• A virtual network exists
  • Within a specific subscription
  • Within a specific region
    • spans multiple [[202404081830 Azure Availability Zones|AZs]] in that region
  • It cannot span subscriptions nor regions
• A virtual network consists of one or more IP ranges
  • IP address type:
    • [[202407271143 Public IP address allows inbound access based on tier in Azure|Public IP Address]]
    • [[202407281228 Azure Private IP Address|Azure Private IP Address]]
  • Allocation can be static or dynamic
  • Typically from RFC 1918 but not exclusively
  • The address space is broken up into subnets with the smallest subnet possible being a /29 which will give 3 usable IP addresses
  • From every subnet we lose 5 IPs
    • .0 - NW
    • .1 - GW
    • .2-.3 - DNS
    • .255 - broadcast
  • Can be ipv6 as well/ but not only ipv6
• Subnets are regional and span Availability Zones
  • All subnets within a [[202404121703 Azure VNet|VNet]] can talk to each other by default
  • we can use [[202404141419 Network Security Groups|NSG]] to deny traffic as needed
• Ingress is free, Egress costs money

Supported types of traffic

• Standard IP-based protocols supported including:
  • TCP
  • UDP
  • ICMP (Ping)
• Multicast, broadcast, IP-in-IP encapsulated packets and Generic Routing Encapsulation (GRE) blocked
  • Can not deploy DHCP server
• You cannot ping the Azure gateway or use tools such as tracert
• Traditional Layer 2 VLANs are not supported

Commands

[[202407141408 Create VNet in Azure]]

az network vnet create --name vnet-1 --resource-group test-rg --address-prefix 10.0.0.0/16 --subnet-name subnet-1 --subnet-prefixes 10.0.0.0/24

---

references: