So as we know the Azure Networking Basics now, we can focus on the base element in Networking in Azure: Azure VNets
Azure Virtual Networks a.k.a. VNets
An Azure Virtual Network is the fundamental building block in an Azure environment. It is your private network portion of the azure network.
Each VNet is a separated and isolated from other VNets, as long as you do not create any connection between them. Azure VNets have three default boundaries:
Region – a VNet can only span one region. If you need a VNet in another region you have to create a separate resource.
Subscription – a VNet can only exist in one subscription. If you are running multiple subscriptions you will require multiple VNets
Address Space – a VNet is limited by it’s address space by default. But you can adjust the address space or add other IP ranges anytime
This leads to different approaches in VNET-Design
The virtual network is used to create a connection:
between Azure Resources – via an Azure VNet resources can communicate on a private network with each other
to the internet – by default all resources in a VNet can communicate outbound to the internet
to on-premises – there are options to connect a VNet to an on-premises network, but this will be covered later
A VNet can have multiple address spaces which even can have totally different masks.
Subnets in VNets
Azure VNet cannot work without having a proper subnet set up. The subnets enable you to segment the virtual network and allocate a portion of the virtual network’s address space to each subnet. You can then deploy Azure resources in a specific subnet. Just like in a traditional network, subnets allow you to segment your VNet address space into segments that are appropriate for the organization’s internal network.
Be aware that a Subnet is a subset of your VNets address space. So you can never have a larger subnet than the VNet space allows.
another important thing to know, is that all Subnets inside a VNet are routed by default:
So the two Subnets in the graphic can communicate to each other. The network virtualization is doing routing and switching here automatically. This is important to understand in case Subnets are created to saparate workloads from each other.
In this case you have to modify the routing of the VNet or work with a central firewall.
VM NICs attached to Subnets
If you create a resource it will be always attached to the subnet and never directly to a VNet. This is also the reason why it is recommended to not fill all the address space of a VNet with Subscriptions. Some resources will create their own Subnet during deployment. Therefore it is required to have some space left in the VNet.
I love social media and all the channels I follow. So also this topic came into my view out of a LinkedIn post of David das Neves. I had a look into it … and thought I should share it here. Microsoft Learning on GitHub Did you know that there is a number of repositories…
What do you do on May 28th?! Where will you be on May 28th? You don’t know?! Let me tell you: You will be in the Netherlands, in Veenendaal and visit Azure Fest NL 2020 You don’t know what Azure Fest is … in the words of the organizers: Azure Fest NL is a free, single…
If you are an Azure Veteran … what was the first thing you have created in Azure? If you are new to Azure, what are you looking for to create? In many cases the answer is: Virtual Machines An even if you are one of the fancy-new-world-everything-paas-and-serverless gurus … we must be honest and say:…
If you have never heard about Microsoft OpenHack … you should keep on reading. Because this is a unique opportunity for raising the bar of your own skill. So let’s have a closer look on OpenHack What is OpenHack? To say it without my own words: Microsoft OpenHack is a developer focused event where a…
Let’s have a quick look at the Migration of Linux based systems to Microsoft Azure. For sure, as we know there are a lot of supported Linux Operating Systems in Microsoft Azure. But if you are running something on-premises, how could a Linux Migration look like. I do not want to cover any third party…
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here:
Cookie Policy
Leave a comment