../../networking/external_firewalls_and_load_balancers.rst:227
 msgid ""
 "The number of incoming and outgoing bytes through source NAT, static NAT,"
 " and load balancing rules is measured and saved on each external element."
 " This data is collected on a regular basis and stored in the CloudStack "
 "database."
 msgstr "通过源NAT，静态NAT以及负载均衡规则进出的字节数均被计量并保存在每一个外部设备中。按一定的规则对这些数据进行收集，并将其存储在CloudStack的数据库中。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:234
 msgid "Load Balancer Rules"
 msgstr "负载均衡规则"

 #: ../../networking/external_firewalls_and_load_balancers.rst:236
 msgid ""
 "A CloudStack user or administrator may create load balancing rules that "
 "balance traffic received at a public IP to one or more VMs. A user "
 "creates a rule, specifies an algorithm, and assigns the rule to a set of "
 "VMs."
 msgstr "一个CloudStack的用户或管理员可以创建负载均衡规则以平衡一个公共IP地址收到的针对一个或多个虚拟机的外部流量。一个用户可以创建一条规则，说明一个算法，并将其指定给一部分虚拟机。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:242
 msgid ""
 "If you create load balancing rules while using a network service offering"
 " that includes an external load balancer device such as NetScaler, and "
 "later change the network service offering to one that uses the CloudStack"
 " virtual router, you must create a firewall rule on the virtual router "
 "for each of your existing load balancing rules so that they continue to "
 "function."
 msgstr "如果你创建了一个负载均衡规则且使用包括外部负载均衡设备的网络服务方案，如包括NetScaler，但随后将网络方案改成使用CloudStack的虚拟路由器，则你必须在虚拟路由器上创建一个防火墙规则，这些防火墙规则与已经设置的负载均衡规则一一对应，只有这样，才能使那些负载均衡规则继续起作用。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:253
 msgid "Adding a Load Balancer Rule"
 msgstr "增加一条负载均衡规则"

 #: ../../networking/external_firewalls_and_load_balancers.rst:259
 msgid "Click the name of the network where you want to load balance the traffic."
 msgstr "点击拟进行负载均衡的网络名称"

 #: ../../networking/external_firewalls_and_load_balancers.rst:264
 #: ../../networking/virtual_private_cloud_config.rst:1057
 #: ../../networking/virtual_private_cloud_config.rst:1325
 msgid ""
 "Click the IP address for which you want to create the rule, then click "
 "the Configuration tab."
 msgstr "点击你希望创建规则的IP地址，然后点击配置"

 #: ../../networking/external_firewalls_and_load_balancers.rst:267
 #: ../../networking/virtual_private_cloud_config.rst:1060
 msgid "In the Load Balancing node of the diagram, click View All."
 msgstr "在图的负载均衡节点点上，点击 查看全部。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:269
 msgid ""
 "In a Basic zone, you can also create a load balancing rule without "
 "acquiring or selecting an IP address. CloudStack internally assign an IP "
 "when you create the load balancing rule, which is listed in the IP "
 "Addresses page when the rule is created."
 msgstr "在基础区域中，在不需要或不选择IP的条件下，你可以创建一条负载均衡规则。当你创建负载均衡规则时，CloudStack会内部指定一个IP地址。当规则创建完成时，IP地址会在IP地址页列出来。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:274
 msgid ""
 "To do that, select the name of the network, then click Add Load Balancer "
 "tab. Continue with #7."
 msgstr "为此，选择网络名称，点击 增加负载均衡。按#7继续进行配置。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:277
 #: ../../networking/ip_forwarding_and_firewalling.rst:265
 msgid "Fill in the following:"
 msgstr "填写以下内容："

 #: ../../networking/external_firewalls_and_load_balancers.rst:279
 #: ../../networking/virtual_private_cloud_config.rst:1066
 #: ../../networking/virtual_private_cloud_config.rst:1251
 msgid "**Name**: A name for the load balancer rule."
 msgstr "**名称**: 负载均衡规则的名称。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:281
 msgid "**Public Port**: The port receiving incoming traffic to be balanced."
 msgstr "**公共端口**: 这个端口接受到负载均衡的进入流量。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:284
 #: ../../networking/virtual_private_cloud_config.rst:1071
 msgid "**Private Port**: The port that the VMs will use to receive the traffic."
 msgstr "**私有端口**: 虚拟机会使用此端口接收流量。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:287
 msgid ""
 "**Algorithm**: Choose the load balancing algorithm you want CloudStack to"
 " use. CloudStack supports a variety of well-known algorithms. If you are "
 "not familiar with these choices, you will find plenty of information "
 "about them on the Internet."
 msgstr ""
 "**算法**: "
 "选择让CloudStack使用的负载均衡算法。CloudStack各类已知的算法，如果不熟悉那些选项，通过goole搜索会发现大量信息。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:292
 msgid ""
 "**Stickiness**: (Optional) Click Configure and choose the algorithm for "
 "the stickiness policy. See Sticky Session Policies for Load Balancer "
 "Rules."
 msgstr "**粘性**: (可选) 点击配置，为粘性策略选择一个算法。可参见为负载均衡规则制定的粘性会话策略。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:296
 msgid ""
 "**AutoScale**: Click Configure and complete the AutoScale configuration "
 "as explained in :ref:`conf-autoscale`."
 msgstr "**自动缩放**：点击配置完成自动缩放配置，在 :ref:`conf-autoscale`中有介绍。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:299
 msgid ""
 "**Health Check**: (Optional; NetScaler load balancers only) Click "
 "Configure and fill in the characteristics of the health check policy. See"
 " :ref:`health-check`."
 msgstr ""
 "**健康检查**：(可选，只针对NetScaler的负载均衡设备)点击配置并填写健康检查特性，参见15.16.5.3 负载均衡规则的健康检查。参见"
 " :ref:`health-check`."

 #: ../../networking/external_firewalls_and_load_balancers.rst:303
 msgid ""
 "**Ping path (Optional)**: Sequence of destinations to which to send "
 "health check queries. Default: / (all)."
 msgstr "**ping 路径(可选)**: 需要发送健康检查的目的地顺序。默认：/ (all)。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:306
 msgid ""
 "**Response time (Optional)**: How long to wait for a response from the "
 "health check (2 - 60 seconds). Default: 5 seconds."
 msgstr "**响应时间(可选)**:  从健康检查返回的响应时间(2-60秒)，默认为5秒。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:309
 msgid ""
 "**Interval time (Optional)**: Amount of time between health checks (1 "
 "second - 5 minutes). Default value is set in the global configuration "
 "parameter lbrule\\_health check\\_time\\_interval."
 msgstr ""
 "**间隔时间(可选)**: 健康检查的间隔时间(1秒-5分)）。默认值在全局参数 lbrule\\_health "
 "check\\_time\\_interval"

 #: ../../networking/external_firewalls_and_load_balancers.rst:314
 msgid ""
 "**Healthy threshold (Optional)**: Number of consecutive health check "
 "successes that are required before declaring an instance healthy. "
 "Default: 2."
 msgstr "**健康阀值(可选)**: 在声明一个实例健康之前，连续健康检查成功的次数。默认为2."

 #: ../../networking/external_firewalls_and_load_balancers.rst:318
 msgid ""
 "**Unhealthy threshold (Optional)**: Number of consecutive health check "
 "failures that are required before declaring an instance unhealthy. "
 "Default: 10."
 msgstr "**不健康阀值(可选)**: 在声音一个实例不健康之前连续健康检查失败的次数。默认为10。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:322
 msgid ""
 "Click Add VMs, then select two or more VMs that will divide the load of "
 "incoming traffic, and click Apply."
 msgstr "点击添加虚拟机，选择拟分散进入流量的二个或多个虚拟机，点击应用。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:325
 msgid ""
 "The new load balancer rule appears in the list. You can repeat these "
 "steps to add more load balancer rules for this IP address."
 msgstr "在列表中会出现新加的负载均衡规则。可以重复以上步骤以对此IP增加更多的负载均衡规则。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:330
 msgid "Sticky Session Policies for Load Balancer Rules"
 msgstr "为负载均衡规则制定的粘性会话策略。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:332
 msgid ""
 "Sticky sessions are used in Web-based applications to ensure continued "
 "availability of information across the multiple requests in a user's "
 "session. For example, if a shopper is filling a cart, you need to "
 "remember what has been purchased so far. The concept of \"stickiness\" is"
 " also referred to as persistence or maintaining state."
 msgstr "粘性会话应用于基于网页的应用中，以确保在用户的会话中，对用户的多种请求持续提供信息。例如，购物者正在向购物车中增加东西，则需要记住到目前为止已买的东西。粘性的概念也指持久发现或维护状态。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:338
 msgid ""
 "Any load balancer rule defined in CloudStack can have a stickiness "
 "policy. The policy consists of a name, stickiness method, and parameters."
 " The parameters are name-value pairs or flags, which are defined by the "
 "load balancer vendor. The stickiness method could be load balancer-"
 "generated cookie, application-generated cookie, or source-based. In the "
 "source-based method, the source IP address is used to identify the user "
 "and locate the user's stored data. In the other methods, cookies are "
 "used. The cookie generated by the load balancer or application is "
 "included in request and response URLs to create persistence. The cookie "
 "name can be specified by the administrator or automatically generated. A "
 "variety of options are provided to control the exact behavior of cookies,"
 " such as how they are generated and whether they are cached."
 msgstr "在CloudStack中定义的任何负载均衡规则，都可以具有粘性策略。策略有名字，粘性方法以及参数组成。参数是成对的值-名或标志，这些由负载均衡提供商进行定义。粘发现方法可以加载负载均衡设备产生的cookie，应用生产的cookie，或基于源产生的cookie。在基于源的方法中，源IP地址被用来区分用户和定位用户存储的数据。在其他方法中，则使用cookie。由负载均衡或应用产生的cookie，包含在请求或响应的url中，以产生持久性。cookie的名称可以有管理员指定或自动产生。提供了多种选择来准确控制cookie行为。诸如如何产生的以及是否进行缓存。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:352
 msgid ""
 "For the most up to date list of available stickiness methods, see the "
 "CloudStack UI or call listNetworks and check the "
 "SupportedStickinessMethods capability."
 msgstr "对于多数粘性方法变量列表，可以参看CloudStack UI或者调用网络列表，并检查粘性方法支持能力。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:360
 msgid "Health Checks for Load Balancer Rules"
 msgstr "负载均衡规则的健康检查。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:362
 msgid "(NetScaler load balancer only; requires NetScaler version 10.0)"
 msgstr "（仅对NetScaler负载均衡设备，需要NetScaler版本10.0以上。）"

 #: ../../networking/external_firewalls_and_load_balancers.rst:364
 msgid ""
 "Health checks are used in load-balanced applications to ensure that "
 "requests are forwarded only to running, available services. When creating"
 " a load balancer rule, you can specify a health check policy. This is in "
 "addition to specifying the stickiness policy, algorithm, and other load "
 "balancer rule options. You can configure one health check policy per load"
 " balancer rule."
 msgstr "负载均衡应用中的健康检查，能够确保转发需求运行，服务可用。当创建一个负载均衡规则里，你可以指定一个健康检查策略。这是对粘性策略，算法，其他负载均衡设备规则的附加说明。可以为每一条负载均衡设备进行配置。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:371
 msgid ""
 "Any load balancer rule defined on a NetScaler load balancer in CloudStack"
 " can have a health check policy. The policy consists of a ping path, "
 "thresholds to define \"healthy\" and \"unhealthy\" states, health check "
 "frequency, and timeout wait interval."
 msgstr "在CloudStackk中的NetScaler负载均衡设备定义的任一负载均衡规则都可以有一条健康检查策略。该策略有ping路径，定义健康或非健康状态的阀值，健康检查频率以及等待超时间隔。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:376
 msgid ""
 "When a health check policy is in effect, the load balancer will stop "
 "forwarding requests to any resources that are found to be unhealthy. If "
 "the resource later becomes available again, the periodic health check "
 "will discover it, and the resource will once again be added to the pool "
 "of resources that can receive requests from the load balancer. At any "
 "given time, the most recent result of the health check is displayed in "
 "the UI. For any VM that is attached to a load balancer rule with a health"
 " check configured, the state will be shown as UP or DOWN in the UI "
 "depending on the result of the most recent health check."
 msgstr "当健康检查策略生效时，负载均衡被发现处于非健康状态时，会停止转发到源的任何请求。如果随后资源变为可用，周期性进行的健康检查就会发现，此资源就会再一次被添加至从负载均衡器收到的请求资源池里。任一时刻，最近的健康检查结果会显示在UI中。对绑定了负载均衡规则的虚拟机，且此规则配置了健康检查，依据最近的检查，状态会显示为正常或失败。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:386
 msgid "You can delete or modify existing health check policies."
 msgstr "可以删除或修改存在的健康检查策略。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:388
 msgid ""
 "To configure how often the health check is performed by default, use the "
 "global configuration setting healthcheck.update.interval (default value "
 "is 600 seconds). You can override this value for an individual health "
 "check policy."
 msgstr ""
 "为配置默认的健康检查执行频率，通过全局配置参数 "
 "healthcheck.update.interval进行设备，默认值是600秒。可以根据需要进行设置此值。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:393
 msgid ""
 "For details on how to set a health check policy using the UI, see :ref"
 ":`adding-lb-rule`."
 msgstr "如何通过UI进行健康检查策略的设置，可参看 :ref:`adding-lb-rule`。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:400
 msgid "Configuring AutoScale"
 msgstr "配置自缩放"

 #: ../../networking/external_firewalls_and_load_balancers.rst:402
 msgid ""
 "AutoScaling allows you to scale your back-end services or application VMs"
 " up or down seamlessly and automatically according to the conditions you "
 "define. With AutoScaling enabled, you can ensure that the number of VMs "
 "you are using seamlessly scale up when demand increases, and "
 "automatically decreases when demand subsides. Thus it helps you save "
 "compute costs by terminating underused VMs automatically and launching "
 "new VMs when you need them, without the need for manual intervention."
 msgstr "自缩放允许你能够根据定义的条件进行无缝且自动的增加或减少后端服务或应用虚拟机。当开启自缩放时，可以确保在需求增加时，无缝的增加正在使用虚拟机的数量。因此他会通过关闭未使用的虚拟机或者需要时开启新的虚拟机，从而节省你的计算成本。这些操作，都不需要手动干预。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:410
 msgid ""
 "NetScaler AutoScaling is designed to seamlessly launch or terminate VMs "
 "based on user-defined conditions. Conditions for triggering a scaleup or "
 "scaledown action can vary from a simple use case like monitoring the CPU "
 "usage of a server to a complex use case of monitoring a combination of "
 "server's responsiveness and its CPU usage. For example, you can configure"
 " AutoScaling to launch an additional VM whenever CPU usage exceeds 80 "
 "percent for 15 minutes, or to remove a VM whenever CPU usage is less than"
 " 20 percent for 30 minutes."
 msgstr "NetScaler的自缩放定义为基于用户定义的条件，无缝的开启或关闭虚拟机。触发扩大或缩小行为的条件从监控服务器cpu的使用率的单一用例到监控服务器响应及cpu使用率的组合用例，各不相同。例如，你可以一个自缩放，能够在CPU使用超过80%持续15分钟时启动一个新的虚拟机，或CPU使用率低于20%持续30分钟时，移除一个虚拟机。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:419
 msgid ""
 "CloudStack uses the NetScaler load balancer to monitor all aspects of a "
 "system's health and work in unison with CloudStack to initiate scale-up "
 "or scale-down actions."
 msgstr "CloudStack使用NetScaler负载均衡器来监控系统健康的各方面，并与CloudStack共同工作以初始化扩大或缩小的行为。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:424
 msgid "AutoScale is supported on NetScaler Release 10 Build 74.4006.e and beyond."
 msgstr "自缩放在NetScaler发布的10版本以上适用。（Build 74.4006.e 及以上）"

 #: ../../networking/external_firewalls_and_load_balancers.rst:430
 msgid "Before you configure an AutoScale rule, consider the following:"
 msgstr "在配置自缩放前，需要考虑以下几点："

 #: ../../networking/external_firewalls_and_load_balancers.rst:432
 msgid ""
 "Ensure that the necessary template is prepared before configuring "
 "AutoScale. When a VM is deployed by using a template and when it comes "
 "up, the application should be up and running."
 msgstr "确保在配置自缩放时有必需的模板。当使用模板部署虚拟机并使虚拟机启动时，应用能够起动并运行。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:437
 msgid ""
 "If the application is not running, the NetScaler device considers the VM "
 "as ineffective and continues provisioning the VMs unconditionally until "
 "the resource limit is exhausted."
 msgstr "如果应用没有运行，NetScaler设备会认为虚拟机无效并持续无条件的创建虚拟机，直到资源耗尽。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:441
 msgid ""
 "Deploy the templates you prepared. Ensure that the applications come up "
 "on the first boot and is ready to take the traffic. Observe the time "
 "requires to deploy the template. Consider this time when you specify the "
 "quiet time while configuring AutoScale."
 msgstr "部署准备好的模板。确保应用在第一次启动时能够开启并准备好接管流量。观察部署模板需要的时间。在配置自缩放时，要考虑这段时间。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:446
 msgid ""
 "The AutoScale feature supports the SNMP counters that can be used to "
 "define conditions for taking scale up or scale down actions. To monitor "
 "the SNMP-based counter, ensure that the SNMP agent is installed in the "
 "template used for creating the AutoScale VMs, and the SNMP operations "
 "work with the configured SNMP community and port by using standard SNMP "
 "managers. For example, see `\"Configuring SNMP Community String on a "
 "RHELServer\" <#configuring-snmp-community-string-on-a-rhel-server>`_ to "
 "configure SNMP on a RHEL machine."
 msgstr ""

 #: ../../networking/external_firewalls_and_load_balancers.rst:456
 msgid ""
 "Ensure that the endpointe.url parameter present in the Global Settings is"
 " set to the Management Server API URL. For example, "
 "``http://10.102.102.22:8080/client/api``. In a multi-node Management "
 "Server deployment, use the virtual IP address configured in the load "
 "balancer for the management server's cluster. Additionally, ensure that "
 "the NetScaler device has access to this IP address to provide AutoScale "
 "support."
 msgstr ""
 "确保在全局配置中的结束点地址参数已设置为管理服务器的API地址。例如：``http://10.102.102.22:8080/client/api``。"
 " "
 "在多管理节点的部署中，使用配置在负载均衡器上的虚拟IP地址作为管理服务器集群的IP地址。此外，确保NetScaler设备有读取为提供自缩放而配置的IP地址的权限。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:464
 msgid ""
 "If you update the endpointe.url, disable the AutoScale functionality of "
 "the load balancer rules in the system, then enable them back to reflect "
 "the changes. For more information see :ref:`update-autoscale`."
 msgstr ""
 "如果更新了endpointe.url，在系统自动负载均衡器规则里，先关闭自缩放功能随后再开启，以应用此更新。。更多信息，参见 :ref"
 ":`update-autoscale`。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:468
 msgid ""
 "If the API Key and Secret Key are regenerated for an AutoScale user, "
 "ensure that the AutoScale functionality of the load balancers that the "
 "user participates in are disabled and then enabled to reflect the "
 "configuration changes in the NetScaler."
 msgstr "如果为自缩放用户生成了API值和秘钥，确保用户参与的负载均衡器的自缩放功能先关闭，再开启，以应用NetScaler配置的变化。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:473
 msgid ""
 "In an advanced Zone, ensure that at least one VM should be present before"
 " configuring a load balancer rule with AutoScale. Having one VM in the "
 "network ensures that the network is in implemented state for configuring "
 "AutoScale."
 msgstr "在高级区域中，在配置带自缩放的负载均衡规则时，确保至少要有一个虚拟机。在网络中存在一个虚拟机，可保证在配置自缩放时，网络处于使用状态。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:480
 msgid "Configuration"
 msgstr "配置"

 #: ../../networking/external_firewalls_and_load_balancers.rst:484
 msgid "|autoscaleateconfig.png|"
 msgstr "|autoscaleateconfig.png|"

 #: ../../networking/external_firewalls_and_load_balancers.rst:486
 msgid ""
 "**Template**: A template consists of a base OS image and application. A "
 "template is used to provision the new instance of an application on a "
 "scaleup action. When a VM is deployed from a template, the VM can start "
 "taking the traffic from the load balancer without any admin intervention."
 " For example, if the VM is deployed for a Web service, it should have the"
 " Web server running, the database connected, and so on."
 msgstr ""
 "**模板**: "
 "模板由基本的操作系统镜像和应用组成。在自缩放动作中，模板用来提供一个应用的新的实例。当从模板部署虚拟机时，虚拟机在管理员不干预的情形下开始从负载均衡器那里接管流量。例如，如果虚拟机部署为WEB服务应用，则虚拟机上的WEB服务器应该在运行，并且连接了数据库，等等。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:494
 msgid ""
 "**Compute offering**: A predefined set of virtual hardware attributes, "
 "including CPU speed, number of CPUs, and RAM size, that the user can "
 "select when creating a new virtual machine instance. Choose one of the "
 "compute offerings to be used while provisioning a VM instance as part of "
 "scaleup action."
 msgstr ""
 "**计算方案**: "
 "一个预定义的虚拟硬件资源集，包括CPU速度，CPU数量，RAM，用户在创建虚拟时可以选择这些。选择一个计算方案作为提供虚拟机实例中自缩放行为的一部分。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:500
 msgid ""
 "**Min Instance**: The minimum number of active VM instances that is "
 "assigned to a load balancing rule. The active VM instances are the "
 "application instances that are up and serving the traffic, and are being "
 "load balanced. This parameter ensures that a load balancing rule has at "
 "least the configured number of active VM instances are available to serve"
 " the traffic."
 msgstr ""
 "**最小实例**: "
 "指定给负载均衡规则活动的虚拟机实例的最小数量，活动的虚拟机实例是开启的应用实例，并服务于流量和负载均衡。这个参数确保负载均衡规则拥有至少一个配置的活动虚拟机实例，并且能够服务于流量。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:508
 msgid ""
 "If an application, such as SAP, running on a VM instance is down for some"
 " reason, the VM is then not counted as part of Min Instance parameter, "
 "and the AutoScale feature initiates a scaleup action if the number of "
 "active VM instances is below the configured value. Similarly, when an "
 "application instance comes up from its earlier down state, this "
 "application instance is counted as part of the active instance count and "
 "the AutoScale process initiates a scaledown action when the active "
 "instance count breaches the Max instance value."
 msgstr "如果一个应用程序，比如SAP，它运行在一个VM实例上，但是VM因为某些原因宕机了，那么这个VM没有被算成是Min实例的一部分，并且如果这些活动的VM实例是下面配置的数值，那么自动扩展功能启动一个扩展的动作。同样的，当应用程序实例从宕机的状态恢复了以后，这个应用程序实例会被算为活动实例计数的一部分，并且当活动实例计数超出Max实例数值的时候，自动扩展启动一个缩减动作。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:518
 msgid ""
 "**Max Instance**: Maximum number of active VM instances that **should be "
 "assigned to**\\ a load balancing rule. This parameter defines the upper "
 "limit of active VM instances that can be assigned to a load balancing "
 "rule."
 msgstr ""
 "**最大实例数**：最大数量的**应该被指派到**\\ "
 "一条负载均衡策略的活动VM实例。这个参数定义了能被指派到一条负载均衡策略的活动VM实例的上限。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:523
 msgid ""
 "Specifying a large value for the maximum instance parameter might result "
 "in provisioning large number of VM instances, which in turn leads to a "
 "single load balancing rule exhausting the VM instances limit specified at"
 " the account or domain level."
 msgstr "给最大量实例参数指定一个大的值可能引发大量VM实例的分发，这个过程会导致一个负载均衡策略耗尽账户或者域级别下VM实例指定的限制。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:529
 msgid ""
 "If an application, such as SAP, running on a VM instance is down for some"
 " reason, the VM is not counted as part of Max Instance parameter. So "
 "there may be scenarios where the number of VMs provisioned for a scaleup "
 "action might be more than the configured Max Instance value. Once the "
 "application instances in the VMs are up from an earlier down state, the "
 "AutoScale feature starts aligning to the configured Max Instance value."
 msgstr "如果一个应用程序，比如SAP，它运行在一个VM实例上，但是VM因为某些原因宕机了，那么这个VM没有被算成是Max实例的一部分。所以这个情况中为扩展动作分发的VMs数量可能会超过配置的MAX实例数值。一旦这个VMs中的应用程序实例从先前的宕机中恢复的时候，自动扩展功能就会校正Max实例的数值。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:537
 msgid "Specify the following scale-up and scale-down policies:"
 msgstr "指定下列扩展和缩减的策略："

 #: ../../networking/external_firewalls_and_load_balancers.rst:539
 msgid ""
 "**Duration**: The duration, in seconds, for which the conditions you "
 "specify must be true to trigger a scaleup action. The conditions defined "
 "should hold true for the entire duration you specify for an AutoScale "
 "action to be invoked."
 msgstr "**持续**：持续，以秒为单位，你必须指定条件为true以触发一个扩展动作。这个条件定义的是为了触发一个自动扩展动作，你指定的全部持续值应保持为true。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:544
 msgid ""
 "**Counter**: The performance counters expose the state of the monitored "
 "instances. By default, CloudStack offers four performance counters: Three"
 " SNMP counters and one NetScaler counter. The SNMP counters are Linux "
 "User CPU, Linux System CPU, and Linux CPU Idle. The NetScaler counter is "
 "ResponseTime. The root administrator can add additional counters into "
 "CloudStack by using the CloudStack API."
 msgstr ""
 "**计数器**：性能计数器直接体现了被监视实例的状态。默认情况下，CloudStack提供了4个性能计数器：3个SNMP计数器和1个NetScaler计数器。SNMP计数器是Linux"
 " User CPU、Linux System CPU和Linux CPU "
 "Idle。NetScaler计数器是ResponseTime。root管理员能够使用CloudStack "
 "API给CloudStack添加额外的计数器。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:551
 msgid ""
 "**Operator**: The following five relational operators are supported in "
 "AutoScale feature: Greater than, Less than, Less than or equal to, "
 "Greater than or equal to, and Equal to."
 msgstr "**运算符**：自动扩展功能支持下列5种关系型运算符：大于、小于、小于或等于、大于或等于和等于。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:555
 msgid ""
 "**Threshold**: Threshold value to be used for the counter. Once the "
 "counter defined above breaches the threshold value, the AutoScale feature"
 " initiates a scaleup or scaledown action."
 msgstr "**阈值**：阈值用于计数器。一旦上面计数器中定义的值超出阈值，自动扩展功能会启动扩展或者缩减动作。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:559
 msgid "**Add**: Click Add to add the condition."
 msgstr "**添加**:：点击添加来添加条件。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:561
 msgid ""
 "Additionally, if you want to configure the advanced settings, click Show "
 "advanced settings, and specify the following:"
 msgstr "另外，如果你想配置高级设置，点击显示高级设置，接着指定下列参数："

 #: ../../networking/external_firewalls_and_load_balancers.rst:564
 msgid ""
 "**Polling interval**: Frequency in which the conditions, combination of "
 "counter, operator and threshold, are to be evaluated before taking a "
 "scale up or down action. The default polling interval is 30 seconds."
 msgstr "**轮询间隔**：组合计数器，运算和阈值这几个条件的频率在触发扩展和缩减动作之前都要被评估。默认的轮询间隔是30秒。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:569
 msgid ""
 "**Quiet Time**: This is the cool down period after an AutoScale action is"
 " initiated. The time includes the time taken to complete provisioning a "
 "VM instance from its template and the time taken by an application to be "
 "ready to serve traffic. This quiet time allows the fleet to come up to a "
 "stable state before any action can take place. The default is 300 "
 "seconds."
 msgstr "**平静期**：这是自动扩展动作被触发之后的冷静期。这个时间包括完成从模板分发一个VM实例的时间和一个应用程序准备好提供服务的时间。平静期允许机群在发生任何动作之前进入稳定状态。默认值是300秒。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:576
 msgid ""
 "**Destroy VM Grace Period**: The duration in seconds, after a scaledown "
 "action is initiated, to wait before the VM is destroyed as part of "
 "scaledown action. This is to ensure graceful close of any pending "
 "sessions or transactions being served by the VM marked for destroy. The "
 "default is 120 seconds."
 msgstr "**VM销毁宽限期**：此宽限期以秒计算，在一个缩减动作运行之后，在VMs被视为缩减动作的一部分从而销毁之前的等待时间。它保证了能够彻底关闭任何服务于被标记为销毁的VM的挂起中的进程或者事务。默认值是120秒。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:582
 msgid ""
 "**Security Groups**: Security groups provide a way to isolate traffic to "
 "the VM instances. A security group is a group of VMs that filter their "
 "incoming and outgoing traffic according to a set of rules, called ingress"
 " and egress rules. These rules filter network traffic according to the IP"
 " address that is attempting to communicate with the VM."
 msgstr "**安全组**：安全组提供一种方法来隔离VMs流量。一个安全组是一组依照设置名为入口规则和出口规则来过滤他们进出流量的VMs，这些规则依靠与VM通讯的IP地址来过滤网络流量。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:589
 msgid ""
 "**Disk Offerings**: A predefined set of disk size for primary data "
 "storage."
 msgstr "**磁盘方案**：一组预定义的主数据存储磁盘大小。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:592
 msgid ""
 "**SNMP Community**: The SNMP community string to be used by the NetScaler"
 " device to query the configured counter value from the provisioned VM "
 "instances. Default is public."
 msgstr "**SNMP 联系**：SNMP 联系字符串被用于NetScaler设备从分发的VM实例中查询已配置的计数器的值。默认是public。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:596
 msgid ""
 "**SNMP Port**: The port number on which the SNMP agent that run on the "
 "provisioned VMs is listening. Default port is 161."
 msgstr "**SNMP端口**：运行在已分发的VMs上的SNMP代理端口号。默认的端口是161."

