Book Image

Hands-On Networking with Azure

By : Mohamed Waly
Book Image

Hands-On Networking with Azure

By: Mohamed Waly

Overview of this book

Microsoft Azure networking is one of the most valuable and important offerings in Azure. No matter what solution you are building for the cloud, you'll fi nd a compelling use for it. This book will get you up to speed quickly on Microsoft Azure Networking by teaching you how to use different networking services. By reading this book, you will develop a strong networking foundation for Azure virtual machines and for expanding your on-premise environment to Azure. Hands-On Networking with Azure starts with an introduction to Microsoft Azure networking and creating Azure Virtual Networks with subnets of different types within them. The book helps you understand the architecture of Azure networks. You will then learn the best practices for designing both Windows- and Linux-based Azure VM networks. You will also learn to expand your networks into Azure and how to use Azure DNS. Moreover, you will master best practices for dealing with Azure Load Balancer and the solutions they offer in different scenarios. Finally, we will demonstrate how the Azure Application Gateway works, offering various layer-7 load balancing capabilities for applications. By the end of this book, you will be able to architect your networking solutions for Azure.

Related Content you might be interested in

Current Title:

Small book image
Hands-On Networking with Azure
Mohamed Waly
Mar, 2018 | 276 pages
Small book image
Learning Microsoft Azure Storage
Mohamed Waly
Nov, 2017 | 276 pages
Small book image
Azure Networking Cookbook
Mustafa Toroman
Mar, 2019 | 234 pages
Small book image
Learn Microsoft Azure
Mohamed Waly
Dec, 2018 | 354 pages
Table of Contents (15 chapters)
Title Page
Title Page
Dedication
Dedication
Packt Upsell
Packt Upsell
Contributors
Contributors
Preface
Preface
Free Chapter
1
Azure Virtual Networks 101
Azure Virtual Networks 101
Introduction
Technical requirements
Introduction to Microsoft Azure Networks
Azure terminologies
ASM versus ARM model
Azure VNet
Automating your tasks
Summary
Questions
Further reading
2
Delving into Azure Virtual Networks
Delving into Azure Virtual Networks
Introduction
Understanding Azure VNet architecture
Azure VNet service endpoints
Azure services integration with virtual networks
Virtual network peering
Securing Azure VNet
Automating the tasks
Summary
Questions
Further reading
3
Azure Network for VMs
Azure Network for VMs
Introduction
Azure VMs
Creating and configuring Azure VMs
Automating tasks
Summary
Questions
Further information
4
Network Connectivity Scenarios in Azure
Network Connectivity Scenarios in Azure
Introduction 
Network connectivity scenarios in Azure
VNet2VNet connection
Point-to-Site connection
Site-to-Site connection
ExpressRoute
User-defined routes
Summary
Questions
Further information
5
Azure DNS
Azure DNS
Introduction
Azure DNS
Azure DNS zones and records
Azure DNS delegation
Azure reverse DNS zone
Private Azure DNS zones
Automating the tasks
Summary
Questions
Further information
6
Azure Load Balancers
Azure Load Balancers
Introduction
Learning outcomes
Introduction to Azure Load Balancer
Azure Load Balancer flavors
Hands-on with Azure Load Balancers
Summary
Questions
Further information
7
Azure Traffic Manager
Azure Traffic Manager
Introduction
Learning outcomes
Introduction to Azure Traffic Manager
Azure Traffic Manager endpoints
Azure Traffic Manager routing methods
Creating Traffic Manager profile
Configuring Traffic Manager service endpoints
Azure Traffic Manager key points
Automating the tasks
Summary
Questions
Further information
8
Azure Application Gateway
Azure Application Gateway
Introduction
An introduction to Azure Application Gateway
Creating an Azure Application Gateway
Configuring Azure Application Gateway settings
Summary
Questions
Further reading
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Azure VNet

As you have a network in your on-premises (private data center) to facilitate the communication between your machines/devices and even to secure and isolate machines/devices from each other, you will need to do the same tasks in the cloud. That is why Microsoft offers Azure VNet.

Azure VNet is one of the most commonly used Microsoft Azure Networking services. Azure VNet is sort of like a LAN within which you can have address spaces that can be divided into multiple subnets. Considering that, only private IPs ranges can be used for the address spaces and their subnets.

Note

The subnets within each address space are automatically routed. The address range of a subnet that is in use cannot be edited.

Azure VNet benefits

Azure VNet has many benefits and capabilities. The following benefits are some of them:

  • Isolation: Each virtual network is isolated from other virtual networks. Therefore, you can have your dev/test environment in a virtual network separated from the production environment that exits in other virtual networks.
  • Communicating with other VNets: By default, virtual networks are isolated from each other. However, you can reach out resources in another virtual network, because virtual networks can be connected to each other.
  • Broad network access: By default, all Azure services have access to the internet, which means you can access Azure services from wherever you want, using whatever you want, as long you have an internet connection.
  • Hybrid connectivity: Azure VNet can be spanned to your data center. As a result, you will be able to connect to both your Azure resources and on-premises resources privately without the need to connect via the internet.
  • Security: You can secure your virtual networks by setting rules that determine which inbound and outbound traffic can be flowed to and outside the virtual network.

