Azure - Networking Flashcards
What are Subnets?
Why segment/split Virtual networks into subnets?
Subnets are sub-networks. Subnets allow you to segment your Virtual Network (Vnet). Dong that you can have multiple networks. A subnet is a smaller network, which is part of your VNet. Use these for security and logical division of resources.
VNet is in a single region and single subscription.
[2] Why doing that? Why use subnets?
a) Resource Grouping - Group resources onto the same subnet to make it easier to keep an overview
b) Address allocation
More efficient to allocate addresses to resources on a smaller subnet
c) Subnet security - USe network security groups to secure individual subnets.
Can Vnet (Virtual Network) span multiple Regions?
No, Vnet belongs to single Region. Every resource on the Vnet must be in the same region too.
What are the advantages of Vents in Azure compared to networks in the home data center?
1) Scaling - adding more VNets or more addresses to one is simple
2) High Availability - Peering VNets using a load balancer, or using a VPN gateway all increase availability
c) ISolation - management and organize resources with subnets and network security groups
[1] What is Vnet Peering?
[2] What are Peering benefits?
[1] Wnet Peering allows connect two or more Vnet together. Traffic between Vnets using peering use private network never goes outside Azure network.
[2] Peering benefits
a) Low latency, High Bandwidth - resources in virtual network are connected with a low-latency, high-bandwith connection
b) Link separate networks
Resources in separate virtual networks can communicate with each other
c) data transfer
Transfer data easily between subscriptions and deployment models in separate regions
What are Load Balancers?
The load Balancer distributes inbound requests that arrive at to load balancer and redirect them to backend pool instances, according to rules and health probes.
What is Virtual Network Gateway?
What is VPN Gateway?
What are the 3 main components of VPN Gateway?
[1] compose of two or more virtual machines that are deployed on a specific subnet you create that is called a Gateway subnet.
[2] VPN Gateway - a specific type of Virtual Network gateway that allows sending encrypted traffic between an Azure Network and premises location over the public internet.
VPN Gateways are instrumental in a hybrid cloud architecture.
[3] 3 main components:
a) Azure VNet with VPN Gateway attached. This gateway will have it’s own public IP address
b) This gateway will have it’s own secure connections
c) On-premises
This si called Site-to-site connection.
b)
[1] What is Application Gateway?
[2] What are the benefits of Application Gateway?
[1] Load balance route traffic based on IP address or port.
What if we want to use other parameters to route traffic?
With the application Gateway, we can use other parameters of requests like paths. It works on the HTTP request of the traffic, instead of the IP address or port. Eg. Traffic from a specific web address can go to a specific machine
[2] Benefits:
a) scaling - scale the application gateway up or down based on the amount of traffic received
b) Encryption - comply with any security policy. Disable or enable traffic encryption to the backend.
c) Zone redundancy - span multiple availability zones and improve fault resiliency
d) Multi-sirte hosting - use the same application gateway for up to 100 websites
What is a Content Delivery Network? CDN
CDN is a distributed network of servers that can deliver web content close to users.
Stores a cached version of your application on an edge node. Provides better performance and less traffic to your main server. The content cache is updated as necessary.
What is ExpressRoute?
It is a Direct link between on-premises and Azure. Enables a private, secure, high-bandwidth, low-latency connection
it does not go on public internet.
Very fast.