Now that we know about the Azure network groups and application groups, let's talk about the components of an Azure network. The basic requirements for creating any network are an IP address, a subnet, a network interface card, and a network security group. These items help you to communicate with external clients, provide security and isolation, and help in communication between VMs and other resources on the network. User-defined routes or UDR control network traffic by defining routes that specify the next hop of the traffic flow. If your organization wants to implement packet inspection or corporate audit, you can use the forced tunneling feature. Azure includes virtual networks and load balancers. Virtual networks connect resources such as virtual machines. The DNS system supports many name resolution scenarios. You can use application gateways for a cookie-based session affinity scenario. Just like network security groups and UDR, another way to manage load balancing is through the traffic manager. You can configure this load balancing service to support priority or to ensure that users connect to an endpoint that is close to their physical location for faster response. To extend your on-premise network, you can create a virtual private network or VPN between your on-premise computers or network and an Azure virtual network. If the Azure virtual network is within the intranet, then you can use express route. To increase availability and scalability, you can create two or more VMs that publish the same application. The Azure load balancer automatically distributes requests across those VMs as the requests arrive at the endpoint. Now to understand network addressing, we need to understand IP addressing. There are two types; public and private. Public addressing goes across the Internet, whereas private addressing is within an intranet. A public IP has its own properties, and can be created with IPv4 or IPv6. Public IPs can be created with either the Azure basic or standard SKU. They can be associated to Windows and Linux servers. Private IPs can be assigned statically or dynamically, and are allocated from the address range of the virtual networks subnet a resource is deployed in. The IP addressing can also be classified as dynamic IP addressing or DIP, virtual IP addressing or VIP, and public IP addressing or PIP. A DIP is associated with a VM as soon as a VM is provisioned. It stays with the VM until the VM is deleted or deallocated. All VMs in a Cloud share the same VIP. Azure randomly assigns VIPs and then releases when the VM is deallocated from the Cloud. PIPs are assigned to a VM's default network interface, and are exposed directly to the Internet. So traffic should be controlled using the Windows firewall. Next, we investigate what can be done with IP addressing. The three points we'll be talking about are: managing public IP addresses, managing public IP prefixes, and adding or removing IP addresses from a network interface. For creating a public IP, login to portal.azure.com and search for a public IP address in the marketplace or create one. You can search and view a public IP in the overview section. The key settings are shown in the overview. After selection, you can only delete if the address is not associated with a configuration. If the address is currently associated with a configuration, select Disassociate to disassociate the address from the IP configuration, and then Delete. An IP prefix can also be created in a similar manner from the marketplace in Azure. An IP prefix can also be viewed in the overview section. There is a delete option available in the overview which can be used to delete the IP prefix. But if addresses within the prefix are associated to public IP address resources, you must first delete the public IP address resources, and then you'll be able to delete the prefix. The last topic in this section is how to add, view, change, and remove public and private IP addresses from a network interface. Private IP addresses assigned to a network interface enable a virtual machine to communicate with other resources in an Azure virtual network and connected networks. A private IP address also enables outbound communication to the Internet using an unpredictable IP address. You can add as many private and public IPv4 addresses as necessary to a network interface within the limits listed in the Azure Limits article. You can add a private IPv6 address to one secondary IP configuration for an existing network interface, as long as there are no existing secondary IP configurations. Each network interface may have at most one IPv6 private address. You can optionally add a public IPv6 address to an IPv6 network interface configuration. To manage an IP, type network interfaces in the text search at the top of the Azure portal. Select network interfaces from the search results, and then select the network interface you want to add an IPv4 address to. Under Settings, select IP configurations, and under IP configurations, select Add. Make the desired changes and then click Okay. If you're changing the private IPv4 address of a secondary IP configuration associated with a secondary network interface in a virtual machine, place the virtual machine into the stops or deallocated state, then select the network interface you want to view or change IP address settings for from the list. Under Settings, select IP configurations that you want to modify, change the settings as desired, and then select Save. This will help in changing the settings in the NIC. To remove the IP from a network interface, you must always have at least one private IPv4 address assigned to it. Search for network interfaces and under Settings, select IP configurations. You can't delete the primary configuration. Right-click a secondary IP configuration that you want to delete and select Delete, then confirm the deletion. If the configuration had a public IP address resource associated to it, the resource is disassociated from the IP configuration, but the resource isn't deleted. In this section, we discussed Azure network addressing, and we explained the difference between various types of IPs. We also looked at how to use the Azure portal to make any changes in the addressing.
