Microsoft Azure’s global network interconnects regions, availability zones, and data centers via a purpose-built, highly available, and low-latency private global network. Azure defines a part of the world containing one or more regions as an Azure geography.
- Regions consist of grouped data centers providing high availability and redundancy; By design, this enables deployment of services closer to end-users and flexibility in meeting legal or compliance-related requirements
- Availability Zones break down regions further; Each zone is equipped with independent power, cooling, and networking
- Paired Regions are composed of two regions within the same Azure geography; Platform updates only occur on one region at a time to meet a higher standard of business continuity
Virtual Networks (VNets) enable connectivity between your resources in the cloud. Just like AWS, a virtual network in Azure is limited to a single region.
- Subnets are allocated from the address space defined at the VNet level; Unlike AWS, subnets in Azure span all availability zones in a given region
- System Routes are automatically created and assigned to each subnet; These cannot be removed
- User-Defined Routes (UDRs) are simply static routes that override Azure’s default system routes or add additional routes to a subnet’s route table
When traffic exits a subnet, a decision must be made based on the destination IP address. Azure makes this decision based on the longest prefix. If multiple routes contain the same prefix, the tie is broken based on the following priority:
Using Virtual Network Peering, you can build connectivity between two or more virtual networks. Virtual Networks natively are non-transitive. This means, if you have three VNets, you can’t route from VNet A to VNet C through a VNet B.