Sending Internet Traffic from P2S Clients Through an NVA

Azure can be used to offer Point-To-Site (P2S) connectivity for individual users, that by leveraging a VPN client on their systems (Windows, Linux or Mac) can get connectivity to Azure resources. This P2S connectivity is often limited to Azure resources, but by leveraging the Azure Route Server, additional access is offered. For example, if an … Continue reading Sending Internet Traffic from P2S Clients Through an NVA

Using Route Server to firewall onprem traffic with an NVA

In a previous blog we had a setup with a Network Virtual Appliance (NVA) for Internet egress and hybrid connectivity based on Azure Virtual Network Gateways. There is another fairly typical use case with regards to traffic between on-premises an Azure: firewalling it with an NVA: In some situations customers will combine the role of … Continue reading Using Route Server to firewall onprem traffic with an NVA

Azure as Internet breakout from on-premises with Route Server

This is not a topology I would define as “best practice”, or one that I see in every Azure deployment out there, but I would certainly not describe it as exotic either. In this design, organizations want to leverage Azure as Internet breakout for their on-premises systems. Potentially because they do not have a good … Continue reading Azure as Internet breakout from on-premises with Route Server

Route Server Multi-Region Design

In my previous blog I wrote my view on the characteristics of the new Azure Route Server that I am most excited about. In this one I would like to give you a glimpse of how it works with a design that I see in many organizations: a multi-region setup, with Network Virtual Appliances acting … Continue reading Route Server Multi-Region Design

A Day in the Life of a Packet in AKS (part 2): kubenet and ingress controller

Hey again, to complete the previous post on the Azure CNI, here it goes using kubenet instead. To make it a bit more interesting we are going to explore a bunch of additional stuff: Deploying AKS with kubenet in your own vnet (note that this is not well documented or supported by Microsoft at the … Continue reading A Day in the Life of a Packet in AKS (part 2): kubenet and ingress controller

Working with network attributes of Azure Virtual Machine Scale Sets

I have been working this week a bit with Azure VMSS, and I thought I would publish my findings, since I could not find this information in the standard documentation. First of all, if you do not know what a VMSS is, you can read more here. Essentially they are farms of VMs that are … Continue reading Working with network attributes of Azure Virtual Machine Scale Sets