VNET
A virtual network is nothing but, like On-premises network which we use switches and routers to communicate with servers and clients as same as Azure VNet is also used for communicating with azure resources. (Virtual Machine, Databases, etc.)
- Per Subscription is limited to a 100 VNets and can’t extend more than 100.
- VNet is isolated, all resources within VNet can communicate with each other or not based on our configuration in user-defined routes and Network Security Groups.
How the resources communicate within the VNet
Subnet
Under the VNet, we must understand what Subnet is and how it works.
Subnetting is the process of dividing a network into small networks,
- We can divide the VNet IP Range into multiple Parts of unique Subnet IP ranges.
- Resources within the subnet will communicate with each other and also communicate across the subnets in the same VNet with the help of Network Security Groups, so communication between the Subnets is up to our choice.
For Example,
There are two classrooms in a school. Consider a classroom as a subnet.
Class A leader wants to get a duster from Class B, but the class was enclosed, he can go by open door.
Here the Door is a Network security group, it will act as a firewall for subnets as well as resources in the subnet.
- Resources in different VNets can’t communicate with each other.
What should we do to communicate between two different VNet’s inside azure?
VNet Peering
For Example, let me explain based on a scenario,
There are two schools, School A (VNet A) and School B (VNet B).
School A students want to participate in a sports event which conducted by School B, the school A must get permission and register in government CEO Office to join in this event. After getting the permission they can join the event.
As same in our azure, we want to communicate two different VNet’s A and B in azure, we must configure VNet Peering.
With the help of VNet Peering, our azure resources can communicate with the private IP address.
- VNet Peering is one best option when compared to VPN Gateway.
- VNet Peering is a seamless connection between two different VNet’s it works on the Azure Backbone network which means no need for public internet. In the case of VPN Gateway, we need the internet.
- If we want to communicate between two different VNet’s in Different Region or Different Subscription we also have an option Azure that’s called Azure Global VNet Peering, this also runs on azure backbone network no need public network and also a gateway.
- Now Global VNet is generally available.
How to communicate Azure resources with On-Premises
VPN Gateway
- We can communicate with Azure to On-Premises by the help of VPN Gateway.
- VPN Gateway is like normal VPN, it is used to communicate with Azure resources.
Express Route
- We can use the express route to communicate between Azure and On-Premises.
- It was huge cost when compare with VPN Gateway.
- Because, it was dedicated route between Azure and on-premises, for the express route configuration we support from our On-Premises Internet Service Provider.
- My suggestion if we have large number of resources then we can go for Express Route otherwise VPN Gateway.
Thanks for reading this article, I hope you understood the above topics.
If you like this please like, comment and share.