 #: ../../networking/external_firewalls_and_load_balancers.rst:599
 msgid ""
 "**User**: This is the user that the NetScaler device use to invoke "
 "scaleup and scaledown API calls to the cloud. If no option is specified, "
 "the user who configures AutoScaling is applied. Specify another user name"
 " to override."
 msgstr "**用户**：在云中NetScaler设备中用于发起扩展和缩减API调用的用户。如果没有指定选项，那么该用户被配置为自动扩展。指定其他用户名可以覆盖此配置。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:604
 msgid "**Apply**: Click Apply to create the AutoScale configuration."
 msgstr "**应用**：点击应用创建自动扩展配置。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:608
 msgid "Disabling and Enabling an AutoScale Configuration"
 msgstr "禁止和启用自动扩展配置"

 #: ../../networking/external_firewalls_and_load_balancers.rst:610
 msgid ""
 "If you want to perform any maintenance operation on the AutoScale VM "
 "instances, disable the AutoScale configuration. When the AutoScale "
 "configuration is disabled, no scaleup or scaledown action is performed. "
 "You can use this downtime for the maintenance activities. To disable the "
 "AutoScale configuration, click the Disable AutoScale |EnableDisable.png| "
 "button."
 msgstr ""
 "如果你想对一个自动扩展VM实例执行任何维护操作，请禁用自动扩展配置。当自动扩展配置被禁用，扩展和缩减动作不会执行。你可以利用停机时间进行维护活动。要禁用自动扩展配置，点击禁用自动扩展按钮"
 " |EnableDisable.png|。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:616
 msgid ""
 "The button toggles between enable and disable, depending on whether "
 "AutoScale is currently enabled or not. After the maintenance operations "
 "are done, you can enable the AutoScale configuration back. To enable, "
 "open the AutoScale configuration page again, then click the Enable "
 "AutoScale |EnableDisable.png| button."
 msgstr "这个按钮是启用和禁止的切换开关，取决于当前是否启用了自动扩展。在执行完维护操作以后，你可以启用回自动扩展配置。要启用，请再次打开自动扩展配置页面，然后点击启用自动扩展按钮|EnableDisable.png|。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:626
 msgid "Updating an AutoScale Configuration"
 msgstr "更新自动扩展配置"

 #: ../../networking/external_firewalls_and_load_balancers.rst:628
 msgid ""
 "You can update the various parameters and add or delete the conditions in"
 " a scaleup or scaledown rule. Before you update an AutoScale "
 "configuration, ensure that you disable the AutoScale load balancer rule "
 "by clicking the Disable AutoScale button."
 msgstr "你可以更新各种参数和添加或者删除扩展或缩减策略中的条件。在你更新自动扩展配置之前，请确保你已经通过点击禁止自动扩展按钮禁止了自动扩展负载均衡策略。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:633
 msgid ""
 "After you modify the required AutoScale parameters, click Apply. To apply"
 " the new AutoScale policies, open the AutoScale configuration page again,"
 " then click the Enable AutoScale button."
 msgstr "在你修改了所需的自动扩展参数之后，点击应用。要应新的自动扩展策略，再次打开自动扩展配置页面，然后点击启用自动扩展按钮。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:639
 msgid "Runtime Considerations"
 msgstr "运行时注意事项"

 #: ../../networking/external_firewalls_and_load_balancers.rst:641
 msgid ""
 "An administrator should not assign a VM to a load balancing rule which is"
 " configured for AutoScale."
 msgstr "管理员不应该分配VM到配置为AutoScale的负载均衡规则中。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:644
 msgid ""
 "Before a VM provisioning is completed if NetScaler is shutdown or "
 "restarted, the provisioned VM cannot be a part of the load balancing rule"
 " though the intent was to assign it to a load balancing rule. To "
 "workaround, rename the AutoScale provisioned VMs based on the rule name "
 "or ID so at any point of time the VMs can be reconciled to its load "
 "balancing rule."
 msgstr "在分配虚拟机到一个负载均衡的规则配置完成前如果NetScaler被关闭或重启，则配置的虚拟机不能成为负载均衡规则的一部分。要解决此问题，重命名基于AutoScale配置的虚拟机名称或ID，以便在任何时间点负载平衡规则可以调节该虚拟机。"

 #: ../../networking/external_firewalls_and_load_balancers.rst:651
 msgid ""
 "Making API calls outside the context of AutoScale, such as destroyVM, on "
 "an autoscaled VM leaves the load balancing configuration in an "
 "inconsistent state. Though VM is destroyed from the load balancer rule, "
 "NetScaler continues to show the VM as a service assigned to a rule."
 msgstr "在自动扩展上下文之外使用API调用，如destroyVM，那么自动扩展下的VM会处于负载均衡配置冲突状态中。虽然VM被负载均衡策略所销毁，但NetScaler仍然会把VM作为一个设备分配一条策略。"

 #: ../../networking/global_server_load_balancing.rst:18
 msgid "Global Server Load Balancing Support"
 msgstr "全局服务器负载均衡 支持"

 #: ../../networking/global_server_load_balancing.rst:20
 msgid ""
 "CloudStack supports Global Server Load Balancing (GSLB) functionalities "
 "to provide business continuity, and enable seamless resource movement "
 "within a CloudStack environment. CloudStack achieve this by extending its"
 " functionality of integrating with NetScaler Application Delivery "
 "Controller (ADC), which also provides various GSLB capabilities, such as "
 "disaster recovery and load balancing. The DNS redirection technique is "
 "used to achieve GSLB in CloudStack."
 msgstr ""
 "CLOUDSTACK支持全局服务器负载均衡 (GSLB) "
 "功能以提供可持续的商业运营。GSLB可以在CLOUDSTACK环境中实现资源的无缝迁移。CLOUDSTACK通过集成NetScaler应用交付控制器"
 " "
 "(ADC)来提供GSLB功能，ADC可以提供各种各样的GSLB能力，比如灾难恢复，负载均衡。CLOUDSTACK在实现GSLB功能进，使用了DNS重定向技术。"

 #: ../../networking/global_server_load_balancing.rst:28
 msgid ""
 "In order to support this functionality, region level services and service"
 " provider are introduced. A new service 'GSLB' is introduced as a region "
 "level service. The GSLB service provider is introduced that will provider"
 " the GSLB service. Currently, NetScaler is the supported GSLB provider in"
 " CloudStack. GSLB functionality works in an Active-Active data center "
 "environment."
 msgstr ""
 "为了支持这个功能，引进了地域级别的服务和服务提供者。引进了一项新服务“GSLB”作为地域级别的服务。该GSLB服务提供者介绍将提供GSLB服务。目前，CloudStack中NetScaler可作为GSLB提供者。"
 " GSLB功能工作在Active-Active数据中心环境。"

 #: ../../networking/global_server_load_balancing.rst:37
 msgid "About Global Server Load Balancing"
 msgstr "关于全局服务器负载均衡"

 #: ../../networking/global_server_load_balancing.rst:39
 msgid ""
 "Global Server Load Balancing (GSLB) is an extension of load balancing "
 "functionality, which is highly efficient in avoiding downtime. Based on "
 "the nature of deployment, GSLB represents a set of technologies that is "
 "used for various purposes, such as load sharing, disaster recovery, "
 "performance, and legal obligations. With GSLB, workloads can be "
 "distributed across multiple data centers situated at geographically "
 "separated locations. GSLB can also provide an alternate location for "
 "accessing a resource in the event of a failure, or to provide a means of "
 "shifting traffic easily to simplify maintenance, or both."
 msgstr ""
 "全局服务器负载均衡(GSLB)是负载均衡功能的扩展，为了高效的避免停机时间。基于部署的性质，GSLB代表一组技术的集合，用于各种用途，如负载均衡，灾难恢复，性能，和法定义务。使用GSLB，工作负载可以分布在位于不同地理位置的多个数据中心。"
 " GSLB也可以用于在发生故障时访问资源的另一个备用位置，或对流量提供了简易的维护方式，或两者兼得。"

 #: ../../networking/global_server_load_balancing.rst:51
 msgid "Components of GSLB"
 msgstr "GSLB服务组件"

 #: ../../networking/global_server_load_balancing.rst:53
 msgid "A typical GSLB environment is comprised of the following components:"
 msgstr "一个典型的GSLB环境由以下服务组件组成："

 #: ../../networking/global_server_load_balancing.rst:55
 msgid ""
 "**GSLB Site**: In CloudStack terminology, GSLB sites are represented by "
 "zones that are mapped to data centers, each of which has various network "
 "appliances. Each GSLB site is managed by a NetScaler appliance that is "
 "local to that site. Each of these appliances treats its own site as the "
 "local site and all other sites, managed by other appliances, as remote "
 "sites. It is the central entity in a GSLB deployment, and is represented "
 "by a name and an IP address."
 msgstr "**GSLB站点**：在CloudStack专业术语中，GSLB站点表现为映射至数据中心的zones，每个GSLB有多个网络设备。每个GSLB站点由一个位于站点中的NetScaler设备管理。每个NetScaler设备将他管理的站点视为本地站点，并且由其他NetScaler设备管理的站点视为远程站点。在GSLB部署中它是一个中央实体，具体表现为一个名称和一个IP地址。"

 #: ../../networking/global_server_load_balancing.rst:63
 msgid ""
 "**GSLB Services**: A GSLB service is typically represented by a load "
 "balancing or content switching virtual server. In a GSLB environment, you"
 " can have a local as well as remote GSLB services. A local GSLB service "
 "represents a local load balancing or content switching virtual server. A "
 "remote GSLB service is the one configured at one of the other sites in "
 "the GSLB setup. At each site in the GSLB setup, you can create one local "
 "GSLB service and any number of remote GSLB services."
 msgstr "**GSLB服务**：GSLB服务表现为典型的负载均衡或者内容交换虚拟服务器。在一个GSLB环境中，你可以有本地及远程GSLB服务。本地GSLB服务表现为一个本地负载均衡或者内容交换虚拟服务器。远程GSLB服务是配置在GSLB设置中的其他站点。在每个站点中的GSLB设置里，你可以创建一个本地GSLB服务和任意数量的远程GSLB服务。"

 #: ../../networking/global_server_load_balancing.rst:72
 msgid ""
 "**GSLB Virtual Servers**: A GSLB virtual server refers to one or more "
 "GSLB services and balances traffic between traffic across the VMs in "
 "multiple zones by using the CloudStack functionality. It evaluates the "
 "configured GSLB methods or algorithms to select a GSLB service to which "
 "to send the client requests. One or more virtual servers from different "
 "zones are bound to the GSLB virtual server. GSLB virtual server does not "
 "have a public IP associated with it, instead it will have a FQDN DNS "
 "name."
 msgstr ""
 "**GSLB虚拟服务器**：GSLB虚拟服务器指的是一个或多个GSLB服务和平衡跨越多个使用CloudStack功能的zones之间VMs的流量。它通过评估配置的GSLB方法或者算法来选择一个GSLB服务发送客户端请求。来自不同zone的一个或多个虚拟服务器被绑定到GSLB虚拟服务器上。GSLB虚拟服务器没有对应的公共IP，只有一个FQDN"
 " DNS名称。"

 #: ../../networking/global_server_load_balancing.rst:81
 msgid ""
 "**Load Balancing or Content Switching Virtual Servers**: According to "
 "Citrix NetScaler terminology, a load balancing or content switching "
 "virtual server represents one or many servers on the local network. "
 "Clients send their requests to the load balancing or content switching "
 "virtual server's virtual IP (VIP) address, and the virtual server "
 "balances the load across the local servers. After a GSLB virtual server "
 "selects a GSLB service representing either a local or a remote load "
 "balancing or content switching virtual server, the client sends the "
 "request to that virtual server's VIP address."
 msgstr ""
 "**负载均衡或内容交换虚拟服务器**：依照Citrix "
 "NetScaler的专业术语，一个负载均衡或者内容交换虚拟服务器表现为本地网络上的一个或多个服务器。客户端发送他们的请求至负载均衡或内容交换虚拟服务器IP(VIP)地址，并且由虚拟服务器平衡本地服务器之间的负载。在GSLB虚拟服务器选择了一个基于本地或者远程负载均衡或者内容交换虚拟服务器的GSLB服务之后，客户端发送请求至虚拟服务器的VIP地址。"

 #: ../../networking/global_server_load_balancing.rst:91
 msgid ""
 "**DNS VIPs**: DNS virtual IP represents a load balancing DNS virtual "
 "server on the GSLB service provider. The DNS requests for domains for "
 "which the GSLB service provider is authoritative can be sent to a DNS "
 "VIP."
 msgstr ""
 "**DNS "
 "VIPs**：DNS虚拟IP是一个在GSLB服务供应者上的DNS负载均衡虚拟服务器。在有GSLB服务提供者的域中的DNS请求会被发送至一个DNS "
 "VIP。"

 #: ../../networking/global_server_load_balancing.rst:96
 msgid ""
 "**Authoritative DNS**: ADNS (Authoritative Domain Name Server) is a "
 "service that provides actual answer to DNS queries, such as web site IP "
 "address. In a GSLB environment, an ADNS service responds only to DNS "
 "requests for domains for which the GSLB service provider is "
 "authoritative. When an ADNS service is configured, the service provider "
 "owns that IP address and advertises it. When you create an ADNS service, "
 "the NetScaler responds to DNS queries on the configured ADNS service IP "
 "and port."
 msgstr "**权威DNS**：ADNS(权威域名称服务器)是一个为DNS请求提供真实响应的服务，比如web站点IP地址。在GSLB环境中，一个ADNS服务只响应权威的GSLB服务提供者所在域的DNS请求。当配置了一个ADNS服务，该服务的提供者即拥有该服务IP并且广播它。当你创建一个ADNS服务的时候，NetScaler通过配置的ADNS服务IP和端口响应DNS请求。"

 #: ../../networking/global_server_load_balancing.rst:107
 msgid "How Does GSLB Works in CloudStack?"
 msgstr "在CloudStack中，GSLB的工作原理是什么？"

 #: ../../networking/global_server_load_balancing.rst:109
 msgid ""
 "Global server load balancing is used to manage the traffic flow to a web "
 "site hosted on two separate zones that ideally are in different "
 "geographic locations. The following is an illustration of how GLSB "
 "functionality is provided in CloudStack: An organization, xyztelco, has "
 "set up a public cloud that spans two zones, Zone-1 and Zone-2, across "
 "geographically separated data centers that are managed by CloudStack. "
 "Tenant-A of the cloud launches a highly available solution by using "
 "xyztelco cloud. For that purpose, they launch two instances each in both "
 "the zones: VM1 and VM2 in Zone-1 and VM5 and VM6 in Zone-2. Tenant-A "
 "acquires a public IP, IP-1 in Zone-1, and configures a load balancer rule"
 " to load balance the traffic between VM1 and VM2 instances. CloudStack "
 "orchestrates setting up a virtual server on the LB service provider in "
 "Zone-1. Virtual server 1 that is set up on the LB service provider in "
 "Zone-1 represents a publicly accessible virtual server that client "
 "reaches at IP-1. The client traffic to virtual server 1 at IP-1 will be "
 "load balanced across VM1 and VM2 instances."
 msgstr ""
 "全局服务器负载均衡-GSLB-"
 "用于在不同地域的不同独立区域之间管理WEB服务器的访问流量。以下是CLOUDSTACK中提供的GSLB功能图示：EXZTELCO这个组织用CLOUDSTACK在不同的数据中心部署一个公有云，此云环境包括两个区域，Zone-1"
 " 和Zone-2。XYZTELCO里有租户A需要部署一个高可用方案。为了达到此目标，他们分别在两个区域里部署了两个虚拟机实例：Zone-"
 "1中有VM1和VM2，Zone-2中有VM5和VM6。租户A在Zone-1中得到一个公网IP-"
 "IP-1，并且在VM1和VM2之间配置了负载均衡规则。CLOUDSTACK 编排系统在 Zone-"
 "1中LB服务上设置了一个虚拟服务器-Virtual server 1 。客户端对-IP-1的访问会到达Virtual server "
 "1，此虚拟服务器再将流量转发到VM1和VM2上进行流量负载均衡。"

 #: ../../networking/global_server_load_balancing.rst:126
 msgid ""
 "Tenant-A acquires another public IP, IP-2 in Zone-2 and sets up a load "
 "balancer rule to load balance the traffic between VM5 and VM6 instances. "
 "Similarly in Zone-2, CloudStack orchestrates setting up a virtual server "
 "on the LB service provider. Virtual server 2 that is setup on the LB "
 "service provider in Zone-2 represents a publicly accessible virtual "
 "server that client reaches at IP-2. The client traffic that reaches "
 "virtual server 2 at IP-2 is load balanced across VM5 and VM6 instances. "
 "At this point Tenant-A has the service enabled in both the zones, but has"
 " no means to set up a disaster recovery plan if one of the zone fails. "
 "Additionally, there is no way for Tenant-A to load balance the traffic "
 "intelligently to one of the zones based on load, proximity and so on. The"
 " cloud administrator of xyztelco provisions a GSLB service provider to "
 "both the zones. A GSLB provider is typically an ADC that has the ability "
 "to act as an ADNS (Authoritative Domain Name Server) and has the "
 "mechanism to monitor health of virtual servers both at local and remote "
 "sites. The cloud admin enables GSLB as a service to the tenants that use "
 "zones 1 and 2."
 msgstr ""
 "租户A在Zone-2中得到一个公网IP-IP-2，并且在VM5和VM6之间配置了负载均衡规则。CLOUDSTACK 编排系统在 Zone-"
 "2中LB服务上设置了一个虚拟服务器-Virtual server 2 。客户端对-IP-2的访问会到达Virtual server "
 "2，此虚拟服务器再将流量转发到VM5和VM6上进行流量负载均衡。此时，租户A在两个区域里都启用了服务，但是，无法在这种环境下部署灾难恢复计划，也无法更智能在区域内使用负载均衡。要解决这些问题，XYZTELCO云管理员可以在两个区域内启用GSLB服务，一个GSLB服务通常是一个具有ADNS(认证域名服务器)能力的ADC，并且具有监测本地和远程站点健康状况的手段。云管理员可以在ZONE"
 " 1和2中为租户启用GSLB服务。"

 #: ../../networking/global_server_load_balancing.rst:144
 msgid "|gslb.png|"
 msgstr "|gslb.png|"

 #: ../../networking/global_server_load_balancing.rst:146
 msgid ""
 "Tenant-A wishes to leverage the GSLB service provided by the xyztelco "
 "cloud. Tenant-A configures a GSLB rule to load balance traffic across "
 "virtual server 1 at Zone-1 and virtual server 2 at Zone-2. The domain "
 "name is provided as A.xyztelco.com. CloudStack orchestrates setting up "
 "GSLB virtual server 1 on the GSLB service provider at Zone-1. CloudStack "
 "binds virtual server 1 of Zone-1 and virtual server 2 of Zone-2 to GLSB "
 "virtual server 1. GSLB virtual server 1 is configured to start monitoring"
 " the health of virtual server 1 and 2 in Zone-1. CloudStack will also "
 "orchestrate setting up GSLB virtual server 2 on GSLB service provider at "
 "Zone-2. CloudStack will bind virtual server 1 of Zone-1 and virtual "
 "server 2 of Zone-2 to GLSB virtual server 2. GSLB virtual server 2 is "
 "configured to start monitoring the health of virtual server 1 and 2. "
 "CloudStack will bind the domain A.xyztelco.com to both the GSLB virtual "
 "server 1 and 2. At this point, Tenant-A service will be globally "
 "reachable at A.xyztelco.com. The private DNS server for the domain "
 "xyztelcom.com is configured by the admin out-of-band to resolve the "
 "domain A.xyztelco.com to the GSLB providers at both the zones, which are "
 "configured as ADNS for the domain A.xyztelco.com. A client when sends a "
 "DNS request to resolve A.xyztelcom.com, will eventually get DNS "
 "delegation to the address of GSLB providers at zone 1 and 2. A client DNS"
 " request will be received by the GSLB provider. The GSLB provider, "
 "depending on the domain for which it needs to resolve, will pick up the "
 "GSLB virtual server associated with the domain. Depending on the health "
 "of the virtual servers being load balanced, DNS request for the domain "
 "will be resolved to the public IP associated with the selected virtual "
 "server."
 msgstr ""
 "租户- A希望利用由xyztelco cloud提供的GSLB服务。租户-A配置了一个GSLB规则对Zone-"
 "1中的虚拟服务器1和Zone-2中的虚拟服务器2提供流量负载均衡。假设域名是A.xyztelco.com "
 "。CloudStack中协调设置GSLB服务提供者Zone-1中的GSLB虚拟服务器1。 CloudStack绑定Zone-"
 "1中的虚拟服务器1和Zone-2中的虚拟服务器2到GSLB虚拟服务器1。CloudStack也将协调设置GSLB服务提供者Zone-"
 "2中的GSLB虚拟服务器2.CloudStack绑定Zone-1中的虚拟服务器1和Zone-"
 "2中的虚拟服务器2到GSLB虚拟服务器2.GSLB虚拟服务器2配置为开始监视虚拟服务器1和2的健康。CloudStack中会绑定域名A.xyztelco.com到GSLB虚拟服务器1和2。在这一点上，租户-A的服务将在全球范围内可达于A.xyztelco.com。域名xyztelcom.com的专用DNS服务器，被管理员配置为外带管理，由两个区域的GSLB提供者对域名A.xyztelco.com提供解析。它将被配置为域名A.xyztelco.com的ADNS。当客户端请求解析A.xyztelcom.com域名时，将最终由DNS指派到GSLB提供者Zone"
 " 1 "
 "和Zone2。客户DNS请求将被GSLB提供者接获。GSLB提供者，根据需要解析的域名，将获得与域名关联的GSLB虚拟服务器。根据用于负载均衡的虚拟服务器的运行健康状况，域名DNS请求将被解析到所选择关联的虚拟服务器中。"

 #: ../../networking/global_server_load_balancing.rst:175
 msgid "Configuring GSLB"
 msgstr "配置GSLB"

 #: ../../networking/global_server_load_balancing.rst:177
 msgid ""
 "To configure a GSLB deployment, you must first configure a standard load "
 "balancing setup for each zone. This enables you to balance load across "
 "the different servers in each zone in the region. Then on the NetScaler "
 "side, configure both NetScaler appliances that you plan to add to each "
 "zone as authoritative DNS (ADNS) servers. Next, create a GSLB site for "
 "each zone, configure GSLB virtual servers for each site, create GLSB "
 "services, and bind the GSLB services to the GSLB virtual servers. "
 "Finally, bind the domain to the GSLB virtual servers. The GSLB "
 "configurations on the two appliances at the two different zones are "
 "identical, although each sites load-balancing configuration is specific "
 "to that site."
 msgstr "要配置GSLB的部署，您必须首先为每个区域配置一个标准的负载平衡设置。这使您能够在该地域中每个区域的不同服务器之间进行负载均衡。然后在NetScaler方面，配置您计划添加到每个区域作为权威DNS(ADNS)服务器的两个NetScaler应用。接下来，为每个区域创建GSLB站点、配置GSLB虚拟服务器、创建GSLB服务并绑定GSLB服务到GSLB虚拟服务器中。最后，绑定该域到GSLB虚拟服务器。两个应用的GSLB配置在两个不同区域中是完全相同的，尽管每个网站的负载均衡配置特定于该网站。"

 #: ../../networking/global_server_load_balancing.rst:189
 msgid ""
 "Perform the following as a cloud administrator. As per the example given "
 "above, the administrator of xyztelco is the one who sets up GSLB:"
 msgstr "作为云管理员执行以下操作。按照上面给出的例子中，由管理员xyztelco设置GSLB："

 #: ../../networking/global_server_load_balancing.rst:192
 msgid ""
 "In the cloud.dns.name global parameter, specify the DNS name of your "
 "tenant's cloud that make use of the GSLB service."
 msgstr "在全局变量 cloud.dns.name中，为您租户云定义DNS名称并供GSLB服务使用。"

 #: ../../networking/global_server_load_balancing.rst:195
 msgid ""
 "On the NetScaler side, configure GSLB as given in `Configuring Global "
 "Server Load Balancing (GSLB) <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-config-con.html>`_:"
 msgstr ""
 "在NetScaler方面，给出GSLB配置  `配置全局服务器负载均衡 "
 "(GSLB)<http://support.citrix.com/proddocs/topic/netscaler-traffic-"
 "management-10-map/ns-gslb-config-con.html>`_:"

 #: ../../networking/global_server_load_balancing.rst:199
 msgid "Configuring a standard load balancing setup."
 msgstr "配置一个标准的负载均衡设置。"

 #: ../../networking/global_server_load_balancing.rst:201
 msgid ""
 "Configure Authoritative DNS, as explained in `Configuring an "
 "Authoritative DNS Service <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-config-adns-svc-tsk.html>`_."
 msgstr ""
 "配置权威DNS，如下解释 `配置权威的DNS服务 <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-config-adns-svc-"
 "tsk.html>`__."

 #: ../../networking/global_server_load_balancing.rst:205
 msgid "Configure a GSLB site with site name formed from the domain name details."
 msgstr "由域名详细信息配置一个GSLB站点和站点名称。"

 #: ../../networking/global_server_load_balancing.rst:208
 msgid "Configure a GSLB site with the site name formed from the domain name."
 msgstr "由域名配置一个GSLB站点和站点名称。"

 #: ../../networking/global_server_load_balancing.rst:211
 msgid ""
 "As per the example given above, the site names are A.xyztelco.com and "
 "B.xyztelco.com."
 msgstr "按照上面给出的例子，站点名称为 A.xyztelco.com 和 B.xyztelco.com"

 #: ../../networking/global_server_load_balancing.rst:214
 msgid ""
 "For more information, see `Configuring a Basic GSLB Site "
 "<http://support.citrix.com/proddocs/topic/netscaler-traffic-"
 "management-10-map/ns-gslb-config-basic-site-tsk.html>`_."
 msgstr ""
 "更多信息，请参阅 `配置基本的GSLB站点 <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-config-basic-site-"
 "tsk.html>`__."

 #: ../../networking/global_server_load_balancing.rst:217
 msgid "Configure a GSLB virtual server."
 msgstr "配置GSLB虚拟服务器。"

 #: ../../networking/global_server_load_balancing.rst:219
 msgid ""
 "For more information, see `Configuring a GSLB Virtual Server "
 "<http://support.citrix.com/proddocs/topic/netscaler-traffic-"
 "management-10-map/ns-gslb-config-vsvr-tsk.html>`_."
 msgstr ""
 "更多信息，请参阅 `配置GSLB虚拟服务器 <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-config-vsvr-tsk.html>`__."

 #: ../../networking/global_server_load_balancing.rst:222
 msgid "Configure a GSLB service for each virtual server."
 msgstr "为每个虚拟服务器配置GSLB服务。"

 #: ../../networking/global_server_load_balancing.rst:224
 msgid ""
 "For more information, see `Configuring a GSLB Service "
 "<http://support.citrix.com/proddocs/topic/netscaler-traffic-"
 "management-10-map/ns-gslb-config-svc-tsk.html>`_."
 msgstr ""
 "更多信息，请参阅 `配置GSLB服务 <http://support.citrix.com/proddocs/topic/netscaler-"
 "traffic-management-10-map/ns-gslb-config-svc-tsk.html>`__."

 #: ../../networking/global_server_load_balancing.rst:227
 msgid "Bind the GSLB services to the GSLB virtual server."
 msgstr "绑定GSLB服务到GSLB虚拟服务器。"

 #: ../../networking/global_server_load_balancing.rst:229
 msgid ""
 "For more information, see `Binding GSLB Services to a GSLB Virtual Server"
 " <http://support.citrix.com/proddocs/topic/netscaler-traffic-"
 "management-10-map/ns-gslb-bind-svc-vsvr-tsk.html>`_."
 msgstr ""
 "更多信息，请参阅 `绑定GSLB服务到GSLB虚拟服务器 <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-bind-svc-vsvr-tsk.html>`__."

 #: ../../networking/global_server_load_balancing.rst:232
 msgid ""
 "Bind domain name to GSLB virtual server. Domain name is obtained from the"
 " domain details."
 msgstr "绑定GSLB域名到GSLB虚拟服务器。从域的详细信息中获得域名。"

 #: ../../networking/global_server_load_balancing.rst:235
 msgid ""
 "For more information, see `Binding a Domain to a GSLB Virtual Server "
 "<http://support.citrix.com/proddocs/topic/netscaler-traffic-"
 "management-10-map/ns-gslb-bind-dom-vsvr-tsk.html>`_."
 msgstr ""
 "更多信息，请参阅  `绑定GSLB域名到GSLB虚拟服务器 <http://support.citrix.com/proddocs/topic"
 "/netscaler-traffic-management-10-map/ns-gslb-bind-dom-vsvr-tsk.html>`__."

 #: ../../networking/global_server_load_balancing.rst:238
 msgid ""
 "In each zone that are participating in GSLB, add GSLB-enabled NetScaler "
 "device."
 msgstr "在每个参与GSLB的区域内，添加启用GSLB功能的NetScaler设备。"

 #: ../../networking/global_server_load_balancing.rst:241
 msgid "For more information, see :ref:`enabling-gslb-in-ns`."
 msgstr "更多信息请参考 :ref:`enabling-gslb-in-ns`."

 #: ../../networking/global_server_load_balancing.rst:243
 msgid "As a domain administrator/ user perform the following:"
 msgstr "以域管理员/用户执行以下操作："

 #: ../../networking/global_server_load_balancing.rst:245
 msgid "Add a GSLB rule on both the sites."
 msgstr "在两个站点中添加GSLB规则。"

 #: ../../networking/global_server_load_balancing.rst:247
 msgid "See \":ref:`adding-gslb-rule`\"."
 msgstr "参考\":ref:`adding-gslb-rule`\"."

 #: ../../networking/global_server_load_balancing.rst:249
 msgid "Assign load balancer rules."
 msgstr "分配负载均衡规则。"

 #: ../../networking/global_server_load_balancing.rst:251
 msgid "See \":ref:`assigning-lb-rule-gslb`\"."
 msgstr "参考\":ref:`assigning-lb-rule-gslb`\"."

 #: ../../networking/global_server_load_balancing.rst:257
 msgid "The GSLB functionality is supported both Basic and Advanced zones."
 msgstr "GSLB功能支持基本和高级区域。"

 #: ../../networking/global_server_load_balancing.rst:259
 msgid "GSLB is added as a new network service."
 msgstr "GSLB是新添加的网络服务。"

 #: ../../networking/global_server_load_balancing.rst:261
 msgid "GSLB service provider can be added to a physical network in a zone."
 msgstr "GSLB服务提供者可以被添加至区域中的物理网络。"

 #: ../../networking/global_server_load_balancing.rst:263
 msgid ""
 "The admin is allowed to enable or disable GSLB functionality at region "
 "level."
 msgstr "管理员允许开启或禁用地域级别的GSLB功能。"

 #: ../../networking/global_server_load_balancing.rst:266
 msgid "The admin is allowed to configure a zone as GSLB capable or enabled."
 msgstr "管理员具有启用或配置区域为GSLB的能力"

 #: ../../networking/global_server_load_balancing.rst:268
 msgid ""
 "A zone shall be considered as GSLB capable only if a GSLB service "
 "provider is provisioned in the zone."
 msgstr "只有在GSLB服务提供者提供的区域中，该区域才被视为有GSLB能力。"

 #: ../../networking/global_server_load_balancing.rst:271
 msgid ""
 "When users have VMs deployed in multiple availability zones which are "
 "GSLB enabled, they can use the GSLB functionality to load balance traffic"
 " across the VMs in multiple zones."
 msgstr "当用户的VMs部署在启用GSLB功能的多个可用区域中时，他们可以使用GSLB功能在多个区域中将VM的流量进行负载均衡。"

 #: ../../networking/global_server_load_balancing.rst:275
 msgid ""
 "The users can use GSLB to load balance across the VMs across zones in a "
 "region only if the admin has enabled GSLB in that region."
 msgstr "如果管理员在地域中启用了GSLB，用户可以使用GSLB对地狱中的所有区域的VMs进行负载均衡。"

 #: ../../networking/global_server_load_balancing.rst:278
 msgid ""
 "The users can load balance traffic across the availability zones in the "
 "same region or different regions."
 msgstr "用户可以为同一个区域或不同地域间可用的区域流量进行负载均衡。"

 #: ../../networking/global_server_load_balancing.rst:281
 msgid "The admin can configure DNS name for the entire cloud."
 msgstr "管理员可以为整个云配置DNS名称。"

 #: ../../networking/global_server_load_balancing.rst:283
 msgid ""
 "The users can specify an unique name across the cloud for a globally load"
 " balanced service. The provided name is used as the domain name under the"
 " DNS name associated with the cloud."
 msgstr "用户可以为云中的全局负载均衡服务指定一个唯一的名称。所提供名称的域名相当于云的DNS名称。"

 #: ../../networking/global_server_load_balancing.rst:287
 msgid ""
 "The user-provided name along with the admin-provided DNS name is used to "
 "produce a globally resolvable FQDN for the globally load balanced service"
 " of the user. For example, if the admin has configured xyztelco.com as "
 "the DNS name for the cloud, and user specifies 'foo' for the GSLB virtual"
 " service, then the FQDN name of the GSLB virtual service is "
 "foo.xyztelco.com."
 msgstr "用户提供的名称与管理员提供的DNS名称一起为用户的全局负载均衡服务产生一个全局解析的FQDN。例如，如果管理员已经配置xyztelco.com为云中的DNS名称，以及用户为GSLB虚拟服务器指定的名称为'foo'，那么GSLB虚拟服务器的FQDN名称是foo.xyztelco.com。"

 #: ../../networking/global_server_load_balancing.rst:294
 msgid ""
 "While setting up GSLB, users can select a load balancing method, such as "
 "round robin, for using across the zones that are part of GSLB."
 msgstr "设置GSLB时，用户可以为GSLB跨区域的一部分选择负载均衡方式，例如 round robin。"

 #: ../../networking/global_server_load_balancing.rst:297
 msgid ""
 "The user shall be able to set weight to zone-level virtual server. Weight"
 " shall be considered by the load balancing method for distributing the "
 "traffic."
 msgstr "用户应能设置区域级虚拟服务器的权重。负载均衡在分配流量时会考虑该权重。"

 #: ../../networking/global_server_load_balancing.rst:301
 msgid ""
 "The GSLB functionality shall support session persistence, where series of"
 " client requests for particular domain name is sent to a virtual server "
 "on the same zone."
 msgstr "该GSLB功能必须支持会话持久性，特定域名的一系列客户端请求被发送到同一个区域中的虚拟服务器上。"

 #: ../../networking/global_server_load_balancing.rst:305
 msgid "Statistics is collected from each GSLB virtual server."
 msgstr "从每个GSLB虚拟服务器中收集统计数据。"

 #: ../../networking/global_server_load_balancing.rst:311
 msgid "Enabling GSLB in NetScaler"
 msgstr "开启NetScaler的GSLB"

 #: ../../networking/global_server_load_balancing.rst:313
 msgid "In each zone, add GSLB-enabled NetScaler device for load balancing."
 msgstr "在每个区域中，添加启用GSLB的NetScaler设备提供负载均衡。"

 #: ../../networking/global_server_load_balancing.rst:315
 msgid "Log in as administrator to the CloudStack UI."
 msgstr "使用管理员登录到CloudStack管理界面。"

 #: ../../networking/global_server_load_balancing.rst:319
 msgid "In Zones, click View More."
 msgstr "点击区域中的查看更多。"

 #: ../../networking/global_server_load_balancing.rst:323
 msgid ""
 "Click the Physical Network tab, then click the name of the physical "
 "network."
 msgstr "点击物理网络选项卡，然后点击物理网络的名称。"

 #: ../../networking/global_server_load_balancing.rst:326
 msgid "In the Network Service Providers node of the diagram, click Configure."
 msgstr "点击示意图'网络服务提供程序'中的配置"

 #: ../../networking/global_server_load_balancing.rst:329
 msgid "You might have to scroll down to see this."
 msgstr "你可能需要向下滚动才能看到。"

 #: ../../networking/global_server_load_balancing.rst:331
 msgid "Click NetScaler."
 msgstr "点击NetScaler."

