Azure Networking (part 1)

By Ashwin Venugopal -

 



To read part 2 please click here

Azure Virtual Networks

Azure Virtual Networks provides direct, private IP-based connectivity between network-attached resources, like Azure VMs while supporting Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP). 

A virtual network consists of one or more subnets which can easily facilitates segmentation of networks, providing a means of controlling communication network resources. VMs generally uses a virtual network adapter to attach to a subnet to communicate with the other VMs as well as the other network resources like load balancers or gateways. The maximum number of network adapters that you can use depends on its size. 

IP Addressing

A unique private IP address is generally allotted to a network adapter of a VM, an internal Azure load balancer, or an application gateway from the IP address range of the subnet to which they are connected. Most of the Azure resources directly or indirectly supports the use of public IP adresses which allows Azure resources to become directly accessible from the internet. Public IP Addresses are available in two Stock Keeping Units (SKU), Basic and Standard:

Basic SKU public IP addesses have the following characteristics:

  • They support both both the dynamic and static allocation methods.
  • You can assign them to the network interfaces of Azure VMs, internet-facing Basic SKU Azure load balancers, application gateways,and VPN gateways. 
  • You can assign them to a specific zone within an Azure region, but they do not support zone-level redundancy.
  • They facilitate assignment of IPv6 public IP addresses to internet-facing Basic Azure SKU Azure load balancers.

Standard SKU public IP addresses have the following characteristics:

  • They support only the static allocation method.
  • You can assign them to network interfaces of Azure VMs or internet-facing Standard SKU Azure load balancers.
  • You can assign them to a specific zone or configure them as zone redundant. You can assign both types of IP addresses to the same Standard SKU Azure load balancer.
  • They support only IPv4 addresses. 

Name Resolution

You can easily resolve the names of the resources created in Azure with the help of Azure-provided DNS service or a DNS server provided or designated by customer. Common scenarios in which you must implement the Azure-provided DNS service are, for example:
  1. when implementing hybrid connectivity between an Azure virtual network and an on-premises network. 
  2. when deploying your own AD domain environment in Azure. 
In both the cases, you must configure an operating system of each Azure VM to use your own DNS server by modifying the properties of the Azure virtual network. 

Accelerated Networking

Accelerated networking enables the single root I/O virtualization to a VM, greatly improving its networking performance by reducing latency, jitter, and CPU utilization, for use with the most demanding network workloads on supported VM types. Accelerated networking is supported on the most general-purpose and compute optimized instance sizes with two or more vCPUs.  

Azure Load Balancer

Azure load balancer can be used to enhance the scalability and availability of the VMs by configuring them as a load-balanced set. It readily provides functionality similar to hardware load balancers by eliminating all the points of failures, increasing uptime during planned maintenance or upgrades, and distributing workloads across multiple, identically configured compute nodes. Besides, you can also configure it to implement the Network Address Translation (NAT) capability, offering connections to individual VMs in the load-balanced set. Basic and Standard are the two SKUs in which the Azure Load Balancer is available.          



To read part 2 please click here








Comments

Post a Comment

Popular posts from this blog

Query, Visualize, & Monitor Data in Azure Sentinel

By Ashwin Venugopal -
Image
  Azure Sentinel Workbooks Several ready for use templates are provided by the Azure Sentinel that can be used to create your own workbook and then modify them as needed for Contoso. Most of the data connectors it uses to ingest data come with their own workbooks, but better insight can be obtained by simply looking into the data that is being ingested by using tables and visualizations, including bar and pie charts. You can also make your own workbook easily by using this data from the beginning instead of using the predefined templates. Workbook Page You can easily access the workbook page from the Azure Sentinel from the navigation pane which consists of the: Workbook header- You can add a new workbook and review the saved workbooks as well as templates that are available on the workbook page. Templates section- You can access existing workbook templates on the Templates tab. You can save some of the workbooks for quick access and they will appear on the My Workbooks tab.  From the
Read more

Planning for Implementing SAP Solutions on Azure (Part 2 of 5)

By Ashwin Venugopal -
Image
  To read part 1 please click  here To read part 3 please click  here To read part 4 please click  here To read part 5 please click  here Load Balancing The load balancer uses probe ports to determine as well as route the traffic to an active DBMS node, but of there's any failover then the most common SAP application architecture can automatically reconnect against the private virtual IP address without the need for the SAP application to reconfigure it, while the load balancer redirect the traffic against the private virtual IP address without any need for the SAP application to reconfigure. The loaf balancer also offers an option of DirectServerReturn which if configured, can help in directing the traffic from the DBMS VM to the SAP application layer directly to the application layer without routing through the load balancer. But, if it isn't configured, then the return traffic to the SAP application layer is routed through the load balancer. You can also use Azure Load Balan
Read more

Work with String Data Using KQL Statements

By Ashwin Venugopal -
Image
  Extract Data from Unstructured String Fields Unstructured string fields often contains the Security log data and requires parsing to extract data. There are multiple ways of pulling information from string fields in KQL and the two primary operators used are extract and parse.  Extract It gets a match for a regular expression from a text string. You can convert the extracted substring to the indicated type.  Arguments regex- A regular expression. captureGroup- A positive int constant indicating the capture group to extract. 0 stands for the entire match, 1 for the value matched by the first '('parenthesis')' in the regular expression, 2 or more for subsequent parenthesis.  text- A string to search. typeLiteral- An optional type literal. If provided, the extracted substring is converted to this type.  Returns If regex finds a match in text- the substring matched against the indicated capture group captureGroup, optionally converted to typeLiteral. If there's no mat
Read more