Thoughts from the clouds
In Azure you have two main ways of managing your virtual network connectivity: self-managed hub-and-spoke and Virtual WAN. Virtual WAN is a solution where Microsoft manages part of your virtual networks for you, and in exchange it gives you some benefits such as any-to-any routing out of the box. However, what if you need that … Continue reading Interregional traffic in hub-and-spoke
I have recently had a couple of recent conversations that have made me reconsider the way we traditionally implement the hub and spoke Virtual Network design in Azure, which has some limitations. The idea is to introduce a relatively simple but powerful modification to the design that achieves these objectives: TL,DR: The main modification introduced … Continue reading Azure Hub And Spoke 2.0
As you might have read, one of the new kids on the block in Azure Networking is the Gateway Load Balancer. You can refer to Microsoft docs for more details on what it does and why it was created, suffice to say that it is essentially a way to insert an NVA in a network … Continue reading What language does the Azure Gateway Load Balancer speak?
Note: although technically working, the solution described in this article is not supported by Microsoft. Azure can be used to offer Point-To-Site (P2S) connectivity for individual users, that by leveraging a VPN client on their systems (Windows, Linux or Mac) can get connectivity to Azure resources. This P2S connectivity is often limited to Azure resources, … Continue reading Sending Internet Traffic from P2S Clients Through an NVA
There are a couple of ways in which you can deploy NVAs in Azure, from a redundancy perspective: 1+1 (active/passive): least scalable solution, your maximum throughput will be equivalent of the one of the active NVA, while you normally have to pay for 2 VMs and 2 NVA licenses 1+1 (active/active): 2 NVAs forwarding traffic … Continue reading Azure Route Server and NVAs running on Scale Sets
In a previous blog we had a setup with a Network Virtual Appliance (NVA) for Internet egress and hybrid connectivity based on Azure Virtual Network Gateways. There is another fairly typical use case with regards to traffic between on-premises an Azure: firewalling it with an NVA: In some situations customers will combine the role of … Continue reading Using Route Server to firewall onprem traffic with an NVA
In my previous blog I wrote my view on the characteristics of the new Azure Route Server that I am most excited about. In this one I would like to give you a glimpse of how it works with a design that I see in many organizations: a multi-region setup, with Network Virtual Appliances acting … Continue reading Route Server Multi-Region Design
Cloudtrooper 