Tag: vnet

What is the Azure Virtual Network Routing Appliance?

by erjosito

Some weeks ago, Microsoft released documentation about the Virtual Network Routing Appliance (VNRA) without a lot of context, what generated a healthy confusion in the Azure Networking practitioner community. In the Azure updates page, the following was written: Azure Virtual Network routing appliance offers private connectivity for workloads across virtual networks. Using specialized hardware, it … Continue reading What is the Azure Virtual Network Routing Appliance?

Connecting Microsoft Fabric to on-premises databases with Private Link

by erjosito

Azure Networking is already a complex enough topic, and if you add to the mix the moving parts of data analytics services the results are always interesting, to say the least. On top of that, documentation is not always created to explain in detail what is actually happening or why, adding insult to injury. Consequently, … Continue reading Connecting Microsoft Fabric to on-premises databases with Private Link

Which Azure network design is cheaper?

by erjosito

If you have been reading some of my blog posts, you probably know that I have been working on Azure networking for a while. Part of that work has consisted of helping customers to create network architectures based on their requirements. Last week I got a similar ask from a colleague for a large-scale hub-and-spoke … Continue reading Which Azure network design is cheaper?

Subnet peering and ExpressRoute

by erjosito

Yesterday I got an interesting question. How does subnet peering interact with ExpressRoute? A quick look into the official docs for Subnet peering checks and limitations didn’t give any answers, and Copilot wasn’t very helpful either: So let’s dive in! What was subnet peering again? I wrote a blog post some time ago here, feel … Continue reading Subnet peering and ExpressRoute

Virtual WAN static routes redistribution

by erjosito

Azure Virtual WAN is one of the networking options offered by Azure, and routing inside of Virtual WAN has become a sort of dark art with the many supported options. Some years ago Routing Intent (also known as Routing Policies) was introduced to simplify routing, but at times you need to go back to the … Continue reading Virtual WAN static routes redistribution

Azure Firewall and Service Endpoints

by erjosito

In my recent blog series Private Link reality bites I briefly mentioned the possibility of inspecting Service Endpoints with Azure Firewall, and many have asked for more details on that configuration. Here we go! First things first: what the heck am I talking about? Most Azure services such as Azure Storage, Azure SQL and many … Continue reading Azure Firewall and Service Endpoints

Private Link reality bites – Private endpoints are an illusion

by erjosito

Welcome to this new series of blog posts in which I will be explaining some not-so-well-known facts about Azure Private Link and some associated technologies! This idea is born from the fact that I have been helping some colleagues and customers lately with some questions around Private Link, and that has made me realize that … Continue reading Private Link reality bites – Private endpoints are an illusion

Azure Subnet Peering

by erjosito

First of all, my apologies for the radio silence, there have been some private projects going on during the Summer months that have kept me away from blogging. With that out of the way: what the heck is subnet peering? You probably know VNet peering, but is “subnet peering” now a thing? Well, not yet, … Continue reading Azure Subnet Peering

Do not let ExpressRoute, VPN and SDWAN traffic bypass your firewall

by erjosito

I have recently expanded my SDWAN in hub-and-spoke networks design guide to include SDWAN-to-firewall routing. Initially I didn’t have this point, but recent conversations have made me realize that not everybody understand this. The main difficulty in this topic is related to the fact that you cannot inspect the effective routes of your Virtual Network … Continue reading Do not let ExpressRoute, VPN and SDWAN traffic bypass your firewall

IPvlan with Docker in Azure

by erjosito

Today I was looking at IPvlan on a docker container in Azure along a colleague, and we found that there are plenty of documentation and blogs out there that might be confusing when running this setup on Azure. What is this IPvlan thing, I hear you ask? Docker has a good explanation here, but let … Continue reading IPvlan with Docker in Azure