Random Musings

Sporadic thoughts on tech, economics, business, finance and trading

VNET vs Subnet in Azure

, ,

VNet (Virtual Network)

  • A VNet is the overarching network in Azure that enables resources to communicate securely with each other, the internet, and on-premises networks.
  • It is a container for subnets and defines the address space for the network.
  • Think of it as the primary network boundary within Azure.

Key Characteristics:

  1. Address Space: A VNet requires a CIDR block (e.g., 10.0.0.0/16), which defines the range of IP addresses available for allocation within the VNet.
  2. Connectivity Options:
    • VNets can connect to other VNets via VNet Peering.
    • They can connect to on-premises networks using VPN Gateways or ExpressRoute.
  3. Isolation: VNets are isolated from one another unless explicitly connected.

Subnet

  • A Subnet is a smaller, segmented portion of the VNet’s address space.
  • It is used to allocate IP ranges for specific Azure resources, providing logical isolation within the VNet.

Key Characteristics:

  1. Subdivision: Subnets divide the VNet’s address space into smaller IP ranges (e.g., 10.0.1.0/24 within 10.0.0.0/16).
  2. Resource Placement:
    • Azure resources (e.g., virtual machines, Azure SQL, App Services with private endpoints) are assigned to subnets.
    • Each resource in a subnet gets an IP from the subnet’s range.
  3. Network Security Groups (NSGs): Subnets often have NSGs attached to control traffic flow in and out of the subnet.
  4. Delegation: Subnets can be delegated to specific Azure services like Azure Kubernetes Service (AKS) or Azure App Service.

Relationship Between VNet and Subnet

  • A VNet is the container, while subnets are segments within it.
  • Subnets exist within a VNet and inherit the VNet’s configuration, such as address space and connectivity options.

Analogy

  • VNet: A city with its own defined boundaries and overall layout.
  • Subnets: Neighborhoods within the city, each with its own specific purpose (residential, commercial, etc.).

Example

  • VNet: 10.0.0.0/16
    • Subnet 1: 10.0.1.0/24 (e.g., for virtual machines)
    • Subnet 2: 10.0.2.0/24 (e.g., for application gateways)
    • Subnet 3: 10.0.3.0/24 (e.g., for databases)

Conclusion

  • A VNet is the overarching virtual network.
  • A Subnet is a smaller division within a VNet, used for resource allocation and segmentation. Both are essential components of Azure networking and work together to define and manage your network infrastructure.