Skip to main content

Azure Virtual Network

 An Azure Virtual Network (VNet) is a representation of your own network in the cloud. It is a logical isolation of the Azure cloud dedicated to your subscription. You can use VNets to provision and manage virtual private networks (VPNs) in Azure and, optionally, link the VNets with other VNets in Azure, or with your on-premises IT infrastructure to create hybrid or cross-premises solutions. Each VNet you create has its own CIDR block and can be linked to other VNets and on-premises networks if the CIDR blocks do not overlap. You also have control of DNS server settings for VNets, and segmentation of the VNet into subnets.

Virtual networks can be used in many ways.

  • Create a dedicated private cloud-only VNet. Sometimes you don't require a cross-premises configuration for your solution. When you create a VNet, your services and VMs within your VNet can communicate directly and securely with each other in the cloud. You can still configure endpoint connections for the VMs and services that require internet communication, as part of your solution.
  • Securely extend your data center With VNets. You can build traditional site-to-site (S2S) VPNs to securely scale your datacenter capacity. S2S VPNs use IPSEC to provide a secure connection between your corporate VPN gateway and Azure.
  • Enable hybrid cloud scenarios. VNets give you the flexibility to support a range of hybrid cloud scenarios. You can securely connect cloud-based applications to any type of on-premises system such as mainframes and Unix systems.


    • subnets:

    A virtual network can be segmented into one or more subnets. Subnets provide logical divisions within your network. Subnets can help improve security, increase performance, and make it easier to manage the network.

    Each subnet contains a range of IP addresses that fall within the virtual network address space. The range must be unique within the address space for the virtual network. The range can't overlap with other subnet address ranges within the virtual network. The address space must be specified by using Classless Inter-Domain Routing (CIDR) notation.

    https://www.aelius.com/njh/subnet_sheet.html


    Note

    There are restrictions on using IP addresses. Azure reserves five IP addresses within each subnet.

    • x.x.x.0: Network address
    • x.x.x.1: Reserved by Azure for the default gateway
    • x.x.x.2, x.x.x.3: Reserved by Azure to map the Azure DNS IPs to the VNet space
    • x.x.x.255: Network broadcast address

    Create virtual networks:

    You can create new virtual networks at any time. You can also add virtual networks when you create a virtual machine. Either way you will need to define the address space, and at least one subnet. By default, you can create up to 50 virtual networks per subscription per region. You can increase this limit to 500 by contacting Azure support.


    Note

    Default limits on Azure networking resources can change periodically so it's a good idea to consult the documentation for the latest information.

    Static vs dynamic addressing:

    IP addresses can also be statically assigned or dynamically assigned. Static IP addresses do not change and are best for certain situations such as:

    • DNS name resolution, where a change in the IP address would require updating host records.
    • IP address-based security models that require apps or services to have a static IP address.
    • TLS/SSL certificates linked to an IP address.
    • Firewall rules that allow or deny traffic using IP address ranges.
    • Role-based VMs such as Domain Controllers and DNS servers.

    Create public IP addressing:

    IP Version. Select IPv4 or IPv6 or Both. Selecting Both will result in two Public IP addresses being created- one IPv4 address and one IPv6 address.

    SKU. You cannot change the SKU after the public IP address is created. A standalone virtual machine, virtual machines within an availability set, or virtual machine scale sets can use Basic or Standard SKUs. Mixing SKUs between virtual machines within availability sets or scale sets or standalone VMs is not allowed.

    Name. The name must be unique within the resource group you select.

    IP address assignment. There are two types of IP address assignments.

    • Dynamic. Dynamic addresses are assigned only after a public IP address is associated to an Azure resource, and the resource is started for the first time. Dynamic addresses can change if they're assigned to a resource, such as a virtual machine, and the virtual machine is stopped (deallocated), and then restarted. The address remains the same if a virtual machine is rebooted or stopped (but not deallocated). Dynamic addresses are released when a public IP address resource is dissociated from a resource.
    • Static. Static addresses are assigned when a public IP address is created. Static addresses aren't released until a public IP address resource is deleted. If the address isn't associated to a resource, you can change the assignment method after the address is created. If the address is associated to a resource, you may not be able to change the assignment method. If you select IPv6 for the IP version, the assignment method must be Dynamic for Basic SKU. Standard SKU addresses are Static for both IPv4 and IPv6.



