Connecting Azure virtual networks allows for traffic to flow between different VNets including on-premises networks. In this video, learn the basic terminology and get an overview of the various networking scenarios.
- [Instructor] Our virtual networks in Azure do not have to be standalone entities. We can join our virtual networks within Azure, and we can do this in one of two ways. We can do it using VNet Peering, or you'll see global VNet Peering, when the peer spans regions, or we can connect our virtual networks using a VNet to VNet connection. Let's explore each of these, starting off with VNet Peering, and for my schematic here, you can see we have two virtual networks with two separate IP addressed ranges connected to each other. When we peer a network in Azure, the peered networks appear as one network, and the resources can communicate between those peered networks. The traffic between the networks is private and never exposed to the internet. A peered network provides low latency and high bandwidth between all of the resources. And we can peer across regions or subscriptions as long as the subscriptions are associated with the same Azure Active Director tenant. And one thing to be mindful of here, traffic between peered networks is not encrypted. If we're looking for encrypted traffic, then we'll have to move into a VNet to VNet connection. Because this traffic is secured using IPsec/IKE, all of the resources can communicate between the networks, and we produce a VNet to VNet connection for cross-region geo-redundancy and geo-presence, as well as if we require regional multi-tier applications with isolation or administrative boundaries. A VNet to VNet connection can be combined with multi-site configurations, and a gateway is required for your VNet to VNet connections. Just like with a peered network, the traffic between the networks is private, and never exposed to the internet, and the caveat for a VNet to VNet connection, is that if the VNets are in different subscriptions, you can only configure the connection using PowerShell. Your choice of connection type, a VNet to VNet or a peered network, will depend on your requirements, but both solutions will provide communications between those networks.
- Creating virtual networks via the portal and PowerShell
- IP addressing for virtual networks
- Configuring network routes
- Configure VNET peering
- Configure VNET-to-VNET connections
- Configuring Azure DNS
- Creating network security groups
- Crating effective security rules