Home / Nerdio Academy / Microsoft Azure / Azure IT Fundamentals: Networking

Azure IT Fundamentals: Networking

0 commentsApril 25, 2019Videos

Joseph Landes:
In this session you will learn more about networking in Azure, how Azure uniquely handles networking including VNet, subnet, VNix, VPN, and something called ExpressRoute which is a great way to ensure the privacy and isolation of your data and possibly lower variance on things like latency and packet loss. As an MSP is it important to really get your arms around how networking works in Azure as you continue to build up your cloud practice.

Vadim Vladimirskiy
Okay, let’s talk about other types of networking that exist. So when you have kind of this internal networking where you have private IP addresses and Nix attached to VMs, there’s nothing billable happening there. However, what you can do is you can also attach public IP addresses to a particular virtual interface, which will then get attached to a particular VM. For instance, if you take dc01 again as an example, it will show you that there is a public IP address on this particular network interface. And if we go to public IP addresses, let’s do IP addresses, public IP address, you’ll see a list of IP addresses, and it will also show you what they are attached to. So if we were to go to associated with or assignment. Which one it is? There we go.

Vadim Vladimirskiy
So you can see that this public IP address object is attached to this virtual network interface, which is attached to a particular VM. This is a static public IP address that has both an IP and the DNS name associated with it, and this is a billed object. It gets billed I think. I think like $3. Maybe a little bit less. Let’s see. Azure public IP pricing. A static IP address you get for, whatever that is, .4 cents per hour. That’s the cost of a public IP address. You’re getting billed for it as long as it exists. So you have to actually delete it in order for it to stop billing you.

Vadim Vladimirskiy
We talked about virtual networks, subnets, network interfaces, private IP address and other properties of network interfaces, and public IP addresses, which are resources attached to network interfaces.

Vadim Vladimirskiy
A couple of other network related constructs. We have our virtual network gateway. The way VPN works in Azure is you set up what they call a VPN gateway. It requires you to place it in a particular subnet. So you setup, you carve up another piece of your virtual network for the gateway. You place your gateway in there. And then you’re able to add VPN connections into that gateway. I’m not going to go through it because it takes a long time to create one. But that’s the concept if you had VPN.

Vadim Vladimirskiy
There is pricing associated with running VPN gateways. So if you just look again, Azure VPN gateway pricing, you will see that there are different types of gateways. The cheapest one, let’s look at it by hour. The cheapest one is called the basic. It runs about $26 a month. And then you have gateway one, gateway two, gateway three, it gets up to almost $1,000 a month, and the differences are you can see is the aggregate throughput and bandwidth, as well as the number of connections and all that kind of other stuff. There are multiple VPN gateway options in Azure.

Vadim Vladimirskiy
As far as the actual transfer and bandwidth in Azure, anything that goes within the same region, any traffic that traverses resources residing in the same region is free. There is no cost for that. Anything that comes into a region from outside of that region into your resource is also free. The only thing you pay for is egress bandwidth, outbound bandwidth. If you can see here, we have Azure bandwidth pricing. And the first five gigabytes per month is free. And then if it’s outbound data transfer, see data going out of the data center, and then there is this pricing per gigabyte. So you have whatever that is, 8.7 cents per gigabyte of transferred data. So you’re not really paying for the bandwidth. It’s not in terms of megabits per month or anything like that or per second. It’s in terms of actual gigabytes of data transferred.

Vadim Vladimirskiy
If you are using something called availability zones, which we didn’t cover yet, then you also pay for inbound traffic, but inbound traffic normally is free. And here it says it right there. Imagine you’re on a VM and you go in to download some really large file. It takes 100 gigabytes to download it. You pay nothing for that because that’s inbound. But if you go and take that file and you upload it to some other Azure region, or any other location on the internet, you are going to pay for that transfer.

Vadim Vladimirskiy
ExpressRoute is a service in Azure that allows you to set up a private point-to-point connection with another location or multiple locations. ExpressRoute rides on top of a physical connection. In order to use ExpressRoute in Azure, you need to use an approved vendor that’s one of the … Customers may incur additional charges by the server provider to enable connectivity to ExpressRoute. There is a list of ExpressRoute providers where you can go to do a carrier, let’s say like a Verizon or Comcast, whoever is on the list, you can rent connectivity from them, physical connectivity from them, from your data center or your physical location into one of the Azure regions. And then on top of that, you would get this ExpressRoute that will allow you to have private connectivity as opposed to public internet connectivity over that physical line into the Azure environment from your physical location.

Vadim Vladimirskiy
That’s kind of what it’s for. It also is built either per gigabyte, or you can have unlimited data transfer on it depending on how big the pipe is. So again, it is an extreme if you’re using a ExpressRoute for 10 gigabits with unlimited bandwidth, then you are looking at $51,000 per month. That’s on top of what a Verizon would charge you to have a 10 gigabit capable connection from your location to the Microsoft region data centers.

Vadim Vladimirskiy
There are a couple of things that you can expect to be better. Mostly it’s about privacy and isolation. It’s your own connection. You’re not using any VPNs or any other encryption that has to be involved in the process, and you may have better lower variance on things like latency and packet loss and things like that, just like with any point-to-point connection.

Videos in the series