In this section, we are going to discuss below things about virtual networks.
- Virtual networking is the backbone which allows resources to talk to each other in different regions or in the same region.
- There are various techniques Microsoft is offering to allow us to do that.
- Let’s start by creating a virtual network. We can search in all services
- Let’s click on Add and it will present the below screen.
The first big decision, which we have to make is about Address Space. Since, this is private address space, hence we can use any range which we want.
- The internet authorities have reserved IPs starting with 10. for private use. Therea are some other ranges like 192.168 etc. But, I can use any random network address like 220.127.116.11, because its mapped under private virtual network. Hence, I can use it.
- Here, I am creating a new resource group as well sitting in India.
- Each Virtual Network has to have one subnet minimum. SubNet as the name implies is the part of virtual network. I have called the same as frontend.
- The reason why we want to use subnets because if we want to divide our tiers like frontend, backend, middleware or firewall maybe, then it can be mapped to that subnet. Hence, we should keep some buffer for subnet.
- If we are very sure, that we are not going to need any additional address space for subnets, then we can simply copy the same address space into subnet itself.
- This address naming scheme is called CIDR notation. And this is alternative to what we used to call like A block, B block or C block etc.
- DDOS protection means denial of service protection. Here, I have chosen basic. Basically, it will make people life hard to send traffic to this network in malicious manner.
- If you upgrade to standard subscription, then it does more adaptive tuning. It sends notifications for any kind DDOS attacks.
Service endpoints is pretty cool security feature. Once, I enable this it will come like this.
This means I can open this virtual network to connect with some of the built in azure services exclusively. I can say, it can connect to any of these services on this secure channel which means traffic won’t be traveling on open internet.
- Without it, then the traffic which goes from these addresses into the resources in this network will travel on open network.
Optionally, we have the choice of enabling the firewall with brand new subnet on standard SKUas shown below
- Enabling this will also cost you extra. And, this is the completed setting.
- Upon creation, I can come on my virtual network like shown below.
- As you can see, by default, there are no connected devices, off-course. But, we do have subnet associated.
- Here, I have 251 available addresses. I can also create subnet from here as well. I just need to click on “+ Subnet”. This will give me below screen.
- Here, I won’t make any change. Regarding network security groups and other options, will discuss that later. As you can see, I have got two subnets now.
Thanks for joining me. In the next section, I will delve further and explain more about networks. Till then stay tuned and happy coding.