 #: ../../networking/global_server_load_balancing.rst:333
 msgid "Click Add NetScaler device and provide the following:"
 msgstr "点击添加NetScaler设备并提供如下信息："

 #: ../../networking/global_server_load_balancing.rst:335
 msgid "For NetScaler:"
 msgstr "对于NetScaler:"

 #: ../../networking/global_server_load_balancing.rst:337
 msgid "**IP Address**: The IP address of the SDX."
 msgstr "**IP地址**: SDX的IP地址。"

 #: ../../networking/global_server_load_balancing.rst:339
 msgid ""
 "**Username/Password**: The authentication credentials to access the "
 "device. CloudStack uses these credentials to access the device."
 msgstr "**用户名/密码.** 访问此设备的认证许可。CloudStack使用这些认证信息访问此设备。"

 #: ../../networking/global_server_load_balancing.rst:343
 msgid ""
 "**Type**: The type of device that is being added. It could be F5 Big Ip "
 "Load Balancer, NetScaler VPX, NetScaler MPX, or NetScaler SDX. For a "
 "comparison of the NetScaler types, see the CloudStack Administration "
 "Guide."
 msgstr ""
 "**类型**：添加设备的类型。可以是F5 BigIP负载均衡器、NetScaler VPX、NetScaler MPX或 NetScaler "
 "SDX等设备。关于NetScaler的类型比较，请参阅CloudStack管理指南。"

 #: ../../networking/global_server_load_balancing.rst:348
 msgid ""
 "**Public interface**: Interface of device that is configured to be part "
 "of the public network."
 msgstr "**公共接口**: 配置为公共网络部分的设备接口。"

 #: ../../networking/global_server_load_balancing.rst:351
 msgid ""
 "**Private interface**: Interface of device that is configured to be part "
 "of the private network."
 msgstr "**专用接口**: 配置为专用网络部分的设备接口。"

 #: ../../networking/global_server_load_balancing.rst:354
 msgid "**GSLB service**: Select this option."
 msgstr "**GSLB 服务**:选择该选项。"

 #: ../../networking/global_server_load_balancing.rst:356
 msgid ""
 "**GSLB service Public IP**: The public IP address of the NAT translator "
 "for a GSLB service that is on a private network."
 msgstr "**GSLB 服务公共IP**:在专用网络中，为GSLB服务提供NAT转换的公共IP地址。"

 #: ../../networking/global_server_load_balancing.rst:359
 msgid "**GSLB service Private IP**: The private IP of the GSLB service."
 msgstr "**GSLB 服务专用IP**: GSLB服务的专用IP地址。"

 #: ../../networking/global_server_load_balancing.rst:361
 msgid ""
 "**Number of Retries**. Number of times to attempt a command on the device"
 " before considering the operation failed. Default is 2."
 msgstr "**重试次数** 尝试控制设备失败时重试的次数，默认为2次。"

 #: ../../networking/global_server_load_balancing.rst:364
 msgid "**Capacity**: The number of networks the device can handle."
 msgstr "**容量**：该设备能处理的网络数量。"

 #: ../../networking/global_server_load_balancing.rst:366
 msgid ""
 "**Dedicated**: When marked as dedicated, this device will be dedicated to"
 " a single account. When Dedicated is checked, the value in the Capacity "
 "field has no significance implicitly, its value is 1."
 msgstr "**专用**: 当标记为专用后，这个设备只对单个帐号专用。该选项被勾选后，容量选项就没有了实际意义且值会被置为1。"

 #: ../../networking/global_server_load_balancing.rst:377
 msgid "Adding a GSLB Rule"
 msgstr "添加 GSLB规则"

 #: ../../networking/global_server_load_balancing.rst:379
 #: ../../networking/global_server_load_balancing.rst:423
 msgid "Log in to the CloudStack UI as a domain administrator or user."
 msgstr "使用管理员或者用户账号登录CloudStack UI。"

 #: ../../networking/global_server_load_balancing.rst:381
 #: ../../networking/global_server_load_balancing.rst:425
 msgid "In the left navigation pane, click Region."
 msgstr "在左边的导航栏里，点击区域（为文档翻译中地域的概念，英文为region，下同）"

 #: ../../networking/global_server_load_balancing.rst:383
 #: ../../networking/global_server_load_balancing.rst:427
 msgid "Select the region for which you want to create a GSLB rule."
 msgstr "选择你想创建GSLB规则的地域。"

 #: ../../networking/global_server_load_balancing.rst:385
 #: ../../networking/global_server_load_balancing.rst:429
 msgid "In the Details tab, click View GSLB."
 msgstr "在详细选项卡中，点击查看GSLB。"

 #: ../../networking/global_server_load_balancing.rst:387
 msgid "Click Add GSLB."
 msgstr "点击添加GSLB。"

 #: ../../networking/global_server_load_balancing.rst:389
 msgid "The Add GSLB page is displayed as follows:"
 msgstr "添加GSLB页面显示如下："

 #: ../../networking/global_server_load_balancing.rst:391
 msgid "|gslb-add.png|"
 msgstr "|gslb-add.png|"

 #: ../../networking/global_server_load_balancing.rst:395
 msgid "**Name**: Name for the GSLB rule."
 msgstr "**名称**: GSLB规则的名称。"

 #: ../../networking/global_server_load_balancing.rst:397
 msgid ""
 "**Description**: (Optional) A short description of the GSLB rule that can"
 " be displayed to users."
 msgstr "**描述**: (可选)为用户提供一个简短的GSLB规则描述。 "

 #: ../../networking/global_server_load_balancing.rst:400
 msgid "**GSLB Domain Name**: A preferred domain name for the service."
 msgstr "**GSLB 域名**: 首选的域名服务。"

 #: ../../networking/global_server_load_balancing.rst:402
 msgid ""
 "**Algorithm**: (Optional) The algorithm to use to load balance the "
 "traffic across the zones. The options are Round Robin, Least Connection, "
 "and Proximity."
 msgstr ""
 "**算法**: (可选) 用于跨区域流量负载均衡的算法。可选项为 Round Robin, Least Connection, "
 "和Proximity."

 #: ../../networking/global_server_load_balancing.rst:406
 msgid ""
 "**Service Type**: The transport protocol to use for GSLB. The options are"
 " TCP and UDP."
 msgstr "**服务类型**: GSLB使用的传输协议。可选项为TCP和UDP。"

 #: ../../networking/global_server_load_balancing.rst:409
 msgid ""
 "**Domain**: (Optional) The domain for which you want to create the GSLB "
 "rule."
 msgstr "**域**: (可选)  你想要创建GSLB规则的域。"

 #: ../../networking/global_server_load_balancing.rst:412
 msgid ""
 "**Account**: (Optional) The account on which you want to apply the GSLB "
 "rule."
 msgstr "**账户**: (可选)  应用GSLB规则的账户。"

 #: ../../networking/global_server_load_balancing.rst:421
 msgid "Assigning Load Balancing Rules to GSLB"
 msgstr "为GSLB分配负载均衡规则"

 #: ../../networking/global_server_load_balancing.rst:431
 msgid "Select the desired GSLB."
 msgstr "选择所需的GSLB。"

 #: ../../networking/global_server_load_balancing.rst:433
 msgid "Click view assigned load balancing."
 msgstr "点击已分配的负载均衡视图。"

 #: ../../networking/global_server_load_balancing.rst:435
 msgid "Click assign more load balancing."
 msgstr "点击分配更多负载平衡"

 #: ../../networking/global_server_load_balancing.rst:437
 msgid "Select the load balancing rule you have created for the zone."
 msgstr "选择你将为区域创建的负载均衡规则。"

 #: ../../networking/global_server_load_balancing.rst:443
 msgid "Known Limitation"
 msgstr "已知的局限性"

 #: ../../networking/global_server_load_balancing.rst:445
 msgid ""
 "Currently, CloudStack does not support orchestration of services across "
 "the zones. The notion of services and service providers in region are to "
 "be introduced."
 msgstr "目前，CloudStack并不支持跨区域的服务编排。将引入服务的概念和地域服务提供者。"

 #: ../../networking/guest_ip_ranges.rst:18
 msgid "Guest IP Ranges"
 msgstr "来宾IP范围"

 #: ../../networking/guest_ip_ranges.rst:20
 msgid ""
 "The IP ranges for guest network traffic are set on a per-account basis by"
 " the user. This allows the users to configure their network in a fashion "
 "that will enable VPN linking between their guest network and their "
 "clients."
 msgstr "宾客网络流量的IP是由用户以帐号为基础设置的。这允许用户以在他们的宾客网络和他们的客户端之间开通VPN连接的方式配置他们的网络。"

 #: ../../networking/guest_ip_ranges.rst:25
 msgid ""
 "In shared networks in Basic zone and Security Group-enabled Advanced "
 "networks, you will have the flexibility to add multiple guest IP ranges "
 "from different subnets. You can add or remove one IP range at a time. For"
 " more information, see `\"About Multiple IP Ranges\" <#about-multiple-ip-"
 "ranges>`_."
 msgstr ""
 "存在基本网络和启用安全组的高级网络中的共享网络，你可以灵活的在不同子网中添加多个来宾IP范围。你可以同时添加或移除IP范围。更多信息，请参阅 "
 "`章节 15.10, “关于多IP范围”<#about-multiple-ip-ranges>`_."

 #: ../../networking/acquiring_an_ip_address.rst:18
 msgid "Acquiring a New IP Address"
 msgstr "获得一个新的IP地址"

 #: ../../networking/acquiring_an_ip_address.rst:34
 msgid ""
 "If you want Portable IP click Yes in the confirmation dialog. If you want"
 " a normal Public IP click No."
 msgstr "如果你想作为 Portable IP则在确认窗口中点击Yes，如果你想作为正常的公共IP则点击No。"

 #: ../../networking/acquiring_an_ip_address.rst:37
 msgid ""
 "For more information on Portable IP, see `\"Portable IPs\" <#portable-"
 "ips>`_."
 msgstr "关于便携式IP的更多信息，查看 `\"便携式IP\" <#portable-ips>`_."

 #: ../../networking/releasing_an_ip_address.rst:18
 msgid "Releasing an IP Address"
 msgstr "释放IP地址"

 #: ../../networking/releasing_an_ip_address.rst:20
 msgid ""
 "When the last rule for an IP address is removed, you can release that IP "
 "address. The IP address still belongs to the VPC; however, it can be "
 "picked up for any guest network again."
 msgstr "当IP的最后一条规则删除后，您就能够释放该IP。然而，该IP仍属于VPC，无论如何，该IP可以再次被VPC中的来宾网络再次获取。"

 #: ../../networking/releasing_an_ip_address.rst:32
 msgid "Click the IP address you want to release."
 msgstr "点击要释放的IP地址。"

 #: ../../networking/releasing_an_ip_address.rst:34
 msgid "Click the Release IP button. |ReleaseIPButton.png|"
 msgstr "Click the Release IP button. |ReleaseIPButton.png|"

 #: ../../networking/remote_access_vpn.rst:120
 #: ../../networking/site_to_site_vpn.rst:207
 #: ../../networking/site_to_site_vpn.rst:270
 #: ../../networking/site_to_site_vpn.rst:402 ../../networking/static_nat.rst:18
 #: ../../networking/virtual_private_cloud_config.rst:350
 #: ../../networking/virtual_private_cloud_config.rst:517
 #: ../../networking/virtual_private_cloud_config.rst:752
 #: ../../networking/virtual_private_cloud_config.rst:810
 #: ../../networking/virtual_private_cloud_config.rst:871
 #: ../../networking/virtual_private_cloud_config.rst:1037
 #: ../../networking/virtual_private_cloud_config.rst:1305
 msgid "Static NAT"
 msgstr "静态 NAT"

 #: ../../networking/static_nat.rst:20
 msgid ""
 "A static NAT rule maps a public IP address to the private IP address of a"
 " VM in order to allow Internet traffic into the VM. The public IP address"
 " always remains the same, which is why it is called static NAT. This "
 "section tells how to enable or disable static NAT for a particular IP "
 "address."
 msgstr ""

 #: ../../networking/static_nat.rst:28
 msgid "Enabling or Disabling Static NAT"
 msgstr "启用或禁用静态NAT"

 #: ../../networking/static_nat.rst:30
 #: ../../networking/virtual_private_cloud_config.rst:844
 msgid ""
 "If port forwarding rules are already in effect for an IP address, you "
 "cannot enable static NAT to that IP."
 msgstr "如果该公网IP上已经有端口转发规则，则不允许再启用静态NAT。"

 #: ../../networking/static_nat.rst:33
 #: ../../networking/virtual_private_cloud_config.rst:847
 msgid ""
 "If a guest VM is part of more than one network, static NAT rules will "
 "function only if they are defined on the default network."
 msgstr "如果用户VM存在多个网络，则静态NAT规则仅在默认网络上定义时生效。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:67
 #: ../../networking/static_nat.rst:44
 msgid "Click the IP address you want to work with."
 msgstr "点击你要修改的IP地址"

 #: ../../networking/static_nat.rst:46
 msgid "Click the Static NAT |enabledisablenat.png| button."
 msgstr "点击静态NAT按钮。 |enabledisablenat.png| "

 #: ../../networking/static_nat.rst:48
 msgid ""
 "The button toggles between Enable and Disable, depending on whether "
 "static NAT is currently enabled for the IP address."
 msgstr "该按钮在启用和禁用之间切换，这取决于IP地址是否已经启用了静态NAT。"

 #: ../../networking/static_nat.rst:51
 msgid ""
 "If you are enabling static NAT, a dialog appears where you can choose the"
 " destination VM and click Apply."
 msgstr "如果是启用静态NAT，会出现一个对话框让您选择目标VM然后点击应用。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:18
 msgid "IP Forwarding and Firewalling"
 msgstr "IP转发及防火墙"

 #: ../../networking/ip_forwarding_and_firewalling.rst:20
 msgid ""
 "By default, all incoming traffic to the public IP address is rejected. "
 "All outgoing traffic from the guests is also blocked by default."
 msgstr "默认情况下, 所有从公共IP进来的流量都会被拒绝. 所有在来宾网络出去的流量默认也被阻挡。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:23
 msgid "To allow outgoing traffic, follow the procedure in :ref:`egress-fw-rules`."
 msgstr "为了允许外出的流量，遵循:ref:`egress-fw-rules`中的操作步骤。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:25
 msgid ""
 "To allow incoming traffic, users may set up firewall rules and/or port "
 "forwarding rules. For example, you can use a firewall rule to open a "
 "range of ports on the public IP address, such as 33 through 44. Then use "
 "port forwarding rules to direct traffic from individual ports within that"
 " range to specific ports on user VMs. For example, one port forwarding "
 "rule could route incoming traffic on the public IP's port 33 to port 100 "
 "on one user VM's private IP."
 msgstr ""
 "为了允许接收到的流量, 用户可以设置一些防火墙规则和/或端口转发规则. 例如, 你可以在公共IP地址上设定防火墙规则来打开一个端口范围, "
 "比如从33到44端口. 然后使用端口转发将流量从这个特定的范围内的端口直接送到指定的用户虚机端口. 例如, "
 "一个端口转发的规则可以将接收的流量从公共IP的33端口到用户虚机私有IP的100端口."

 #: ../../networking/ip_forwarding_and_firewalling.rst:35
 msgid "Firewall Rules"
 msgstr "防火墙规则"

 #: ../../networking/ip_forwarding_and_firewalling.rst:37
 msgid ""
 "By default, all incoming traffic to the public IP address is rejected by "
 "the firewall. To allow external traffic, you can open firewall ports by "
 "specifying firewall rules. You can optionally specify one or more CIDRs "
 "to filter the source IPs. This is useful when you want to allow only "
 "incoming requests from certain IP addresses."
 msgstr "默认情况下，防火墙拒绝所有流入公共IP的流量。要允许外部流量，你需要制定防火墙规则打开防火墙端口。你可以选择性的制定一个或多个CIDR来过滤来源IP。这在当你只需要允许特定IP请求时会很有用。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:43
 msgid ""
 "You cannot use firewall rules to open ports for an elastic IP address. "
 "When elastic IP is used, outside access is instead controlled through the"
 " use of security groups. See `\"Adding a Security Group\" <#adding-a"
 "-security-group>`_."
 msgstr ""
 "你不能使用防火墙规则打开弹性IP的端口。当弹性IP处在使用状态时，外部的通过请求将被安全组管理。参阅 `\"添加安全组\" <#adding-a"
 "-security-group>`_."

 #: ../../networking/ip_forwarding_and_firewalling.rst:48
 msgid ""
 "In an advanced zone, you can also create egress firewall rules by using "
 "the virtual router. For more information, see \":ref:`egress-fw-rules`\"."
 msgstr "在高级Zone中，您也可以用虚拟路由器来创建流出的防火墙规则。更多信息，请查阅\":ref:`egress-fw-rules`\"。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:51
 msgid ""
 "Firewall rules can be created using the Firewall tab in the Management "
 "Server UI. This tab is not displayed by default when CloudStack is "
 "installed. To display the Firewall tab, the CloudStack administrator must"
 " set the global configuration parameter firewall.rule.ui.enabled to "
 "\"true.\""
 msgstr ""
 "防火墙规则能在管理服务器的UI中防火墙选项卡里创建，CloudStac安装好以后，这个规则选项卡默认不显示，你需要以管理员身份修改全局变量 "
 "firewall.rule.ui.enabled为 \"true\"才能显示。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:57
 msgid "To create a firewall rule:"
 msgstr "创建防火墙规则："

 #: ../../networking/ip_forwarding_and_firewalling.rst:69
 msgid "Click the Configuration tab and fill in the following values."
 msgstr "点击设置选项卡 填入以下值："

 #: ../../networking/ip_forwarding_and_firewalling.rst:71
 msgid ""
 "**Source CIDR**: (Optional) To accept only traffic from IP addresses "
 "within a particular address block, enter a CIDR or a comma-separated list"
 " of CIDRs. Example: 192.168.0.0/22. Leave empty to allow all CIDRs."
 msgstr ""

 #: ../../networking/ip_forwarding_and_firewalling.rst:76
 msgid "**Protocol**: The communication protocol in use on the opened port(s)."
 msgstr ""

 #: ../../networking/ip_forwarding_and_firewalling.rst:79
 msgid ""
 "**Start Port and End Port**: The port(s) you want to open on the "
 "firewall. If you are opening a single port, use the same number in both "
 "fields"
 msgstr ""

 #: ../../networking/ip_forwarding_and_firewalling.rst:83
 msgid ""
 "**ICMP Type and ICMP Code**: Used only if Protocol is set to ICMP. "
 "Provide the type and code required by the ICMP protocol to fill out the "
 "ICMP header. Refer to ICMP documentation for more details if you are not "
 "sure what to enter"
 msgstr ""

 #: ../../networking/ip_forwarding_and_firewalling.rst:94
 msgid "Egress Firewall Rules in an Advanced Zone"
 msgstr "高级区域中的出口防火墙规则"

 #: ../../networking/ip_forwarding_and_firewalling.rst:96
 msgid ""
 "The egress traffic originates from a private network to a public network,"
 " such as the Internet. By default, the egress traffic is blocked in "
 "default network offerings, so no outgoing traffic is allowed from a guest"
 " network to the Internet. However, you can control the egress traffic in "
 "an Advanced zone by creating egress firewall rules. When an egress "
 "firewall rule is applied, the traffic specific to the rule is allowed and"
 " the remaining traffic is blocked. When all the firewall rules are "
 "removed the default policy, Block, is applied."
 msgstr "出口流量起源于从专用网络访问公共网络，例如Internet。默认情况下，在默认网络方案中，出口流量被拒绝，所以没有从来宾网络到Internet的出口流量被允许。不过，你可以通过创建出口防火墙规则来控制高级网络中的出口流量。当出口防火墙规则被应用时，规则指定的流量被允许，其余的流量被阻止。当所有的防火墙规则从默认策略中移除，阻止策略再次被应用。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:109
 msgid "Consider the following scenarios to apply egress firewall rules:"
 msgstr "应用出口防火墙规则时请思考如下方案："

 #: ../../networking/ip_forwarding_and_firewalling.rst:111
 msgid "Egress firewall rules are supported on Juniper SRX and virtual router."
 msgstr "出口防火墙规则在Jniper SRX和虚拟路由器中均支持。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:114
 msgid "The egress firewall rules are not supported on shared networks."
 msgstr "共享网络中不支持出口防火墙规则。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:116
 msgid ""
 "Allow the egress traffic from specified source CIDR. The Source CIDR is "
 "part of guest network CIDR."
 msgstr "允许特定源CIDR的出口流量。源CIDR是来宾网络CIDR的一部分。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:119
 msgid "Allow the egress traffic with protocol TCP,UDP,ICMP, or ALL."
 msgstr "允许出口流量的协议为TCP，UDP,ICMP或ALL。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:121
 msgid ""
 "Allow the egress traffic with protocol and destination port range. The "
 "port range is specified for TCP, UDP or for ICMP type and code."
 msgstr "允许出口流量协议和目标端口范围。端口范围需要指定TCP，UDP或ICMP类型和代码。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:124
 msgid ""
 "The default policy is Allow for the new network offerings, whereas on "
 "upgrade existing network offerings with firewall service providers will "
 "have the default egress policy Deny."
 msgstr "新网络方案的默认策略是允许的，然而升级现有的网络方案后，防火墙服务提供商的出口策略默认将是拒绝。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:130
 msgid "Configuring an Egress Firewall Rule"
 msgstr "配置出口防火墙规则"

 #: ../../networking/ip_forwarding_and_firewalling.rst:136
 msgid ""
 "In Select view, choose Guest networks, then click the Guest network you "
 "want."
 msgstr "在选择视图中，选择来宾网络，然后点击需要的来宾网络。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:139
 msgid ""
 "To add an egress rule, click the Egress rules tab and fill out the "
 "following fields to specify what type of traffic is allowed to be sent "
 "out of VM instances in this guest network:"
 msgstr "要添加出口策略，点击出口策略选项卡并填写以下字段指定哪种类型的流量在来宾网络中是被允许从VM中实例发送出的。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:143
 msgid "|egress-firewall-rule.png|"
 msgstr "|egress-firewall-rule.png|"

 #: ../../networking/ip_forwarding_and_firewalling.rst:145
 msgid ""
 "**CIDR**: (Add by CIDR only) To send traffic only to the IP addresses "
 "within a particular address block, enter a CIDR or a comma-separated list"
 " of CIDRs. The CIDR is the base IP address of the destination. For "
 "example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr "**CIDR**:(仅通过CIDR添加)为接受来来自特殊地址块的流量，输入一个CIDR，多个时用逗号隔开。CIDR是进入流量的基础IP地址。例如：192.168.0.0/22，为允许所有CIDR，请设为0.0.0.0/0"

 #: ../../networking/ip_forwarding_and_firewalling.rst:151
 msgid ""
 "**Protocol**: The networking protocol that VMs uses to send outgoing "
 "traffic. The TCP and UDP protocols are typically used for data exchange "
 "and end-user communications. The ICMP protocol is typically used to send "
 "error messages or network monitoring data."
 msgstr "**协议**: 虚拟机发送流量所使用的网络协议。TCP和UDP通常用于数据交换和用户通讯。ICMP通常用于发送出错信息和网络监控数据。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:156
 msgid ""
 "**Start Port, End Port**: (TCP, UDP only) A range of listening ports that"
 " are the destination for the outgoing traffic. If you are opening a "
 "single port, use the same number in both fields."
 msgstr "**开始端口，结束端口**: (仅对TCP，UDP)。目的地为进入流量而设的监听端口范围。如果仅开放了单个端口，则在两者的区域中用同一端口。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:160
 msgid ""
 "**ICMP Type, ICMP Code**: (ICMP only) The type of message and error code "
 "that are sent."
 msgstr "**ICMP类型**, **ICMP代码** (ICMP only): 信息类型及发送错误的代码。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:167
 msgid "Configuring the Default Egress Policy"
 msgstr "配置默认出口策略"

 #: ../../networking/ip_forwarding_and_firewalling.rst:169
 msgid ""
 "The default egress policy for Isolated guest network is configured by "
 "using Network offering. Use the create network offering option to "
 "determine whether the default policy should be block or allow all the "
 "traffic to the public network from a guest network. Use this network "
 "offering to create the network. If no policy is specified, by default all"
 " the traffic is allowed from the guest network that you create by using "
 "this network offering."
 msgstr "通过网络方案配置隔离来宾网络的默认出口策略。通过创建网络方案选项决定来宾网络到公共网络的所有流量在默认策略中是允许或者拒绝。使用该网络方案创建网络。如果没有指定策略，你创建的来宾网络中的所有流量将被允许。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:177
 msgid "You have two options: Allow and Deny."
 msgstr "你有两个选择：允许和拒绝。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:180
 msgid "Allow"
 msgstr "允许"

 #: ../../networking/ip_forwarding_and_firewalling.rst:182
 msgid ""
 "If you select Allow for a network offering, by default egress traffic is "
 "allowed. However, when an egress rule is configured for a guest network, "
 "rules are applied to block the specified traffic and rest are allowed. If"
 " no egress rules are configured for the network, egress traffic is "
 "accepted."
 msgstr ""
 "如果你选择网络方案为允许，则默认出口流量被允许。无论如何，当配置了来宾网络的出口规则，规则被应用于阻止特定的流量和允许其他的 "
 "。如果网络中没有配置出口规则，则出口流量会被放行。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:189
 #: ../../networking/virtual_private_cloud_config.rst:325
 #: ../../networking/virtual_private_cloud_config.rst:326
 msgid "Deny"
 msgstr "拒绝"

 #: ../../networking/ip_forwarding_and_firewalling.rst:191
 msgid ""
 "If you select Deny for a network offering, by default egress traffic for "
 "the guest network is blocked. However, when an egress rules is configured"
 " for a guest network, rules are applied to allow the specified traffic. "
 "While implementing a guest network, CloudStack adds the firewall egress "
 "rule specific to the default egress policy for the guest network."
 msgstr "如果你选择网络方案为拒绝，则来宾网络中的默认出口流量将被阻挡。无论如何，当配置了来宾网络的出口规则，规则被应用于允许特定的流量。当实施来宾网络时，CloudStack为来宾网络添加防火墙出口规则指定默认的出口策略。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:198
 msgid "This feature is supported only on virtual router and Juniper SRX."
 msgstr "该特定只支持虚拟路由器和Juniper SRX。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:200
 msgid "Create a network offering with your desirable default egress policy:"
 msgstr "为合适的默认出口策略创建一个网络方案："

 #: ../../networking/ip_forwarding_and_firewalling.rst:202
 msgid "Log in with admin privileges to the CloudStack UI."
 msgstr "以管理员权限登录CloudStack用户界面。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:204
 msgid "In the left navigation bar, click Service Offerings."
 msgstr "在左侧导航栏中，点击 服务方案。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:206
 msgid "In Select Offering, choose Network Offering."
 msgstr "在选择方案中，选择网络方案。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:208
 #: ../../networking/virtual_private_cloud_config.rst:963
 #: ../../networking/virtual_private_cloud_config.rst:1169
 msgid "Click Add Network Offering."
 msgstr "点击添加网络方案。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:210
 msgid "In the dialog, make necessary choices, including firewall provider."
 msgstr "在对话框中，填写必选项，包括防火墙提供者。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:213
 msgid "In the Default egress policy field, specify the behaviour."
 msgstr "在默认出口策略选项中，指定行为。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:217
 msgid "Create an isolated network by using this network offering."
 msgstr "使用网络方案创建隔离网络。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:219
 msgid ""
 "Based on your selection, the network will have the egress public traffic "
 "blocked or allowed."
 msgstr "根据你的选择，网络的出口公共流量将被拒绝或允许。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:224
 msgid "Port Forwarding"
 msgstr "端口转发"

 #: ../../networking/ip_forwarding_and_firewalling.rst:226
 msgid ""
 "A port forward service is a set of port forwarding rules that define a "
 "policy. A port forward service is then applied to one or more guest VMs. "
 "The guest VM then has its inbound network access managed according to the"
 " policy defined by the port forwarding service. You can optionally "
 "specify one or more CIDRs to filter the source IPs. This is useful when "
 "you want to allow only incoming requests from certain IP addresses to be "
 "forwarded."
 msgstr "一个端口转发服务是一系列转发转发规则的集合。一个端口转发服务随后可以应用于一个或多个来宾虚拟机。来宾虚拟机会根据端口转发规则作相关进入端口的管理。你可以定义一个或多个CIDR来过滤源IP地址。当你只希望特定的IP流量进入时是相当有用的。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:234
 msgid ""
 "A guest VM can be in any number of port forward services. Port forward "
 "services can be defined but have no members. If a guest VM is part of "
 "more than one network, port forwarding rules will function only if they "
 "are defined on the default network"
 msgstr "一个客户VM可以在任意数量的端口转发服务中。端口转发服务可以不包含客户VM。如果客户VM在多个网络中，则端口转发仅在默认网络中定义时才生效。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:239
 msgid ""
 "You cannot use port forwarding to open ports for an elastic IP address. "
 "When elastic IP is used, outside access is instead controlled through the"
 " use of security groups. See Security Groups."
 msgstr "您不能使用端口转发打开弹性IP地址的端口。当使用弹性IP时，外部访问是由安全组控制的。参见安全组。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:243
 msgid "To set up port forwarding:"
 msgstr "设置端口转发："

 #: ../../networking/ip_forwarding_and_firewalling.rst:247
 msgid ""
 "If you have not already done so, add a public IP address range to a zone "
 "in CloudStack. See Adding a Zone and Pod in the Installation Guide."
 msgstr "如果还没有，请在 CloudStack中为Zone添加公网IP段。参阅 安装指南中的添加Zone和Pod。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:251
 msgid "Add one or more VM instances to CloudStack."
 msgstr "在 CloudStack中创建1台或更多VM。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:253
 msgid "In the left navigation bar, click Network."
 msgstr "在左边导航栏，点击网络。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:255
 msgid "Click the name of the guest network where the VMs are running."
 msgstr "点击需要操作VM所在的网络名称。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:257
 msgid ""
 "Choose an existing IP address or acquire a new IP address. See "
 "`\"Acquiring a New IP Address\" <#acquiring-a-new-ip-address>`_. Click "
 "the name of the IP address in the list."
 msgstr ""
 "选择一个已有的IP或者获取一个新的IP地址。参阅 `\"获取一个新的IP\" <#acquiring-a-new-ip-address>`_.。 "
 "点击列表中IP地址的名称。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:261
 msgid "Click the Configuration tab."
 msgstr "点击配置选项卡。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:263
 #: ../../networking/virtual_private_cloud_config.rst:1328
 msgid "In the Port Forwarding node of the diagram, click View All."
 msgstr "在图表的端口转发节点，点击查看所有。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:267
 #: ../../networking/virtual_private_cloud_config.rst:1334
 msgid ""
 "**Public Port**: The port to which public traffic will be addressed on "
 "the IP address you acquired in the previous step."
 msgstr "**公用端口**: 你在前面操作所获取的供公共流量使用的公用IP地址的端口。 "

 #: ../../networking/ip_forwarding_and_firewalling.rst:270
 #: ../../networking/virtual_private_cloud_config.rst:1337
 msgid ""
 "**Private Port**: The port on which the instance is listening for "
 "forwarded public traffic."
 msgstr "**私有端口**: 虚拟机实例将被转发到公共流量的监听端口。"

 #: ../../networking/ip_forwarding_and_firewalling.rst:273
 msgid "**Protocol**: The communication protocol in use between the two ports"
 msgstr ""

 #: ../../networking/ip_load_balancing.rst:18
 msgid "IP Load Balancing"
 msgstr "IP负载均衡"

 #: ../../networking/ip_load_balancing.rst:20
 msgid ""
 "The user may choose to associate the same public IP for multiple guests. "
 "CloudStack implements a TCP-level load balancer with the following "
 "policies."
 msgstr "用户可以选择关联同一个公网IP到多个虚拟机。 CloudStack实现了TCP级别的负载平衡器，有以下策略。"

 #: ../../networking/ip_load_balancing.rst:24
 #: ../../networking/virtual_private_cloud_config.rst:1078
 #: ../../networking/virtual_private_cloud_config.rst:1274
 msgid "Round-robin"
 msgstr "轮询"

 #: ../../networking/ip_load_balancing.rst:26
 msgid "Least connection"
 msgstr "最少连接数"

 #: ../../networking/ip_load_balancing.rst:28
 msgid "Source IP"
 msgstr "源IP"

 #: ../../networking/ip_load_balancing.rst:30
 msgid ""
 "This is similar to port forwarding but the destination may be multiple IP"
 " addresses."
 msgstr "这类似于端口转发，但目标可能会有多个IP地址。"

 #: ../../networking/dns_and_dhcp.rst:18
 msgid "DNS and DHCP"
 msgstr "DNS和DHCP"

 #: ../../networking/dns_and_dhcp.rst:20
 msgid ""
 "The Virtual Router provides DNS and DHCP services to the guests. It "
 "proxies DNS requests to the DNS server configured on the Availability "
 "Zone."
 msgstr "虚拟路由器为来宾提供DNS和DHCP服务。它将DNS请求代理到在可用区域中配置的DNS服务器。"

 #: ../../networking/remote_access_vpn.rst:20
 msgid "Remote Access VPN"
 msgstr "远程访问VPN"

