Author : MD TAREQ HASSAN | Updated : 2021/04/20
Virtual Network Address Space
IP Address Classes
- Class A:
1.0.0.1 ~ 126.255.255.254-> for large size network - Class B:
128.1.0.1 ~ 191.255.255.254-> for medium size network - Class C:
192.0.1.1 ~ 223.255.254.254-> for small size network - Do not use class D and E
Normally I use: 10.8.0.0/16
- Sometime you Azure vNet might need to connect to on-premise network
- I used 2nd octate
8, because on-premise network might have address space10.x.0.0/16and there will be IP conflict if try to connect (Azure vNet <-> on-premise) via VPN
Subnets
- Consider how many types of resources will be provisioned
- Consider how many resources might need subnets
- Consider the max IP addresses might need for a subnet
- If you are deploying cluster i.e. Kubernetes cluster, then you might need many IP addresses
- If you are deploying VP Gateway, then few IP addresses will be suffucient
Normally I create following subnets (3rd octate is apart from each other by 20):
- AKSClusterSubnet:
10.8.0.0/21 - VMSubnet:
10.8.20.0/24 - AzureSQLSubnet:
10.8.40.0/24 - PrivateEndpointSubnet:
10.8.60.0/24(i.e. for Azure Container Registry) - Xyz:
10.8.80.0/24…goes on - GatewaySubnet:
10.8.255.0/27
Hub and Spoke Topology
- Hub:
- common resources
- connects onpremise via VPN or ExpressRoute
- Spokes:
- protected resources
- Multiple spokes are connected to hub using vNet peering
- Details: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke?tabs=cli