Azure virtual networks (VNet)

An Azure VNet is a logical isolated network for your services connected to your subscription in Azure. You have full control about the IP address blocks, DNS settings, security policies, and route tables within this network. You can also split your VNet into subnet and launch Azure IaaS virtual machines and cloud services within these subnets. By using Azure virtual gateways and WAN solutions, you can also connect your virtual networks to the internet or your on-premises environment.

When you look for Azure VNet in Azure, you basically search for the network and you should see the symbol shown in the following screenshot:

Normally you're setting up a network like you do in your on-premises network. You create a network with an IP range such as 10.0.0.0/16 and split it up into different subnetworks. Every Azure VNet has at least a minimum of two subnets. The first is the gateway subnet, which is basically a router network where every internal network router for the other Azure VNet subnetworks is in. We personally prefer to use the first subnet of the Azure VNet as the gateway subnet but you can choose any subnet you like. The only thing you need to know is that the gateway subnet needs a minimum of /29 CIDR IPs. I normally recommend /24 CIDR. You would never use it but it's logical and you can follow up with a /24 CIDR subnet design. The second one is the network for your services or servers depending on your own design, normally it is /24 CIDR.

As of September 2016, Azure started to support IPv6 to be used in Azure. The deployment and support of IPv6 is still in progress while writing the book.

The following diagram shows you an example for a network configuration:

All subnetworks are fully routed to each other. That is not the best situation in most of the cases. One example is when you need a Frontend and a Backend network in Azure, as shown in the following diagram:

Currently there are only two ways to resolve that issue:

  • The first one is to create two subnetworks and put a virtual machine with two network adapters in both networks and route within the virtual machine and prevent default routing with configuration of route filters
  • The other way is to implement custom routes and send packages for the frontend network into the either of your other Azure or on premises networks

There is a great nice to know within the VNet setting. Under MONITORING, you can see a detailed networking diagram of your Azure network.

The following screenshot shows an example of a Diagram:

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.9.124