 #: ../../networking/remote_access_vpn.rst:22
 #, fuzzy
 msgid ""
 "CloudStack account owners can create virtual private networks (VPN) to "
 "access their virtual machines. If the guest network is instantiated from "
 "a network offering that offers the Remote Access VPN service, the virtual"
 " router (based on the System VM) is used to provide the service. "
 "CloudStack provides a L2TP-over-IPsec-based remote access VPN service to "
 "guest virtual networks. Since each network gets its own virtual router, "
 "VPNs are not shared across the networks. VPN clients native to `Windows, "
 "Mac OS X <networking/using_remote_access.html>`_ and iOS can be used to "
 "connect to the guest networks. The account owner can create and manage "
 "users for their VPN. CloudStack does not use its account database for "
 "this purpose but uses a separate table. The VPN user database is shared "
 "across all the VPNs created by the account owner. All VPN users get "
 "access to all VPNs created by the account owner."
 msgstr ""
 "CloudStack中的账户拥有者可以建立虚拟专用网(VPN)以便访问他们的虚拟机。如果通过网络方案对来宾网络提供远程VPN访问服务的实例化，虚拟路由(基于System"
 " VM)将被用于提供服务。CloudStack为来宾虚拟网络提供了一个基于L2TP-over-IPsec-"
 "based协议的远程VPN访问服务。因为每个网络有它自己的虚拟路由器，VPNs不能跨网络共享。Windows, Mac OS "
 "X和iOS自带的VPN客户端可以用于访问来宾网络。账户拥有者可以建立并管理他们的VPN用户。CloudStack并不为此使用自己的账户数据库，而是使用一个独立的表。VPN用户数据库在同一个账户拥有者建立的VPN网络中被共享。"
 " 也就是说，同一个账户拥有者创建的所有VPN可以被它的所有VPN用户访问。"

 #: ../../networking/remote_access_vpn.rst:37
 msgid ""
 "Make sure that not all traffic goes through the VPN. That is, the route "
 "installed by the VPN should be only for the guest network and not for all"
 " traffic."
 msgstr "确保不是所有的网络流量走VPN。也就是说，用于配置VPN的route不是唯一用于该guest network，也不承担全部的网络流量。"

 #: ../../networking/remote_access_vpn.rst:41
 msgid ""
 "**Road Warrior / Remote Access**. Users want to be able to connect "
 "securely from a home or office to a private network in the cloud. "
 "Typically, the IP address of the connecting client is dynamic and cannot "
 "be preconfigured on the VPN server."
 msgstr ""
 "**公路勇士/远程访问**. .用户希望可以安全地从家里或者办公室连接到云里的一个 "
 "私有网络。特别是连接的客户端的IP地址是动态决定的，不能预先配置到VPN 服务器上。"

 #: ../../networking/remote_access_vpn.rst:46
 msgid ""
 "**Site to Site**. In this scenario, two private subnets are connected "
 "over the public Internet with a secure VPN tunnel. The cloud user's "
 "subnet (for example, an office network) is connected through a gateway to"
 " the network in the cloud. The address of the user's gateway must be "
 "preconfigured on the VPN server in the cloud. Note that although L2TP-"
 "over-IPsec can be used to set up Site-to-Site VPNs, this is not the "
 "primary intent of this feature. For more information, see \":ref"
 ":`setting-s2s-vpn-conn`\"."
 msgstr ""
 "**Site to Site 站点到站点**。在这个场景中，两个私有子网通过公共互联网上的一个安全VPN隧道互联。云用户的子网 "
 "（例如：办公室的网络）通过一个网关连接到云中的网络。用户的网关地址必须被预先配置到云的VPN服务器上。注意：通过 L2TP-over-IPsec "
 "协议可以用来配置站点到站点的 VPN，虽然这不是该特性的最初目标。更多信息，参考\":ref:`setting-s2s-vpn-conn`\"。"

 #: ../../networking/remote_access_vpn.rst:57
 msgid "Configuring Remote Access VPN"
 msgstr "配置远程访问VPN"

 #: ../../networking/remote_access_vpn.rst:59
 msgid "To set up VPN for the cloud:"
 msgstr "为云设置VPN："

 #: ../../networking/remote_access_vpn.rst:63
 msgid "In the left navigation, click Global Settings."
 msgstr "在左侧导航栏，点击 全局设置"

 #: ../../networking/remote_access_vpn.rst:65
 msgid "Set the following global configuration parameters."
 msgstr "设置以下全局配置参数。"

 #: ../../networking/remote_access_vpn.rst:67
 msgid ""
 "remote.access.vpn.client.ip.range - The range of IP addresses to be "
 "allocated to remote access VPN clients. The first IP in the range is used"
 " by the VPN server."
 msgstr "remote.access.vpn.client.ip.range – 分配给远程访问VPN客户端的IP地址范围。第一个IP被VPN服务器使用。"

 #: ../../networking/remote_access_vpn.rst:71
 msgid "remote.access.vpn.psk.length - Length of the IPSec key."
 msgstr "remote.access.vpn.psk.length – IPsec密钥长度。"

 #: ../../networking/remote_access_vpn.rst:73
 msgid "remote.access.vpn.user.limit - Maximum number of VPN users per account."
 msgstr "remote.access.vpn.user.limit – 单个账户的最大VPN用户数量。"

 #: ../../networking/remote_access_vpn.rst:76
 msgid "To enable VPN for a particular network:"
 msgstr "为特定的网络启用VPN："

 #: ../../networking/remote_access_vpn.rst:78
 #: ../../networking/remote_access_vpn.rst:103
 msgid "Log in as a user or administrator to the CloudStack UI."
 msgstr "使用用户或管理员身份登录到CloudStack用户界面。"

 #: ../../networking/remote_access_vpn.rst:80
 #: ../../networking/remote_access_vpn.rst:105
 msgid "In the left navigation, click Network."
 msgstr "在左边导航栏，点击网络。"

 #: ../../networking/remote_access_vpn.rst:82
 msgid "Click the name of the network you want to work with."
 msgstr "选择你要操作的网络名称"

 #: ../../networking/remote_access_vpn.rst:86
 msgid "Click one of the displayed IP address names."
 msgstr "点击一个显示的IP地址名称。"

 #: ../../networking/remote_access_vpn.rst:88
 #: ../../networking/remote_access_vpn.rst:142
 msgid "Click the Enable VPN button. |vpn-icon.png|"
 msgstr "点击启用VPN按钮。|vpn-icon.png|"

 #: ../../networking/remote_access_vpn.rst:90
 msgid "The IPsec key is displayed in a popup window."
 msgstr "IPsec密钥将显示在弹出的窗口中。"

 #: ../../networking/remote_access_vpn.rst:94
 msgid "Configuring Remote Access VPN in VPC"
 msgstr "为VPC配置远程访问VPN"

 #: ../../networking/remote_access_vpn.rst:96
 msgid ""
 "On enabling Remote Access VPN on a VPC, any VPN client present outside "
 "the VPC can access VMs present in the VPC by using the Remote VPN "
 "connection. The VPN client can be present anywhere except inside the VPC "
 "on which the user enabled the Remote Access VPN service."
 msgstr "在VPC中启用远程访问VPN，任何VPC以外的VPN客户端都可以使用远程VPN连接访问VPC中的VM。VPN客户端可以在除了用户启用了远程访问VPN服务的VPC中的任何位置。"

 #: ../../networking/remote_access_vpn.rst:101
 msgid "To enable VPN for a VPC:"
 msgstr "为VPC开启VPN："

 #: ../../networking/remote_access_vpn.rst:107
 #: ../../networking/site_to_site_vpn.rst:190
 #: ../../networking/site_to_site_vpn.rst:252
 #: ../../networking/site_to_site_vpn.rst:383
 #: ../../networking/virtual_private_cloud_config.rst:183
 #: ../../networking/virtual_private_cloud_config.rst:227
 #: ../../networking/virtual_private_cloud_config.rst:337
 #: ../../networking/virtual_private_cloud_config.rst:386
 #: ../../networking/virtual_private_cloud_config.rst:498
 #: ../../networking/virtual_private_cloud_config.rst:668
 #: ../../networking/virtual_private_cloud_config.rst:735
 #: ../../networking/virtual_private_cloud_config.rst:794
 #: ../../networking/virtual_private_cloud_config.rst:854
 #: ../../networking/virtual_private_cloud_config.rst:1020
 #: ../../networking/virtual_private_cloud_config.rst:1233
 #: ../../networking/virtual_private_cloud_config.rst:1288
 #: ../../networking/virtual_private_cloud_config.rst:1366
 #: ../../networking/virtual_private_cloud_config.rst:1394
 msgid "In the Select view, select VPC."
 msgstr "在选择视图中，选择VPC。"

 #: ../../networking/remote_access_vpn.rst:109
 #: ../../networking/site_to_site_vpn.rst:192
 #: ../../networking/site_to_site_vpn.rst:385
 #: ../../networking/virtual_private_cloud_config.rst:339
 #: ../../networking/virtual_private_cloud_config.rst:388
 #: ../../networking/virtual_private_cloud_config.rst:500
 #: ../../networking/virtual_private_cloud_config.rst:670
 #: ../../networking/virtual_private_cloud_config.rst:737
 #: ../../networking/virtual_private_cloud_config.rst:796
 #: ../../networking/virtual_private_cloud_config.rst:856
 #: ../../networking/virtual_private_cloud_config.rst:1022
 #: ../../networking/virtual_private_cloud_config.rst:1235
 #: ../../networking/virtual_private_cloud_config.rst:1290
 #: ../../networking/virtual_private_cloud_config.rst:1396
 msgid "All the VPCs that you have created for the account is listed in the page."
 msgstr "此帐号创建的所有VPC将显示在页面中。"

 #: ../../networking/remote_access_vpn.rst:112
 #: ../../networking/virtual_private_cloud_config.rst:342
 #: ../../networking/virtual_private_cloud_config.rst:391
 msgid "Click the Configure button of the VPC."
 msgstr "点击VPC的配置按钮。"

 #: ../../networking/remote_access_vpn.rst:114
 #: ../../networking/site_to_site_vpn.rst:201
 #: ../../networking/site_to_site_vpn.rst:264
 #: ../../networking/site_to_site_vpn.rst:396
 #: ../../networking/virtual_private_cloud_config.rst:344
 #: ../../networking/virtual_private_cloud_config.rst:1031
 #: ../../networking/virtual_private_cloud_config.rst:1299
 msgid "For each tier, the following options are displayed:"
 msgstr "对于每一个层，会显示以下选项。"

 #: ../../networking/remote_access_vpn.rst:116
 #: ../../networking/site_to_site_vpn.rst:203
 #: ../../networking/site_to_site_vpn.rst:266
 #: ../../networking/site_to_site_vpn.rst:398
 #: ../../networking/virtual_private_cloud_config.rst:346
 #: ../../networking/virtual_private_cloud_config.rst:513
 #: ../../networking/virtual_private_cloud_config.rst:748
 #: ../../networking/virtual_private_cloud_config.rst:806
 #: ../../networking/virtual_private_cloud_config.rst:867
 #: ../../networking/virtual_private_cloud_config.rst:1033
 #: ../../networking/virtual_private_cloud_config.rst:1301
 msgid "Internal LB"
 msgstr "内部LB"

 #: ../../networking/remote_access_vpn.rst:118
 #: ../../networking/site_to_site_vpn.rst:205
 #: ../../networking/site_to_site_vpn.rst:268
 #: ../../networking/site_to_site_vpn.rst:400
 #: ../../networking/virtual_private_cloud_config.rst:348
 #: ../../networking/virtual_private_cloud_config.rst:515
 #: ../../networking/virtual_private_cloud_config.rst:750
 #: ../../networking/virtual_private_cloud_config.rst:808
 #: ../../networking/virtual_private_cloud_config.rst:869
 #: ../../networking/virtual_private_cloud_config.rst:1035
 #: ../../networking/virtual_private_cloud_config.rst:1303
 msgid "Public LB IP"
 msgstr "公共LB IP"

 #: ../../networking/remote_access_vpn.rst:122
 #: ../../networking/site_to_site_vpn.rst:209
 #: ../../networking/site_to_site_vpn.rst:272
 #: ../../networking/site_to_site_vpn.rst:404
 #: ../../networking/virtual_private_cloud_config.rst:352
 #: ../../networking/virtual_private_cloud_config.rst:519
 #: ../../networking/virtual_private_cloud_config.rst:754
 #: ../../networking/virtual_private_cloud_config.rst:812
 #: ../../networking/virtual_private_cloud_config.rst:873
 #: ../../networking/virtual_private_cloud_config.rst:1039
 #: ../../networking/virtual_private_cloud_config.rst:1307
 msgid "Virtual Machines"
 msgstr "虚拟机"

 #: ../../networking/remote_access_vpn.rst:126
 #: ../../networking/site_to_site_vpn.rst:213
 #: ../../networking/site_to_site_vpn.rst:276
 #: ../../networking/site_to_site_vpn.rst:408
 #: ../../networking/virtual_private_cloud_config.rst:356
 #: ../../networking/virtual_private_cloud_config.rst:523
 #: ../../networking/virtual_private_cloud_config.rst:758
 #: ../../networking/virtual_private_cloud_config.rst:816
 #: ../../networking/virtual_private_cloud_config.rst:877
 #: ../../networking/virtual_private_cloud_config.rst:1043
 #: ../../networking/virtual_private_cloud_config.rst:1311
 msgid "The following router information is displayed:"
 msgstr "显示以下路由器信息："

 #: ../../networking/remote_access_vpn.rst:128
 #: ../../networking/site_to_site_vpn.rst:215
 #: ../../networking/site_to_site_vpn.rst:278
 #: ../../networking/site_to_site_vpn.rst:410
 #: ../../networking/virtual_private_cloud_config.rst:358
 #: ../../networking/virtual_private_cloud_config.rst:525
 #: ../../networking/virtual_private_cloud_config.rst:760
 #: ../../networking/virtual_private_cloud_config.rst:818
 #: ../../networking/virtual_private_cloud_config.rst:879
 #: ../../networking/virtual_private_cloud_config.rst:1045
 #: ../../networking/virtual_private_cloud_config.rst:1313
 msgid "Private Gateways"
 msgstr "专用网关"

 #: ../../networking/remote_access_vpn.rst:130
 #: ../../networking/site_to_site_vpn.rst:217
 #: ../../networking/site_to_site_vpn.rst:280
 #: ../../networking/site_to_site_vpn.rst:412
 #: ../../networking/virtual_private_cloud_config.rst:360
 #: ../../networking/virtual_private_cloud_config.rst:527
 #: ../../networking/virtual_private_cloud_config.rst:762
 #: ../../networking/virtual_private_cloud_config.rst:820
 #: ../../networking/virtual_private_cloud_config.rst:881
 #: ../../networking/virtual_private_cloud_config.rst:1047
 #: ../../networking/virtual_private_cloud_config.rst:1315
 msgid "Public IP Addresses"
 msgstr "公共IP地址"

 #: ../../networking/remote_access_vpn.rst:132
 #: ../../networking/site_to_site_vpn.rst:219
 #: ../../networking/site_to_site_vpn.rst:282
 #: ../../networking/site_to_site_vpn.rst:414
 #: ../../networking/virtual_private_cloud_config.rst:362
 #: ../../networking/virtual_private_cloud_config.rst:529
 #: ../../networking/virtual_private_cloud_config.rst:764
 #: ../../networking/virtual_private_cloud_config.rst:822
 #: ../../networking/virtual_private_cloud_config.rst:883
 #: ../../networking/virtual_private_cloud_config.rst:1049
 #: ../../networking/virtual_private_cloud_config.rst:1317
 msgid "Site-to-Site VPNs"
 msgstr "站点到站点 VPN"

 #: ../../networking/remote_access_vpn.rst:134
 #: ../../networking/site_to_site_vpn.rst:221
 #: ../../networking/site_to_site_vpn.rst:284
 #: ../../networking/site_to_site_vpn.rst:416
 #: ../../networking/virtual_private_cloud_config.rst:364
 #: ../../networking/virtual_private_cloud_config.rst:531
 #: ../../networking/virtual_private_cloud_config.rst:766
 #: ../../networking/virtual_private_cloud_config.rst:824
 #: ../../networking/virtual_private_cloud_config.rst:885
 #: ../../networking/virtual_private_cloud_config.rst:1051
 #: ../../networking/virtual_private_cloud_config.rst:1319
 msgid "Network ACL Lists"
 msgstr "网络 ACL列表"

 #: ../../networking/remote_access_vpn.rst:136
 #: ../../networking/virtual_private_cloud_config.rst:887
 #: ../../networking/virtual_private_cloud_config.rst:1053
 #: ../../networking/virtual_private_cloud_config.rst:1321
 msgid "In the Router node, select Public IP Addresses."
 msgstr "在路由器节点中，选择公共IP地址。"

 #: ../../networking/remote_access_vpn.rst:138
 #: ../../networking/virtual_private_cloud_config.rst:828
 #: ../../networking/virtual_private_cloud_config.rst:889
 #: ../../networking/virtual_private_cloud_config.rst:1055
 #: ../../networking/virtual_private_cloud_config.rst:1323
 msgid "The IP Addresses page is displayed."
 msgstr "系统显示IP地址页面。"

 #: ../../networking/remote_access_vpn.rst:140
 msgid "Click Source NAT IP address."
 msgstr "点击源NAT IP地址。"

 #: ../../networking/remote_access_vpn.rst:144
 msgid "Click OK to confirm. The IPsec key is displayed in a pop-up window."
 msgstr "点击OK确认。IPsec密钥将显示在弹出的窗口中。"

 #: ../../networking/remote_access_vpn.rst:146
 msgid "Now, you need to add the VPN users."
 msgstr "现在，需要添加VPN用户。"

 #: ../../networking/remote_access_vpn.rst:148
 msgid "Click the Source NAT IP."
 msgstr "点击源NAT IP。"

 #: ../../networking/remote_access_vpn.rst:150
 msgid "Select the VPN tab."
 msgstr "选择VPN选项卡。"

 #: ../../networking/remote_access_vpn.rst:152
 msgid ""
 "Add the username and the corresponding password of the user you wanted to"
 " add."
 msgstr "为你要创建的用户添加用户名和对应的密码。"

 #: ../../networking/remote_access_vpn.rst:157
 msgid "Repeat the same steps to add the VPN users."
 msgstr "重复相同的步骤添加VPN用户。"

 #: ../../networking/site_to_site_vpn.rst:4
 msgid "Setting Up a Site-to-Site VPN Connection"
 msgstr "配置站点到站点的VPN连接"

 #: ../../networking/site_to_site_vpn.rst:6
 msgid ""
 "A Site-to-Site VPN connection helps you establish a secure connection "
 "from an enterprise datacenter to the cloud infrastructure. This allows "
 "users to access the guest VMs by establishing a VPN connection to the "
 "virtual router of the account from a device in the datacenter of the "
 "enterprise. You can also establish a secure connection between two VPC "
 "setups or high availability zones in your environment. Having this "
 "facility eliminates the need to establish VPN connections to individual "
 "VMs."
 msgstr ""
 "一个站点到站点的VPN连接可以帮助你建立从云基础架构到企业内部数据中心的安全连接.这就允许一个账户从企业内部数据中心的设备连接到此账户启用VPN连接的虚拟路由器上,"
 " "
 "从而通过VPN连接到该账户的虚拟机.你也可以在两个VPC之间或是高可用区域之间建立VPC以加强安全。这样一来，就不需要在虚拟机之间建立VPN连接的必要了。"

 #: ../../networking/site_to_site_vpn.rst:15
 msgid ""
 "The difference from Remote VPN is that Site-to-site VPNs connects entire "
 "networks to each other, for example, connecting a branch office network "
 "to a company headquarters network. In a site-to-site VPN, hosts do not "
 "have VPN client software; they send and receive normal TCP/IP traffic "
 "through a VPN gateway."
 msgstr ""
 "与Remote VPN不同，Site-to-site VPNs是将两个网络相互连接。比如，将一个分支办公室的网络与总公司网络互联，Site-to-"
 "site VPN的两个主机不需要VPN客户端软件，它们通过VPN网关收发普通的TCP/IP数据包流量 。"

 #: ../../networking/site_to_site_vpn.rst:21
 msgid "The supported endpoints on the remote datacenters are:"
 msgstr "目前支持的数据中心的终端设备是:"

 #: ../../networking/site_to_site_vpn.rst:23
 msgid "Cisco ISR with IOS 12.4 or later"
 msgstr "Cisco ISR IOS 12.4或更新"

 #: ../../networking/site_to_site_vpn.rst:25
 msgid "Juniper J-Series routers with JunOS 9.5 or later"
 msgstr "Juniper J-系统 路由器  JunOS 9.5 或更新版本"

 #: ../../networking/site_to_site_vpn.rst:27
 msgid "CloudStack virtual routers"
 msgstr "CloudStack虚拟路由器。"

 #: ../../networking/site_to_site_vpn.rst:30
 msgid ""
 "In addition to the specific Cisco and Juniper devices listed above, the "
 "expectation is that any Cisco or Juniper device running on the supported "
 "operating systems are able to establish VPN connections."
 msgstr "除了上述指定的Cisco和Juniper设备, 所期望的是任何Cisco或Juniper的设备在支持的操作系统上都可以建立VPN连接."

 #: ../../networking/site_to_site_vpn.rst:34
 msgid "To set up a Site-to-Site VPN connection, perform the following:"
 msgstr "为了建立站点到站点的VPN连接, 需要执行以下步骤:"

 #: ../../networking/site_to_site_vpn.rst:36
 msgid "Create a Virtual Private Cloud (VPC)."
 msgstr "创建一个虚拟私有云(VPC)."

 #: ../../networking/site_to_site_vpn.rst:38
 msgid "See \":ref:`configuring-vpc`\"."
 msgstr "参考\":ref:`configuring-vpc`\"."

 #: ../../networking/site_to_site_vpn.rst:40
 msgid "Create a VPN Customer Gateway."
 msgstr "创建一个VPN客户网关."

 #: ../../networking/site_to_site_vpn.rst:42
 msgid "Create a VPN gateway for the VPC that you created."
 msgstr "为你创建的VPC设定一个VPN网关."

 #: ../../networking/site_to_site_vpn.rst:44
 msgid ""
 "Create VPN connection from the VPC VPN gateway to the customer VPN "
 "gateway."
 msgstr "从VPC的VPN网关到客户的VPN网关建立VPN连接."

 #: ../../networking/site_to_site_vpn.rst:49
 msgid "Creating and Updating a VPN Customer Gateway"
 msgstr "创建和更新一个VPN客户网关."

 #: ../../networking/site_to_site_vpn.rst:52
 msgid "A VPN customer gateway can be connected to only one VPN gateway at a time."
 msgstr "一个VPN客户网关在同一时间只能连接一个VPN网关。"

 #: ../../networking/site_to_site_vpn.rst:54
 msgid "To add a VPN Customer Gateway:"
 msgstr "添加 VPN 客户网关"

 #: ../../networking/site_to_site_vpn.rst:60
 #: ../../networking/site_to_site_vpn.rst:170
 msgid "In the Select view, select VPN Customer Gateway."
 msgstr "在选择视图里，选择VPN客户网关。"

 #: ../../networking/site_to_site_vpn.rst:62
 msgid "Click Add VPN Customer Gateway."
 msgstr "点击添加 VPN 客户网关。"

 #: ../../networking/site_to_site_vpn.rst:64
 msgid "|addvpncustomergateway.png|"
 msgstr "|addvpncustomergateway.png|"

 #: ../../networking/site_to_site_vpn.rst:68
 msgid "**Name**: A unique name for the VPN customer gateway you create."
 msgstr "**名称**: 你添加的VPN客户网关的一个唯一的名称。"

 #: ../../networking/site_to_site_vpn.rst:70
 msgid "**Gateway**: The IP address for the remote gateway."
 msgstr "**IP地址**: 远端网关的IP地址。"

 #: ../../networking/site_to_site_vpn.rst:72
 msgid ""
 "**CIDR list**: The guest CIDR list of the remote subnets. Enter a CIDR or"
 " a comma-separated list of CIDRs. Ensure that a guest CIDR list is not "
 "overlapped with the VPC's CIDR, or another guest CIDR. The CIDR must be "
 "RFC1918-compliant."
 msgstr ""
 "**CIDR列表**: "
 "远端客户子网的CIDR。输入一个CIDR或是以逗号分隔的多个CIDR。在确认客户的CIDR和VPC的CIDR或是另一个客户的CIDR不重叠冲突。CIDR的格式必须符合"
 " RFC1918标准。"

 #: ../../networking/site_to_site_vpn.rst:77
 #, fuzzy
 msgid ""
 "**IPsec Preshared Key**: Preshared keying is a method where the endpoints"
 " of the VPN share a secret key. This key value is used to authenticate "
 "the customer gateway and the VPC VPN gateway to each other. The sequence "
 "cannot contain a newline or double-quote."
 msgstr "**IPsec预共享密钥**: 预共享密钥在两个端点之间共享同一个密钥。这个密钥用来在客户网关和VPN的VPN网关之间相互认证。"

 #: ../../networking/site_to_site_vpn.rst:83
 msgid ""
 "The IKE peers (VPN end points) authenticate each other by computing and "
 "sending a keyed hash of data that includes the Preshared key. If the "
 "receiving peer is able to create the same hash independently by using its"
 " Preshared key, it knows that both peers must share the same secret, thus"
 " authenticating the customer gateway."
 msgstr ""
 "Internet密钥交换协议（IKE）匹配点 ( VPN 端点 ) "
 "通过计算并发送包含预共享密钥的哈希键值来进行相互验证。如果收接点通过自己的预共享密钥算出同一个键值的话，这就说明两个点是用的同一个密钥，相互之间认证通过，形成匹配。"

 #: ../../networking/site_to_site_vpn.rst:90
 msgid ""
 "**IKE Encryption**: The Internet Key Exchange (IKE) policy for phase-1. "
 "The supported encryption algorithms are AES128, AES192, AES256, and 3DES."
 " Authentication is accomplished through the Preshared Keys."
 msgstr ""
 "**IKE 加密**: Internet密钥交换协议(IKE)第一阶段（phase-1）策略。支持的加密算法包括 AES128, AES192, "
 "AES256和3DES.。认证通过预共享密钥完成。"

 #: ../../networking/site_to_site_vpn.rst:96
 msgid ""
 "The phase-1 is the first phase in the IKE process. In this initial "
 "negotiation phase, the two VPN endpoints agree on the methods to be used "
 "to provide security for the underlying IP traffic. The phase-1 "
 "authenticates the two VPN gateways to each other, by confirming that the "
 "remote gateway has a matching Preshared Key."
 msgstr ""
 "phase-"
 "1是IKE过程的第一阶段。在这个开始的协商阶段，两个VPN端点在将底层IP流量加密安全的方法上取得一致。第一阶段认证通过的条件是：两个VPN网关之间使用的是同一个预定义密钥。"

 #: ../../networking/site_to_site_vpn.rst:102
 msgid ""
 "**IKE Hash**: The IKE hash for phase-1. The supported hash algorithms are"
 " SHA1 and MD5."
 msgstr "**IKE 哈希**:  IKE第一阶段（ phase-1）哈希散列使用的算法。支持SHA1 和 MD5."

 #: ../../networking/site_to_site_vpn.rst:105
 msgid ""
 "**IKE DH**: A public-key cryptography protocol which allows two parties "
 "to establish a shared secret over an insecure communications channel. The"
 " 1536-bit Diffie-Hellman group is used within IKE to establish session "
 "keys. The supported options are None, Group-5 (1536-bit) and Group-2 "
 "(1024-bit)."
 msgstr ""
 "**IKE DH（Diffie-Hellman组）**: "
 "IKE的DH加密协议，可以在不安全的连接上确保共享KEY的安全。1536位的DH组用在IKE中用来建立会话KEYS。在这里，支持的选项是 "
 "None, Group-5 (1536-bit) 和 Group-2 (1024-bit)."

 #: ../../networking/site_to_site_vpn.rst:111
 msgid ""
 "**ESP Encryption**: Encapsulating Security Payload (ESP) algorithm within"
 " phase-2. The supported encryption algorithms are AES128, AES192, AES256,"
 " and 3DES."
 msgstr ""
 "**ESP 加密**: 封装安全有效负荷（Encapsulating Security "
 "Payload,ESP）算法是发生在第二阶段(phase-2)。其支持的加密算法包括 AES128, AES192, AES256, 和 "
 "3DES。"

 #: ../../networking/site_to_site_vpn.rst:116
 msgid ""
 "The phase-2 is the second phase in the IKE process. The purpose of IKE "
 "phase-2 is to negotiate IPSec security associations (SA) to set up the "
 "IPSec tunnel. In phase-2, new keying material is extracted from the "
 "Diffie-Hellman key exchange in phase-1, to provide session keys to use in"
 " protecting the VPN data flow."
 msgstr ""
 "phase-2是IKE过程的第二阶段，其目标是协助IPSec安全关联 (SA) 以建立IPSec通道。在 phase-2阶段，会利用 phase-"
 "1阶段建立好的DH安全协议方法来交换新的密钥。"

 #: ../../networking/site_to_site_vpn.rst:122
 msgid ""
 "**ESP Hash**: Encapsulating Security Payload (ESP) hash for phase-2. "
 "Supported hash algorithms are SHA1 and MD5."
 msgstr ""
 "**ESP哈希散列**:phase-2支持的封装安全有效负荷(Encapsulating Security "
 "Payload,ESP)哈希算法包括：SHA1 和MD5."

 #: ../../networking/site_to_site_vpn.rst:125
 msgid ""
 "**Perfect Forward Secrecy**: Perfect Forward Secrecy (or PFS) is the "
 "property that ensures that a session key derived from a set of long-term "
 "public and private keys will not be compromised. This property enforces a"
 " new Diffie-Hellman key exchange. It provides the keying material that "
 "has greater key material life and thereby greater resistance to "
 "cryptographic attacks. The available options are None, Group-5 (1536-bit)"
 " and Group-2 (1024-bit). The security of the key exchanges increase as "
 "the DH groups grow larger, as does the time of the exchanges."
 msgstr ""
 "**Perfect forward secrecy(完全正向保密,PFS) **: "
 "PFS的性质是确保来自一组的长期的公共密钥和私人密钥之间的会话密钥不会妥协失效。PFS会促使一组新的DH "
 "KEY发生交换。这组新KEY具有更长的生命周期因此可以抵制更强大的功击。DH的可用选项是 None, Group-5 (1536-bit)和 "
 "Group-2 (1024-bit). 当新KEY交换之后，DH组会变得更大。"

 #: ../../networking/site_to_site_vpn.rst:136
 msgid ""
 "When PFS is turned on, for every negotiation of a new phase-2 SA the two "
 "gateways must generate a new set of phase-1 keys. This adds an extra "
 "layer of protection that PFS adds, which ensures if the phase-2 SA's have"
 " expired, the keys used for new phase-2 SA's have not been generated from"
 " the current phase-1 keying material."
 msgstr ""
 "当PFS打开后，两个网关之间的新的phase-2 SA协商都会产生新的phase-"
 "1的一组KEY，这就会导致增加一个额外的层。这个层的作用是保证即使phase-2 SA失效过期，其KEY也不会由phase-1生成。"

 #: ../../networking/site_to_site_vpn.rst:142
 msgid ""
 "**IKE Lifetime (seconds)**: The phase-1 lifetime of the security "
 "association in seconds. Default is 86400 seconds (1 day). Whenever the "
 "time expires, a new phase-1 exchange is performed."
 msgstr ""
 "**IKE 存活期(秒)**:  SA的phase-1的存活期。默认是86400 秒 (1 天).当这个时间过了之后，会发生一次新的  "
 "phase-1 KEY交换。"

 #: ../../networking/site_to_site_vpn.rst:146
 msgid ""
 "**ESP Lifetime (seconds)**: The phase-2 lifetime of the security "
 "association in seconds. Default is 3600 seconds (1 hour). Whenever the "
 "value is exceeded, a re-key is initiated to provide a new IPsec "
 "encryption and authentication session keys."
 msgstr ""
 "**ESP存活期 (秒)**:SA的  phase-2存活期。默认为 3600 秒(1 小时). "
 "当过了这个时间之后，会有一个新的KEY初始化，用来加密和认证 IPsec的会话KEY。"

 #: ../../networking/site_to_site_vpn.rst:151
 msgid ""
 "**Dead Peer Detection**: A method to detect an unavailable Internet Key "
 "Exchange (IKE) peer. Select this option if you want the virtual router to"
 " query the liveliness of its IKE peer at regular intervals. It's "
 "recommended to have the same configuration of DPD on both side of VPN "
 "connection."
 msgstr ""
 "**死亡匹配点检测**:这是一种检测不可用IKE节点的方法。如果你希望虚拟路由器随时测试IKE节点的存活情况，选择了这个选项。 "
 "一般来说，最好在VPN连接的两端都同时配置DPD(Dead Peer Detectio)."

 #: ../../networking/site_to_site_vpn.rst:161
 msgid "Updating and Removing a VPN Customer Gateway"
 msgstr "更新和删除一个VPN客户网关."

