Inter-VNET, VNET-to-VNET VPN and VNET Peering Speed Comparison in Microsoft Azure
In August, we already discussed the public preview of the new Microsoft Azure functional - VNET Peering. Since then, VNET Peering has been released in GA and it's time to look at it more closely. Indeed, it would be curious to find out how different the data transfer speed in Azure virtual networks, with different ways of organizing them.
For example, is the speed different within the same subnet and between different subnets in the same VNET? Does switching to another VNET through Peer slow down? And through VNET-to-VNET VPN?
')
I conducted a small experiment on this topic to check the usefulness and effectiveness of VNET Peering and invite under the cat to get acquainted with its results.
To begin with, we will be defined what exactly we will compare. I compiled the following test environment:
This allowed me to compare several types of connections that can exist between servers in Azure:
For the latter scenario, it was also interesting for me to look at the difference between the different SKUs available for the Virtual Network Gateway , so I consistently re-created this connection with the Basic SKU, Standard SKU and High-Performance SKU. Microsoft claims 100 Mbps bandwidth for the first two and 200 Mbps for High-Performance SKU.
I chose a rather trivial and simple test, or rather two tests (in no way do I claim to be 100% objective) - copying files with a total volume of 5GB. In the first test, this is 5 files of 1GB each, in the second - 500 files of 10 MB each. File contents - ZIP archive with standard random data compression. Each operation was carried out 10 times with time measurement and clearing the server’s RAM between attempts.
DS2_V2 with 2 CPU, 7GB RAM and Premium Storage disks were chosen as test servers so that the read / write speed on the disk had a minimal effect on the speed of copying files.
Below is the result of measuring copying speed in Mbps. For each of the 6 options for networking, the best, medium, and worst results for several large and many small files are given.
I will give my thoughts, but you can draw your own conclusions based on this data.
It is clear that the test, in any way, does not pretend to complete research. This is evidenced by at least the difference between the best and the worst results of measurements reaching 25%, which means that a test of just 10 repetitions will not give a good approximation for the average value. On the other hand, these results still allow us to evaluate the overall picture:
- VNET Peering - great functionality that allows you to create reliable high-speed communication between virtual networks in Azure.
- The difference between Basic / Standard and High Performance SKU for Virtual Gateway turned out to be significantly less than I expected. Particularly pleased that this is achieved due to the fact that the Basic / Standard variants show the bandwidth that is higher than stated, and not vice versa.
How much are these options? It is clear that for servers in the same subnet and in different subnets of the same VNET you do not pay anything. But for the remaining options, you have to pay.
The cost of VNET Peering after its release to GA is € 0.0084 per GB of incoming and outgoing traffic. As far as I understand, you will pay twice for each GB (once, if the receiving or outgoing party is not in your subscription, then the owner will pay half of it).
The cost of Virtual Gateway varies by region. I will give here the cost for Northern Europe, since it was there that I deployed my laboratory.
In addition, you will pay from € 0.0295 to € 0.1349 for each GB of incoming traffic, depending on the region from which the traffic originates (only traffic between two VNETs in different Azure regions is counted).
In general, the choice of the best option depends on your requirements and goals. Personally, I would prefer VNET Peering to link two VNETs if:
VNET-to-VNET VPN is preferable if:
For monthly traffic volumes between 2 and 30 TB, price and bandwidth requirements will be important. It will be very important to calculate the minimum allowable SKU of the Vitrual Gateway in order to understand which solution will be optimal for the price.
I really liked the VNET Peering functionality and the additional features it provides when designing solutions based on Microsoft Azure. For test laboratories with little traffic, this is generally the perfect solution. For the main working environment, VNET Peering with its speed and ability to conveniently and transparently configure the rules for traffic transit and mutual use of Gateway in Peered networks is also a very, very interesting option.
For example, is the speed different within the same subnet and between different subnets in the same VNET? Does switching to another VNET through Peer slow down? And through VNET-to-VNET VPN?
