So as we know the Azure Networking Basics now, we can focus on the base element in Networking in Azure: Azure VNets
An Azure Virtual Network is the fundamental building block in an Azure environment. It is your private network portion of the azure network.
Each VNet is a separated and isolated from other VNets, as long as you do not create any connection between them. Azure VNets have three default boundaries:
This leads to different approaches in VNET-Design
The virtual network is used to create a connection:
A VNet can have multiple address spaces which even can have totally different masks.
Azure VNet cannot work without having a proper subnet set up. The subnets enable you to segment the virtual network and allocate a portion of the virtual network’s address space to each subnet. You can then deploy Azure resources in a specific subnet. Just like in a traditional network, subnets allow you to segment your VNet address space into segments that are appropriate for the organization’s internal network.
Be aware that a Subnet is a subset of your VNets address space. So you can never have a larger subnet than the VNet space allows.
another important thing to know, is that all Subnets inside a VNet are routed by default:
So the two Subnets in the graphic can communicate to each other. The network virtualization is doing routing and switching here automatically. This is important to understand in case Subnets are created to saparate workloads from each other.
In this case you have to modify the routing of the VNet or work with a central firewall.
If you create a resource it will be always attached to the subnet and never directly to a VNet. This is also the reason why it is recommended to not fill all the address space of a VNet with Subscriptions. Some resources will create their own Subnet during deployment. Therefore it is required to have some space left in the VNet.
Dieser Post ist auch verfügbar auf:
German
Leave a comment