 #: ../../networking/site_to_site_vpn.rst:163
 msgid ""
 "You can update a customer gateway either with no VPN connection, or "
 "related VPN connection is in error state."
 msgstr "你可以更新一个客户网关：即可以从无到有新建一个VPN，或是将有错误提示的VPN改正。"

 #: ../../networking/site_to_site_vpn.rst:172
 msgid "Select the VPN customer gateway you want to work with."
 msgstr "选择您要操作的客户VPN连接。"

 #: ../../networking/site_to_site_vpn.rst:174
 msgid ""
 "To modify the required parameters, click the Edit VPN Customer Gateway "
 "button |vpn-edit-icon.png|"
 msgstr ""

 #: ../../networking/site_to_site_vpn.rst:177
 msgid ""
 "To remove the VPN customer gateway, click the Delete VPN Customer Gateway"
 " button |delete.png|"
 msgstr "删除一个客户VPN网关，点击删除客户VPN网关按钮。  |delete.png|"

 #: ../../networking/site_to_site_vpn.rst:184
 msgid "Creating a VPN gateway for the VPC"
 msgstr "为VPC创建一个VPN网关"

 #: ../../networking/site_to_site_vpn.rst:195
 #: ../../networking/site_to_site_vpn.rst:256
 #: ../../networking/site_to_site_vpn.rst:388
 #: ../../networking/virtual_private_cloud_config.rst:673
 #: ../../networking/virtual_private_cloud_config.rst:740
 #: ../../networking/virtual_private_cloud_config.rst:859
 #: ../../networking/virtual_private_cloud_config.rst:1293
 msgid "Click the Configure button of the VPC to which you want to deploy the VMs."
 msgstr "点击要部署虚机的VPC的配置按钮。"

 #: ../../networking/site_to_site_vpn.rst:198
 #: ../../networking/site_to_site_vpn.rst:259
 #: ../../networking/site_to_site_vpn.rst:391
 #: ../../networking/virtual_private_cloud_config.rst:506
 #: ../../networking/virtual_private_cloud_config.rst:743
 #: ../../networking/virtual_private_cloud_config.rst:801
 #: ../../networking/virtual_private_cloud_config.rst:862
 #: ../../networking/virtual_private_cloud_config.rst:1296
 msgid ""
 "The VPC page is displayed where all the tiers you created are listed in a"
 " diagram."
 msgstr "系统会显示VPC页面，您创建的所有层都列在图中。"

 #: ../../networking/site_to_site_vpn.rst:223
 #: ../../networking/site_to_site_vpn.rst:286
 #: ../../networking/site_to_site_vpn.rst:418
 msgid "Select Site-to-Site VPN."
 msgstr "选择点对点VPN"

 #: ../../networking/site_to_site_vpn.rst:225
 msgid ""
 "If you are creating the VPN gateway for the first time, selecting Site-"
 "to-Site VPN prompts you to create a VPN gateway."
 msgstr "如果您是第一次创建VPN网关，选择点对点VPN会提示您创建一个VPN网关。"

 #: ../../networking/site_to_site_vpn.rst:228
 msgid "In the confirmation dialog, click Yes to confirm."
 msgstr "在信息确认对话框，点击“是”。"

 #: ../../networking/site_to_site_vpn.rst:230
 msgid ""
 "Within a few moments, the VPN gateway is created. You will be prompted to"
 " view the details of the VPN gateway you have created. Click Yes to "
 "confirm."
 msgstr "过一会儿，VPN网关就创建出来了。系统会提示您查看VPN网关的详细信息，请点击“是”。"

 #: ../../networking/site_to_site_vpn.rst:234
 msgid "The following details are displayed in the VPN Gateway page:"
 msgstr "VPN网关页面会显示以下详细信息："

 #: ../../networking/site_to_site_vpn.rst:238
 msgid "Account"
 msgstr "帐号"

 #: ../../networking/site_to_site_vpn.rst:240
 msgid "Domain"
 msgstr "域名"

 #: ../../networking/site_to_site_vpn.rst:244
 msgid "Creating a VPN Connection"
 msgstr "新建vpn连接"

 #: ../../networking/site_to_site_vpn.rst:246
 msgid "CloudStack supports creating up to 8 VPN connections."
 msgstr "CloudStack最多支持建立8个VPN连接。"

 #: ../../networking/site_to_site_vpn.rst:254
 msgid "All the VPCs that you create for the account are listed in the page."
 msgstr "页面上列出了该账号下所有的VPC。"

 #: ../../networking/site_to_site_vpn.rst:262
 #: ../../networking/site_to_site_vpn.rst:394
 #: ../../networking/virtual_private_cloud_config.rst:509
 msgid "Click the Settings icon."
 msgstr "点击设置图标。"

 #: ../../networking/site_to_site_vpn.rst:288
 #: ../../networking/site_to_site_vpn.rst:420
 msgid "The Site-to-Site VPN page is displayed."
 msgstr "系统会显示点对点VPN页面。"

 #: ../../networking/site_to_site_vpn.rst:290
 #: ../../networking/site_to_site_vpn.rst:422
 msgid "From the Select View drop-down, ensure that VPN Connection is selected."
 msgstr "在选择视图下拉框，请确保选择VPN连接。"

 #: ../../networking/site_to_site_vpn.rst:293
 msgid "Click Create VPN Connection."
 msgstr "选择创建vpn连接按钮"

 #: ../../networking/site_to_site_vpn.rst:295
 msgid "The Create VPN Connection dialog is displayed:"
 msgstr "系统会显示创建VPN连接对话框："

 #: ../../networking/site_to_site_vpn.rst:297
 msgid "|createvpnconnection.png|"
 msgstr "|createvpnconnection.png|"

 #: ../../networking/site_to_site_vpn.rst:299
 msgid "Select the desired customer gateway."
 msgstr "选择想要的用户网关。"

 #: ../../networking/site_to_site_vpn.rst:301
 msgid ""
 "Select Passive if you want to establish a connection between two VPC "
 "virtual routers."
 msgstr "如果你希望在两个VPC虚拟路由器之间建立连接，选择被动模式。"

 #: ../../networking/site_to_site_vpn.rst:304
 msgid ""
 "If you want to establish a connection between two VPC virtual routers, "
 "select Passive only on one of the VPC virtual routers, which waits for "
 "the other VPC virtual router to initiate the connection. Do not select "
 "Passive on the VPC virtual router that initiates the connection."
 msgstr "如果你希望在两个VPC虚拟路由器之间建立连接，需要等待另一个虚拟路由器来初始化连接，则只有其中一个虚拟器上选择被动模式。在这种情况下，不要在初始化连接的虚拟路由器上选择被动模式。"

 #: ../../networking/site_to_site_vpn.rst:312
 msgid "Within a few moments, the VPN Connection is displayed."
 msgstr "过一会儿，系统会显示该VPN连接。"

 #: ../../networking/site_to_site_vpn.rst:314
 msgid "The following information on the VPN connection is displayed:"
 msgstr "VPN连接信息"

 #: ../../networking/site_to_site_vpn.rst:320
 msgid "State"
 msgstr "状态 "

 #: ../../networking/site_to_site_vpn.rst:322
 msgid "IPSec Preshared Key"
 msgstr "IPSec 预共享密钥"

 #: ../../networking/site_to_site_vpn.rst:324
 msgid "IKE Policy"
 msgstr "IKE策略"

 #: ../../networking/site_to_site_vpn.rst:326
 msgid "ESP Policy"
 msgstr "ESP策略"

 #: ../../networking/site_to_site_vpn.rst:330
 msgid "Site-to-Site VPN Connection Between VPC Networks"
 msgstr "在VPC网络之间的站点的VPN连接"

 #: ../../networking/site_to_site_vpn.rst:332
 msgid ""
 "CloudStack provides you with the ability to establish a site-to-site VPN "
 "connection between CloudStack virtual routers. To achieve that, add a "
 "passive mode Site-to-Site VPN. With this functionality, users can deploy "
 "applications in multiple Availability Zones or VPCs, which can "
 "communicate with each other by using a secure Site-to-Site VPN Tunnel."
 msgstr "CloudStack可以在虚拟路由器之间部署站点到站点的VPN连接，这需要添加一个被动模式的站点到站点VPN。有了这个功能之后，用户就可以在多个区域或VPC之间通过安全的VPN通道互联。"

 #: ../../networking/site_to_site_vpn.rst:338
 msgid "This feature is supported on all the hypervisors."
 msgstr "这个特性支持所有类型的HYPERVISOR."

 #: ../../networking/site_to_site_vpn.rst:340
 msgid "Create two VPCs. For example, VPC A and VPC B."
 msgstr "创建两个VPC。比如，VPC A和VPC B。"

 #: ../../networking/site_to_site_vpn.rst:342
 msgid "For more information, see \":ref:`configuring-vpc`\"."
 msgstr "更多信息，参考\":ref:`configuring-vpc`\"."

 #: ../../networking/site_to_site_vpn.rst:344
 msgid "Create VPN gateways on both the VPCs you created."
 msgstr "在创建的VPC两边都添加VPN网关。"

 #: ../../networking/site_to_site_vpn.rst:346
 msgid ""
 "For more information, see `\"Creating a VPN gateway for the VPC\" "
 "<#creating-a-vpn-gateway-for-the-vpc>`_."
 msgstr "更多信息，参考 `\"为VPC创建VPN网关\" <#creating-a-vpn-gateway-for-the-vpc>`_."

 #: ../../networking/site_to_site_vpn.rst:349
 msgid "Create VPN customer gateway for both the VPCs."
 msgstr "在VPC两边都创建VPN客户网关。"

 #: ../../networking/site_to_site_vpn.rst:351
 msgid ""
 "For more information, see `\"Creating and Updating a VPN Customer "
 "Gateway\" <#creating-and-updating-a-vpn-customer-gateway>`_."
 msgstr ""
 "更多信息，参考`\"创建和更新VPN客户网关\" <#creating-and-updating-a-vpn-customer-"
 "gateway>`_."

 #: ../../networking/site_to_site_vpn.rst:354
 msgid "Enable a VPN connection on VPC A in passive mode."
 msgstr "在VPC A这边启用VPN的被动连接模式。"

 #: ../../networking/site_to_site_vpn.rst:356
 msgid ""
 "For more information, see `\"Creating a VPN Connection\" <#creating-a"
 "-vpn-connection>`_."
 msgstr "更多信息，请参阅 `\"创建VPN连接\" <#creating-a-vpn-connection>`_。"

 #: ../../networking/site_to_site_vpn.rst:359
 msgid ""
 "Ensure that the customer gateway is pointed to VPC B. The VPN connection "
 "is shown in the Disconnected state."
 msgstr "确保客户网关指向VPC B。这个VPN当前显示的是未连接状态。"

 #: ../../networking/site_to_site_vpn.rst:362
 msgid "Enable a VPN connection on VPC B."
 msgstr "在VPC B上启用VPN连接。"

 #: ../../networking/site_to_site_vpn.rst:364
 msgid ""
 "Ensure that the customer gateway is pointed to VPC A. Because virtual "
 "router of VPC A, in this case, is in passive mode and is waiting for the "
 "virtual router of VPC B to initiate the connection, VPC B virtual router "
 "should not be in passive mode."
 msgstr ""
 "确保客户网关指向VPC A。在这个示例里，因为VPC A的虚拟路由器是处于被动模式且等待着VPC B进行初始化连接，所以VPC "
 "B的虚拟路由器不要设置为被动模式。"

 #: ../../networking/site_to_site_vpn.rst:369
 msgid "The VPN connection is shown in the Disconnected state."
 msgstr "VPN连接当前显示为未连接状态。"

 #: ../../networking/site_to_site_vpn.rst:371
 msgid ""
 "Creating VPN connection on both the VPCs initiates a VPN connection. Wait"
 " for few seconds. The default is 30 seconds for both the VPN connections "
 "to show the Connected state."
 msgstr "VPC两边的VPN会进行初始化连接。默认为30秒之后，两边VPN都会显示为已连接状态。"

 #: ../../networking/site_to_site_vpn.rst:377
 msgid "Restarting and Removing a VPN Connection"
 msgstr "VPN连接的重启和删除"

 #: ../../networking/site_to_site_vpn.rst:425
 msgid "All the VPN connections you created are displayed."
 msgstr "系统会显示创建VPN连接对话框："

 #: ../../networking/site_to_site_vpn.rst:427
 msgid "Select the VPN connection you want to work with."
 msgstr "选择您要操作的VPN连接。"

 #: ../../networking/site_to_site_vpn.rst:429
 msgid "The Details tab is displayed."
 msgstr "系统显示详细信息页。"

 #: ../../networking/site_to_site_vpn.rst:431
 msgid ""
 "To remove a VPN connection, click the Delete VPN connection button "
 "|remove-vpn.png|"
 msgstr "删除一个VPN连接，点击删除VPN连接按钮。 |remove-vpn.png|"

 #: ../../networking/site_to_site_vpn.rst:434
 msgid ""
 "To restart a VPN connection, click the Reset VPN connection button "
 "present in the Details tab. |reset-vpn.png|"
 msgstr "要重启VPN连接，请点击详细信息页的重置VPN连接按钮。  |reset-vpn.png|"

 #: ../../networking/inter_vlan_routing.rst:18
 msgid "About Inter-VLAN Routing (nTier Apps)"
 msgstr "关于vlan间路由(多层应用)"

 #: ../../networking/inter_vlan_routing.rst:20
 msgid ""
 "Inter-VLAN Routing (nTier Apps) is the capability to route network "
 "traffic between VLANs. This feature enables you to build Virtual Private "
 "Clouds (VPC), an isolated segment of your cloud, that can hold multi-tier"
 " applications. These tiers are deployed on different VLANs that can "
 "communicate with each other. You provision VLANs to the tiers your "
 "create, and VMs can be deployed on different tiers. The VLANs are "
 "connected to a virtual router, which facilitates communication between "
 "the VMs. In effect, you can segment VMs by means of VLANs into different "
 "networks that can host multi-tier applications, such as Web, Application,"
 " or Database. Such segmentation by means of VLANs logically separate "
 "application VMs for higher security and lower broadcasts, while remaining"
 " physically connected to the same device."
 msgstr "vlan间路由(多层应用)提供了在vlan间通过流量路由的功能。这个特性使你能够j建立私有云(vpc)，独立分割的云，可容纳多层应用程序。这些层被部署在不同的VLAN，可以互相沟通。您提供的VLAN层的创建和部署虚拟机可以在不同的层上。VLAN连接到一个虚拟路由器，这有利于虚拟机之间的通信。实际上，你可以通过不同定义的vlan来分割你的虚拟机到不同网络，以便承担多层应用，如Web，应用程序或数据库的虚拟机。通过VLAN的逻辑上独立的应用程序的虚拟具有较高的安全性和较低的广播，同时任然物理连接到同一设备。"

 #: ../../networking/inter_vlan_routing.rst:33
 msgid "This feature is supported on XenServer, KVM, and VMware hypervisors."
 msgstr "在 XenServer ,KVM和 VMware hypervisors支持这个特性"

 #: ../../networking/inter_vlan_routing.rst:35
 msgid "The major advantages are:"
 msgstr "主要的优势为："

 #: ../../networking/inter_vlan_routing.rst:37
 msgid ""
 "The administrator can deploy a set of VLANs and allow users to deploy VMs"
 " on these VLANs. A guest VLAN is randomly alloted to an account from a "
 "pre-specified set of guest VLANs. All the VMs of a certain tier of an "
 "account reside on the guest VLAN allotted to that account."
 msgstr "管理可以部署一个vlans集，同时运行用户部署虚拟机在这些vlan上。从预先指定的vlan集中随机的为租户分配一个来宾vlan.租户处于同一层的所有vm处于分配给这个租户的来宾vlan."

 #: ../../networking/inter_vlan_routing.rst:43
 msgid ""
 "A VLAN allocated for an account cannot be shared between multiple "
 "accounts."
 msgstr "一个租户分配到的vlan不能被多个租户共享"

 #: ../../networking/inter_vlan_routing.rst:45
 msgid ""
 "The administrator can allow users create their own VPC and deploy the "
 "application. In this scenario, the VMs that belong to the account are "
 "deployed on the VLANs allotted to that account."
 msgstr "管理员允许所有用户创建自己的vpc,并部署应用。这个场景中，租户的虚拟机被部署到改租户的分配到的vlan中"

 #: ../../networking/inter_vlan_routing.rst:49
 msgid ""
 "Both administrators and users can create multiple VPCs. The guest network"
 " NIC is plugged to the VPC virtual router when the first VM is deployed "
 "in a tier."
 msgstr "管理员和用户都可以创建多个vpcs.当第一个虚拟机被部署到该层时候，一个来宾网络nic插入到这个vpc虚拟路由器上"

 #: ../../networking/inter_vlan_routing.rst:53
 msgid ""
 "The administrator can create the following gateways to send to or receive"
 " traffic from the VMs:"
 msgstr "管理员创建网关用接受和发送来自vm的流量："

 #: ../../networking/inter_vlan_routing.rst:56
 msgid ""
 "**VPN Gateway**: For more information, see `\"Creating a VPN gateway for "
 "the VPC\" <#creating-a-vpn-gateway-for-the-vpc>`_."
 msgstr ""
 "**VPN网关**:更多信息，参考 `\"为VPC创建VPN网关\" <#creating-a-vpn-gateway-for-the-"
 "vpc>`_."

 #: ../../networking/inter_vlan_routing.rst:59
 msgid ""
 "**Public Gateway**: The public gateway for a VPC is added to the virtual "
 "router when the virtual router is created for VPC. The public gateway is "
 "not exposed to the end users. You are not allowed to list it, nor allowed"
 " to create any static routes."
 msgstr "**公网网关**：当为vpc创建一个虚拟路由器时，这个vpc的公共网关就添加到虚拟路由器当中。公共网关还没有暴露到最终用户。你不允许其列出，也不允许建立任何静态路由。"

 #: ../../networking/inter_vlan_routing.rst:64
 msgid ""
 "**Private Gateway**: For more information, see \":ref:`adding-priv-gw-"
 "vpc`\"."
 msgstr "**私有网关**: 更多信息，参考 \":ref:`adding-priv-gw-vpc`\"."

 #: ../../networking/inter_vlan_routing.rst:66
 msgid ""
 "Both administrators and users can create various possible destinations-"
 "gateway combinations. However, only one gateway of each type can be used "
 "in a deployment."
 msgstr "管理员和用户可以创建各种可能的目的地的网关组合。但是，在部署中每种类型只能有一个网关。"

 #: ../../networking/inter_vlan_routing.rst:70
 msgid "For example:"
 msgstr "例如："

 #: ../../networking/inter_vlan_routing.rst:72
 msgid ""
 "**VLANs and Public Gateway**: For example, an application is deployed in "
 "the cloud, and the Web application VMs communicate with the Internet."
 msgstr "**VLAN和公网网关**: 比如，在云中部署了一个应用，并且这个web应用所在的虚拟机要和因特网通信。"

 #: ../../networking/inter_vlan_routing.rst:76
 msgid ""
 "**VLANs, VPN Gateway, and Public Gateway**: For example, an application "
 "is deployed in the cloud; the Web application VMs communicate with the "
 "Internet; and the database VMs communicate with the on-premise devices."
 msgstr ""
 "**VLANs, VPN网关和公网网关**: 比如, 云中部署了一个应用;部署这个web应用的虚拟机要和因特网通信; "
 "并且数据库虚拟要个先前提到的设备通信"

 #: ../../networking/inter_vlan_routing.rst:81
 msgid ""
 "The administrator can define Network Access Control List (ACL) on the "
 "virtual router to filter the traffic among the VLANs or between the "
 "Internet and a VLAN. You can define ACL based on CIDR, port range, "
 "protocol, type code (if ICMP protocol is selected) and Ingress/Egress "
 "type."
 msgstr "管理员可以在虚拟路由器定义一个访问控制列表(ACL)用于过滤vlan或者因特网和vlan直接的流量。你可定义基于CIDR,端口范围，协议，类型代码(如果选用ICPM协议)和进出流量的acl"

 #: ../../networking/inter_vlan_routing.rst:87
 msgid ""
 "The following figure shows the possible deployment scenarios of a Inter-"
 "VLAN setup:"
 msgstr "下图显示了可能的部署一个VLAN间的场景设置的："

 #: ../../networking/inter_vlan_routing.rst:90
 msgid "|mutltier.png|"
 msgstr "|mutltier.png|"

 #: ../../networking/inter_vlan_routing.rst:92
 msgid ""
 "To set up a multi-tier Inter-VLAN deployment, see \":ref:`configuring-"
 "vpc`\"."
 msgstr "要建立一个多层次的跨VLAN部署，请参考\":ref:`configuring-vpc`\"."

 #: ../../networking/virtual_private_cloud_config.rst:20
 msgid "Configuring a Virtual Private Cloud"
 msgstr "配置一个虚拟私有云（VPC）"

 #: ../../networking/virtual_private_cloud_config.rst:23
 msgid "About Virtual Private Clouds"
 msgstr "关于虚拟私有云（VPC）"

 #: ../../networking/virtual_private_cloud_config.rst:25
 msgid ""
 "CloudStack Virtual Private Cloud is a private, isolated part of "
 "CloudStack. A VPC can have its own virtual network topology that "
 "resembles a traditional physical network. You can launch VMs in the "
 "virtual network that can have private addresses in the range of your "
 "choice, for example: 10.0.0.0/16. You can define network tiers within "
 "your VPC network range, which in turn enables you to group similar kinds "
 "of instances based on IP address range."
 msgstr "CloudStackVPC是CloudStack云中私有并隔离的部分。一个VPC可以使用自己的虚拟网络拓扑来组建传统物理网络。在这个虚拟网络中，您创建的虚机的私网地址可以由您自主选择IP范围，例如10.0.0.0/16。您可以在VPC网络范围内定义多个网络层，这些层可以让你将类似的虚机按IP地址范围分组。"

 #: ../../networking/virtual_private_cloud_config.rst:33
 msgid ""
 "For example, if a VPC has the private range 10.0.0.0/16, its guest "
 "networks can have the network ranges 10.0.1.0/24, 10.0.2.0/24, "
 "10.0.3.0/24, and so on."
 msgstr "例如：一个VPC的私有地址范围是10.0.0.0/16，其中的用户网络的地址范围可以分别是10.0.1.0/24、10.0.2.0/24、10.0.3.0/24等等。"

 #: ../../networking/virtual_private_cloud_config.rst:39
 msgid "Major Components of a VPC"
 msgstr ""

 #: ../../networking/virtual_private_cloud_config.rst:41
 msgid "A VPC is comprised of the following network components:"
 msgstr "VPC主要由以下网络组件构成："

 #: ../../networking/virtual_private_cloud_config.rst:43
 msgid ""
 "**VPC**: A VPC acts as a container for multiple isolated networks that "
 "can communicate with each other via its virtual router."
 msgstr "**VPC**：一个VPC是多个隔离网络的容器，隔离网络间可以通过VPC的虚拟路由器互通。"

 #: ../../networking/virtual_private_cloud_config.rst:46
 msgid ""
 "**Network Tiers**: Each tier acts as an isolated network with its own "
 "VLANs and CIDR list, where you can place groups of resources, such as "
 "VMs. The tiers are segmented by means of VLANs. The NIC of each tier acts"
 " as its gateway."
 msgstr "**网络层**：每个层是一个拥有各自VLAN和CIDR的隔离网络。您可以在层内放置VM等各种资源组。层与层之间通过VLAN方式隔离。VPC虚拟路由器在每个层中的网卡是该层的网关。"

 #: ../../networking/virtual_private_cloud_config.rst:51
 msgid ""
 "**Virtual Router**: A virtual router is automatically created and started"
 " when you create a VPC. The virtual router connect the tiers and direct "
 "traffic among the public gateway, the VPN gateways, and the NAT "
 "instances. For each tier, a corresponding NIC and IP exist in the virtual"
 " router. The virtual router provides DNS and DHCP services through its "
 "IP."
 msgstr "**虚拟路由器**：创建VPC时会自动创建并启动一个虚拟路由器。该虚拟路由器连接了各层，并负责各层与公网网关、VPN网关和NAT实例间的网络流量。对于每个层，该虚拟路由器都会有对应的网卡和IP，并通过该IP提供DNS和DHCP服务。"

 #: ../../networking/virtual_private_cloud_config.rst:58
 msgid ""
 "**Public Gateway**: The traffic to and from the Internet routed to the "
 "VPC through the public gateway. In a VPC, the public gateway is not "
 "exposed to the end user; therefore, static routes are not support for the"
 " public gateway."
 msgstr "**公网网关**：VPC进出互联网的流量会走公网网关。VPC中的公网网关不暴露给最终用户，因此公网网关上不支持静态路由。"

 #: ../../networking/virtual_private_cloud_config.rst:63
 msgid ""
 "**Private Gateway**: All the traffic to and from a private network routed"
 " to the VPC through the private gateway. For more information, see \":ref"
 ":`adding-priv-gw-vpc`\"."
 msgstr "**私有网关**：VPC进出某个私有网络的流量通过私有网关。更多信息，请查阅 \":ref:`adding-priv-gw-vpc`\"."

 #: ../../networking/virtual_private_cloud_config.rst:67
 msgid "**VPN Gateway**: The VPC side of a VPN connection."
 msgstr "**VPN 网关**：VPN连接的VPC端。"

 #: ../../networking/virtual_private_cloud_config.rst:69
 msgid ""
 "**Site-to-Site VPN Connection**: A hardware-based VPN connection between "
 "your VPC and your datacenter, home network, or co-location facility. For "
 "more information, see \":ref:`setting-s2s-vpn-conn`\"."
 msgstr ""
 "**点对点VPN连接**：您的VPC和您的数据中心、家庭网络、主机托管设施之间基于硬件的VPN连接。更多信息，请参考\":ref"
 ":`setting-s2s-vpn-conn`\"."

 #: ../../networking/virtual_private_cloud_config.rst:73
 msgid ""
 "**Customer Gateway**: The customer side of a VPN Connection. For more "
 "information, see `\"Creating and Updating a VPN Customer Gateway\" "
 "<#creating-and-updating-a-vpn-customer-gateway>`_."
 msgstr ""
 "**客户网关**:客户这边的VPN连接。更多信息，请参考 `\"创建和更新VPN客户网关\" <#creating-and-updating-a"
 "-vpn-customer-gateway>`_."

 #: ../../networking/virtual_private_cloud_config.rst:77
 msgid ""
 "**NAT Instance**: An instance that provides Port Address Translation for "
 "instances to access the Internet via the public gateway. For more "
 "information, see \":ref:`enabling-disabling-static-nat-on-vpc`\"."
 msgstr ""
 "**NAT实例**:在用户虚机通过公网网关访问公网时，提供端口地址转换的实例。关于更多信息，请参考 \":ref:`enabling-"
 "disabling-static-nat-on-vpc`\"."

 #: ../../networking/virtual_private_cloud_config.rst:81
 msgid ""
 "**Network ACL**: Network ACL is a group of Network ACL items. Network ACL"
 " items are nothing but numbered rules that are evaluated in order, "
 "starting with the lowest numbered rule. These rules determine whether "
 "traffic is allowed in or out of any tier associated with the network ACL."
 " For more information, see \":ref:`conf-net-acl`\"."
 msgstr ""
 "**网络ACL**: "
 "网络ACL是一组网络访问控制列表。这些列表就是一个按顺序编号的规则，执行的时候，从最小的编号开始。这些规则决定了与此ACL关联的各个层的进出流量会被允许或阻止。更多信息，请参考"
 " \":ref:`conf-net-acl`\"."

 #: ../../networking/virtual_private_cloud_config.rst:89
 msgid "Network Architecture in a VPC"
 msgstr "VPC的网络架构"

 #: ../../networking/virtual_private_cloud_config.rst:91
 msgid ""
 "In a VPC, the following four basic options of network architectures are "
 "present:"
 msgstr "VPC有以下四个基本的网络架构："

 #: ../../networking/virtual_private_cloud_config.rst:94
 msgid "VPC with a public gateway only"
 msgstr "只有一个公网网关的VPC"

 #: ../../networking/virtual_private_cloud_config.rst:96
 msgid "VPC with public and private gateways"
 msgstr "VPC的公有和私有网关"

 #: ../../networking/virtual_private_cloud_config.rst:98
 msgid "VPC with public and private gateways and site-to-site VPN access"
 msgstr "VPC的公有和私有网关以及site-to-site VPN访问"

 #: ../../networking/virtual_private_cloud_config.rst:100
 msgid "VPC with a private gateway only and site-to-site VPN access"
 msgstr "只有私有网关的VPC以及site-to-site VPN访问"

 #: ../../networking/virtual_private_cloud_config.rst:104
 msgid "Connectivity Options for a VPC"
 msgstr "VPC的连接选择"

 #: ../../networking/virtual_private_cloud_config.rst:106
 msgid "You can connect your VPC to:"
 msgstr "你可以连接你的VPC："

 #: ../../networking/virtual_private_cloud_config.rst:108
 msgid "The Internet through the public gateway."
 msgstr "通过公有网关连接到Internet."

 #: ../../networking/virtual_private_cloud_config.rst:110
 msgid ""
 "The corporate datacenter by using a site-to-site VPN connection through "
 "the VPN gateway."
 msgstr "通过site-to-siteVPN网关连接到相邻数据中心。"

 #: ../../networking/virtual_private_cloud_config.rst:113
 msgid ""
 "Both the Internet and your corporate datacenter by using both the public "
 "gateway and a VPN gateway."
 msgstr "通过公有和私有VPN网关同时连接到Internet和相邻数据中心。"

 #: ../../networking/virtual_private_cloud_config.rst:118
 msgid "VPC Network Considerations"
 msgstr "VPC网络的考虑事项"

 #: ../../networking/virtual_private_cloud_config.rst:120
 msgid "Consider the following before you create a VPC:"
 msgstr "在创建VPC之前，确认以下事项："

 #: ../../networking/virtual_private_cloud_config.rst:122
 msgid "A VPC, by default, is created in the enabled state."
 msgstr "在创建好VPC之后，其默认处于启用状态。"

 #: ../../networking/virtual_private_cloud_config.rst:124
 msgid ""
 "A VPC can be created in Advance zone only, and can't belong to more than "
 "one zone at a time."
 msgstr "只能在高级区域中创建VPC，并且VPC只能属于一个区域。"

 #: ../../networking/virtual_private_cloud_config.rst:127
 msgid ""
 "The default number of VPCs an account can create is 20. However, you can "
 "change it by using the max.account.vpcs global parameter, which controls "
 "the maximum number of VPCs an account is allowed to create."
 msgstr "默认VPC的数量是20个。如果你需要更多的VPC的话，可以通过修改max.account.vpcs这个全局参数。这个参数是控制创建VPC的最大数量的。"

 #: ../../networking/virtual_private_cloud_config.rst:131
 msgid ""
 "The default number of tiers an account can create within a VPC is 3. You "
 "can configure this number by using the vpc.max.networks parameter."
 msgstr "默认一个用户能创建VPC的层数是三层。也可以通过vpc.max.networks这个参数修改。"

 #: ../../networking/virtual_private_cloud_config.rst:135
 msgid ""
 "Each tier should have an unique CIDR in the VPC. Ensure that the tier's "
 "CIDR should be within the VPC CIDR range."
 msgstr "VPC中每一层都需要是唯一的CIDR，并且这个CIDR是在VPC的CIDR的范围之内。"

 #: ../../networking/virtual_private_cloud_config.rst:138
 msgid "A tier belongs to only one VPC."
 msgstr "每一层只能属于一个VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:140
 msgid "All network tiers inside the VPC should belong to the same account."
 msgstr "VPC中所有网络层都应属于同一个帐号。"

 #: ../../networking/virtual_private_cloud_config.rst:142
 msgid ""
 "When a VPC is created, by default, a SourceNAT IP is allocated to it. The"
 " Source NAT IP is released only when the VPC is removed."
 msgstr "当VPC创建好之后，默认会分配好SourceNAT IP。当此VPC删除之后，SourceNAT IP也会被释放。"

 #: ../../networking/virtual_private_cloud_config.rst:145
 msgid ""
 "A public IP can be used for only one purpose at a time. If the IP is a "
 "sourceNAT, it cannot be used for StaticNAT or port forwarding."
 msgstr "一个公网IP只能用一个用途。如果此IP用于SourceNAT作用的话，就不能同时再用作StaticNAT 或端口转发。"

 #: ../../networking/virtual_private_cloud_config.rst:148
 msgid ""
 "The instances can only have a private IP address that you provision. To "
 "communicate with the Internet, enable NAT to an instance that you launch "
 "in your VPC."
 msgstr "一个实例只能有一个私有IP地址，为了访问Internet,你可以为VPC里的此实例启用NAT功能。"

 #: ../../networking/virtual_private_cloud_config.rst:152
 msgid ""
 "Only new networks can be added to a VPC. The maximum number of networks "
 "per VPC is limited by the value you specify in the vpc.max.networks "
 "parameter. The default value is three."
 msgstr "只有新的网络才能加入VPC。每一个VPC的最大网络数量由参数vpc.max.networks指定。其默认值为3."

