Azure Networking 相關資訊總匯
Azure Networking Fundamentals
- Azure Networking is not like your on-onprem network: 推薦閱讀,可以解釋相當多 Azure Networking 有些行為為什麼會跟地端相當不一樣
- Episode #2: VM Routing NIC Routing & Azure routes: 推薦閱讀,對於 Azure Routes 的理解和解釋蠻清楚的
- Onboarding Guide to Routing in Azure - Intro & Structure: 可以觀察各組件的 Routing 狀態
- Cross-region private network load balancing in Azure
Azure Networking Architecture 實例介紹
- kaysalawu/azure-network-terraform:
Azure Network Architecture - Terraform Examples常見架構都有, 沒有採用 Firewall 的話可參考 - DIY vWAN: double Hub VNET and Azure Route Server: Azure vWAN 不能用的話,可以參考這個 DIY 作法
- The why behind networking design and the art of the possible: 裡面有不少以 draw.io 繪製而成的架構圖,可以沿用
- jwrightazure/lab
- Traffic Flows in Common Azure Networking Patterns
- A Journey through Azure Networking
Azure VNet 相關
Azure ExpressRoute 相關
- Benefits of ExpressRoute cross-connections (bow-tie) in standard Hub&Spoke vs. VirtualWAN-based environments: ExpressRoute 連接及斷線差異比較
- Marc Kean - Azure ExpressRoute demystified
Azure Firewall 相關
Azure Public IP
Private Link/Endpoint DNS Integration
Private DNS Zone
-
Appendix G. Private DNS Namespaces
- .intranet.
- .internal.
- .private.
- .corp.
- .home.
- .lan.
Azure Network Security
- Azure/Azure-Network-Security
- 應用程式閘道在防火牆前面: 看的到 XFF Header
- 應用程式閘道在防火牆後面: 看不到 XFF Header
Traffic Load Balancing
Azure Load Balancer
結論: 一般狀況就是選 Azure Load Balancer (Standard/Regional) 就對了
Spoke to Spoke Networking
- Using Azure Firewall as a Network Virtual Appliance (NVA)
- Hub-spoke network topology in Azure
- Spoke-to-spoke networking
- Azure Networking - Hub-Spoke with NVA and Azure Firewall
- Example Hub & Spoke Azure Firewall
Azure Application Gateway
結論: 大多數狀況選 Azure Application Gateway (v2 SKU)