Understanding Azure Networking Services
-
Upload
incyclesoftware -
Category
Technology
-
view
93 -
download
0
Transcript of Understanding Azure Networking Services
![Page 1: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/1.jpg)
Webinar: Understanding Azure Networking Services
We’ll be starting shortly…
![Page 2: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/2.jpg)
Webinar: Understanding Azure Networking Services
David Pitcher
Senior ALM Consultant
InCycle Software
![Page 3: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/3.jpg)
We Help Organizations
Get to the Next Level
ALM MVPs and ALM consultants in six locations
![Page 4: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/4.jpg)
Agenda
III
I
II ?
IV
Questions & Answers
![Page 5: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/5.jpg)
Virtual Networks
Point to Site VPN
Site to Site VPN
Express Route
![Page 6: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/6.jpg)
Virtual Networks
Virtual Network
<subnet X> <subnet Y> <subnet Z>
DNS Server
Microsoft Azure
![Page 7: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/7.jpg)
VNet to VNet
US WestVnet C
US WestVnet B
US EastVnet B
Internet
Connectivity between Virtual Networks
Enables rich network topologies in the cloud
US EastVnet A
US WestVnet A
![Page 8: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/8.jpg)
Hybrid Network Connectivity
![Page 9: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/9.jpg)
On-premises
Your datacenter
Individual computers behind corporate firewall
Point-to-Site VPN
Route-based VPN
Azure
Virtual Network
<subnet 1> <subnet 2> <subnet 3>
DNS Server
VPN Gateway
Remote workers
Point-to-Site VPNs
![Page 10: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/10.jpg)
On-premises
Your datacenter
Individual computers behind corporate firewall
Route-based VPN
Azure
Virtual Network
<subnet 1> <subnet 2> <subnet 3>
DNS Server
VPN Gateway
Remote workers
Site-to-SiteVPN
Site-to-Site VPNs
![Page 11: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/11.jpg)
Avoids risks from exposure to Internet
Avoids complexity and added costs
Provides lower latency, higher bandwidth and greater availability
Private Network
Site 1
Site 2
Site 3
Express Route
Greater networking costs and higher latency
Data traverses the Internet to reach public cloud
Limited bandwidth
Private Network
Site 1
Site 1
Site 3
![Page 12: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/12.jpg)
Load Balancing
Traffic Manager
![Page 13: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/13.jpg)
Azure Load Balancer• Layer-4 TCP and UDP Traffic
Distribution
• IaaS / PaaS Tenants
• Multiple Endpoints
• Service Monitoring
• Source NAT
![Page 14: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/14.jpg)
Distribution Mode - Hash
![Page 15: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/15.jpg)
Distribution Mode – Source IP Affinity
![Page 16: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/16.jpg)
Example – Load Balancer Configuration
![Page 17: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/17.jpg)
Internal Load Balancer
Internet Facing Multi-Tier Services with Cloud Services
![Page 18: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/18.jpg)
Internal Load Balancer
Multiple Cloud Services in a Virtual Network
![Page 19: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/19.jpg)
Traffic Manager
1
2
3
4
www.contoso.com IN CNAME contoso.trafficmanager.net
5
6
DNS
1. User Traffic To Company Domain Name
2. Company Domain Name To Traffic Manager Domain Name
3. Traffic Manager Domain Name & Profile
4. Traffic Manager Process Profile Rules
5. Endpoint Domain Name Sent To User
6. User Calls Endpoint
![Page 20: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/20.jpg)
Traffic Manager – Failover
DNS1
2
3
4
Check the ordered endpoints
CS-APrimary
CS-BStandby 1
CS-CStandby 2
CS-DStandby 3
Offline
Endpoints Status
1. CS-A Offline
2. CS-B Online
3. CS-C Online
4. CS-D Online
![Page 21: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/21.jpg)
Traffic Manager – Round Robin
DNS1
2
3
4
Select CS-C (random, based on weight)
CS-A CS-B CS-C CS-D
Endpoints Weights
CS-A 2
CS-B 2
CS-C 5
CS-D 1
![Page 22: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/22.jpg)
Traffic Manager – Performance
DNS
1
2
3
4
Look up
latency
times
CS-A CS-B CS-C CS-D
5
6
IP range US West US East West Europe East Asia
… … … … …
131.107.0.0/16 230 ms 180 ms 6 ms 25 ms
… … … … …
Cloud service
Datacenter
CS-A East Asia
CS-B West Europe
CS-C US East
CS-D US West
Maintain Internet Latency Table
131.107.89.14
Local DNS server
![Page 23: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/23.jpg)
Virtual IP Address – VIP
Reserved Virtual IP Address - RVIP
Static Internal IP Address – DIP
Public Instance IP Address – PIP
![Page 24: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/24.jpg)
IP Addressing Overview
Virtual IP Address - VIP
Dynamic IP Address - DIP
foo.cloudapp.net VIP
![Page 25: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/25.jpg)
Reserved IP Address
Why
Constraints
foo.cloudapp.net VIP
![Page 26: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/26.jpg)
Static DIP Address
Why
foo.cloudapp.net VIP
![Page 27: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/27.jpg)
Instance Public IP Address
Why PIP
Constraints
foo.cloudapp.net VIP
![Page 28: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/28.jpg)
Network Endpoint ACLs
Network Security Groups
Multiple NICs
![Page 29: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/29.jpg)
Network Endpoint ACLs
IP: 101. 121.---.255
IP: 127.255. ---.---
IP: 2001:4898:9:2:---:e60c:b118:---
IP: 111.111. ---.---
29
IP: 101. 121.---.255
IP: 127.255. ---.---
End Point ACL
![Page 30: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/30.jpg)
Network Security Groups
Name Priority Source IP Source Port Destination IP Destination Port Protocol Access
WEB 100 INTERNET * * 80 TCP ALLOW
![Page 31: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/31.jpg)
Multiple NICs
VM Size (Standard Tier) Maximum NICs
A3, A6, D3, A8, G3, D12
(4-core VMs except G3-8, A8-8)2
A4, A7, A9, G4, D4, D13
(8-core VMs except G4-16, A9-
16)
4
G5 (32-core), DS14 (16-core)8
All other sizes 1
![Page 32: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/32.jpg)
Questions?
David Pitcher
Senior ALM Consultant
InCycle Software
Seattle, WA
(425) [email protected]
www.incyclesoftware.com
![Page 33: Understanding Azure Networking Services](https://reader030.fdocuments.in/reader030/viewer/2022032506/55ce09d2bb61eb3b338b47fd/html5/thumbnails/33.jpg)
Offers
Contact us at: [email protected]
/InCycleSoftware @InCycleSoftware /company/incycle-software incyclesoftware.com/blog/
Azure Proof
of Concept
Azure
PlanningMicrosoft
Azure