 #: ../../networking/virtual_private_cloud_config.rst:156
 msgid ""
 "The load balancing service can be supported by only one tier inside the "
 "VPC."
 msgstr "VPC中只有一层支持负载均衡服务。"

 #: ../../networking/virtual_private_cloud_config.rst:159
 msgid "If an IP address is assigned to a tier:"
 msgstr "如果一个IP地址被赋予一个网络层："

 #: ../../networking/virtual_private_cloud_config.rst:161
 msgid ""
 "That IP can't be used by more than one tier at a time in the VPC. For "
 "example, if you have tiers A and B, and a public IP1, you can create a "
 "port forwarding rule by using the IP either for A or B, but not for both."
 msgstr "那么这个IP就不能在VPC里被另外的层所使用。比如：如果你有A层和B层以及一个公网IP地址，则你可以为A或B创建一个端口转发规则，但不能同时在A和B上创建。"

 #: ../../networking/virtual_private_cloud_config.rst:166
 msgid ""
 "That IP can't be used for StaticNAT, load balancing, or port forwarding "
 "rules for another guest network inside the VPC."
 msgstr "那个IP也不能在VPC的其它的客户网络里用作StaticNAT,负载均衡，端口转发规则。"

 #: ../../networking/virtual_private_cloud_config.rst:169
 msgid "Remote access VPN is not supported in VPC networks."
 msgstr "VPC网络不支持Remote access VPN。"

 #: ../../networking/virtual_private_cloud_config.rst:173
 msgid "Adding a Virtual Private Cloud"
 msgstr "添加一个VPC"

 #: ../../networking/virtual_private_cloud_config.rst:175
 msgid ""
 "When creating the VPC, you simply provide the zone and a set of IP "
 "addresses for the VPC network address space. You specify this set of "
 "addresses in the form of a Classless Inter-Domain Routing (CIDR) block."
 msgstr "当创建VPC时，你只需要提供区域名和VPC要使用的一组IP地址。这组IP地址是以CIDR块的形式提供。"

 #: ../../networking/virtual_private_cloud_config.rst:185
 msgid "Click Add VPC. The Add VPC page is displayed as follows:"
 msgstr "点击添加VPC按钮。页面呈现以下："

 #: ../../networking/virtual_private_cloud_config.rst:187
 msgid "|add-vpc.png|"
 msgstr "|add-vpc.png|"

 #: ../../networking/virtual_private_cloud_config.rst:191
 msgid "**Name**: A short name for the VPC that you are creating."
 msgstr "**名称**: 要创建的VPC的名称。"

 #: ../../networking/virtual_private_cloud_config.rst:193
 msgid "**Description**: A brief description of the VPC."
 msgstr "**描述**: 关于此VPC的简短描述."

 #: ../../networking/virtual_private_cloud_config.rst:195
 msgid "**Zone**: Choose the zone where you want the VPC to be available."
 msgstr "**区域**: 你希望将此VPN应用在哪个区域中。"

 #: ../../networking/virtual_private_cloud_config.rst:197
 msgid ""
 "**Super CIDR for Guest Networks**: Defines the CIDR range for all the "
 "tiers (guest networks) within a VPC. When you create a tier, ensure that "
 "its CIDR is within the Super CIDR value you enter. The CIDR must be "
 "RFC1918 compliant."
 msgstr ""
 "**客户网络超级CIDR**: "
 "定义一个VPC内所有层（客户网络）的CIDR范围。当你新创建一个层时，这个层的CIDR必须在这个超级CIDR范围之内。CIDR的格式定义必须符合RFC1918。"

 #: ../../networking/virtual_private_cloud_config.rst:202
 msgid ""
 "**DNS domain for Guest Networks**: If you want to assign a special domain"
 " name, specify the DNS suffix. This parameter is applied to all the tiers"
 " within the VPC. That implies, all the tiers you create in the VPC belong"
 " to the same DNS domain. If the parameter is not specified, a DNS domain "
 "name is generated automatically."
 msgstr ""
 "**客户网络的DNS域名**: "
 "如果你需要一个域名，则需要在此指定域名后缀。这个参数会应用到VPC中所有的层中。这表示，VPC中所有的层都属于同一个域。如果没有指定域名，则域名会由系统随机产生。"

 #: ../../networking/virtual_private_cloud_config.rst:208
 msgid ""
 "**Public Load Balancer Provider**: You have two options: VPC Virtual "
 "Router and Netscaler."
 msgstr "**公共负载均衡提供者**: 有两个选项：VPC虚拟路由器和 Netscaler。"

 #: ../../networking/virtual_private_cloud_config.rst:215
 msgid "Adding Tiers"
 msgstr "添加层"

 #: ../../networking/virtual_private_cloud_config.rst:217
 msgid ""
 "Tiers are distinct locations within a VPC that act as isolated networks, "
 "which do not have access to other tiers by default. Tiers are set up on "
 "different VLANs that can communicate with each other by using a virtual "
 "router. Tiers provide inexpensive, low latency network connectivity to "
 "other tiers within the VPC."
 msgstr "层在VPC里起来隔离网络的作用，默认规则是层之间不能互访。不同VLAN之间的层可以通过虚拟机实现连接。层在VPC内部提供一种廉价，低延迟的网络连接。"

 #: ../../networking/virtual_private_cloud_config.rst:229
 #: ../../networking/virtual_private_cloud_config.rst:1368
 msgid "All the VPC that you have created for the account is listed in the page."
 msgstr "此帐号创建的所有VPC将显示在页面中。"

 #: ../../networking/virtual_private_cloud_config.rst:233
 msgid ""
 "The end users can see their own VPCs, while root and domain admin can see"
 " any VPC they are authorized to see."
 msgstr "最终用户能看到他们自己的VPC，系统管理用户和域管理员可以看到所有被授权查看的VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:236
 #: ../../networking/virtual_private_cloud_config.rst:1371
 msgid "Click the Configure button of the VPC for which you want to set up tiers."
 msgstr "在你希望设置层的VPC里，点击配置按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:239
 msgid "Click Create network."
 msgstr "点击新建网络。"

 #: ../../networking/virtual_private_cloud_config.rst:241
 msgid "The Add new tier dialog is displayed, as follows:"
 msgstr "然后，添加层的对话界面就会出现。如下："

 #: ../../networking/virtual_private_cloud_config.rst:243
 msgid "|add-tier.png|"
 msgstr "|add-tier.png|"

 #: ../../networking/virtual_private_cloud_config.rst:245
 msgid ""
 "If you have already created tiers, the VPC diagram is displayed. Click "
 "Create Tier to add a new tier."
 msgstr "如果你已添加层，VPC界面就会出现。点击添加层可以增加一个新的层。"

 #: ../../networking/virtual_private_cloud_config.rst:252
 msgid "**Name**: A unique name for the tier you create."
 msgstr "**名称**: 你添加的层的一个唯一的层名。"

 #: ../../networking/virtual_private_cloud_config.rst:254
 msgid ""
 "**Network Offering**: The following default network offerings are listed:"
 " Internal LB, DefaultIsolatedNetworkOfferingForVpcNetworksNoLB, "
 "DefaultIsolatedNetworkOfferingForVpcNetworks"
 msgstr ""
 "**网络方案**: 默认有以下几种网络方案: Internal LB, "
 "DefaultIsolatedNetworkOfferingForVpcNetworksNoLB, "
 "DefaultIsolatedNetworkOfferingForVpcNetworks"

 #: ../../networking/virtual_private_cloud_config.rst:259
 msgid ""
 "In a VPC, only one tier can be created by using LB-enabled network "
 "offering."
 msgstr "在一个VPC中，用LB-enabled network offering只能创建一个层。"

 #: ../../networking/virtual_private_cloud_config.rst:267
 msgid "**VLAN**: The VLAN ID for the tier that the root admin creates."
 msgstr "**VLAN**: 指定系统管理员创建的层的VLAN ID号。"

 #: ../../networking/virtual_private_cloud_config.rst:269
 msgid ""
 "This option is only visible if the network offering you selected is VLAN-"
 "enabled."
 msgstr "这个选项只在你选择的方案在VLAN-enabled的情况下才会显示出来。"

 #: ../../networking/virtual_private_cloud_config.rst:272
 msgid ""
 "For more information, see `\"Assigning VLANs to Isolated Networks\" "
 "<hosts.html#assigning-vlans-to-isolated-networks>`_."
 msgstr ""
 "如需要更多信息，请参考\"为隔离网络分配VLAN\" <hosts.html#assigning-vlans-to-isolated-"
 "networks>`_.节。"

 #: ../../networking/virtual_private_cloud_config.rst:283
 msgid "Continue with configuring access control list for the tier."
 msgstr "继续为层配置访问控制列表。"

 #: ../../networking/virtual_private_cloud_config.rst:289
 msgid "Configuring Network Access Control List"
 msgstr "配置网络访问控制列表"

 #: ../../networking/virtual_private_cloud_config.rst:291
 msgid ""
 "Define Network Access Control List (ACL) on the VPC virtual router to "
 "control incoming (ingress) and outgoing (egress) traffic between the VPC "
 "tiers, and the tiers and Internet. By default, all incoming traffic to "
 "the guest networks is blocked and all outgoing traffic from guest "
 "networks is allowed, once you add an ACL rule for outgoing traffic, then "
 "only outgoing traffic specified in this ACL rule is allowed, the rest is "
 "blocked. To open the ports, you must create a new network ACL. The "
 "network ACLs can be created for the tiers only if the NetworkACL service "
 "is supported."
 msgstr "定义网络访问控制列表（ACL），用以在VPC的层之间，或是层与互联网之间控制进出流量。默认情况下，客户网络的所有进入流量被阻止，所有外出流量被允许。一旦在外出流量方向添加了ACL，则只有ACL规则允许的流量可以被允许，其余的外出流量会被阻止。如果要开放其它端口，则需要在新的ACL中明确定义。只有在支持NetworkACL服务的条件下，只能创建层的ACL。"

 #: ../../networking/virtual_private_cloud_config.rst:303
 msgid "About Network ACL Lists"
 msgstr "关于ACL列表"

 #: ../../networking/virtual_private_cloud_config.rst:305
 msgid ""
 "In CloudStack terminology, Network ACL is a group of Network ACL items. "
 "Network ACL items are nothing but numbered rules that are evaluated in "
 "order, starting with the lowest numbered rule. These rules determine "
 "whether traffic is allowed in or out of any tier associated with the "
 "network ACL. You need to add the Network ACL items to the Network ACL, "
 "then associate the Network ACL with a tier. Network ACL is associated "
 "with a VPC and can be assigned to multiple VPC tiers within a VPC. A Tier"
 " is associated with a Network ACL at all the times. Each tier can be "
 "associated with only one ACL."
 msgstr "在CloudStack术语中，ACL指的是一组针对网络条目。其按条目规则顺序执行，从最小值开始。这些规则决定了与此ACL关联的层的进出流量是被允许还是阻止。操作的方法是添加一个ACL，然后将这个ACL与层关联。ACL在整个VPC中使用，它可以被关系到一个VPC当中多个层中。一个层能及只能关联到一个ACL中。"

 #: ../../networking/virtual_private_cloud_config.rst:315
 msgid ""
 "The default Network ACL is used when no ACL is associated. Default "
 "behavior is all the incoming traffic is blocked and outgoing traffic is "
 "allowed from the tiers. Default network ACL cannot be removed or "
 "modified. Contents of the default Network ACL is:"
 msgstr "当没有ACL明确关联时，会有一个默认的ACL起作用。默认规则是层中所有进入流量被阻止，所有外出流量被允许默认的ACL不能被删除或修改。默认ACL的内容如下："

 #: ../../networking/virtual_private_cloud_config.rst:323
 msgid "Rule"
 msgstr "规则"

 #: ../../networking/virtual_private_cloud_config.rst:323
 msgid "Protocol"
 msgstr "协议"

 #: ../../networking/virtual_private_cloud_config.rst:323
 msgid "Traffic type"
 msgstr "流量类型"

 #: ../../networking/virtual_private_cloud_config.rst:323
 msgid "Action"
 msgstr "动作"

 #: ../../networking/virtual_private_cloud_config.rst:325
 #: ../../networking/virtual_private_cloud_config.rst:326
 msgid "All"
 msgstr "所有"

 #: ../../networking/virtual_private_cloud_config.rst:325
 msgid "Ingress"
 msgstr "进入流量"

 #: ../../networking/virtual_private_cloud_config.rst:325
 #: ../../networking/virtual_private_cloud_config.rst:326
 msgid "0.0.0.0/0"
 msgstr "0.0.0.0/0"

 #: ../../networking/virtual_private_cloud_config.rst:326
 msgid "Egress"
 msgstr "外出流量"

 #: ../../networking/virtual_private_cloud_config.rst:331
 msgid "Creating ACL Lists"
 msgstr "创建ACL列表"

 #: ../../networking/virtual_private_cloud_config.rst:366
 #: ../../networking/virtual_private_cloud_config.rst:393
 msgid "Select Network ACL Lists."
 msgstr "选择网络ACL列表。"

 #: ../../networking/virtual_private_cloud_config.rst:368
 msgid ""
 "The following default rules are displayed in the Network ACLs page: "
 "default\\_allow, default\\_deny."
 msgstr "在ACL页面，下面默认规则将会显示出来：default\\_allow, default\\_deny."

 #: ../../networking/virtual_private_cloud_config.rst:371
 msgid "Click Add ACL Lists, and specify the following:"
 msgstr "点击添加ACL列表，指定以下配置："

 #: ../../networking/virtual_private_cloud_config.rst:373
 msgid "**ACL List Name**: A name for the ACL list."
 msgstr "**ACL列表名称**: 为ACL列表命名。"

 #: ../../networking/virtual_private_cloud_config.rst:375
 msgid ""
 "**Description**: A short description of the ACL list that can be "
 "displayed to users."
 msgstr "**描述**: ACL列表的简短描述。"

 #: ../../networking/virtual_private_cloud_config.rst:380
 msgid "Creating an ACL Rule"
 msgstr "创建一个ACL规则"

 #: ../../networking/virtual_private_cloud_config.rst:395
 msgid ""
 "In addition to the custom ACL lists you have created, the following "
 "default rules are displayed in the Network ACLs page: default\\_allow, "
 "default\\_deny."
 msgstr "除了创建的你自定义的ACL列表之后，以下默认ACL规则也会显示在页面中：default\\_allow, default\\_deny."

 #: ../../networking/virtual_private_cloud_config.rst:399
 #: ../../networking/virtual_private_cloud_config.rst:479
 msgid "Select the desired ACL list."
 msgstr "选择需要的ACL列表。"

 #: ../../networking/virtual_private_cloud_config.rst:401
 msgid "Select the ACL List Rules tab."
 msgstr "选择ACL规则栏"

 #: ../../networking/virtual_private_cloud_config.rst:403
 msgid ""
 "To add an ACL rule, fill in the following fields to specify what kind of "
 "network traffic is allowed in the VPC."
 msgstr "为了创建ACL规则，需要在VPC中定义下面哪些网络流量是允许的。"

 #: ../../networking/virtual_private_cloud_config.rst:406
 msgid "**Rule Number**: The order in which the rules are evaluated."
 msgstr "**规则序号**: 规则被执行的顺序。"

 #: ../../networking/virtual_private_cloud_config.rst:408
 msgid ""
 "**CIDR**: The CIDR acts as the Source CIDR for the Ingress rules, and "
 "Destination CIDR for the Egress rules. To accept traffic only from or to "
 "the IP addresses within a particular address block, enter a CIDR or a "
 "comma-separated list of CIDRs. The CIDR is the base IP address of the "
 "incoming traffic. For example, 192.168.0.0/22. To allow all CIDRs, set to"
 " 0.0.0.0/0."
 msgstr ""
 "**CIDR**: "
 "对于进入的规则，CIDR对源地址起作用，对于外出的规则，CIDR对目标地址起作用。如果要定义多个可接受进出流量的特定地址段，需要以逗号分隔各个CIDR。CIDR是进入流量的基IP地址。比如，"
 " 192.168.0.0/22. 如要对所有CIDR允许流量, 设置为 0.0.0.0/0."

 #: ../../networking/virtual_private_cloud_config.rst:415
 msgid "**Action**: What action to be taken. Allow traffic or block."
 msgstr "**操作**: 定义要进行的操作，允许或阻止。"

 #: ../../networking/virtual_private_cloud_config.rst:417
 msgid ""
 "**Protocol**: The networking protocol that sources use to send traffic to"
 " the tier. The TCP and UDP protocols are typically used for data exchange"
 " and end-user communications. The ICMP protocol is typically used to send"
 " error messages or network monitoring data. All supports all the traffic."
 " Other option is Protocol Number."
 msgstr ""
 "**协议**: "
 "发送到层的源地址的网络协议。最终用户的访问和数据交换通常是用TCP和UDP协议。ICMP协议通常用来发送错误信息或网络监控。ALL表示支持所有协议流量，其它选项是协议编号。"

 #: ../../networking/virtual_private_cloud_config.rst:424
 msgid ""
 "**Start Port**, **End Port** (TCP, UDP only): A range of listening ports "
 "that are the destination for the incoming traffic. If you are opening a "
 "single port, use the same number in both fields."
 msgstr ""
 "**起始端口**, **结束端口** (TCP, UDP "
 "only):对进入流量，这些端口是指需要监听的目标地址的端口范围。如果你只开放一个端口，则在起始和结束端口里填写同一个端口。"

 #: ../../networking/virtual_private_cloud_config.rst:428
 msgid ""
 "**Protocol Number**: The protocol number associated with IPv4 or IPv6. "
 "For more information, see `Protocol Numbers "
 "<http://www.iana.org/assignments/protocol-numbers/protocol-"
 "numbers.xml>`_."
 msgstr ""
 "**协议编号**: 协议编号是与IPV4或IPV6相关联的。更多信息，请参考 `协议号 "
 "<http://www.iana.org/assignments/protocol-numbers/protocol-"
 "numbers.xml>`_."

 #: ../../networking/virtual_private_cloud_config.rst:432
 msgid ""
 "**ICMP Type**, **ICMP Code** (ICMP only): The type of message and error "
 "code that will be sent."
 msgstr "**ICMP类型**, **ICMP代码** (ICMP only): 信息类型及发送错误的代码。"

 #: ../../networking/virtual_private_cloud_config.rst:435
 msgid "**Traffic Type**: The type of traffic: Incoming or outgoing."
 msgstr "**流量类型**: 进出流量的类型。"

 #: ../../networking/virtual_private_cloud_config.rst:437
 msgid "Click Add. The ACL rule is added."
 msgstr "点击添加。这个ACL规则就添加好了。"

 #: ../../networking/virtual_private_cloud_config.rst:439
 msgid ""
 "You can edit the tags assigned to the ACL rules and delete the ACL rules "
 "you have created. Click the appropriate button in the Details tab."
 msgstr "你可以重新编辑ACL标签，或是删除ACL。点击详细信息里的appropriate按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:445
 msgid "Creating a Tier with Custom ACL List"
 msgstr "创建一个具有自定义ACL列表的层。"

 #: ../../networking/virtual_private_cloud_config.rst:447
 #: ../../networking/virtual_private_cloud_config.rst:463
 msgid "Create a VPC."
 msgstr "创建一个VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:449
 #: ../../networking/virtual_private_cloud_config.rst:469
 msgid "Create a custom ACL list."
 msgstr "创建一个自定义ACL列表。"

 #: ../../networking/virtual_private_cloud_config.rst:451
 #: ../../networking/virtual_private_cloud_config.rst:471
 msgid "Add ACL rules to the ACL list."
 msgstr "将ACL规则加入ACL列表。"

 #: ../../networking/virtual_private_cloud_config.rst:453
 #: ../../networking/virtual_private_cloud_config.rst:465
 msgid "Create a tier in the VPC."
 msgstr "在VPC里创建一个层。"

 #: ../../networking/virtual_private_cloud_config.rst:455
 msgid "Select the desired ACL list while creating a tier."
 msgstr "在创建层的过程中选择需要的ACL列表。"

 #: ../../networking/virtual_private_cloud_config.rst:461
 msgid "Assigning a Custom ACL List to a Tier"
 msgstr "将一个自定义的ACL关联到一个层。"

 #: ../../networking/virtual_private_cloud_config.rst:467
 msgid "Associate the tier with the default ACL rule."
 msgstr "将默认的ACL规则关联到层。"

 #: ../../networking/virtual_private_cloud_config.rst:473
 msgid "Select the tier for which you want to assign the custom ACL."
 msgstr "选中你希望赋予自定义ACL的层。"

 #: ../../networking/virtual_private_cloud_config.rst:475
 msgid "Click the Replace ACL List icon. |replace-acl-icon.png|"
 msgstr "点击替换ACL图标。|replace-acl-icon.png|"

 #: ../../networking/virtual_private_cloud_config.rst:477
 msgid "The Replace ACL List dialog is displayed."
 msgstr "替换ACL的对话界面将会弹出来。"

 #: ../../networking/virtual_private_cloud_config.rst:487
 msgid "Adding a Private Gateway to a VPC"
 msgstr "在一个VPC里加入私有网关。"

 #: ../../networking/virtual_private_cloud_config.rst:489
 msgid ""
 "A private gateway can be added by the root admin only. The VPC private "
 "network has 1:1 relationship with the NIC of the physical network. You "
 "can configure multiple private gateways to a single VPC. No gateways with"
 " duplicated VLAN and IP are allowed in the same data center."
 msgstr "私有网关只能被系统管理员添加。VPC私有网络和物理网络之间是1：1的对应关系。你可以在一个VPC里定义多个私有网关。在同一个数据中心，不允许复制VLAN和IP的网关。"

 #: ../../networking/virtual_private_cloud_config.rst:503
 msgid ""
 "Click the Configure button of the VPC to which you want to configure load"
 " balancing rules."
 msgstr "在你想配置负载均衡的VPC上点击配置按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:511
 #: ../../networking/virtual_private_cloud_config.rst:746
 #: ../../networking/virtual_private_cloud_config.rst:804
 msgid "The following options are displayed."
 msgstr "下面这些选项就会出现。"

 #: ../../networking/virtual_private_cloud_config.rst:533
 msgid "Select Private Gateways."
 msgstr "选择私有网关。"

 #: ../../networking/virtual_private_cloud_config.rst:535
 msgid "The Gateways page is displayed."
 msgstr "网关对话框就会显示出来。"

 #: ../../networking/virtual_private_cloud_config.rst:537
 msgid "Click Add new gateway:"
 msgstr "点击添加新网关："

 #: ../../networking/virtual_private_cloud_config.rst:539
 msgid "|add-new-gateway-vpc.png|"
 msgstr "|add-new-gateway-vpc.png|"

 #: ../../networking/virtual_private_cloud_config.rst:543
 msgid "**Physical Network**: The physical network you have created in the zone."
 msgstr "**物理网络**: 此处为你已在区域内建好的物理网络。"

 #: ../../networking/virtual_private_cloud_config.rst:546
 msgid "**IP Address**: The IP address associated with the VPC gateway."
 msgstr "**IP地址**: 关联VPC网关的IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:548
 msgid ""
 "**Gateway**: The gateway through which the traffic is routed to and from "
 "the VPC."
 msgstr "**网关**: 定义进出VPC流量的网关。"

 #: ../../networking/virtual_private_cloud_config.rst:551
 msgid "**Netmask**: The netmask associated with the VPC gateway."
 msgstr "**Netmask**: VPC网关的子网掩码。"

 #: ../../networking/virtual_private_cloud_config.rst:553
 msgid "**VLAN**: The VLAN associated with the VPC gateway."
 msgstr "**VLAN**: VPC网关的VLAN。"

 #: ../../networking/virtual_private_cloud_config.rst:555
 msgid ""
 "**Source NAT**: Select this option to enable the source NAT service on "
 "the VPC private gateway."
 msgstr "**Source NAT**: 这个选项会启用VPC私有网关的source NAT服务。"

 #: ../../networking/virtual_private_cloud_config.rst:558
 msgid "See \":ref:`source-nat-priv-gw`\"."
 msgstr "参考\":ref:`source-nat-priv-gw`\"."

 #: ../../networking/virtual_private_cloud_config.rst:560
 msgid ""
 "**ACL**: Controls both ingress and egress traffic on a VPC private "
 "gateway. By default, all the traffic is blocked."
 msgstr "**ACL**: 控制VPC私有网关的进出流量，默认情况下，所有流量被阻止。"

 #: ../../networking/virtual_private_cloud_config.rst:563
 msgid "See \":ref:`acl-priv-gw`\"."
 msgstr "参考\":ref:`acl-priv-gw`\"."

 #: ../../networking/virtual_private_cloud_config.rst:565
 msgid ""
 "The new gateway appears in the list. You can repeat these steps to add "
 "more gateway for this VPC."
 msgstr "新的网关就会出现在列表中。你可以重复这些步骤为VPC增加更多的网关。"

 #: ../../networking/virtual_private_cloud_config.rst:572
 msgid "Source NAT on Private Gateway"
 msgstr "私有网关的Source NAT"

 #: ../../networking/virtual_private_cloud_config.rst:574
 msgid ""
 "You might want to deploy multiple VPCs with the same super CIDR and guest"
 " tier CIDR. Therefore, multiple guest VMs from different VPCs can have "
 "the same IPs to reach a enterprise data center through the private "
 "gateway. In such cases, a NAT service need to be configured on the "
 "private gateway to avoid IP conflicts. If Source NAT is enabled, the "
 "guest VMs in VPC reaches the enterprise network via private gateway IP "
 "address by using the NAT service."
 msgstr ""
 "你可能希望在同一个超级CIDR和客户层CIDR中部署多个VPC。因此，在一个数据中心，不同VPC中的虚拟机通过私有网络可以拥有相同的IP地址。在这种情况下，就需要在私有网关里配置Source"
 " NAT服务以避免IP冲突。如果Source NAT服务启用，VPC中的客户虚拟机使用私有网关IP地址与数据中心其它机器交流。"

 #: ../../networking/virtual_private_cloud_config.rst:582
 msgid ""
 "The Source NAT service on a private gateway can be enabled while adding "
 "the private gateway. On deletion of a private gateway, source NAT rules "
 "specific to the private gateway are deleted."
 msgstr "Source NAT服务是添加私有网关时启用。如果删除了私有网关，关联到此私有网关的Source NAT规则也会被删除。"

 #: ../../networking/virtual_private_cloud_config.rst:586
 msgid ""
 "To enable source NAT on existing private gateways, delete them and create"
 " afresh with source NAT."
 msgstr "如要有已有私有网关中启用Source NAT，需要先删除（私有网关），然后再建一个启用Source NAT的私有网关。"

 #: ../../networking/virtual_private_cloud_config.rst:593
 msgid "ACL on Private Gateway"
 msgstr "私有网关的ACL"

 #: ../../networking/virtual_private_cloud_config.rst:595
 msgid ""
 "The traffic on the VPC private gateway is controlled by creating both "
 "ingress and egress network ACL rules. The ACLs contains both allow and "
 "deny rules. As per the rule, all the ingress traffic to the private "
 "gateway interface and all the egress traffic out from the private gateway"
 " interface are blocked."
 msgstr "VPC私有网关的进出流量是被ACL规则控制的。ACL均包含允许和阻止的规则。在每一条规则中，所有进出私有网关接口的流量是被阻止的。"

 #: ../../networking/virtual_private_cloud_config.rst:601
 msgid ""
 "You can change this default behaviour while creating a private gateway. "
 "Alternatively, you can do the following:"
 msgstr "你可以在创建私有网关时，改变这个默认的行为。或者，你也可以按如下方式操作："

 #: ../../networking/virtual_private_cloud_config.rst:604
 #: ../../networking/virtual_private_cloud_config.rst:635
 msgid "In a VPC, identify the Private Gateway you want to work with."
 msgstr "在VPC中，验证你想操作的私有网关。"

 #: ../../networking/virtual_private_cloud_config.rst:606
 msgid "In the Private Gateway page, do either of the following:"
 msgstr "在私有网关页面，按如下步骤操作："

 #: ../../networking/virtual_private_cloud_config.rst:608
 msgid "Use the Quickview. See 3."
 msgstr "使用快速查看视图，参考3."

 #: ../../networking/virtual_private_cloud_config.rst:610
 msgid "Use the Details tab. See 4 through ."
 msgstr "使用详细查看栏。参考4。"

 #: ../../networking/virtual_private_cloud_config.rst:612
 msgid ""
 "In the Quickview of the selected Private Gateway, click Replace ACL, "
 "select the ACL rule, then click OK"
 msgstr "在所选择的私有网关的快速查看视图里，点击替换ACL，选中ACL规则，然后点击OK按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:615
 msgid "Click the IP address of the Private Gateway you want to work with."
 msgstr "点击你需要操作的私有网关的IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:617
 msgid "In the Detail tab, click the Replace ACL button. |replace-acl-icon.png|"
 msgstr "在详细查看栏。点击替换ACL按钮。|replace-acl-icon.png|"

 #: ../../networking/virtual_private_cloud_config.rst:620
 msgid "The Replace ACL dialog is displayed."
 msgstr "替换ACL的对话框就会出现。"

 #: ../../networking/virtual_private_cloud_config.rst:622
 msgid "select the ACL rule, then click OK."
 msgstr "选择ACL规则，然后点击OK按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:624
 msgid ""
 "Wait for few seconds. You can see that the new ACL rule is displayed in "
 "the Details page."
 msgstr "稍等片刻。你就会看到新的ACL规则出现在详细页面里了。"

 #: ../../networking/virtual_private_cloud_config.rst:629
 msgid "Creating a Static Route"
 msgstr "创建一个静态静由。"

 #: ../../networking/virtual_private_cloud_config.rst:631
 msgid ""
 "CloudStack enables you to specify routing for the VPN connection you "
 "create. You can enter one or CIDR addresses to indicate which traffic is "
 "to be routed back to the gateway."
 msgstr "CloudStack可以让你指定你创建的VPN链接的路由。你可以输入一个或CIDR地址来指定路由返回到网关的具体流量。"

 #: ../../networking/virtual_private_cloud_config.rst:637
 msgid ""
 "In the Private Gateway page, click the IP address of the Private Gateway "
 "you want to work with."
 msgstr "在私有网关页面，点击你需要的私有网关的IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:640
 msgid "Select the Static Routes tab."
 msgstr "选择静态路由栏。"

 #: ../../networking/virtual_private_cloud_config.rst:642
 msgid "Specify the CIDR of destination network."
 msgstr "指定目标网络的CIDR。"

 #: ../../networking/virtual_private_cloud_config.rst:646
 msgid "Wait for few seconds until the new route is created."
 msgstr "稍等片刻，新的路由就创建好了。"

 #: ../../networking/virtual_private_cloud_config.rst:650
 msgid "Blacklisting Routes"
 msgstr "路由黑名单"

 #: ../../networking/virtual_private_cloud_config.rst:652
 msgid ""
 "CloudStack enables you to block a list of routes so that they are not "
 "assigned to any of the VPC private gateways. Specify the list of routes "
 "that you want to blacklist in the ``blacklisted.routes`` global "
 "parameter. Note that the parameter update affects only new static route "
 "creations. If you block an existing static route, it remains intact and "
 "continue functioning. You cannot add a static route if the route is "
 "blacklisted for the zone."
 msgstr "CloudStack允许你定义一个路由黑名单，这样它们就不能关联到任何VPC私有网关。你需要在全局参数blacklisted.routes里定义。要注意，此参数只在新路由创建时才会生效。如果你在黑名单里加入了已存在的静态路由，则此静态路由还是会继续起作用。你不能把在路由黑名单里的路由加入到静态路由当中去。"

 #: ../../networking/virtual_private_cloud_config.rst:662
 msgid "Deploying VMs to the Tier"
 msgstr "将虚拟机部署到层。"

 #: ../../networking/virtual_private_cloud_config.rst:676
 msgid "The VPC page is displayed where all the tiers you have created are listed."
 msgstr "所有创建好的层都会有VPC页面里列出来。"

 #: ../../networking/virtual_private_cloud_config.rst:679
 msgid "Click Virtual Machines tab of the tier to which you want to add a VM."
 msgstr "指向你想添加虚拟机的层，点击虚拟机栏。"

 #: ../../networking/virtual_private_cloud_config.rst:681
 msgid "|add-vm-vpc.png|"
 msgstr "|add-vm-vpc.png|"

 #: ../../networking/virtual_private_cloud_config.rst:683
 msgid "The Add Instance page is displayed."
 msgstr "添加实例的页面就会出现。"

 #: ../../networking/virtual_private_cloud_config.rst:685
 msgid ""
 "Follow the on-screen instruction to add an instance. For information on "
 "adding an instance, see the Installation Guide."
 msgstr "按照屏幕所指示的操作加入实例。至于如何添加实例，参照安装指南文档。"

 #: ../../networking/virtual_private_cloud_config.rst:690
 msgid "Deploying VMs to VPC Tier and Shared Networks"
 msgstr "在VPC层中部署虚拟，共享网络。"

 #: ../../networking/virtual_private_cloud_config.rst:692
 msgid ""
 "CloudStack allows you deploy VMs on a VPC tier and one or more shared "
 "networks. With this feature, VMs deployed in a multi-tier application can"
 " receive monitoring services via a shared network provided by a service "
 "provider."
 msgstr "CloudStack允许你在VPC层中部署虚拟机和共享网络。有了这个功能，分布在多层当中的虚拟机可以通过共享网络接收到监控服务。"

 #: ../../networking/virtual_private_cloud_config.rst:697
 msgid "Log in to the CloudStack UI as an administrator."
 msgstr "用系统管理员登陆到CloudStack UI界面。"

 #: ../../networking/virtual_private_cloud_config.rst:699
 msgid "In the left navigation, choose Instances."
 msgstr "在左边的导航栏里，选择实例。"

 #: ../../networking/virtual_private_cloud_config.rst:701
 msgid "Click Add Instance."
 msgstr "点击添加实例。"

 #: ../../networking/virtual_private_cloud_config.rst:703
 msgid "Select a zone."
 msgstr "选择一个区域。"

 #: ../../networking/virtual_private_cloud_config.rst:705
 msgid "Select a template or ISO, then follow the steps in the wizard."
 msgstr "选择一个模板或ISO，按向导步骤操作。 "

 #: ../../networking/virtual_private_cloud_config.rst:707
 msgid ""
 "Ensure that the hardware you have allows starting the selected service "
 "offering."
 msgstr "请确认你的硬件支持所选择的服务方案。"

 #: ../../networking/virtual_private_cloud_config.rst:710
 msgid "Under Networks, select the desired networks for the VM you are launching."
 msgstr "在网络导航栏，选择你希望虚拟机所在的网络。"

 #: ../../networking/virtual_private_cloud_config.rst:713
 msgid "You can deploy a VM to a VPC tier and multiple shared networks."
 msgstr "你可以将虚拟机部署在一个拥有多个共享网络的VPC层中。"

 #: ../../networking/virtual_private_cloud_config.rst:715
 msgid "|addvm-tier-sharednw.png|"
 msgstr "|addvm-tier-sharednw.png|"

 #: ../../networking/virtual_private_cloud_config.rst:717
 msgid "Click Next, review the configuration and click Launch."
 msgstr "点击下一步，审看已配置信息，然后点击启动。"

 #: ../../networking/virtual_private_cloud_config.rst:719
 msgid "Your VM will be deployed to the selected VPC tier and shared network."
 msgstr "你的这个虚拟机就已被部署到所选择的VPC层和共享网络中。"

 #: ../../networking/virtual_private_cloud_config.rst:723
 msgid "Acquiring a New IP Address for a VPC"
 msgstr "VPC获取新的IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:725
 msgid ""
 "When you acquire an IP address, all IP addresses are allocated to VPC, "
 "not to the guest networks within the VPC. The IPs are associated to the "
 "guest network only when the first port-forwarding, load balancing, or "
 "Static NAT rule is created for the IP or the network. IP can't be "
 "associated to more than one network at a time."
 msgstr "当获取IP地址时，所有的IP地址会被分配到该VPC，而不是VPC中的用户网络。只有当在IP或用户网络上创建第一个网络规则（端口映射、负载均衡、静态NAT）时，该IP才会关联到用户网络。一个IP不能同时关联一个以上的网络。"

 #: ../../networking/virtual_private_cloud_config.rst:768
 msgid "Select IP Addresses."
 msgstr "选择IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:770
 msgid "The Public IP Addresses page is displayed."
 msgstr "公网IP地址页面就显示出来。"

 #: ../../networking/virtual_private_cloud_config.rst:772
 msgid "Click Acquire New IP, and click Yes in the confirmation dialog."
 msgstr "点击获得一个新IP, 并且在确认的对话框中点击确定."

