Connectivity and Network Services on Azure
source link: https://microsoftgeek.com/?p=3269
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
In this article, we will talk about the different network services offered by Azure to manage our resources and connect to them from a remote site (On-Promise) or via the Internet.
Azure VNet (Virtual Network)
VNet is the fundamental block of our virtual private network on Azure. It will allow us to securely communicate our Azure resources (VM..etc) with each other, reach them from the internet but also from our On-Premise sites.
In our example, the creation of the virtual network is done by the Azure administration console during creation, you must specify a custom private IP address space using public and private addresses. Your resources automatically retrieve a private IP on the network you chose when it was created. For example, if you deploy a VM in a VNet with an address space, 10.0.0.0/16, the VM will be assigned a private IP like 10.0.0.4.
We will see together the different steps for creating a VNet:
Creating a VNet from the Azure Console
A VNet has a number of limitations, such as the number of Private IP addresses available. Indeed, it is not possible to have “only” 65535 addresses, that is to say a /16 in CIDR notation, in a VNet. Azure offers the 10.0.0.0/16 network by default, which can go up to 65535 IPs with the 10.0.0.0/24 subnet. Pay attention to the subnet in Azure which consumes not 2 (Network address & broadcast address) but 5 IPs.
You have the option to change your virtual network and your subnets as well, be careful not to overlap the networks with each other.
VNet IP Setup
In the security part, you will have to choose if you want to have a Windows server called Bastion. This server will allow you to strengthen the security on your Azure infrastructure because it is the only one to have a public IP and from the latter you will be able to reach your resources in SSH / RDP. DDos protection against denial of service attacks and enabling the Azure firewall option for your network.
VNet security configuration
Conclusion
In this article, we explored the creation of a VNet and the options/limitations of this Azure service which is fundamental before creating a resource on Azure.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK