So as we know the Azure Networking Basics now, we can focus on the base element in Networking in Azure: Azure VNets
Azure Virtual Networks a.k.a. VNets
An Azure Virtual Network is the fundamental building block in an Azure environment. It is your private network portion of the azure network.
Each VNet is a separated and isolated from other VNets, as long as you do not create any connection between them. Azure VNets have three default boundaries:
Region – a VNet can only span one region. If you need a VNet in another region you have to create a separate resource.
Subscription – a VNet can only exist in one subscription. If you are running multiple subscriptions you will require multiple VNets
Address Space – a VNet is limited by it’s address space by default. But you can adjust the address space or add other IP ranges anytime
This leads to different approaches in VNET-Design
The virtual network is used to create a connection:
between Azure Resources – via an Azure VNet resources can communicate on a private network with each other
to the internet – by default all resources in a VNet can communicate outbound to the internet
to on-premises – there are options to connect a VNet to an on-premises network, but this will be covered later
A VNet can have multiple address spaces which even can have totally different masks.
Subnets in VNets
Azure VNet cannot work without having a proper subnet set up. The subnets enable you to segment the virtual network and allocate a portion of the virtual network’s address space to each subnet. You can then deploy Azure resources in a specific subnet. Just like in a traditional network, subnets allow you to segment your VNet address space into segments that are appropriate for the organization’s internal network.
Be aware that a Subnet is a subset of your VNets address space. So you can never have a larger subnet than the VNet space allows.
another important thing to know, is that all Subnets inside a VNet are routed by default:
So the two Subnets in the graphic can communicate to each other. The network virtualization is doing routing and switching here automatically. This is important to understand in case Subnets are created to saparate workloads from each other.
In this case you have to modify the routing of the VNet or work with a central firewall.
VM NICs attached to Subnets
If you create a resource it will be always attached to the subnet and never directly to a VNet. This is also the reason why it is recommended to not fill all the address space of a VNet with Subscriptions. Some resources will create their own Subnet during deployment. Therefore it is required to have some space left in the VNet.
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Public preview: SAP S/4HANA events are now available on Azure Event Grid Forrester Total Economic Impact study: Azure Arc delivers 206 percent ROI over 3 years General availability: Azure Sphere OS version 22.10 Generally available: Azure Communication Services…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Generally available: SFTP support for Azure Blob Storage Leverage SFTP support for Azure Blob Storage to build a unified data lake Azure Virtual WAN simplifies networking needs General availability: Azure Premium SSD v2 Disk Storage General availability: OpenTelemetry…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Generally available: Kusto Trender Public preview: Enhanced soft delete for Azure Backup Public preview: Multi-user authorization for Backup vaults Public preview: Immutable vaults for Azure Backup General availability: Azure NetApp Files application volume group for SAP HANA Generally…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Scalable management of virtualized RAN with Kubernetes Cost optimization using Azure Migrate Public preview: Azure Firewall Basic Generally available: Query Store hints Azure SQL Database, Azure SQL Managed Instance Azure Firewall Basic now in preview Microsoft and INT…
Also this week there were many news around Microsoft Azure! Here as always the overview for you: Public preview: Policy analytics for Azure Firewall General availability: ExpressRoute FastPath support for Vnet peering and UDRs Strengthen your security with Policy Analytics for Azure Firewall Ensure zone resilient outbound connectivity with NAT gateway Azure SQL—General availability updates…
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here:
Cookie Policy
Leave a comment