 #: ../../networking/virtual_private_cloud_config.rst:774
 msgid ""
 "You are prompted for confirmation because, typically, IP addresses are a "
 "limited resource. Within a few moments, the new IP address should appear "
 "with the state Allocated. You can now use the IP address in port "
 "forwarding, load balancing, and static NAT rules."
 msgstr ""
 "因为通常IP地址是有限资源，系统会提示您确认。 "
 "在稍等片刻之后，新的IP地址将会出现并且状态是已分配。现在您就可以使用这个IP地址做端口转发、负载均衡或静态NAT。"

 #: ../../networking/virtual_private_cloud_config.rst:781
 msgid "Releasing an IP Address Alloted to a VPC"
 msgstr "释放VPC分配的IP地址"

 #: ../../networking/virtual_private_cloud_config.rst:783
 msgid ""
 "The IP address is a limited resource. If you no longer need a particular "
 "IP, you can disassociate it from its VPC and return it to the pool of "
 "available addresses. An IP address can be released from its tier, only "
 "when all the networking ( port forwarding, load balancing, or StaticNAT )"
 " rules are removed for this IP address. The released IP address will "
 "still belongs to the same VPC."
 msgstr "IP地址是有限资源。如果您不再需要某个IP，请解除该IP和VPC的关联，使其返回到可用地址池中。只有当IP上所有的网络规则(端口映射、负载均衡、静态NAT)都删除后，该IP才能从所属层释放。释放的IP仍属于该VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:799
 msgid "Click the Configure button of the VPC whose IP you want to release."
 msgstr "点击要释放IP的VPC的配置按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:826
 msgid "Select Public IP Addresses."
 msgstr "选择公网IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:830
 msgid "Click the IP you want to release."
 msgstr "点击要释放的IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:832
 msgid "In the Details tab, click the Release IP button |release-ip-icon.png|"
 msgstr "在详细查看栏，点击释放IP按钮。 |release-ip-icon.png|"

 #: ../../networking/virtual_private_cloud_config.rst:838
 msgid "Enabling or Disabling Static NAT on a VPC"
 msgstr "VPC中启用或禁用静态NAT"

 #: ../../networking/virtual_private_cloud_config.rst:840
 msgid ""
 "A static NAT rule maps a public IP address to the private IP address of a"
 " VM in a VPC to allow Internet traffic to it. This section tells how to "
 "enable or disable static NAT for a particular IP address in a VPC."
 msgstr "静态NAT规则是将公网IP映射到VPC中虚机的私网IP，以便允许互联网流量访问该虚机。本节描述如何在VPC中启用或禁用某个公网IP地址的静态NAT。"

 #: ../../networking/virtual_private_cloud_config.rst:865
 msgid "For each tier, the following options are displayed."
 msgstr "对于每一个层，会显示以下选项。"

 #: ../../networking/virtual_private_cloud_config.rst:891
 msgid "Click the IP you want to work with."
 msgstr "点击您要操作的IP。"

 #: ../../networking/virtual_private_cloud_config.rst:893
 msgid ""
 "In the Details tab,click the Static NAT button. |enable-disable.png| The "
 "button toggles between Enable and Disable, depending on whether static "
 "NAT is currently enabled for the IP address."
 msgstr "在“详细信息”页，点击静态NAT按钮|enable-disable.png| 。该按钮会根据公网IP的静态NAT当前状态，在启用和禁用间切换。"

 #: ../../networking/virtual_private_cloud_config.rst:898
 msgid "If you are enabling static NAT, a dialog appears as follows:"
 msgstr "如果是启用静态NAT，会显示如下对话框："

 #: ../../networking/virtual_private_cloud_config.rst:900
 msgid "|select-vmstatic-nat.png|"
 msgstr "|select-vmstatic-nat.png|"

 #: ../../networking/virtual_private_cloud_config.rst:902
 msgid "Select the tier and the destination VM, then click Apply."
 msgstr "选择层和目标虚机，然后点击“应用”。"

 #: ../../networking/virtual_private_cloud_config.rst:906
 msgid "Adding Load Balancing Rules on a VPC"
 msgstr "VPC中添加负载均衡规则"

 #: ../../networking/virtual_private_cloud_config.rst:908
 msgid ""
 "In a VPC, you can configure two types of load balancing: external LB and "
 "internal LB. External LB is nothing but a LB rule created to redirect the"
 " traffic received at a public IP of the VPC virtual router. The traffic "
 "is load balanced within a tier based on your configuration. Citrix "
 "NetScaler and VPC virtual router are supported for external LB. When you "
 "use internal LB service, traffic received at a tier is load balanced "
 "across different VMs within that tier. For example, traffic reached at "
 "Web tier is redirected to another VM in that tier. External load "
 "balancing devices are not supported for internal LB. The service is "
 "provided by a internal LB VM configured on the target tier."
 msgstr ""
 "在VPC中，你可以配置外部或内部负载均衡。外部负载均衡就是将VPC虚拟路由器接收到的公网流量进行转发的规则。这个流量如何在层里进行均衡取决于你的配置。Citrix"
 " NetScaler 和 VPC virtual "
 "router都支持外部负载均衡。内部均衡是在层内的虚拟之间进行均衡。比如，到达WEB层请求的流量可以转发到此层另外的虚拟机。外部负载均衡设备不支持内部均衡。内部负载均衡的服务是由目标层的内部虚拟机配置后提供支持服务的。"

 #: ../../networking/virtual_private_cloud_config.rst:921
 msgid "Load Balancing Within a Tier (External LB)"
 msgstr "在层内进行负载均衡(外部负载均衡)"

 #: ../../networking/virtual_private_cloud_config.rst:923
 msgid ""
 "A CloudStack user or administrator may create load balancing rules that "
 "balance traffic received at a public IP to one or more VMs that belong to"
 " a network tier that provides load balancing service in a VPC. A user "
 "creates a rule, specifies an algorithm, and assigns the rule to a set of "
 "VMs within a tier."
 msgstr ""
 " "
 "CloudStack用户或管理员可以创建负载均衡规则。负载均衡规则用于将一个公网IP的流量分担到在VPC提供负载均衡服务的网络层内的一个或多个VM中。用户可以创建规则，指定算法，然后将规则指定到VPC的一套VM中。"

 #: ../../networking/virtual_private_cloud_config.rst:931
 msgid "Enabling NetScaler as the LB Provider on a VPC Tier"
 msgstr "在VPC层中启用基于NetScaler的负载均衡"

 #: ../../networking/virtual_private_cloud_config.rst:933
 msgid "Add and enable Netscaler VPX in dedicated mode."
 msgstr "添加并启用 Netscaler VPX独立模块。"

 #: ../../networking/virtual_private_cloud_config.rst:935
 msgid ""
 "Netscaler can be used in a VPC environment only if it is in dedicated "
 "mode."
 msgstr "Netscaler只能在独立模块的形式下应用于VPC环境中。"

 #: ../../networking/virtual_private_cloud_config.rst:938
 msgid ""
 "Create a network offering, as given in \":ref:`create-net-offering-ext-"
 "lb`\"."
 msgstr "创建启用持久化选项的网络方案。请参考\":ref:`create-net-offering-ext-lb`\"."

 #: ../../networking/virtual_private_cloud_config.rst:940
 msgid "Create a VPC with Netscaler as the Public LB provider."
 msgstr "在VPC中创建一个基于Netscaler的公用负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:942
 msgid ""
 "For more information, see `\"Adding a Virtual Private Cloud\" <#adding-a"
 "-virtual-private-cloud>`_."
 msgstr "更多信息，请参考 `\"添加一个VPC\" <#adding-a-virtual-private-cloud>`_."

 #: ../../networking/virtual_private_cloud_config.rst:945
 msgid "For the VPC, acquire an IP."
 msgstr "在VPC中获取一个IP地址。"

 #: ../../networking/virtual_private_cloud_config.rst:947
 msgid ""
 "Create an external load balancing rule and apply, as given in :ref"
 ":`create-ext-lb-rule`."
 msgstr "创建并应用一个外部负载均衡规则。请参考:ref:`create-ext-lb-rule`."

 #: ../../networking/virtual_private_cloud_config.rst:954
 msgid "Creating a Network Offering for External LB"
 msgstr "创建一个外部负载均衡网络方案"

 #: ../../networking/virtual_private_cloud_config.rst:956
 msgid "To have external LB support on VPC, create a network offering as follows:"
 msgstr "要在VPC中启用外部负载均衡支持，依如下操作建立网络方案："

 #: ../../networking/virtual_private_cloud_config.rst:959
 #: ../../networking/virtual_private_cloud_config.rst:1165
 msgid "Log in to the CloudStack UI as a user or admin."
 msgstr "使用用户或管理员登录到CloudStack用户界面。"

 #: ../../networking/virtual_private_cloud_config.rst:961
 #: ../../networking/virtual_private_cloud_config.rst:1167
 msgid "From the Select Offering drop-down, choose Network Offering."
 msgstr "下拉选择方案，选择网络方案："

 #: ../../networking/virtual_private_cloud_config.rst:965
 #: ../../networking/virtual_private_cloud_config.rst:1171
 msgid "In the dialog, make the following choices:"
 msgstr "在对话框中，选择如下操作："

 #: ../../networking/virtual_private_cloud_config.rst:967
 #: ../../networking/virtual_private_cloud_config.rst:1173
 msgid "**Name**: Any desired name for the network offering."
 msgstr "**名称**: 任何网络方案的名称。"

 #: ../../networking/virtual_private_cloud_config.rst:969
 #: ../../networking/virtual_private_cloud_config.rst:1175
 msgid ""
 "**Description**: A short description of the offering that can be "
 "displayed to users."
 msgstr "**描述**: 提供一个简短的方案描述。 "

 #: ../../networking/virtual_private_cloud_config.rst:972
 #: ../../networking/virtual_private_cloud_config.rst:1178
 msgid "**Network Rate**: Allowed data transfer rate in MB per second."
 msgstr "**网络速度**: 允许的数据传输速度（MB/秒）。"

 #: ../../networking/virtual_private_cloud_config.rst:974
 #: ../../networking/virtual_private_cloud_config.rst:1180
 msgid ""
 "**Traffic Type**: The type of network traffic that will be carried on the"
 " network."
 msgstr "**流量类型**: 允许承载的网络流量类型。"

 #: ../../networking/virtual_private_cloud_config.rst:977
 #: ../../networking/virtual_private_cloud_config.rst:1183
 msgid "**Guest Type**: Choose whether the guest network is isolated or shared."
 msgstr "**来宾类型**: 选择来宾网络为隔离或共享网络。"

 #: ../../networking/virtual_private_cloud_config.rst:980
 #: ../../networking/virtual_private_cloud_config.rst:1186
 msgid ""
 "**Persistent**: Indicate whether the guest network is persistent or not. "
 "The network that you can provision without having to deploy a VM on it is"
 " termed persistent network."
 msgstr "**持续性**: 表明来宾网络是否支持持续性。无需提供任何VM部署的网络，称之为持续性网络。"

 #: ../../networking/virtual_private_cloud_config.rst:984
 #: ../../networking/virtual_private_cloud_config.rst:1190
 msgid ""
 "**VPC**: This option indicate whether the guest network is Virtual "
 "Private Cloud-enabled. A Virtual Private Cloud (VPC) is a private, "
 "isolated part of CloudStack. A VPC can have its own virtual network "
 "topology that resembles a traditional physical network. For more "
 "information on VPCs, see `\"About Virtual Private Clouds\" <#about-"
 "virtual-private-clouds>`_."
 msgstr ""
 "**VPC**: 此选项表明是否在来宾网络中启用VPC。 CloudStack中的虚拟专用云(VPC)是专用、隔离的。 "
 "一个VPC可以有一个类似于传统物理网络的虚拟网络拓扑结构。有关的VPC的详细信息，请参考`\"关于VPC\" <#about-virtual-"
 "private-clouds>`_."

 #: ../../networking/virtual_private_cloud_config.rst:990
 #: ../../networking/virtual_private_cloud_config.rst:1197
 msgid ""
 "**Specify VLAN**: (Isolated guest networks only) Indicate whether a VLAN "
 "should be specified when this offering is used."
 msgstr "**指定**: (仅隔离的来宾网络) 表明在使用这个网络方案时，是否指定VLAN。"

 #: ../../networking/virtual_private_cloud_config.rst:993
 msgid ""
 "**Supported Services**: Select Load Balancer. Use Netscaler or "
 "VpcVirtualRouter."
 msgstr "**支持服务**:选择负载均衡，使用Netscaler 或 VpcVirtualRouter."

 #: ../../networking/virtual_private_cloud_config.rst:996
 msgid "**Load Balancer Type**: Select Public LB from the drop-down."
 msgstr "**负载均衡类型**:从下拉列表里选择公用负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:998
 msgid ""
 "**LB Isolation**: Select Dedicated if Netscaler is used as the external "
 "LB provider."
 msgstr "**负载均衡隔离**: 如果使用Netscale作为外部负载均衡，选择此项进行隔离。"

 #: ../../networking/virtual_private_cloud_config.rst:1001
 #: ../../networking/virtual_private_cloud_config.rst:1205
 msgid ""
 "**System Offering**: Choose the system service offering that you want "
 "virtual routers to use in this network."
 msgstr "**系统方案**: 选择你想在这个网络中使用的虚拟路由器的系统服务方案。"

 #: ../../networking/virtual_private_cloud_config.rst:1004
 #: ../../networking/virtual_private_cloud_config.rst:1208
 msgid ""
 "**Conserve mode**: Indicate whether to use conserve mode. In this mode, "
 "network resources are allocated only when the first virtual machine "
 "starts in the network."
 msgstr "**保护模式**: 表明是否使用保护模式。在这个模式中，只有网络中第一个虚拟机启动时才分配网络资源。"

 #: ../../networking/virtual_private_cloud_config.rst:1008
 #: ../../networking/virtual_private_cloud_config.rst:1212
 msgid "Click OK and the network offering is created."
 msgstr "点击OK按钮，网络方案就创建好了。"

 #: ../../networking/virtual_private_cloud_config.rst:1014
 msgid "Creating an External LB Rule"
 msgstr "创建一个外部负载均衡规则"

 #: ../../networking/virtual_private_cloud_config.rst:1025
 msgid ""
 "Click the Configure button of the VPC, for which you want to configure "
 "load balancing rules."
 msgstr "点击要配置负载均衡规则的VPC的配置按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:1028
 #: ../../networking/virtual_private_cloud_config.rst:1241
 msgid ""
 "The VPC page is displayed where all the tiers you created listed in a "
 "diagram."
 msgstr "系统会显示VPC页面，您创建的所有层都列在图中。"

 #: ../../networking/virtual_private_cloud_config.rst:1062
 #: ../../networking/virtual_private_cloud_config.rst:1330
 msgid "Select the tier to which you want to apply the rule."
 msgstr "选择应用规则的层。"

 #: ../../networking/virtual_private_cloud_config.rst:1068
 msgid ""
 "**Public Port**: The port that receives the incoming traffic to be "
 "balanced."
 msgstr "**公网端口**: 接收待负载均衡的流入流量的端口。"

 #: ../../networking/virtual_private_cloud_config.rst:1074
 #: ../../networking/virtual_private_cloud_config.rst:1270
 msgid ""
 "**Algorithm**. Choose the load balancing algorithm you want CloudStack to"
 " use. CloudStack supports the following well-known algorithms:"
 msgstr "**算法**。选择您希望CloudStack  使用的负载均衡算法。CloudStack 支持下列知名的算法："

 #: ../../networking/virtual_private_cloud_config.rst:1080
 #: ../../networking/virtual_private_cloud_config.rst:1276
 msgid "Least connections"
 msgstr "最少连接"

 #: ../../networking/virtual_private_cloud_config.rst:1082
 #: ../../networking/virtual_private_cloud_config.rst:1278
 msgid "Source"
 msgstr "源IP"

 #: ../../networking/virtual_private_cloud_config.rst:1084
 msgid ""
 "**Stickiness**. (Optional) Click Configure and choose the algorithm for "
 "the stickiness policy. See Sticky Session Policies for Load Balancer "
 "Rules."
 msgstr "**粘性**. (可选)点击配置，选择粘性策略使用的算法。参见负载均衡规则的粘性会话策略。"

 #: ../../networking/virtual_private_cloud_config.rst:1088
 msgid ""
 "**Add VMs**: Click Add VMs, then select two or more VMs that will divide "
 "the load of incoming traffic, and click Apply."
 msgstr "点击添加VM，选择两个或更多的VM分担流入的流量，然后点击应用。"

 #: ../../networking/virtual_private_cloud_config.rst:1091
 msgid ""
 "The new load balancing rule appears in the list. You can repeat these "
 "steps to add more load balancing rules for this IP address."
 msgstr "新的负载均衡策略会显示在列表中。您可以重复以上步骤为该IP地址添加更多的负载均衡策略。"

 #: ../../networking/virtual_private_cloud_config.rst:1096
 msgid "Load Balancing Across Tiers"
 msgstr "跨越层的负载均衡"

 #: ../../networking/virtual_private_cloud_config.rst:1098
 msgid ""
 "CloudStack supports sharing workload across different tiers within your "
 "VPC. Assume that multiple tiers are set up in your environment, such as "
 "Web tier and Application tier. Traffic to each tier is balanced on the "
 "VPC virtual router on the public side, as explained in `\"Adding Load "
 "Balancing Rules on a VPC\" <#adding-load-balancing-rules-on-a-vpc>`_. If "
 "you want the traffic coming from the Web tier to the Application tier to "
 "be balanced, use the internal load balancing feature offered by "
 "CloudStack."
 msgstr ""
 "CloudStack支持在VPC内不同层之间共享工作负载。这需要先在你的环境里设置好多个层，比如WEB层，应用层。每一个层的流量通过VPC虚拟路由机进行负载均衡。关于这方面的内容，"
 " `\"在VPC里添加负载均衡规则\" <#adding-load-balancing-rules-on-a-vpc>`_.  "
 "如果你想将WEB层发向应用层的流量进行负载均衡，需要使用Cloudstack的内部负载均衡功能。"

 #: ../../networking/virtual_private_cloud_config.rst:1109
 msgid "How Does Internal LB Work in VPC?"
 msgstr "在VPC中，内部负载均衡是如何工作的呢？"

 #: ../../networking/virtual_private_cloud_config.rst:1111
 msgid ""
 "In this figure, a public LB rule is created for the public IP "
 "72.52.125.10 with public port 80 and private port 81. The LB rule, "
 "created on the VPC virtual router, is applied on the traffic coming from "
 "the Internet to the VMs on the Web tier. On the Application tier two "
 "internal load balancing rules are created. An internal LB rule for the "
 "guest IP 10.10.10.4 with load balancer port 23 and instance port 25 is "
 "configured on the VM, InternalLBVM1. Another internal LB rule for the "
 "guest IP 10.10.10.4 with load balancer port 45 and instance port 46 is "
 "configured on the VM, InternalLBVM1. Another internal LB rule for the "
 "guest IP 10.10.10.6, with load balancer port 23 and instance port 25 is "
 "configured on the VM, InternalLBVM2."
 msgstr ""
 "在这个图中，公网负载均衡规则是这样创建的：公网IP为IP "
 "72.52.125.10，外网端口为80，内网端口为81。VPC的虚拟路由机创建的负载均衡规则将互联网的流量分配到WEB层的各个虚拟机上。在应用层创建了两个内部负载均衡规则。其中一个规则是：客户IP为10.10.10.4的将端口23进行负载分发，实例VM和InternalLBVM1的端口25进行了负载。另一条规则是：客户IP为10.10.10.4的将端口45进行负载分发，实例VM和InternalLBVM1的端口46进行了负载。另一条规则是：客户IP为10.10.10.6的将端口23进行负载分发，实例VM和InternalLBVM1的端口25进行了负载。（两条规则还是三条规则？原文如此，希望图示能明解）"

 #: ../../networking/virtual_private_cloud_config.rst:1123
 msgid "|vpc-lb.png|"
 msgstr "|vpc-lb.png|"

 #: ../../networking/virtual_private_cloud_config.rst:1129
 msgid ""
 "Internal LB and Public LB are mutually exclusive on a tier. If the tier "
 "has LB on the public side, then it can't have the Internal LB."
 msgstr "内部和公网负载均衡在一个层里往往是互斥的。如果一个层已应用了公网负载均衡之后，此层就不能再应用内部负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1132
 msgid "Internal LB is supported just on VPC networks in CloudStack 4.2 release."
 msgstr "在 CloudStack 4.2版本中，只有VPC网络支持内部负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1135
 msgid ""
 "Only Internal LB VM can act as the Internal LB provider in CloudStack 4.2"
 " release."
 msgstr "在CloudStack 4.2 版本中，只有Internal LB VM才能作内部负载均衡的提供方。"

 #: ../../networking/virtual_private_cloud_config.rst:1138
 msgid ""
 "Network upgrade is not supported from the network offering with Internal "
 "LB to the network offering with Public LB."
 msgstr "将网络方案由内部负载均衡更改为公网负载均衡是不可行的。"

 #: ../../networking/virtual_private_cloud_config.rst:1141
 msgid "Multiple tiers can have internal LB support in a VPC."
 msgstr "在VPC中，多层可以应用内部负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1143
 msgid "Only one tier can have Public LB support in a VPC."
 msgstr "在VPC中，只有一层只支持公网负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1147
 msgid "Enabling Internal LB on a VPC Tier"
 msgstr "在VPC层上启用内部负载均衡功能"

 #: ../../networking/virtual_private_cloud_config.rst:1149
 msgid ""
 "Create a network offering, as given in :ref:`creating-net-offering-"
 "internal-lb`."
 msgstr "创建一个新的网络方案，请参考:ref:`creating-net-offering-internal-lb`."

 #: ../../networking/virtual_private_cloud_config.rst:1152
 msgid ""
 "Create an internal load balancing rule and apply, as given in :ref"
 ":`create-int-lb-rule`."
 msgstr "创建并应用一个内部负载均衡规则。参考:ref:`create-int-lb-rule`."

 #: ../../networking/virtual_private_cloud_config.rst:1159
 msgid "Creating a Network Offering for Internal LB"
 msgstr "创建一个内部负载均衡网络方案"

 #: ../../networking/virtual_private_cloud_config.rst:1161
 msgid ""
 "To have internal LB support on VPC, either use the default offering, "
 "DefaultIsolatedNetworkOfferingForVpcNetworksWithInternalLB, or create a "
 "network offering as follows:"
 msgstr "要在VPC当中使用内部负载均衡，可以使用默认的DefaultIsolatedNetworkOfferingForVpcNetworksWithInternalLB,或按如下操作新建一个网络方案："

 #: ../../networking/virtual_private_cloud_config.rst:1200
 msgid ""
 "**Supported Services**: Select Load Balancer. Select ``InternalLbVM`` "
 "from the provider list."
 msgstr "**支持服务**: 选择负载均衡，从待提供的下拉列表里选择`InternalLbVM。"

 #: ../../networking/virtual_private_cloud_config.rst:1203
 msgid "**Load Balancer Type**: Select Internal LB from the drop-down."
 msgstr "**负载均衡类型**: 从下拉列表里选择内部负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1218
 msgid "Creating an Internal LB Rule"
 msgstr "创建一个内部负载均衡规则"

 #: ../../networking/virtual_private_cloud_config.rst:1220
 msgid ""
 "When you create the Internal LB rule and applies to a VM, an Internal LB "
 "VM, which is responsible for load balancing, is created."
 msgstr "当你创建好一个内部负载均衡规则，并将之用于一个虚拟之后，一个内部负载均衡的应用就建立起来了。"

 #: ../../networking/virtual_private_cloud_config.rst:1223
 msgid ""
 "You can view the created Internal LB VM in the Instances page if you "
 "navigate to **Infrastructure** > **Zones** > <zone\\_ name> > "
 "<physical\\_network\\_name> > **Network Service Providers** > **Internal "
 "LB VM**. You can manage the Internal LB VMs as and when required from the"
 " location."
 msgstr ""
 "你可以在实例页面中查看创建的内部LB VM 按如下导航 **基础构架** > **区域** > <zone\\_ name> > "
 "<physical\\_network\\_name> > **网络服务提供** > "
 "**内部负载均衡虚拟机**，你就可以看到已创建了内部负载均衡的实例上。也可以在此进行内部负载均衡的管理。"

 #: ../../networking/virtual_private_cloud_config.rst:1238
 msgid ""
 "Locate the VPC for which you want to configure internal LB, then click "
 "Configure."
 msgstr "点击要配置内部负载均衡规则的VPC的配置按钮。"

 #: ../../networking/virtual_private_cloud_config.rst:1244
 msgid ""
 "Locate the Tier for which you want to configure an internal LB rule, "
 "click Internal LB."
 msgstr "指向你想配置内部负载均衡的层，点击内部负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1247
 msgid "In the Internal LB page, click Add Internal LB."
 msgstr "在 Internal LB页面里，点击添加 Internal LB。"

 #: ../../networking/virtual_private_cloud_config.rst:1249
 msgid "In the dialog, specify the following:"
 msgstr "在对话框里，定义以下内容："

 #: ../../networking/virtual_private_cloud_config.rst:1253
 msgid ""
 "**Description**: A short description of the rule that can be displayed to"
 " users."
 msgstr "**描述**: 提供一个简短的规则描述。 "

 #: ../../networking/virtual_private_cloud_config.rst:1256
 msgid ""
 "**Source IP Address**: (Optional) The source IP from which traffic "
 "originates. The IP is acquired from the CIDR of that particular tier on "
 "which you want to create the Internal LB rule. If not specified, the IP "
 "address is automatically allocated from the network CIDR."
 msgstr ""
 "**源IP地址**: (可选) "
 "是指产生流量的源IP地址。这个地址是从你创建内部负载均衡的层中的CIDR中获取的。如果没有指定，则系统会自动从CIDR中分配。"

 #: ../../networking/virtual_private_cloud_config.rst:1262
 msgid "For every Source IP, a new Internal LB VM is created for load balancing."
 msgstr "对于每一个源IP地址，都可以建立一个针对它的内部负载均衡。"

 #: ../../networking/virtual_private_cloud_config.rst:1265
 msgid ""
 "**Source Port**: The port associated with the source IP. Traffic on this "
 "port is load balanced."
 msgstr "**源端口**: 与源IP地址关联的端口，此端口上的流量是基于负载均衡的。"

 #: ../../networking/virtual_private_cloud_config.rst:1268
 msgid "**Instance Port**: The port of the internal LB VM."
 msgstr "**实例端口**: 内部负载均衡虚拟机的端口。"

 #: ../../networking/virtual_private_cloud_config.rst:1282
 msgid "Adding a Port Forwarding Rule on a VPC"
 msgstr "在VPC里添加一个端口转发规则。"

 #: ../../networking/virtual_private_cloud_config.rst:1340
 msgid "**Protocol**: The communication protocol in use between the two ports."
 msgstr "**Protocol**: 两个端口之间所用的互联协议。"

 #: ../../networking/virtual_private_cloud_config.rst:1343
 msgid "TCP"
 msgstr "TCP"

 #: ../../networking/virtual_private_cloud_config.rst:1345
 msgid "UDP"
 msgstr "UDP"

 #: ../../networking/virtual_private_cloud_config.rst:1347
 msgid ""
 "**Add VM**: Click Add VM. Select the name of the instance to which this "
 "rule applies, and click Apply."
 msgstr "**Add VM**: 点击增加虚拟机，选择你想将此规则应用上的虚拟机，点击应用。"

 #: ../../networking/virtual_private_cloud_config.rst:1350
 msgid "You can test the rule by opening an SSH session to the instance."
 msgstr "你可以通过SSH连接实例来测试此规则。"

 #: ../../networking/virtual_private_cloud_config.rst:1354
 msgid "Removing Tiers"
 msgstr "删除层"

 #: ../../networking/virtual_private_cloud_config.rst:1356
 msgid ""
 "You can remove a tier from a VPC. A removed tier cannot be revoked. When "
 "a tier is removed, only the resources of the tier are expunged. All the "
 "network rules (port forwarding, load balancing and staticNAT) and the IP "
 "addresses associated to the tier are removed. The IP address still be "
 "belonging to the same VPC."
 msgstr "你可以从一个VPC中删除一个层。一个被删除的层是不能被擦除的。当一个层被删除后，只有层的资源被删去。所有的网络规则(端口转发，负载均衡，静态NAT)还有关联到此层的IP地址都会删除。但这些IP地址仍然属于这个VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:1374
 msgid ""
 "The Configure VPC page is displayed. Locate the tier you want to work "
 "with."
 msgstr "配置VPC的页面显示出来了。指向你需要操作的层。"

 #: ../../networking/virtual_private_cloud_config.rst:1377
 msgid "Select the tier you want to remove."
 msgstr "选择你想删除的层。"

 #: ../../networking/virtual_private_cloud_config.rst:1379
 msgid ""
 "In the Network Details tab, click the Delete Network button. |del-"
 "tier.png|"
 msgstr "在网络详细栏，点击删除网络按钮。|del-tier.png|"

 #: ../../networking/virtual_private_cloud_config.rst:1382
 msgid "Click Yes to confirm. Wait for some time for the tier to be removed."
 msgstr "点击YES按钮。稍等片片刻，层就会被删除了。"

 #: ../../networking/virtual_private_cloud_config.rst:1386
 msgid "Editing, Restarting, and Removing a Virtual Private Cloud"
 msgstr "编辑，重启，删除VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:1388
 msgid "Ensure that all the tiers are removed before you remove a VPC."
 msgstr "在删除VPC前，需要先删除所有的层。"

