Creating and configuring VNet peering_Learn Azure Administration-QQ阅读男生轻小说网

上QQ阅读APP看书，第一时间看更新

Creating and configuring VNet peering

You will often need to physically separate the different components of your system to achieve the required level of isolation for your particular components. The reason for this could be to isolate services in your company, to increase the ease of management, or to partition the system into smaller and unrelated segments. In cloud infrastructures, you do not have access to the physical layer of networking—instead, you can use software-based routers to help you segment your network. The resulting networks do not exist physically, hence the name virtual networks.

There are moments when you need to connect two isolated VNets. This gives you many crucial benefits—you can treat the traffic inside the networks as if it was a single ecosystem. This way, you can preserve the privacy inside the networks and achieve a low-latency and high-bandwidth connection thanks to your use of the Azure infrastructure as the backbone. Let's learn how to configure two VNets so that they are peered with each other (both locally and globally).

To get started, you will need two VNets created inside your subscription. The process of creating them is quite simple:

The first thing you need here is to search for a virtual network inside Azure Marketplace:

Figure 3.1 – Searching for VNets in Azure Marketplace

Once you click the Create button, you will see a form, where you will have to provide all the necessary details related to the new network. To create a VNet, you will have to provide the following information:

- The actual Name of the network
- Its Address space (the range of IP addresses from which you can select the ones for your services)
- The Subscription, Resource group, and Location
- The default Subnet (which can cover either the whole network or only a subset of it)

The following figure shows an example of a configuration:

Figure 3.2 – VNet configuration in the Azure portal

The parameters and settings in the preceding figure are described in the following list:

- IP addresses inside a VNet are private.
- You have to provide a valid IP range using the CIDR notation. You can refer to https://azure.microsoft.com/en-us/resources/videos/virtual-network-vnet-peering/ for additional information.
- Basic DDoS protection is free and integrated into the Azure platform. If you feel that you need extra safety here, you can go for the Standard tier; however, you will have to pay extra for that service.

Once you are satisfied with the configuration, you can click on the Create button to initiate the process of creating a VNet. Duplicate the preceding steps so that you have two separate networks created inside your subscription:

Figure 3.3 – Two VNets created in the same resource group

We have two VNets inside the same resource group; however, they do not know anything about each other. We are also unable to make a connection from one VNet to another. Let's try to peer them so that they become a single logical unit.

The process of peering networks is quite simple. There are two ways of doing this in Azure: you can use the Azure portal or a command line. We will look at two approaches so that you can decide which one suits your needs best.