    Labels:

    Comments

    Post a Comment

    Popular posts from this blog

    Script To Monitor disk Usage

    Hello All, Many times we have a requirement to automate few of the tasks, and one of the important task is to delete old log files from log destination. We usually get the conditions where we have to delete the log from particular directory when it reaches to some thresh hold value. Now a day the requirement of automation is highly increased where we are seeing most of the day to day tasks are getting automated using different scripting languages. Its always a good idea to automate your daily tasks which will save your working hours and will increase your productivity. Most of the time log destination gets full and due to which we face other issues like application down or particular service stop working. And manual deleting of log is hectic process so below script will help you to delete your log data when it meets your condition, and also it will trigger mail to recipient after deletion of logs. You can schedule this script in your crontab according to your feasible ti...
    7 comments
    Read more

    Connect SparkThriftServer with Tableau/PowerBI

      Connect SparkThriftServer with Tableau/PowerBI REFERENCE : https://docs.microsoft.com/en-us/azure/hdinsight/hdinsight-apache-spark-use-bi-tools Use Power BI for Spark data visualization Note This section is applicable only for Spark 1.6 on HDInsight 3.4 and Spark 2.0 on HDInsight 3.5.   Once you have saved the data as a table, you can use Power BI to connect to the data and visualize it to create reports, dashboards, etc.   1.       Make sure you have access to Power BI. You can get a free preview subscription of Power BI from http://www.powerbi.com/ . 2.       Sign in to Power BI . 3.       From the bottom of the left pane, click Get Data . 4.       On the Get Data page, under Import or Connect to Data , for Databases , click Get . 5.       On the next screen, click Spark on Azure HDInsight and then click Connect . When prompted, enter th...
    Post a Comment
    Read more

    Azure Storage

    Azure Storage is Microsoft's cloud storage solution for modern data storage scenarios.    Why Azure Storage: Durable and Highly Available: ·        Data is safe during hardware failure. ·        Replicate data across data centres. ·        In local catastrophe or natural disaster data replicated to other data centres remains highly available. Secure: ·        Data encrypted by Azure service Storage Service encryption (SSE) for data at rest. ·        Completed control over who access your data. Scalable: ·        Designed to massive scale. Managed: ·        Azure handles maintenance, updates and critical issues. Accessible: ·        Accessible from anywhere in the world. ·        You can access using http, https,...
    Post a Comment
    Read more

    Azure Active Directory

      What is Azure Active Directory? Azure Active Directory is Microsoft’s multi-tenant, cloud-based directory and identity management service. For an organization, Azure AD helps employees sign up to multiple services and access them anywhere over the cloud with a single set of login credentials. Azure Active Directory Concept: It is important to understand these Azure AD concepts. Identity . An object that can get authenticated. An identity can be a user with a username and password. Account . An identity that has data associated with it. You can't have an account without an identity. Azure subscription . Used to pay for Azure cloud services. You can have many subscriptions and they're linked to a credit card. Azure tenant/directory . A dedicated and trusted instance of Azure AD, a Tenant is automatically created when your organization signs up for a Microsoft cloud service subscription. More instances of Azure AD can be created. Azure AD is the underlying product ...
    1 comment
    Read more

    Kubernetes-Update

                                                        https://kubernetes.io/ Kubernetes (K8s)  is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes builds upon  15 years of experience of running production workloads at Google , combined with best-of-breed ideas and practices from the community. Latest Verion:-  1.19 Kubernetes Objects Kubernetes defines a set of building blocks ("primitives"), which collectively provide mechanisms that deploy, maintain, and scale applications based on CPU, memory or custom metrics. Kubernetes is loosely coupled and extensible to meet different workloads. This extensibility is provided in large part by the Kubernetes API, which is used by int...
    Post a Comment
    Read more