So as we know the Azure Networking Basics now, we can focus on the base element in Networking in Azure: Azure VNets
Azure Virtual Networks a.k.a. VNets
An Azure Virtual Network is the fundamental building block in an Azure environment. It is your private network portion of the azure network.
Each VNet is a separated and isolated from other VNets, as long as you do not create any connection between them. Azure VNets have three default boundaries:
Region – a VNet can only span one region. If you need a VNet in another region you have to create a separate resource.
Subscription – a VNet can only exist in one subscription. If you are running multiple subscriptions you will require multiple VNets
Address Space – a VNet is limited by it’s address space by default. But you can adjust the address space or add other IP ranges anytime
This leads to different approaches in VNET-Design
The virtual network is used to create a connection:
between Azure Resources – via an Azure VNet resources can communicate on a private network with each other
to the internet – by default all resources in a VNet can communicate outbound to the internet
to on-premises – there are options to connect a VNet to an on-premises network, but this will be covered later
A VNet can have multiple address spaces which even can have totally different masks.
Subnets in VNets
Azure VNet cannot work without having a proper subnet set up. The subnets enable you to segment the virtual network and allocate a portion of the virtual network’s address space to each subnet. You can then deploy Azure resources in a specific subnet. Just like in a traditional network, subnets allow you to segment your VNet address space into segments that are appropriate for the organization’s internal network.
Be aware that a Subnet is a subset of your VNets address space. So you can never have a larger subnet than the VNet space allows.
another important thing to know, is that all Subnets inside a VNet are routed by default:
So the two Subnets in the graphic can communicate to each other. The network virtualization is doing routing and switching here automatically. This is important to understand in case Subnets are created to saparate workloads from each other.
In this case you have to modify the routing of the VNet or work with a central firewall.
VM NICs attached to Subnets
If you create a resource it will be always attached to the subnet and never directly to a VNet. This is also the reason why it is recommended to not fill all the address space of a VNet with Subscriptions. Some resources will create their own Subnet during deployment. Therefore it is required to have some space left in the VNet.
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Azure Data Box Disk is now available with hardware encryption General availability: HBv4-series & HX-series VMs are now available in Sweden Central. Azure Machine Learning data collector is now generally available GA: Azure Monitor log search alerts support…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: General availability: Azure SQL updates for mid-April 2024 Azure Red Hat OpenShift April 2024 updates General availability: Extensible key management using Azure Key Vault for SQL Server on Linux General Availability: Azure Database for PostgreSQL – Flexible Server…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Azure Virtual Network Manager Security Admin Rule generally available in 45 regions Test General Availability of Azure Logic Apps connectors for IBM Mainframe and Midranges Public Preview of Azure OpenAI and AI Search in-app connectors for Logic Apps…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Azure Sphere version 24.03 and Azure Sphere (Integrated) are now generally available GA: Improved throughput performance on Azure Disks’ Standard SSD GA: Azure Logic Apps Designer for Consumption Public Preview: Safety evaluations for generative AI applications in Azure…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: General Availability: Azure Files geo-redundancy for standard large file shares Public preview: Database watcher for Azure SQL Generally available: Application Gateway (v2) IPv6 support General availability: Listener TLS certificates management in the Azure portal Generally available: Azure Health…
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here:
Cookie-Richtlinie
Leave a comment