Professional Documents
Culture Documents
Azure Network Basics
Azure Network Basics
Azure Network Component used for VNet Communication : Terminology with respect to AWS
1. Virtual Network --> Address Space (VNet CIDR) ,Address Range (Subnet)
2. Virtual Network Gateway --> Just like VPC Peering for VPC to VPC Communication. For Two VNet
to communicate must have a Virtual Network Gateway at the Both end of the VNet and IP will be
assigned to it. Gateway will have IP range (10.20.2.0/24) Subnet level CIDR
3. Subnets -->Same for both
4. Resource Group --> Group
5. Network and Security Group (Firewall) --> Security Group and NACL
6. Connections : To connect both the Virtual Network Gateway
7. Location --> Region
8. Virtual Machine --> EC2 instances
9. Subscription --> Tenant/Account name
10 Windows Firewall Update the Inbound Rule for the VMs to communicate by changing the File
and Printer (Echo Request -IPv4) to allow
Role : Subscription
Resource Group : Container to organize our resources
VPC : Virtual Network
Availability Zone : Availability Set
ELB : same
ILB :Internal Load balancer
NACL and Security Group {Lock Icon(Software Firewall)} : Network and Security Group(NSG)
VPC : Vnet (Virtual Network)
Your VPC : Address Space
EC2 : Virtual Machine
ElasticBeanStack : App Service
S3 : Blob Storage
Glacier : Backup
DynamoDB : DocumentDB
There are different options to distribute network traffic using Microsoft Azure. These options work
differently from each other, having a different feature set and support different scenarios. They can
each be used in isolation, or combining them.
• Azure Load Balancer works at the transport layer (Layer 4 in the OSI network reference stack).
It provides network-level distribution of traffic across instances of an application running in
the same Azure data center.
• Application Gateway works at the application layer (Layer 7 in the OSI network reference
stack). It acts as a reverse-proxy service, terminating the client connection and forwarding
requests to back-end endpoints.
• Traffic Manager works at the DNS level. It uses DNS responses to direct end-user traffic to
globally distributed endpoints. Clients then connect to those endpoints directly.
1. Virtual Network : A virtual network enables Azure resources, such as virtual machines (VM), to
communicate privately with each other, and with the internet.
2. Load Balancer : Azure load balancer is a layer 4 load balancer that distributes incoming traffic
among healthy virtual machine instances. Load balancers uses a hash-based distribution
algorithm. By default, it uses a 5-tuple (source IP, source port, destination IP, destination port,
protocol type) hash to map traffic to available servers. Load balancers can either be internet-
facing where it is accessible via public IP addresses, or internal where it is only accessible from
a virtual network. Azure load balancers also support Network Address Translation (NAT) to
route traffic between public and private IP addresses.
You can configure the load balancer to:
○ Load balance incoming traffic across your virtual machines.
○ Forward traffic to and from a specific virtual machine using NAT rules.
5. Local network gateway : A local network gateway represents the hardware or software VPN
device in your local network. Use this with a connection to set up a site-to-site VPN connection
between an Azure virtual network and your local network. There are no additional charges for
creating local network gateways in Microsoft Azure.
Name : TestRT-Kishan1
About VPN devices and IPsec/IKE parameters for Site-to-Site VPN Gateway
connections:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices