During the last meeting of the .NET Study Group on Azure Virtual Networks, a couple questions came up that needed further explanation. I thought it would be best to post the and share them
Question: Do I need a NSG or Subnet if a VM is in VNet?
Answer: Yes, it’s a best practice. By default, services outside the VNet cannot connect to services within the VNet.
However, you can configure the network to allow access to the external service. Therefore, assume you have a VNet that contains both web servers and DB servers. You can have VNET configured for public access to allow outside users to access the web servers. You would also need a subnet or NSG to prevent that same public traffic from accessing the DB servers in the same VNet.
Question: Can you provide a sample diagram of the Azure Infrastructure and how VNets would be implemented?
Answer: See below for the Sample Azure Infrastructure Diagram: (https://www.dotnettricks.com/learn/azure/what-is-microsoft-azure-virtual-network-and-architecture)
Question: Where can I find a list of Frequently asked questions on Azure VNets?
Answer: For additional reading on Azure VNet, see the FAQ page at https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-faq
No comments:
Post a Comment