 #: ../../networking/virtual_private_cloud_config.rst:1399
 msgid "Select the VPC you want to work with."
 msgstr "选择你需要的VPC。"

 #: ../../networking/virtual_private_cloud_config.rst:1401
 msgid "In the Details tab, click the Remove VPC button |remove-vpc.png|"
 msgstr "在详细栏，点击删除VPC按钮。|remove-vpc.png|"

 #: ../../networking/virtual_private_cloud_config.rst:1403
 msgid "You can remove the VPC by also using the remove button in the Quick View."
 msgstr "你也可以在快速查看视图里点击删除按钮进行VPC的删除。"

 #: ../../networking/virtual_private_cloud_config.rst:1406
 msgid ""
 "You can edit the name and description of a VPC. To do that, select the "
 "VPC, then click the Edit button. |vpc-edit-icon.png|"
 msgstr ""

 #: ../../networking/virtual_private_cloud_config.rst:1409
 msgid ""
 "To restart a VPC, select the VPC, then click the Restart button. "
 "|restart-vpc.png|"
 msgstr "如果要重启一个VPC，点击重启按钮。|restart-vpc.png|"

 #: ../../networking/persistent_networks.rst:18
 msgid "Persistent Networks"
 msgstr "持久化网络"

 #: ../../networking/persistent_networks.rst:20
 msgid ""
 "The network that you can provision without having to deploy any VMs on it"
 " is called a persistent network. A persistent network can be part of a "
 "VPC or a non-VPC environment."
 msgstr "在不部署任何VM的情况下就初始化好的网络称为持久化网络。持久化网络可以是VPC的一部分，也可以不是。"

 #: ../../networking/persistent_networks.rst:24
 msgid ""
 "When you create other types of network, a network is only a database "
 "entry until the first VM is created on that network. When the first VM is"
 " created, a VLAN ID is assigned and the network is provisioned. Also, "
 "when the last VM is destroyed, the VLAN ID is released and the network is"
 " no longer available. With the addition of persistent network, you will "
 "have the ability to create a network in CloudStack in which physical "
 "devices can be deployed without having to run any VMs. Additionally, you "
 "can deploy physical devices on that network."
 msgstr ""
 "在您创建其它类型的网络时，在网络中第一台VM创建之前，该网络仅是数据库的一条记录。当第一个VM创建时，网络会指定一个VLAN "
 "ID并初始化。同样，当网络中最后一个VM销毁后，VLAN "
 "ID会被释放，这样该网络就不再可用。通过使用持久化网络，您就有能力在不部署VM的情况下在&PRODUCT;中创建一个网络用来部署物理设备。而且，您可以在该网络中部署物理设备。"

 #: ../../networking/persistent_networks.rst:33
 msgid ""
 "One of the advantages of having a persistent network is that you can "
 "create a VPC with a tier consisting of only physical devices. For "
 "example, you might create a VPC for a three-tier application, deploy VMs "
 "for Web and Application tier, and use physical machines for the Database "
 "tier. Another use case is that if you are providing services by using "
 "physical hardware, you can define the network as persistent and therefore"
 " even if all its VMs are destroyed the services will not be discontinued."
 msgstr "使用持久化网络的一个优点是您可以创建具有一个只包含物理设备的层的VPC。例如，您可以为一个三层应用创建一个VPC，在Web层和应用层部署VM，在数据库层使用物理机器。另一个使用场景为如果您使用物理硬件提供网络服务，您可以定义网络为持久化的。这样即便网络中所有VM都销毁了，服务还可以继续提供。"

 #: ../../networking/persistent_networks.rst:44
 msgid "Persistent Network Considerations"
 msgstr "持久化网络的考虑事项"

 #: ../../networking/persistent_networks.rst:46
 msgid "Persistent network is designed for isolated networks."
 msgstr "Persistent网络是为隔离网络而设计的。"

 #: ../../networking/persistent_networks.rst:48
 msgid "All default network offerings are non-persistent."
 msgstr "所有默认网络方案都不是持久化的。"

 #: ../../networking/persistent_networks.rst:50
 msgid ""
 "A network offering cannot be editable because changing it affects the "
 "behavior of the existing networks that were created using this network "
 "offering."
 msgstr "网络方案的持久化选项不可编辑。因为修改该选项会影响使用该网络方案创建的已有网络的行为。"

 #: ../../networking/persistent_networks.rst:54
 msgid ""
 "When you create a guest network, the network offering that you select "
 "defines the network persistence. This in turn depends on whether "
 "persistent network is enabled in the selected network offering."
 msgstr "当您创建客户网络时，您选择的网络方案定义了该网络的持久化。反过来，这依赖于选择的网络方案是否启用持久化网络。"

 #: ../../networking/persistent_networks.rst:58
 msgid ""
 "An existing network can be made persistent by changing its network "
 "offering to an offering that has the Persistent option enabled. While "
 "setting this property, even if the network has no running VMs, the "
 "network is provisioned."
 msgstr "通过修改使用的网络方案为启用持久化的方案，现有网络可以变为持久化。在设置该属性时，即便网络中没有运行的VM，该网络也会初始化。"

 #: ../../networking/persistent_networks.rst:63
 msgid ""
 "An existing network can be made non-persistent by changing its network "
 "offering to an offering that has the Persistent option disabled. If the "
 "network has no running VMs, during the next network garbage collection "
 "run the network is shut down."
 msgstr "通过修改使用的网络方案为禁用持久化的方案，现有网络可以变为非持久化。如果网络中没有运行的VM，在下次网络垃圾回收运行时，该网络会被关闭。"

 #: ../../networking/persistent_networks.rst:68
 msgid ""
 "When the last VM on a network is destroyed, the network garbage collector"
 " checks if the network offering associated with the network is "
 "persistent, and shuts down the network only if it is non-persistent."
 msgstr "当网络中最后一台VM销毁时，网络垃圾回收器会检查该网络的网络方案是否为持久化，若不是持久化，则会关闭网络。"

 #: ../../networking/persistent_networks.rst:75
 msgid "Creating a Persistent Guest Network"
 msgstr "创建一个Persistent客户网络"

 #: ../../networking/persistent_networks.rst:77
 msgid "To create a persistent network, perform the following:"
 msgstr "要创建一个Persistent网络，请按如下操作："

 #: ../../networking/persistent_networks.rst:79
 msgid "Create a network offering with the Persistent option enabled."
 msgstr "创建一个Persistent选项启用的网络方案。"

 #: ../../networking/persistent_networks.rst:81
 msgid ""
 "See `\"Creating a New Network Offering\" <networking.html#creating-a-new-"
 "network-offering>`_."
 msgstr "请参考`\"创建一个新的网络方案\" <networking.html#creating-a-new-network-offering>`_."

 #: ../../networking/persistent_networks.rst:84
 msgid "Select Network from the left navigation pane."
 msgstr "从左边的导航栏里选择网络。"

 #: ../../networking/persistent_networks.rst:86
 msgid "Select the guest network that you want to offer this network service to."
 msgstr "选择你希望提供此网络方案服务的客户网络。"

 #: ../../networking/persistent_networks.rst:89
 msgid "Click the Edit button."
 msgstr "点击编辑按钮。"

 #: ../../networking/persistent_networks.rst:91
 msgid ""
 "From the Network Offering drop-down, select the persistent network "
 "offering you have just created."
 msgstr "在网络方案下拉列表里，选择你刚才创建的persistent网络方案。"

 #: ../../networking/palo_alto_config.rst:18
 msgid "Setup a Palo Alto Networks Firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:22
 msgid "Functionality Provided"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:24
 msgid ""
 "This implementation enables the orchestration of a Palo Alto Networks "
 "Firewall from within CloudStack UI and API."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:27
 msgid "**The following features are supported**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:29
 msgid "List/Add/Delete Palo Alto Networks service provider"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:31
 msgid "List/Add/Delete Palo Alto Networks network service offering"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:33
 msgid ""
 "List/Add/Delete Palo Alto Networks network using the above service "
 "offering"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:35
 msgid "Add an instance to a Palo Alto Networks network"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:37
 msgid "Source NAT management on network create and delete"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:39
 msgid "List/Add/Delete Ingress Firewall rule"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:41
 msgid ""
 "List/Add/Delete Egress Firewall rule (both 'Allow' and 'Deny' default "
 "rules supported)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:44
 msgid "List/Add/Delete Port Forwarding rule"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:46
 msgid "List/Add/Delete Static NAT rule"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:48
 msgid ""
 "Apply a Threat Profile to all firewall rules (more details in the "
 "Additional Features section)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:51
 msgid ""
 "Apply a Log Forwarding profile to all firewall rules (more details in the"
 " Additional Features section)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:57
 msgid "Initial Palo Alto Networks Firewall Configuration"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:60
 msgid "Anatomy of the Palo Alto Networks Firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:62
 msgid ""
 "In **'Network > Interfaces'** there is a list of physical interfaces as "
 "well as aggregated physical interfaces which are used for managing "
 "traffic in and out of the Palo Alto Networks Firewall device."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:66
 msgid ""
 "In **'Network > Zones'** there is a list of the different configuration "
 "zones.  This implementation will use two zones; a public (defaults to "
 "'untrust') and private (defaults to 'trust') zone."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:70
 msgid ""
 "In **'Network > Virtual Routers'** there is a list of VRs which handle "
 "traffic routing for the Palo Alto Firewall.  We only use a single Virtual"
 " Router on the firewall and it is used to handle all the routing to the "
 "next network hop."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:75
 msgid ""
 "In **'Objects > Security Profile Groups'** there is a list of profiles "
 "which can be applied to firewall rules.  These profiles are used to "
 "better understand the types of traffic that is flowing through your "
 "network. Configured when you add the firewall provider to CloudStack."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:80
 msgid ""
 "In **'Objects > Log Forwarding'** there is a list of profiles which can "
 "be applied to firewall rules.  These profiles are used to better track "
 "the logs generated by the firewall.  Configured when you add the firewall"
 " provider to CloudStack."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:85
 msgid ""
 "In **'Policies > Security'** there is a list of firewall rules that are "
 "currently configured.  You will not need to modify this section because "
 "it will be completely automated by CloudStack, but you can review the "
 "firewall rules which have been created here."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:90
 msgid ""
 "In **'Policies > NAT'** there is a list of the different NAT rules.  You "
 "will not need to modify this section because it will be completely "
 "automated by CloudStack, but you can review the different NAT rules that "
 "have been created here.  Source NAT, Static NAT and Destination NAT (Port"
 " Forwarding) rules will show up in this list."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:99
 msgid "Configure the Public / Private Zones on the firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:101
 msgid ""
 "No manual configuration is required to setup these zones because "
 "CloudStack will configure them automatically when you add the Palo Alto "
 "Networks firewall device to CloudStack as a service provider.  This "
 "implementation depends on two zones, one for the public side and one for "
 "the private side of the firewall."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:107
 msgid ""
 "The public zone (defaults to 'untrust') will contain all of the public "
 "interfaces and public IPs."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:110
 msgid ""
 "The private zone (defaults to 'trust') will contain all of the private "
 "interfaces and guest network gateways."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:113
 msgid "The NAT and firewall rules will be configured between these zones."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:118
 msgid "Configure the Public / Private Interfaces on the firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:120
 msgid ""
 "This implementation supports standard physical interfaces as well as "
 "grouped physical interfaces called aggregated interfaces.  Both standard "
 "interfaces and aggregated interfaces are treated the same, so they can be"
 " used interchangeably. For this document, we will assume that we are "
 "using 'ethernet1/1' as the public interface and 'ethernet1/2' as the "
 "private interface.  If aggregated interfaces where used, you would use "
 "something like 'ae1' and 'ae2' as the interfaces."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:128
 msgid ""
 "This implementation requires that the 'Interface Type' be set to 'Layer3'"
 " for both the public and private interfaces.  If you want to be able to "
 "use the 'Untagged' VLAN tag for public traffic in CloudStack, you will "
 "need to enable support for it in the public 'ethernet1/1' interface "
 "(details below)."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:133
 msgid "**Steps to configure the Public Interface**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:135
 #: ../../networking/palo_alto_config.rst:171
 #: ../../networking/palo_alto_config.rst:228
 msgid "Log into Palo Alto Networks Firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:137
 #: ../../networking/palo_alto_config.rst:230
 msgid "Navigate to 'Network > Interfaces'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:139
 msgid ""
 "Click on 'ethernet1/1' (for aggregated ethernet, it will probably be "
 "called 'ae1')"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:142
 #: ../../networking/palo_alto_config.rst:155
 msgid "Select 'Layer3' from the 'Interface Type' list"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:144
 msgid "Click 'Advanced'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:146
 msgid "Check the 'Untagged Subinterface' check-box"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:148
 #: ../../networking/palo_alto_config.rst:157
 #: ../../networking/palo_alto_config.rst:193
 #: ../../networking/palo_alto_config.rst:195
 #: ../../networking/palo_alto_config.rst:265
 #: ../../networking/palo_alto_config.rst:339
 #: ../../networking/palo_alto_config.rst:388
 #: ../../networking/palo_alto_config.rst:426
 #: ../../networking/palo_alto_config.rst:455
 msgid "Click 'OK'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:150
 msgid "**Steps to configure the Private Interface**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:152
 msgid ""
 "Click on 'ethernet1/2' (for aggregated ethernet, it will probably be "
 "called 'ae2')"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:162
 msgid "Configure a Virtual Router on the firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:164
 msgid ""
 "The Virtual Router on the Palo Alto Networks Firewall is not to be "
 "confused with the Virtual Routers that CloudStack provisions.  For this "
 "implementation, the Virtual Router on the Palo Alto Networks Firewall "
 "will ONLY handle the upstream routing from the Firewall to the next hop."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:169
 msgid "**Steps to configure the Virtual Router**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:173
 msgid "Navigate to 'Network > Virtual Routers'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:175
 msgid ""
 "Select the 'default' Virtual Router or Add a new Virtual Router if there "
 "are none in the list"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:178
 msgid "If you added a new Virtual Router, you will need to give it a 'Name'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:180
 msgid "Navigate to 'Static Routes > IPv4'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:182
 msgid "'Add' a new static route"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:184
 msgid "**Name**: next_hop (you can name it anything you want)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:186
 msgid "**Destination**: 0.0.0.0/0 (send all traffic to this route)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:188
 msgid "**Interface**: ethernet1/1 (or whatever you set your public interface as)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:191
 msgid "**Next Hop**: (specify the gateway IP for the next hop in your network)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:200
 msgid "Configure the default Public Subinterface"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:202
 msgid ""
 "The current implementation of the Palo Alto Networks firewall integration"
 " uses CIDRs in the form of 'w.x.y.z/32' for the public IP addresses that "
 "CloudStack provisions.  Because no broadcast or gateway IPs are in this "
 "single IP range, there is no way for the firewall to route the traffic "
 "for these IPs.  To route the traffic for these IPs, we create a single "
 "subinterface on the public interface with an IP and a CIDR which "
 "encapsulates the CloudStack public IP range.  This IP will need to be "
 "inside the subnet defined by the CloudStack public range netmask, but "
 "outside the CloudStack public IP range.  The CIDR should reflect the same"
 " subnet defined by the CloudStack public range netmask. The name of the "
 "subinterface is determined by the VLAN configured for the public range in"
 " CloudStack."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:214
 msgid "To clarify this concept, we will use the following example."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:216
 msgid "**Example CloudStack Public Range Configuration**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:218
 msgid "**Gateway**: 172.30.0.1"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:220
 msgid "**Netmask**: 255.255.255.0"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:222
 msgid "**IP Range**: 172.30.0.100 - 172.30.0.199"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:224
 msgid "**VLAN**: Untagged"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:226
 msgid "**Configure the Public Subinterface**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:232
 msgid "Select the 'ethernet1/1' line (not clicking on the name)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:234
 msgid "Click 'Add Subinterface' at the bottom of the window"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:236
 msgid "Enter 'Interface Name': 'ethernet1/1' . '9999'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:238
 msgid "9999 is used if the CloudStack public range VLAN is 'Untagged'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:240
 msgid ""
 "If the CloudStack public range VLAN is tagged (eg: 333), then the name "
 "will reflect that tag"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:243
 msgid ""
 "The 'Tag' is the VLAN tag that the traffic is sent to the next hop with, "
 "so set it accordingly.  If you are passing 'Untagged' traffic from "
 "CloudStack to your next hop, leave it blank.  If you want to pass tagged "
 "traffic from CloudStack, specify the tag."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:248
 msgid ""
 "Select 'default' from the 'Config > Virtual Router' drop-down (assuming "
 "that is what your virtual router is called)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:251
 msgid "Click the 'IPv4' tab"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:253
 msgid "Select 'Static' from the 'Type' radio options"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:255
 msgid "Click 'Add' in the 'IP' section"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:257
 msgid "Enter '172.30.0.254/24' in the new line"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:259
 msgid ""
 "The IP can be any IP outside the CloudStack public IP range, but inside "
 "the CloudStack public range netmask (it can NOT be the gateway IP)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:262
 msgid ""
 "The subnet defined by the CIDR should match the CloudStack public range "
 "netmask"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:269
 msgid "Commit configuration on the Palo Alto Networks Firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:271
 msgid ""
 "In order for all the changes we just made to take effect, we need to "
 "commit the changes."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:274
 msgid "Click the 'Commit' link in the top right corner of the window"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:276
 msgid "Click 'OK' in the commit window overlay"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:278
 msgid ""
 "Click 'Close' to the resulting commit status window after the commit "
 "finishes"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:284
 msgid "Setup the Palo Alto Networks Firewall in CloudStack"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:287
 msgid "Add the Palo Alto Networks Firewall as a Service Provider"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:289
 msgid ""
 "Navigate to 'Infrastructure > Zones > ZONE_NAME > Physical Network > "
 "NETWORK_NAME (guest) > Configure; Network Service Providers'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:292
 msgid "Click on 'Palo Alto' in the list"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:294
 msgid "Click 'View Devices'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:296
 msgid "Click 'Add Palo Alto Device'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:298
 msgid ""
 "Enter your configuration in the overlay.  This example will reflect the "
 "details previously used in this guide."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:301
 msgid "**IP Address**: (the IP of the Palo Alto Networks Firewall)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:303
 msgid "**Username**: (the admin username for the firewall)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:305
 msgid "**Password**: (the admin password for the firewall)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:307
 msgid "**Type**: Palo Alto Firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:309
 msgid ""
 "**Public Interface**: ethernet1/1 (use what you setup earlier as the "
 "public interface if it is different from my examples)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:312
 msgid ""
 "**Private Interface**: ethernet1/2 (use what you setup earlier as the "
 "private interface if it is different from my examples)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:315
 msgid "**Number of Retries**: 2 (the default is fine)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:317
 msgid "**Timeout**: 300 (the default is fine)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:319
 msgid ""
 "**Public Network**: untrust (this is the public zone on the firewall and "
 "did not need to be configured)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:322
 msgid ""
 "**Private Network**: trust (this is the private zone on the firewall and "
 "did not need to be configured)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:325
 msgid ""
 "**Virtual Router**: default (this is the name of the Virtual Router we "
 "setup on the firewall)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:328
 msgid ""
 "**Palo Alto Threat Profile**: (not required.  name of the 'Security "
 "Profile Groups' to apply.  more details in the 'Additional Features' "
 "section)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:332
 msgid ""
 "**Palo Alto Log Profile**: (not required.  name of the 'Log Forwarding' "
 "profile to apply.  more details in the 'Additional Features' section)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:335
 msgid "**Capacity**: (not required)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:337
 msgid "**Dedicated**: (not required)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:341
 msgid "Click on 'Palo Alto' in the breadcrumbs to go back one screen."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:343
 msgid "Click on 'Enable Provider' |EnableDisableFeature.png|"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:347
 msgid "Add a Network Service Offering to use the new Provider"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:349
 msgid ""
 "There are 6 'Supported Services' that need to be configured in the "
 "network service offering for this functionality.  They are DHCP, DNS, "
 "Firewall, Source NAT, Static NAT and Port Forwarding.  For the other "
 "settings, there are probably additional configurations which will work, "
 "but I will just document a common case."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:355
 msgid "Navigate to 'Service Offerings'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:357
 msgid "In the drop-down at the top, select 'Network Offerings'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:359
 msgid "Click 'Add Network Offering'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:361
 msgid "**Name**: (name it whatever you want)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:363
 msgid "**Description**: (again, can be whatever you want)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:365
 msgid "**Guest Type**: Isolated"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:367
 msgid "**Supported Services**:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:369
 msgid "**DHCP**: Provided by 'VirtualRouter'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:371
 msgid "**DNS**: Provided by 'VirtualRouter'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:373
 msgid "**Firewall**: Provided by 'PaloAlto'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:375
 msgid "**Source NAT**: Provided by 'PaloAlto'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:377
 msgid "**Static NAT**: Provided by 'PaloAlto'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:379
 msgid "**Port Forwarding**: Provided by 'PaloAlto'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:381
 msgid "**System Offering for Router**: System Offering For Software Router"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:383
 msgid ""
 "**Supported Source NAT Type**: Per account (this is the only supported "
 "option)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:386
 msgid "**Default egress policy**: (both 'Allow' and 'Deny' are supported)"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:390
 msgid "Click on the newly created service offering"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:392
 msgid "Click 'Enable network offering' |EnableDisableFeature.png|"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:394
 msgid ""
 "When adding networks in CloudStack, select this network offering to use "
 "the Palo Alto Networks firewall."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:399
 msgid "Additional Features"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:401
 msgid ""
 "In addition to the standard functionality exposed by CloudStack, we have "
 "added a couple additional features to this implementation.  We did not "
 "add any new screens to CloudStack, but we have added a couple fields to "
 "the 'Add Palo Alto Service Provider' screen which will add functionality "
 "globally for the device."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:408
 msgid "Palo Alto Networks Threat Profile"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:410
 msgid ""
 "This feature allows you to specify a 'Security Profile Group' to be "
 "applied to all of the firewall rules which are created on the Palo Alto "
 "Networks firewall device."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:414
 msgid ""
 "To create a 'Security Profile Group' on the Palo Alto Networks firewall, "
 "do the following:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:417
 #: ../../networking/palo_alto_config.rst:446
 msgid "Log into the Palo Alto Networks firewall"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:419
 msgid "Navigate to 'Objects > Security Profile Groups'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:421
 msgid "Click 'Add' at the bottom of the page to add a new group"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:423
 msgid ""
 "Give the group a Name and specify the profiles you would like to include "
 "in the group"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:428
 #: ../../networking/palo_alto_config.rst:457
 msgid ""
 "Click the 'Commit' link in the top right of the screen and follow the on "
 "screen instructions"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:431
 msgid ""
 "Once you have created a profile, you can reference it by Name in the "
 "'Palo Alto Threat Profile' field in the 'Add the Palo Alto Networks "
 "Firewall as a Service Provider' step."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:437
 msgid "Palo Alto Networks Log Forwarding Profile"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:439
 msgid ""
 "This feature allows you to specify a 'Log Forwarding' profile to better "
 "manage where the firewall logs are sent to.  This is helpful for keeping "
 "track of issues that can arise on the firewall."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:443
 msgid ""
 "To create a 'Log Forwarding' profile on the Palo Alto Networks Firewall, "
 "do the following:"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:448
 msgid "Navigate to 'Objects > Log Forwarding'"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:450
 msgid "Click 'Add' at the bottom of the page to add a new profile"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:452
 msgid ""
 "Give the profile a Name and specify the details you want for the traffic "
 "and threat settings"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:460
 msgid ""
 "Once you have created a profile, you can reference it by Name in the "
 "'Palo Alto Log Profile' field in the 'Add the Palo Alto Networks Firewall"
 " as a Service Provider' step."
 msgstr ""

 #: ../../networking/palo_alto_config.rst:469
 msgid ""
 "The implementation currently only supports a single public IP range in "
 "CloudStack"
 msgstr ""

 #: ../../networking/palo_alto_config.rst:472
 msgid "Usage tracking is not yet implemented"
 msgstr ""

 # f882d1b965574377abb5c47c46d2017d
 #~ msgid "Using Remote Access VPN with Windows"
 #~ msgstr "在Windows系统中使用远程访问VPN"

 # 7dac5068f0b244e1a144a09d45c39932
 #~ msgid ""
 #~ "The procedure to use VPN varies by"
 #~ " Windows version. Generally, the user "
 #~ "must edit the VPN properties and "
 #~ "make sure that the default route "
 #~ "is not the VPN. The following "
 #~ "steps are for Windows L2TP clients "
 #~ "on Windows Vista. The commands should"
 #~ " be similar for other Windows "
 #~ "versions."
 #~ msgstr ""
 #~ "程序使用不同Windows版本的VPN。通常用户必须编辑VPN属性并确保不使用VPN的默认路由。以下步骤使用基于Windows "
 #~ "Vista的Windows L2TP客户端。命令应该类似于其他版本的Windows。"

 # 9863de47db9f4572ad58ea772de9f36d
 #~ msgid ""
 #~ "Log in to the CloudStack UI and"
 #~ " click on the source NAT IP for"
 #~ " the account. The VPN tab should "
 #~ "display the IPsec preshared key. Make"
 #~ " a note of this and the source"
 #~ " NAT IP. The UI also lists one"
 #~ " or more users and their passwords."
 #~ " Choose one of these users, or, "
 #~ "if none exists, add a user and "
 #~ "password."
 #~ msgstr ""
 #~ "登录到CloudStack用户界面并点击账户下的源NAT IP。VPN选项卡应该会显示IPsec预共享密钥。记录该密钥和源NAT"
 #~ " IP。用户界面同样也列出了一个多或多个用户他们的密码。选择一个用户，或者如果不存在任何用户，则创建一个用户。"

 # 7fda5d36b51847d49837befe10623588
 #~ msgid ""
 #~ "On the Windows box, go to Control"
 #~ " Panel, then select Network and "
 #~ "Sharing center. Click Setup a connection"
 #~ " or network."
 #~ msgstr "在Windows中，进入控制面板，然后选择网络和共享中心，点击设置一个网络连接。"

 # da78d151c9234aed8997f0bc85337cf6
 #~ msgid "In the next dialog, select No, create a new connection."
 #~ msgstr "在下一个对话框中，选择否，创建一个新的连接。"

 # 43e868088a2941f2b050d28f6420c815
 #~ msgid "In the next dialog, select Use my Internet Connection (VPN)."
 #~ msgstr "在下一个对话框中，选择使用我的Internet连接(VPN)."

 # 239288f41e5547d280e2293ec8da8206
 #~ msgid ""
 #~ "In the next dialog, enter the "
 #~ "source NAT IP from step #1 and "
 #~ "give the connection a name. Check "
 #~ "Don't connect now."
 #~ msgstr "在下一个对话框中，输入此步骤#1中的源NAT IP地址并填写连接名称。勾选现在不连接。"

 # 38f025d6b59c4032a92973f1c1a27c07
 #~ msgid ""
 #~ "In the next dialog, enter the user"
 #~ " name and password selected in step"
 #~ " #1."
 #~ msgstr "在下一个对话框中，输入此步骤#1中的用户名和密码。"

 # 65891d17f3074ed9b484f59841022124
 #~ msgid ""
 #~ "Go back to the Control Panel and"
 #~ " click Network Connections to see the"
 #~ " new connection. The connection is "
 #~ "not active yet."
 #~ msgstr "返回控制面板并点击网络连接查看这个新的连接。但当前连接并不是活动状态。"

 # 90aee2a731374796ae19cb91e6c4eaca
 #~ msgid ""
 #~ "Right-click the new connection and "
 #~ "select Properties. In the Properties "
 #~ "dialog, select the Networking tab."
 #~ msgstr "在新创建的连接上点击右键并选择属性。在属性对话框中，选择网络选项卡。"

 # 785904429cc24b31a7cf663347b72344
 #~ msgid ""
 #~ "In Type of VPN, choose L2TP IPsec"
 #~ " VPN, then click IPsec settings. "
 #~ "Select Use preshared key. Enter the "
 #~ "preshared key from step #1."
 #~ msgstr "在VPN类型中，选择L2TP IPsec VPN,然后点击IPsec设置，选择用户预共享密钥。并输入此步骤#1中提供的密钥。"

 # 3e29d7f5cd6b43428b98157632b35cfe
 #~ msgid ""
 #~ "The connection is ready for activation."
 #~ " Go back to Control Panel -> "
 #~ "Network Connections and double-click the"
 #~ " created connection."
 #~ msgstr "该连接已经准备好被激活。返回到控制面板 -> 网络连接，双击创建连接。"

 # 658b86e57b2145119bff660e836d339d
 #~ msgid "Enter the user name and password from step #1."
 #~ msgstr "输入此步骤 #1中提供的用户名和密码。"

 # f28b68b93a984f618a8681036210e3b9
 #~ msgid "Using Remote Access VPN with Mac OS X"
 #~ msgstr "在Mac OS X 中使用远程访问VPN"

 # 8b76f5b992cc490bad145d28495ce704
 #~ msgid ""
 #~ "First, be sure you've configured the "
 #~ "VPN settings in your CloudStack install."
 #~ " This section is only concerned with"
 #~ " connecting via Mac OS X to "
 #~ "your VPN."
 #~ msgstr "首先，确保在你的CloudStack中已经设置好VPN。本章节仅涉及通过Mac OS X 连接至VPN。"

 # 7da87b538a3b4bd98149a9dc28b99cb5
 #~ msgid ""
 #~ "Note, these instructions were written on"
 #~ " Mac OS X 10.7.5. They may "
 #~ "differ slightly in older or newer "
 #~ "releases of Mac OS X."
 #~ msgstr "请注意，此指南只基于Mac OS X 10.7.5 。在旧版或新版本的Mac OS X中可能会略有不同。"

 # 99afa11cb02448889b90260c46e6daf2
 #~ msgid "On your Mac, open System Preferences and click Network."
 #~ msgstr "在Mac中，打开系统偏好设置然后点击网络。"

 # 1b60714f0b664945b51a0b61be0399a5
 #~ msgid "Make sure Send all traffic over VPN connection is not checked."
 #~ msgstr "确保Send all traffic over VPN connection没有被选定。"

 # bcd319828ca0418fb3c241dfe5096e41
 #~ msgid ""
 #~ "If your preferences are locked, you'll"
 #~ " need to click the lock in the"
 #~ " bottom left-hand corner to make "
 #~ "any changes and provide your "
 #~ "administrator credentials."
 #~ msgstr "如果你的首选项框被锁住，你如果要做些改动需要点击底部左侧的锁按钮，并提供管理员认证。"

 # 4300ee6f178548d5a9905a6bbe2d9860
 #~ msgid ""
 #~ "You will need to create a new "
 #~ "network entry. Click the plus icon "
 #~ "on the bottom left-hand side and"
 #~ " you'll see a dialog that says "
 #~ "\"Select the interface and enter a "
 #~ "name for the new service.\" Select "
 #~ "VPN from the Interface drop-down "
 #~ "menu, and \"L2TP over IPSec\" for "
 #~ "the VPN Type. Enter whatever you "
 #~ "like within the \"Service Name\" field."
 #~ msgstr "您将需要创建一个新的网络入口。点击底部左侧的加号图标，你会看到一个对话框，写着“选择接口并输入新服务的名称”。在接口下拉菜单中选择VPN，VPN类型为“基于IPSec的L2TP”。在“服务名称”中输入任何你喜欢的字段。"

 # 23650c313b074382a57881042b50304e
 #~ msgid ""
 #~ "You'll now have a new network "
 #~ "interface with the name of whatever "
 #~ "you put in the \"Service Name\" "
 #~ "field. For the purposes of this "
 #~ "example, we'll assume you've named it"
 #~ " \"CloudStack.\" Click on that interface"
 #~ " and provide the IP address of "
 #~ "the interface for your VPN under "
 #~ "the Server Address field, and the "
 #~ "user name for your VPN under "
 #~ "Account Name."
 #~ msgstr ""
 #~ "现在你需要在\"Service Name\" "
 #~ "中填入新的网络接口的名称。对于这个例子，我们假设你已经把它命名为“CloudStack”。点击该接口，并在服务器地址字段中填入提供的VPN"
 #~ " IP地址，并在账户名称中填入您的VPN用户名。"

 # 6b61feadee8d476583c5ac8024ecf9dc
 #~ msgid ""
 #~ "Click Authentication Settings, and add "
 #~ "the user's password under User "
 #~ "Authentication and enter the pre-shared"
 #~ " IPSec key in the Shared Secret "
 #~ "field under Machine Authentication. Click "
 #~ "OK."
 #~ msgstr "点击身份验证设置，在机器验证中，用户身份验证下输入用户名和密码，在共享密钥下输入预共享IPsec密钥。点击OK。"

 # 82160d6db5874a5fb691804a0f4064ee
 #~ msgid ""
 #~ "You may also want to click the "
 #~ "\"Show VPN status in menu bar\" "
 #~ "but that's entirely optional."
 #~ msgstr "你也可以点击\"在菜单栏中查看VPN状态\",这完全是可选的操作。"

 # 7888991db08f4692af070e20a8f548e4
 #~ msgid "Now click \"Connect\" and you will be connected to the CloudStack VPN."
 #~ msgstr "现在点击\"连接\" 你将会连接到CloudStack VPN。"