Wednesday, October 30, 2019

Azure Networking - Part 1 (Virtual Network)

Network is crucial and critical part of Infrastructure that enables Connectivity and Security.

Azure Network consists of multiple components Virtual Network, Network Peering, Network Security Group, ExpressRoute, Load Balancer, VPN Gateway, Application Gateway, Azure DNS, CDN (Content Delivery Network), Azure DDoS Protection, Network Watcher, Azure Firewall, Virtual WAN, Azure Front Door Service.

Let us Look at Virtual Network and related components in this article.

Virtual Network is a network boundary which allows communication between devices/resources with in Virtual Network. Virtual Network can have one or more Address Spaces (While creating Virtual Network it will allow only one Address space you can add additional Addresses later). Address space associated with a Virtual Network can be segmented in to Multiple Subnets. As resources within Virtual Network can communicate with each other, resources across Subnets with in the same Virtual network can also communicate with each other.

Virtual Network will allow Segmentation and Isolation of Network. You can achieve Isolation by creating multiple Virtual Networks or by creating Subnets within Virtual Network with Network Security Groups (Firewall Rules) between them.

Communication between the resources of different Virtual Networks are restricted by default (as Vnets are meant for isolation), how ever communication between can be established using Vnet Peering or Virtual Network Gateway. Vnet Peering should be two-way in order to have communication.

While I am writing this article i.e., 20th Oct 2019 we can create up-to 1000 Vnets per Subscription, 3000 Subnets within one Vnet and  500 Vnet Peering per Vnet. Refer here Azure Subscription and Service Limits for the latest on these limits.

Below are the steps to create a Virtual Network in Azure.

1) Log in to Azure Portal, Select Virtual Network from All Services in the portal

2) Click on Add to add new Vnet.

3) Below are the details that need to be filled.

1)Name: Virtual Network name of identification.
2)Address Space: IP address in CIDR (Classless Inter-Domain Routing) format, which gives IP address range that Vnet uses and the total number of IPs available in this Vnet.
3)Resource Group: Grouping of resources  based on certain criteria (ex: Project, Geography, Cost Center, Environment type like Prod, Dev etc) is done using Resource Group. Assign this Vnet to a Resource Group.
4)Location:Specifies the location of this Vnet.
5)Subnet: Each Vnet can have upto 3000 Subnets, during the creation of Vnet a  Subnet will be created, which means each Vnet will have at-least on Subnet. Subnets share the entire address space of Vnet or a part of it. 
6)Address range: Address range that Subnet uses in CIDR format.
Resources that need Ip address will be part of Subnets and picks the available IP address from the specified address range.

Once above details are specified use create button to submit the details which initiates Vnet creation.

No comments:

Post a Comment