Sometime back I wrote about virtual networks and Azure-specific implementation. Here is a quick recap and some additional details.
As the name suggests, the term virtual network has two words, virtual and network. we deal with networks on daily basis, in our offices and workplaces, which are nothing but a collection of computers, machines, and other devices. with infrastructure moving to the cloud, where we deal with virtual machines and devices, it is logical to have a network that is virtual, hence a virtual network.
Next within the network, we create subnets to logically divide our network. The network address space is divided among subnets.
Network Virtual Appliances (NVA) are Virtual machines with pre-installed images that can provide capabilities for networking such as firewall, WAN optimizer, routers, load balancers, etc.
A virtual network gateway (creates encrypted cross-premises connections to your virtual network from on-premises locations, or encrypted connections between VNets) is composed of two or more VMs that are automatically configured and deployed to a specific subnet you create called the gateway subnet. The gateway VMs contain routing tables and run specific gateway services. It can use one of the three protocols, Open VPN protocol, SSTP (Secure Socket Tunneling Protocol, windows only), and IKEv2 (Internet Key Exchange version 2).
To communicate between Virtual networks, we have VNet peering, which can be local (Same region VNets) or global (different regions VNets).
Additionally one can set up a Load balancer, which can be internal (within the network) or external (traffic from outside the network). A 5 tuple hash is used by default to route traffic, which includes – Source IP, destination Ip, Destination port, and protocol.