[go: up one dir, main page]
Scribd
Upload
426 views21 pages

Creating and Configuring An Azure Virtual Network Slides

1. Azure virtual networks (VNets) provide traffic isolation and segmentation between virtual networks and subnets. 2. VNets can be connected through gateways like VNet-to-VNet VPN or peering. Name resolution within and between VNets can be configured through Azure DNS or custom DNS servers. 3. When designing a VNet, subnets should be created based on workloads and network security groups should be bound at the subnet level to control traffic flows.

Uploaded by

Pendyala Srinivas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
426 views21 pages

Creating and Configuring An Azure Virtual Network Slides

1. Azure virtual networks (VNets) provide traffic isolation and segmentation between virtual networks and subnets. 2. VNets can be connected through gateways like VNet-to-VNet VPN or peering. Name resolution within and between VNets can be configured through Azure DNS or custom DNS servers. 3. When designing a VNet, subnets should be created based on workloads and network security groups should be bound at the subnet level to control traffic flows.

Uploaded by

Pendyala Srinivas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

Managing Microsoft Azure

Virtual Networks
CREATING AND CONFIGURING AN AZURE
VIRTUAL NETWORK

Tim Warner
AUTHOR EVANGELIST, PLURALSIGHT

@TechTrainerTim timw.info
Understand the role of the Azure virtual
Overview network (VNet)
Design and deploy a VNet
Configure security groups
Deploy IP configurations to virtual
machines (VMs) in Azure
Exercise Files
Understand the Role of
the Virtual Network
The Azure Virtual Network
Provides traffic isolation and
segmentation

Communication with the


Internet

Communication within or
between VNets

Control traffic flows

timw.info/nts
Options for Connecting Virtual Networks –
Gateways

VNet-to-VNet VPN

timw.info/hyb
Options for Connecting Virtual Networks –
Peering

timw.info/vnp2
Name Resolution for Azure VNets

Azure-provided name resolution Azure DNS


No configuration required Host your public DNS domain in Azure
- Use Azure geo-distributed name
All VMs within a VNet can resolve each servers
others’ host names
Create private DNS zones
Issue: cross-VNet name resolution
- Linked to VNets
Issue: No custom DNS suffix - Registration VNet
You can add custom DNS server IP - Resolution VNet
addresses
You can host your own DNS server(s)
Design and Deploy a
Virtual Network
Create subnets based on workloads
Bind network security groups (NSGs) at the
subnet level
Azure VNet
Design Best Deploy a network network virtual appliance
(NVA) and user-defined routes (UDRs) to
Practices further customize traffic
Implement site-to-site or point-to-site VPN
tunnels with on-premises environment
Demo
Create a single VNet
Deploy a VNet with a quickstart template
Configure Network
Security Groups
Network Security Groups (NSGs)

Stateful firewall 5-tuple hash


for inbound and src+dst IP and Default rules
outbound traffic ports; protocol

Service tags and Bound to vNIC or


Augmented rules subnet
ASGs
Service Tags
Internet

VirtualNetwork

AzureLoadBalancer

AzureTrafficManager

Storage

SQL

AzureCosmosDB

AzureKeyVault
Application Security Groups (ASGs)

timw.info/asg
Demo
Make an NSG in the portal
Show ASG PowerShell
Deploy IP Configurations
to VMs in Azure
Azure Resource Manager (ARM) Architecture

timw.info/arm9
VM IP Addressing Best Practices

If a VM doesn't need a public IP address (PIP), then don't assign one


and use an Azure load balancer instead

Plan your VNet private address space to avoid overlap

Never configure networking from within the VM


Demo
Deploy a VM and bind to the correct
vNIC
- Show the inflexible portal experience
- Deploy in Visual Studio using a
template
Keep in mind the basic truth that the
VNet is a fundamental isolation and
segmentation boundary
Summary
Network Watcher helps with NSG
troubleshooting
Azure management solutions (like
Network Performance Monitor) help with
assessing VNet health
Next module: Implementing Traffic
Control in a Microsoft Azure Virtual
Network

You might also like