Azure VNets & Availability Zones

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall with Kai
GameKnowt Play
New
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/20

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

21 Terms

1
New cards

What is an Azure Virtual Network (VNet)?

  • A private network in Azure for secure communication.

  • Can connect Azure resources, on-premises networks, and the internet.

2
New cards

How are VNets assigned IP ranges?

  • Defined using CIDR blocks.

  • Must be non-overlapping with other VNets or on-premises networks.

  • Common private IP ranges:

    • 10.0.0.0/8

    • 172.16.0.0/12

    • 192.168.0.0/16

3
New cards

What are the communication capabilities of Azure VNets?

  • Internet: Outbound communication is enabled by default; inbound via public IP or Load Balancer.

  • Azure resources: Use VNets, VNet peering, or service endpoints to communicate.

  • On-premises resources: Point-to-Site VPN, Site-to-Site VPN, or ExpressRoute for secure connection.

4
New cards

What are the three ways to connect on-premises networks to an Azure VNet?

  • Point-to-Site VPN (P2S): Secure remote user connections.

  • Site-to-Site VPN (S2S): Connects entire on-prem network to Azure.

  • ExpressRoute: Private, high-speed dedicated connection to Azure.

5
New cards

How does Azure route network traffic?

  • Default routing between subnets, VNets, on-prem, and the internet.

  • Custom routing via:

    • Route Tables (manual configurations).

    • BGP Routes (for ExpressRoute or VPN Gateways).

6
New cards

What are the methods to filter network traffic in an Azure VNet?

  • Network Security Groups (NSGs): Control inbound/outbound traffic.

  • Network Virtual Appliances (NVAs): Third-party firewalls or security

7
New cards

How many VNets can be created in Azure?

Multiple VNets per region per subscription.

8
New cards

What IP address ranges should be used in a VNet?

  • Use RFC 1918 private address ranges:

    • 10.0.0.0 - 10.255.255.255

    • 172.16.0.0 - 172.31.255.255

    • 192.168.0.0 - 192.168.255.255

  • Avoid reserved ranges:

    • Multicast: 224.0.0.0/4

    • Loopback: 127.0.0.0/8

    • Link-local: 169.254.0.0/16

9
New cards

What are the reserved IP addresses in an Azure subnet?

  • First four and last address in a subnet are reserved.

  • Example for 192.168.1.0/24:

    • 192.168.1.0: Network ID.

    • 192.168.1.1: Default gateway.

    • 192.168.1.2 – 192.168.1.3: Azure DNS mappings.

    • 192.168.1.255: Broadcast address.

10
New cards

What should you consider when designing an Azure VNet?

  • Non-overlapping IP ranges to avoid conflicts.

  • Subnetting strategy for organization and security.

  • Security isolation (NSGs, Firewalls).

  • Connectivity requirements (on-prem, peering).

  • Azure services that create their own VNets.

11
New cards

Why is a consistent naming convention important in Azure networking?

  • Helps identify resource purpose, type, and location.

  • Example: vnet-prod-westus-001 (Production VNet in West US).

  • Scope levels:

    1. Management Group (Top-level)

    2. Subscription

    3. Resource Group

    4. Resource (e.g., VNets, subnets)

<ul><li><p>Helps <strong>identify resource purpose, type, and location</strong>.</p></li><li><p>Example: <code>vnet-prod-westus-001</code> (Production VNet in West US).</p></li><li><p>Scope levels:</p><ol><li><p><strong>Management Group</strong> (Top-level)</p></li><li><p><strong>Subscription</strong></p></li><li><p><strong>Resource Group</strong></p></li><li><p><strong>Resource</strong> (e.g., VNets, subnets)</p></li></ol></li></ul><p></p>
12
New cards

Can a VNet span multiple regions?

  • No, a VNet is region-bound.

  • VNet Peering allows inter-region connectivity.

13
New cards

What are Azure Availability Zones?

  • Physically separate locations within a region.

  • Each zone has independent power, cooling, and networking.

  • Used for high availability and disaster recovery.

<ul><li><p><strong>Physically separate</strong> locations within a region.</p></li><li><p>Each zone has <strong>independent power, cooling, and networking</strong>.</p></li><li><p>Used for <strong>high availability</strong> and disaster recovery.</p></li></ul><p></p>
14
New cards

What are the three types of Azure services in Availability Zones?

  • Zonal Services: Resources are pinned to a specific zone (e.g., VMs, disks).

  • Zone-Redundant Services: Resources are replicated across zones (e.g., Storage, SQL DB).

  • Non-Regional Services: Available across multiple regions (e.g., Azure AD, Traffic Manager).

15
New cards

What are the key differences between Standard and Basic SKUs for public IP addresses?

  • Standard SKU: Secure by default, supports availability zones, routing preference, and global tier.

  • Basic SKU: Open by default, simpler, and does not support availability zones, routing preference, or global tier.

16
New cards

What is Custom IP Address Prefix (BYOIP) in Azure?

A feature that allows you to bring your own IP addresses to Azure and use them like Azure-owned public IPs.

17
New cards

What resources in Azure can you associate with a public IP address?

  • Virtual machine network interfaces

  • Virtual machine scale sets

  • Public Load Balancers

  • Virtual Network Gateways (VPN/ER)

  • NAT gateways

  • Application Gateways

  • Azure Firewall

  • Bastion Host

  • Route Server

18
New cards

What is the difference between zonal and zone-redundant public IP addresses?

  • Zonal: Associated with a specific availability zone.

  • Zone-redundant: Spread across multiple availability zones for high availability.

19
New cards

What are the benefits of using a custom IP address prefix (BYOIP) in Azure?

  • Allows you to bring your own IP addresses and use them like Azure-owned public IPs.

  • These IPs can interact with internal/private IPs and virtual networks and reach external destinations.

20
New cards

What are the key features of the Standard SKU for public IP addresses in Azure?

  • Secure by default: Closed to inbound traffic unless allowed by a Network Security Group (NSG).

  • Supports advanced features: Availability zones, routing preference, and global tier.

  • Idle timeout: Adjustable inbound (4-30 minutes, default 4), fixed outbound (4 minutes).

  • Use cases: Ideal for production workloads requiring high availability and security.

21
New cards

What are the key features of the Basic SKU for public IP addresses in Azure?

  • Open by default: No restrictions on inbound traffic (NSGs recommended but optional).

  • Limited features: No support for availability zones, routing preference, or global tier.

  • Idle timeout: Adjustable inbound (4-30 minutes, default 4), fixed outbound (4 minutes).

  • Use cases: Suitable for simpler, non-production workloads or testing.

Explore top flashcards

Unit 1 Test
Updated 722d ago
flashcards Flashcards (110)
Unit 13 AP Psych
Updated 198d ago
flashcards Flashcards (44)
AP Spanish 1.3 Vocab
Updated 364d ago
flashcards Flashcards (61)
Psych final
Updated 535d ago
flashcards Flashcards (58)
Unit 1 Test
Updated 722d ago
flashcards Flashcards (110)
Unit 13 AP Psych
Updated 198d ago
flashcards Flashcards (44)
AP Spanish 1.3 Vocab
Updated 364d ago
flashcards Flashcards (61)
Psych final
Updated 535d ago
flashcards Flashcards (58)