Module 2bc - Exploring Azure Core Products - Networking, VPN Gateway Specs and Requirements Flashcards
Hint: workloads and migration limitations
What two (2) things are special about VPN Gateway Basic?
- It should only be used for Dev/Test workloads
- You CANNOT migrate from Basic to w1/w2/w3 SKUs without removing the Gateway and redeploying…)
What are specs for VPN Gateway Basic?
- S2S/N2N Tunnels?
- Throughput Benchmark?
- BGP Support?
Site-to-site/Network-to-network tunnels: 10 Max
Aggregate throughput benchmark: 100 Mbps
NO Border Gateway Protocol (BGP) support.
What are specs for VPN Gateway VpnGw1/Az?
- S2S/N2N Tunnels?
- Throughput Benchmark?
- BGP Support?
Site-to-site/Network-to-network tunnels: 30 Max
Aggregate throughput benchmark: 650 Mbps
Supports Border Gateway Protocol (BGP)
What are specs for VPN Gateway VpnGw2/Az?
- S2S/N2N Tunnels?
- Throughput Benchmark?
- BGP Support?
Site-to-site/Network-to-network tunnels: 30 Max
Aggregate throughput benchmark: 1 Gbps
Supports Border Gateway Protocol (BGP)
What are specs for VPN Gateway VpnGw3/Az?
- S2S/N2N Tunnels?
- Throughput Benchmark?
- BGP Support?
Site-to-site/Network-to-network tunnels: 30 Max
Aggregate throughput benchmark: 1.25 Gbps
Supports Border Gateway Protocol (BGP)
There are SIX (6) required Resources for deploying a VPN Gateway…what are they?
- Virtual Network
- A SubNet named “GatewaySubNet”:
- Public IP Address
- Local Network Gateway
- Virtual Network Gateway
- Connection
Hint: 2 things
How should a Virtual Network be set up to support a VPN Gateway?
The AVN should be set up as follows:
- Should have enough address space for the additional SubNet (requirement #2)
- Should not overlap in IP Address Space (since you can only deploy ONE Gateway within a VNet)
How should a SubNet be set up to support a VPN Gateway?
Give it a SubNet named “GatewaySubNet”: you literally need a SubNet named this.
It also requires at least a /27 address mask (5 bits) which CANNOT be used by other services
How should a Public IP Address be set up to support a VPN Gateway?
This is the public target for your On-Prem VPN devices. So it just needs to be public~
How is a Local Network Gateway used to support a VPN Gateway?
Used by VPN Gateways to define the On-Prem network’s configs, like where and what it will connect to
How does a Virtual Network Gateway support a VPN Gateway? What two options do you have as a base for the VNG?
This routes traffic between the VNet (requirement #1) and other On-Prem datacenters or other VNets
VNGs can be either a VPN or ExpressRoute Gateway.
What does the Connection do to support a VPN Gateway? What IP Addresses does it connect between?
The Connection Resource is the logical connection between requirement #4 (the LNG) and requirement #5 (the VNG).
The connection is made:
- FROM the On-Prem Device’s IP
- TO the VNet Gateway and its Public IP Address (#3)