Networking Changes

By Ashwin Venugopal -

 




Networking Changes for Azure VMs

The additional network requirements must be accounted for as a part of Azure VMs or Large Instances of SAP HANA on Azure.

Forced Tunneling

The default routes can be advertised to route all the traffic out through the cross-premises connection which will force traffic to Azure PaaS services back to your on-premises environment, but to return traffic to Azure via Microsoft peering path or over the Internet, you have to configure your routers. Generally, such routing is not required due to the performance reasons, however, you can easily leverage service endpoints to remediate this.

Virtual Network (VNet) service endpoints can extend your virtual network's private address space and the identity of your VNet to the Azure services, over a direct connection which also helps you to secure your critical Azure service resources to only your virtual networks. Service endpoints are usually available for a number of PaaS services and if they are enabled for a service, the traffic to that service cannot be forced to your premises and remain within the Azure backbone network.

Networking Changes for Azure SAP HANA on Azure (Large Instances)

Adding IP address ranges or subnets

If you want additional IP addresses or subnets, you should use either the Azure CLI, Azure portal or PowerShell.

Firstly, you have to add the new IP address range as a new range to the virtual address network space (and must not create a new aggregated range) and submit it to the Microsoft which helps you to connect to the HANA large instance units of your client. an azure support request can also be opened to add the new virtual network address space. You can move further after receiving the confirmation.

Adding virtual networks

Now, if you want to connect the additional Azure virtual networks that access SAP HANA on Azure  (Large Instances), then, you have to submit a request for Azure support which should also include the specific information of identifying the particular Azure deployment along with the IP address apace range or ranges of the Azure virtual network address space. After this step, the SAP HANA on Microsoft service Management can offer the necessary information required to connect the additional virtual networks as well as Azure ExpressRoute. For every virtual network, a unique authorization key is required to connect to the ExpressRoute circuit to HANA Large Instances.

Increasing Bandwidth of an ExpressRoute circuit

If SAP HANA on Microsoft Service Management advises you to increase the bandwidth of the SAP HANA on Azure (large instances) ExpressRoute circuit, then, you have to generate an Azure support request and can request an increase up to a maximum of 10 Gbps for a single circuit bandwidth.

Adding an ExpressRoute circuit

If SAP HANA on Microsoft Service Management advises you for additional ExpressRoute circuit, then, you can create an Azure support request along with a request to get authorization information to connect to the new circuit. But, before that, you have to define the address space used on the virtual networks.

When the new circuit is created, and the SAP HANA on  Microsoft Management configuration is complete, you receive a notification with the information needed to proceed further. However, if the Azure virtual networks  are already connected to another SAP HANA on Azure (Large Instances) ExpressRoute circuit in the same Azure region, then, you cannot connect them to this additional circuit.

Deleting a Subnet

You can easily use Azure portal, PowerShell, or Azure CLI if you want to delete a virtual network subnet. If you have defined one of the Azure Virtual network address range or address space as multiple IP address ranges and assigned it to your deleted subnet, then you have to make sure to delete that from your virtual network address space; and then inform SAP HANA on Microsoft Service Management to remove it from the ranges that SAP HANA on Azure (large instances) is allowed to communicate with.

Deleting a Virtual Network

SAP HANA on Microsoft Service Management can easily remove the existing authorizations on the SAP HANA Azure (large instances) ExpressRoute circuit, and azure virtual network IP address range or address space for the communication with HANA large instances. After that, you can open an Azure support request to provide the IP address space range or ranges to be removed. You must delete the ExpressRoute connection, the virtual network gateway, the virtual network gateway public IP, and the virtual network to ensure the removal of everything.

Deleting an ExpressRoute circuit

If you want tor delete an additional SAP HANA on azure (Large Instances)ExpressRoute circuit, you can open an Azure support request with SAP HANA on Microsoft Service Management and request that the circuit should be deleted, as you can easily delete or keep the virtual network as required within the Azure subscription. But, you must ensure that the connection between the HANA Large Instances ExpressRoute circuit and the linked virtual network gateway is deleted.   

   













Comments

Post a Comment

Popular posts from this blog

Query, Visualize, & Monitor Data in Azure Sentinel

By Ashwin Venugopal -
Image
  Azure Sentinel Workbooks Several ready for use templates are provided by the Azure Sentinel that can be used to create your own workbook and then modify them as needed for Contoso. Most of the data connectors it uses to ingest data come with their own workbooks, but better insight can be obtained by simply looking into the data that is being ingested by using tables and visualizations, including bar and pie charts. You can also make your own workbook easily by using this data from the beginning instead of using the predefined templates. Workbook Page You can easily access the workbook page from the Azure Sentinel from the navigation pane which consists of the: Workbook header- You can add a new workbook and review the saved workbooks as well as templates that are available on the workbook page. Templates section- You can access existing workbook templates on the Templates tab. You can save some of the workbooks for quick access and they will appear on the My Workbooks tab.  From the
Read more

Planning for Implementing SAP Solutions on Azure (Part 2 of 5)

By Ashwin Venugopal -
Image
  To read part 1 please click  here To read part 3 please click  here To read part 4 please click  here To read part 5 please click  here Load Balancing The load balancer uses probe ports to determine as well as route the traffic to an active DBMS node, but of there's any failover then the most common SAP application architecture can automatically reconnect against the private virtual IP address without the need for the SAP application to reconfigure it, while the load balancer redirect the traffic against the private virtual IP address without any need for the SAP application to reconfigure. The loaf balancer also offers an option of DirectServerReturn which if configured, can help in directing the traffic from the DBMS VM to the SAP application layer directly to the application layer without routing through the load balancer. But, if it isn't configured, then the return traffic to the SAP application layer is routed through the load balancer. You can also use Azure Load Balan
Read more

Work with String Data Using KQL Statements

By Ashwin Venugopal -
Image
  Extract Data from Unstructured String Fields Unstructured string fields often contains the Security log data and requires parsing to extract data. There are multiple ways of pulling information from string fields in KQL and the two primary operators used are extract and parse.  Extract It gets a match for a regular expression from a text string. You can convert the extracted substring to the indicated type.  Arguments regex- A regular expression. captureGroup- A positive int constant indicating the capture group to extract. 0 stands for the entire match, 1 for the value matched by the first '('parenthesis')' in the regular expression, 2 or more for subsequent parenthesis.  text- A string to search. typeLiteral- An optional type literal. If provided, the extracted substring is converted to this type.  Returns If regex finds a match in text- the substring matched against the indicated capture group captureGroup, optionally converted to typeLiteral. If there's no mat
Read more