Azure networking overview

1. Azure networking overview

In this lesson, we'll explore Azure networking services.

2. What is networking?

Networking offers the possibility to connect computers and devices to share data and resources. It enables communication and collaboration. Networking includes both hardware, like routers and cables, and communication protocols for data exchange.

3. Azure network services overview

Network services are a fundamental component of Azure cloud, providing the ability to connect and secure cloud resources. Understanding networking components is vital for designing and managing cloud-based solutions. Let's closely examine key networking components and their functionality.

4. What is an IP address?

An IP address is like a unique identification number for a device on the Internet. It helps information find its way to the right device, similar to how a home address helps mail reach the correct house.

5. What is an IP address space?

IP addresses are organized within IP address spaces, like a neighborhood where devices are located. Just as houses on the same street have different house numbers, devices within the same IP address space share a common part of the address while having a unique portion that sets them apart.

6. Subnets

IP address spaces can be further divided into subnets. It's like grouping houses on one side of the street separately from those on the other side. Subnets can make it easier to organize and control the flow of data between different groups of devices.

7. Public vs. private

An IP address can be either public or private. Public IP addresses are accessible from the Internet, whereas private ones can only connect with devices within the same IP address space. Compare this to a public shopping mall, open to anyone, versus a business office restricted to employees.

8. Cloud resources connectivity

An Azure virtual network (or VNET) enables communication between cloud resources like virtual machines, web apps, and databases. It's called "virtual" because the connections between resources aren't physical; instead, they're connected through software. A VNET has a private IP space associated and can be divided in multiple subnets if needed. Azure resources are connected to subnets enabling access to other cloud resources.

9. Private endpoints

VNETs use private IP addresses, also known as private endpoints. Resources within a VNET can communicate with each other, but are not reachable from the Internet.

10. Public endpoints - public IP

For resources within a VNET to have Internet access, they must have a public endpoint. For resources like virtual machines, a possible solution is to assign public IP addresses.

11. Public endpoints - Azure-provided URL

Other types of Azure resources, such as web apps, don't require public IPs for Internet access. They come with a default Azure-provided URL to allow Internet connectivity.

12. VNETs summary

To summarize, a VNET has a private IP space. The space can be divided in multiple subnets if needed. Resources connect to subnets and can exchange information using private endpoints. If Internet access is needed, resources can use public endpoints.

13. Connecting virtual networks

We looked at options to enable Internet access for resources behind virtual networks. But how can we establish connections between resources in different VNETs without relying on the public Internet? Cross connectivity between virtual networks can be achieved by using network peering. Peering bypasses public Internet and uses Microsoft's network to ensure private traffic between networks.

14. On-premises connectivity

Azure also provides methods to connect resources between on-premises environment and the cloud, effectively forming a network that extends both domains. Connectivity is achieved using a Virtual Private Network (or VPN) service, namely Azure VPN Gateway. Azure VPN Gateway allows users to access Azure networks and resources from remote locations. Even though the communication is made over the Internet, data is encrypted and kept secured from unauthorized access.

15. Azure ExpressRoute

For companies that need better security and privacy, Azure provides a network connection service called Azure ExpressRoute. Azure ExpressRoute extends on-premises networks into Azure cloud through a dedicated private connection that bypasses the public Internet. This allows connecting offices and data centers to Azure, while the connection offers improved reliability, speed, and security compared to the regular Internet.

16. Azure DNS

DNS is like the Internet's phone book, translating website names into computer-friendly addresses. Azure offers its own DNS service for hosting and resolving DNS domains. It uses Azure cloud infrastructure for domain name resolution. Azure DNS enables great management of DNS records, offering scalability, security, and integration with other Azure resources.

17. Let's practice!

Let's review what we've learned with some exercises!

Create Your Free Account

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.