VNet peering in Azure
VNet peering in Azure enables you to connect two virtual networks (VNets) in the same region, allowing them to communicate with each other securely, as if they were part of the same network. This capability simplifies network architecture and enhances application deployment scenarios by facilitating seamless communication between resources in different VNets.
Scenario: Let's consider a scenario where you have two Azure VNets named "VNet1" and "VNet2," and you want to establish connectivity between them using VNet peering.
Create Virtual Networks: First, you create two virtual networks, "VNet1" and "VNet2," with their respective address spaces (e.g., 10.0.1.0/24 and 10.0.2.0/24) in the same Azure region.
Deploy Resources: Within each VNet, you deploy various resources, such as virtual machines, web applications, databases, or any other services required for your applications.
VNet Peering Configuration: Now, you configure VNet peering between "VNet1" and "VNet2." There are two sides to VNet peering, and you need to set up peering on both VNets.
a. In "VNet1," you create a VNet peering connection that links it to "VNet2."
resource "azurerm_virtual_network_peering" "vnet1_to_vnet2" {
name = "vnet1-to-vnet2"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.vnet1.name
remote_virtual_network_id = azurerm_virtual_network.vnet2.id
allow_virtual_network_access = true
}
b. Similarly, in "VNet2," you create a VNet peering connection that links it to "VNet1."
resource "azurerm_virtual_network_peering" "vnet2_to_vnet1" {
name = "vnet2-to-vnet1"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.vnet2.name
remote_virtual_network_id = azurerm_virtual_network.vnet1.id
allow_virtual_network_access = true
}
- Verification: Once the VNet peering connections are established, resources in "VNet1" can communicate with resources in "VNet2" and vice versa. They can use private IP addresses, and the communication takes place securely over the Microsoft backbone network.
For example, if you have a web application hosted on a virtual machine in "VNet1" that needs to access a database in "VNet2," you can configure the application to use the private IP address of the database. The traffic will flow through the VNet peering connection, and the application can communicate with the database as if it were in the same VNet.
In summary, VNet peering simplifies network connectivity in Azure by enabling secure communication between resources deployed in different VNets within the same region, eliminating the need for additional gateways or complex networking configurations.