2.9 Virtual Network Peering

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

18 hours 58 minutes
Video Transcription
welcome back, and in this episode we're gonna talk about virtual network periods. We've mentioned this a few times in previous episodes, so let's dive in a little bit and learn some more about it.
My objectives include understanding that we're peering concepts and then jumping out to our azure portal toe. Look at a network period demo.
Now I've mentioned network appearing quite a few times, so there shouldn't be too much to cover. Network peering allows connecting virtual networks together. Remember that sub nets inside a virtual network automatically have connectivity, but different virtual networks do not.
Creating a pier in connection between two virtual networks will allow resource is in those different networks to communicate with each other.
You can connect virtual networks together that are in the same azure region or different azure regions. This allows connecting your virtual networks together across the globe. Thes peering connections run over the azure backbone, so they're low latent, see have high bandwith and our private and secure. Since they do not traverse the public Internet,
Jeanette Period allows us to create complex network topology, and we can use different azure network resources to build them.
You can use a combination of user to find routes and network security groups to control traffic going to and from the period virtual networks.
For example, you can use user to find routes to send traffic to a specific virtual machine in the peer network by defining as the next top I p address or send it to a virtual network gateway, sending traffic from one network to a virtual planes or a network Gateway in appeared connection is called service chaining.
We can also build Hub and spoke networked apologies. The hub or central network can host network virtual appliances like a load balancer or a firewall, or even a VPN gateway. All the spoke networks would connect to the network through the peering connections. All traffic would then flow through the central hub network.
This would be useful if you wanted all the network traffic inspected third firewall or to go through a load balancer before being directed to a different spoke network or out to the Internet.
One less concept to go over his peer and connections are not transitive say we had three different V, nets A, B and C, and we had appearing connection between a and B and another one between B and C. This does not mean A and C have connectivity between each other automatically, and they're not considered appeared.
If you needed network traffic to go from A to C,
you would need to create appearing connection between the two or have some type of network virtual appliance inside of the Net be that could, for the traffic over to V nutsy
that does it for concepts. Right now, let's jump back over to our azure portal and take a look at this in another demo.
Back in our azure portal, let's go check out our virtual networks.
And here we have our first virtual network that regretted Prod Web Dash V. Net and in the background, I went ahead and created another virtual network that we could connect to called Prod D. B V. Net. Let's go into our proud Webb peanut
and under setting Let's Go Select appear ings
and let's click on Ed.
Now, in our peering settings, we need to give it a name, and this is gonna be going from prod Web desh peanut to the remote virtual network. Since I know I'm going to my Prodi be virtual network. I'm going to give it a name that indicates that
next I'm gonna select the virtual network that I want to connect to.
And if you notice this drop down menu is gonna show you virtual networks you cannot connect with.
And of course, since we're already in prod Web desh Peanut Virtual Network, we can't connect to that one. But we are going to connect to the prod D B V Net.
Once that is done, it's gonna prompt us to name the peering connection from Prod D B back to prod Webb. This is gonna be different than the name that we gave it up here because this is going from prod Web to prod d B.
And next, we have a couple of configuration options.
First, we can allow network access from Prod Web to prod DP and network access from Prodi be to prod Web.
This shows that peering connections can go one way if you want it to. For example, if we wanted problem Web to talk to prod TB, but we didn't want the Prodi be network to talk back to prod web, we would just disable this option here.
However, I do want bi directional communication, so let's go ahead and leave this enabled.
Next we have settings for configuring Ford a traffic and let's hover over the information icon to read more about this.
Basically, this is going to allow traffic not originating from Prodi B V Net to be forded in to prod web Peanut. This is gonna be helpful if you're building a hub and spoke network because traffic coming from one spoke is gonna go into the hub and you're gonna want to allow that traffic to be forded into another. Spoke
are less setting is configure Gateway Transit settings. If we hope for over the information icon, for it is going to tell us that we can use a virtual network or VP and Gateway
in appeared network in order to access cross premises, liken on premises network or to connect out to another V net inside of this period connection. The other virtual network has to have a gateway configured in it in a gateway sub net.
Right now, all I want is to connect these two virtual networks together. So all my settings I have here or what I want
let's go and click on. Okay,
now appearing. Connection is complete, and we can see here in our virtual network. Period settings are to prod D. B. V Net is showing us connected.
And to verify this, let's go look at the Prod D V V Net.
Let's take a look at its settings and periods, and we should see a reciprocal peering connection to prod Web. If we had virtual machines deployed into each virtual network or sub net, we would now be able to ping between each of them using their I P addresses.
That does it for this demo. Let's wrap it up by going back to our slides
that does it for our discussion on virtual networks. Next, we're going to cover our next azure resource with an introduction to virtual machines. See you in the next episode.
Up Next