Creating Azure VNet

Creating an Azure VNet is a pretty straightforward process. To do this task, follow these steps:

  1. Open the ARM portal and log in using the account associated with your Azure subscription.
  1. Once logged in, navigate to More services, and search for virtual network, as shown in the following screenshot:

Figure 1.4: Searching for virtual networks blade

  1. You will be navigated to a new blade, wherein you can display the virtual networks you have created, and you can also create new virtual networks, as shown in the following screenshot:

Figure 1.5: Virtual networks blade

  1. Click on Add, and a new blade will be opened for which you have to fill the following fields:
    • Name: The name of the virtual network.
    • Address space: The virtual network's address range in CIDR notion.
    • Subscription: If you have multiple subscriptions associated to the account you have logged in with, you have to specify which subscription will be charged for this service.
    • Resource group: Specify whether you want to create a new resource group for the resource you are creating, or use an existing one.
    • Location: The region on which this virtual network will operate.
    • Subnet-name: The name of the first subnet in the virtual network you are creating.
    • Subnet | Address range: The subnet's address range in CIDR notion. It must be contained by the address space of the virtual network.
    • Service endpoints (Preview): It can be used in securing your traffic between some Azure services in Microsoft's backbone network. More information about it will be covered in Chapter 2Delving into Azure Virtual Networks:

Figure 1.6: Creating a virtual network

  1. Click on Create, and within a moment the virtual network will be created.

Adding address spaces to the virtual network

You can add other address spaces to the virtual network, and later those address spaces can be divided into subnets. To add another address space, follow these steps:

  1. Navigate to the Virtual networks blade, and you will find that the virtual network you have created is already there, as shown in the following screenshot:

Figure 1.7: Displaying the created virtual networks

  1. Click on the virtual network, and a new blade will pop up, as shown in the following screenshot:

Figure 1.8: PP-Virtual Network overview

  1. Then, you will navigate to Address space, wherein you will find all the address spaces of this virtual network, as shown in the following screenshot:

Figure 1.9: Address spaces of the virtual network

  1. To add a new address space, you only need to hover over Add additional address range, and add the address space you would need, then click on Save, as shown in the following screenshot:

Figure 1.10: Adding new address space

  1. Once you save the changes, the address space will be a part of the virtual network.

Adding subnets to the virtual network

There are two types of subnets in Azure VNet:

  • Subnet: The normal form of subnets, which is the result of dividing the virtual network
  • Gateway subnet: The subnet that acts as a gateway for communication with other networks

By default, you must specify at least one subnet while creating the virtual network, as discussed earlier. However, later you might need to have other subnets, and to do so, you have to follow these steps:

  1. Navigate to the virtual network that you have created earlier and then go to SETTINGS | Subnets, as shown in the following screenshot:

Figure 1.11: Virtual Network Subnets

  1. Click on Subnets, and a new blade will be opened, where you need to specify the following:
    • Name: The name of the subnet.
    • Address range (CIDR block): The subnet's address range in CIDR notation (considering that it must be contained by the address space of the virtual network).
    • Network security group: This works like a firewall to filter what traffic that be allowed to flow in/out of the network. More information about this topic will be covered in Chapter 2, Delving into Azure Virtual Networks.
    • Route table: You can expand the communication between multiple VNets by setting a route table. More information about this topic will be covered in Chapter 4, Network Connectivity Scenarios in Azure.
    • Service endpoints (Preview): As mentioned earlier, this can be used to let some Azure services communicate in Microsoft's backbone network. More information about it will be covered in Chapter 2, Delving into Azure Virtual Networks.

Figure 1.12: Adding subnets

  1. Once you click on OK, the subnet will be added within a moment.

Note

When specifying the subnet's address range, you must have noted that there are five reserved IPs. The first and the last IPs are reserved for protocol conformance known as network and broadcast in addition to three more IPs used for Azure services.

Creating the gateway subnet is no different than the normal subnet creation, except you cannot set the name of the gateway subnet, as shown in the following screenshot:

Figure 1.13: Adding gateway subnet

Note

Every virtual network can only have one gateway subnet.

Azure VNet key points

While building your virtual network, you might need to consider the following points:

  • You cannot add the following address spaces to your virtual network:
    • 224.0.0.0/4 (multicast)
    • 255.255.255.255/32 (broadcast)
    • 127.0.0.0/8 (loopback)
    • 169.254.0.0/16 (link-local)
    • 168.63.129.16/32 (internal DNS)
  • You cannot connect virtual networks that have overlapped address spaces
  • As a default limit, you can create 50 virtual networks per region per subscription, but it can be increased up to 1,000 virtual networks if you contact support
  • As a default limit, you can create 1,000 subnets per virtual network, but it can be increased up to 10,000 subnets, if you contact support
  • As a default limit, you can have 4,096 private IPs per virtual network, but it can be increased up to 8,192 if you contact support
Previous Section
End of Section 7
Next Section