')
I conducted a small experiment on this topic to check the usefulness and effectiveness of VNET Peering and invite under the cat to get acquainted with its results.
To begin with, we will be defined what exactly we will compare. I compiled the following test environment:
This allowed me to compare several types of connections that can exist between servers in Azure:
- Servers on the same subnet
- Servers in different subnets of the same VNET
- Servers in different Peered VNET
- Servers in different VNET connected VPNs via Virtual network Gateway
For the latter scenario, it was also interesting for me to look at the difference between the different SKUs available for the Virtual Network Gateway , so I consistently re-created this connection with the Basic SKU, Standard SKU and High-Performance SKU. Microsoft claims 100 Mbps bandwidth for the first two and 200 Mbps for High-Performance SKU.
I chose a rather trivial and simple test, or rather two tests (in no way do I claim to be 100% objective) - copying files with a total volume of 5GB. In the first test, this is 5 files of 1GB each, in the second - 500 files of 10 MB each. File contents - ZIP archive with standard random data compression. Each operation was carried out 10 times with time measurement and clearing the server’s RAM between attempts.
DS2_V2 with 2 CPU, 7GB RAM and Premium Storage disks were chosen as test servers so that the read / write speed on the disk had a minimal effect on the speed of copying files.
Below is the result of measuring copying speed in Mbps. For each of the 6 options for networking, the best, medium, and worst results for several large and many small files are given.
I will give my thoughts, but you can draw your own conclusions based on this data.
It is clear that the test, in any way, does not pretend to complete research. This is evidenced by at least the difference between the best and the worst results of measurements reaching 25%, which means that a test of just 10 repetitions will not give a good approximation for the average value. On the other hand, these results still allow us to evaluate the overall picture:
- VNET Peering - great functionality that allows you to create reliable high-speed communication between virtual networks in Azure.
- The difference between Basic / Standard and High Performance SKU for Virtual Gateway turned out to be significantly less than I expected. Particularly pleased that this is achieved due to the fact that the Basic / Standard variants show the bandwidth that is higher than stated, and not vice versa.
How much are these options? It is clear that for servers in the same subnet and in different subnets of the same VNET you do not pay anything. But for the remaining options, you have to pay.
The cost of VNET Peering after its release to GA is € 0.0084 per GB of incoming and outgoing traffic. As far as I understand, you will pay twice for each GB (once, if the receiving or outgoing party is not in your subscription, then the owner will pay half of it).
The cost of Virtual Gateway varies by region. I will give here the cost for Northern Europe, since it was there that I deployed my laboratory.
- Basic SKU - € 0.0304 per hour
- Standard SKU - € 0.1602 per hour
- High Performance SKU - € 0.4132 per hour
In addition, you will pay from € 0.0295 to € 0.1349 for each GB of incoming traffic, depending on the region from which the traffic originates (only traffic between two VNETs in different Azure regions is counted).
In general, the choice of the best option depends on your requirements and goals. Personally, I would prefer VNET Peering to link two VNETs if:
- I plan monthly traffic volumes below 2TB per month (the choice is obvious here, because VNET Peering will be both faster and cheaper)
- I need the maximum bandwidth
VNET-to-VNET VPN is preferable if:
- I plan to link VNET in different Azure regions (I don’t have a choice here, since VNET Peering only works within one region )
- I plan monthly traffic volumes above 30TB per month
For monthly traffic volumes between 2 and 30 TB, price and bandwidth requirements will be important. It will be very important to calculate the minimum allowable SKU of the Vitrual Gateway in order to understand which solution will be optimal for the price.
I really liked the VNET Peering functionality and the additional features it provides when designing solutions based on Microsoft Azure. For test laboratories with little traffic, this is generally the perfect solution. For the main working environment, VNET Peering with its speed and ability to conveniently and transparently configure the rules for traffic transit and mutual use of Gateway in Peered networks is also a very, very interesting option.
Source: https://habr.com/ru/post/315354/
All Articles