July update of Microsoft Azure and VNET peering
Great news for those who are already using Microsoft Azure and those who are just planning to do it. In July, there was a big update on the Azure platform . I am sure that everyone will find something especially important in the extensive list of innovations. For me, this is without a doubt VNET Peering.
Finally, it became possible to link VNET directly to each other. This opens up new opportunities for building a virtual infrastructure based on the Microsoft cloud. Details under the cut.
What is the actual problem and why is this update so important? VNET is a virtual network in the Azure cloud, a set of subnets with some common characteristics and the possibility of internal routing without additional devices. In order to get traffic routing between VNET and other networks (your other VNET, your on-premises network, VNET in other Azure subscriptions), you need to add a Virtual Gateway that will allow you to configure VPN connections. That is what Microsoft offered us to do before .
')
Everything became especially unpleasant if you used ExpressRoute . The fact is that you could create only one Virtual Gateway in VNET, and the type of gateway for VPN and ExpressRoute was different. As a result, you had to create an ExpressRoute Virtual Gateway in each of your VNETs and link them all to an ExpressRoute connection. And what if you want to achieve routing in VNET in another subscription? And if you want to isolate some VNET from ExpressRoute, but keep its connectivity with other VNET? I had to look for non-trivial solutions.
Now everything is changing. One of the innovations in the announcement above is the release of VNET Peering in a public preview . It is very nice that, according to Microsoft, we are able to connect VNET not only within the subscription and between subscriptions, but also Azure Service Manager VNET and Azure Resource Manager VNET. As a bonus, VNET Peering traffic goes within the Azure infrastructure, without passing through an additional virtual device, which increases the reliability of such a connection and increases its speed.
Unfortunately, I have not yet managed to find technical details on the use of this functionality. As soon as I find them, they will definitely appear on Habrahabr.
Finally, it became possible to link VNET directly to each other. This opens up new opportunities for building a virtual infrastructure based on the Microsoft cloud. Details under the cut.
What is the actual problem and why is this update so important? VNET is a virtual network in the Azure cloud, a set of subnets with some common characteristics and the possibility of internal routing without additional devices. In order to get traffic routing between VNET and other networks (your other VNET, your on-premises network, VNET in other Azure subscriptions), you need to add a Virtual Gateway that will allow you to configure VPN connections. That is what Microsoft offered us to do before .
')
Everything became especially unpleasant if you used ExpressRoute . The fact is that you could create only one Virtual Gateway in VNET, and the type of gateway for VPN and ExpressRoute was different. As a result, you had to create an ExpressRoute Virtual Gateway in each of your VNETs and link them all to an ExpressRoute connection. And what if you want to achieve routing in VNET in another subscription? And if you want to isolate some VNET from ExpressRoute, but keep its connectivity with other VNET? I had to look for non-trivial solutions.
Now everything is changing. One of the innovations in the announcement above is the release of VNET Peering in a public preview . It is very nice that, according to Microsoft, we are able to connect VNET not only within the subscription and between subscriptions, but also Azure Service Manager VNET and Azure Resource Manager VNET. As a bonus, VNET Peering traffic goes within the Azure infrastructure, without passing through an additional virtual device, which increases the reliability of such a connection and increases its speed.
Unfortunately, I have not yet managed to find technical details on the use of this functionality. As soon as I find them, they will definitely appear on Habrahabr.
Source: https://habr.com/ru/post/306794/
All Articles