Networking: Peering and VWAN Flashcards
VNet peering
Virtual network peering enables you to seamlessly connect two Azure virtual networks (private connections). Once peered, the virtual networks appear as one, for connectivity purposes.
Regional VNet peering
connects Azure virtual networks in the same region.
Global VNet peering
connects Azure virtual networks in different regions. When creating a global peering, the peered virtual networks can exist in any Azure public cloud region or China cloud regions, but not in Government cloud regions.
Benefits of VNet Peering Privacy
Network traffic between peered virtual networks is private.
VNet Peering: Gateway Transit options
Use a site-to-site VPN to connect to an on-premises network.
Use a VNet-to-VNet connection to another virtual network.
Use a point-to-site VPN to connect to a client.
Create and Test Virtual Network Peering (4 Steps)
Create two virtual networks.
Peer the virtual networks.
Create virtual machines in each virtual network.
Test the communication between the virtual machines.
VNet Peering: Service Chaining
VNet Peering is nontransitive. (if VNet1 and Vnet2 are peered, Vnet2 and Vnet3 are peered, Vnet1 and Vnet3 are NOT peered)
user-defined routes and service chaining can provide the transitivity.
Service chaining lets you define user routes. These routes direct traffic from one virtual network to a virtual appliance, or virtual network gateway.
VWAN Basic
Basic hub type
Site-to-Site VPN configuration only
VWAN standard
Standard hub type
ExpressRoute, User VPN (P2S). VPN (site-to-site), Inter-hub, and VNet-to-VNet transiting through the virtual hub.
Benefits of VNet Peering - Performance
Performance. A low-latency, high-bandwidth connection between resources in different virtual networks.
Benefits of VNet Peering - Communication
The ability for resources in one virtual network to communicate with resources in a different virtual network
Benefits of VNet Peering - Seamless
The ability to transfer data across Azure subscriptions, deployment models, and across Azure regions.
No disruption. No downtime to resources in either virtual network when creating the peering, or after the peering is created.
VWAN
Virtual WAN is an Azure Networking Service that brings many networking, security, and routing functionalities together to provide a single operational interface
VWAN Architecture
hub and spoke architecture with scale and performance built in for branches (VPN/SD-WAN devices), users (Azure VPN/OpenVPN/IKEv2 clients), ExpressRoute circuits, and virtual networks.
VWAN Resources: virtualWAN
represents a virtual overlay of your Azure network and is a collection of multiple resources
VWAN Resources: Hub
A virtual hub is a Microsoft-managed virtual network.
The hub contains various service endpoints to enable connectivity.
VWAN Resources: Hub virtual network connection
The Hub virtual network connection resource is used to connect the hub seamlessly to your virtual network. One virtual network can be connected to only one virtual hub.
VWAN Resources: Hub-to-Hub connection
Hubs are all connected to each other in a virtual WAN.
You can connect VNets within a hub transiting through the virtual hub, as well as VNets across hub, using the hub-to-hub connected framework.
VWAN Resources: Hub Route Table
You can create a virtual hub route and apply the route to the virtual hub route table. You can apply multiple routes to the virtual hub route table.
VWAN Connection Configurations: Site-to-SiteVPN
You can connect to your resources in Azure over a Site-to-site IPsec/IKE (IKEv2) connection.
This type of connection requires a VPN device or a Virtual WAN Partner device.
VWAN Connection Configurations: User VPN (Point-to-site)
You can connect to your resources in Azure over an IPsec/IKE (IKEv2) or OpenVPN connection.
This type of connection requires a VPN client to be configured on the client computer.
VWAN Connection Configurations: ExpressRoute Connections
ExpressRoute lets you connect on-premises network to Azure over a private connection. To create the connection, see Create an ExpressRoute connection using Virtual WAN.
VWAN Connection Configurations: Hub-to-VNet Connections
You can connect an Azure virtual network to a virtual hub.
