As you move your workloads to Azure, it’s important to understand the different networking concepts available to you.
In this post, we’ll discuss Azure Networking Concepts like virtual networks (VNets), subnets, public IP addresses (PIPs), and NAT gateways. We’ll also cover how these concepts work together to create a secure and efficient network topology in Azure.
By understanding these concepts, you’ll be able to make the most of Azure’s powerful networking capabilities. Stay tuned for future posts that will go into more detail on specific aspects of Azure networking!
What is Azure networking?
Azure networking is a cloud computing service that provides a virtual network for resources in Azure. Azure networking allows you to create and manage private networks in Azure, as well as connect those networks to on-premises resources. Azure networking is based on the same technologies that are used in Windows Server and Microsoft Hyper-V Network Virtualization.
Azure Networking Concepts
Subscription: This is the highest level of Azure networking. All other concepts are contained within a subscription. A single Azure account can have multiple subscriptions.
Resource Group: A resource group is a container for Azure resources. All resources in Azure must be contained within a resource group. Resource groups can be used to control access to Azure resources, as well as to manage and deploy resources in Azure.
Resource: A resource is an Azure object that can be created, managed, and deleted. Examples of resources include virtual machines, storage accounts, and network interfaces.
Location: Locations are used to specify the region in which a resource is located. Azure has data centers all over the world, and each data center is associated with a specific location. When you create a resource, you must specify the location in which the resource should be created.
Virtual Machine: A virtual machine is a type of Azure resource that allows you to create a computer in Azure. Virtual machines can be used for a variety of purposes, such as running web servers, databases, and applications.
Virtual Network (VNet) is a logical isolation of the Azure cloud. All resources in Azure are logically connected to a VNet. A VNet can span multiple regions but must be entirely contained within a single Azure subscription.
Virtual Network Gateway(VNG) is a type of Azure resource that allows you to connect a VNet to an on-premises network. VNG can be used to connect VNets to each other or to connect a VNet to an on-premises network.
Subnet: This is a segmentation of a VNet. All resources in a VNet must be connected to a subnet. A subnet can span multiple availability zones but must be entirely contained within a single VNET.
Public IP Address (PIP) is a globally routable IP address that can be assigned to a resource in Azure. A PIP can be static or dynamic.
Network Security Group (NSG): This is a firewall that controls traffic to and from resources in Azure. NSGs can be applied at the VNet level or at the subnet level.
Application Gateway: This is a load balancer that provides layer 7 (HTTP/HTTPS) load balancing. Application gateways can be used to provide ingress and egress for web applications.
Azure Load Balancer: This is a load balancer that provides layer 4 (TCP/UDP) load balancing. Azure Load Balancers can be used to provide high availability for web applications.
Azure Traffic Manager: This is a DNS-based traffic routing service. Azure Traffic Manager can be used to route traffic to different Azure regions based on conditions such as user location or resource availability.
Azure VPN Gateway: This is a VPN appliance that provides site-to-site, point-to-site, and multi-site VPN connectivity. Azure VPN Gateways can be used to connect on-premises resources to Azure VNets or to connect Azure VNets to each other.
ExpressRoute Circuit: This is a private connection between an Azure data center and an on-premises data center. ExpressRoute Circuits can be used to create fast, reliable, and low-latency connections.
Azure DNS Zone: This is a DNS zone that can be used to host domains in Azure. Azure DNS Zones can be used to provide DNS resolution for resources in Azure.