DEV Community

Cover image for How to deploy a hub virtual network in Azure.
Tunde Oretade
Tunde Oretade

Posted on • Updated on

How to deploy a hub virtual network in Azure.

#azure #virtualnetwork #segmentation #peering

Introduction

This article provides steps for how to create an Azure-based hub virtual network (VNet) with subnets and address space from scratch, as well as how to configure a virtual network peering. This is to allow for the virtual networks to communicate with each other securely and privately.

Scenario

A hypothetical Web Application requires network isolation and segmentation in a network for secure and private communication. The virtual networks and subnets will be created in the following steps.
Segmentation is the act of dividing the virtual network into smaller physical or logical components. This is to increase security and data protection.

Step 1: Create hub and virtual networks and subnets

I. Creating the virtual networks

  • Open a browser and navigate to the Azure portal and login.
  • To create a Virtual Network, click the hamburger icon at the top left hand side corner of the portal. Click hamburger icon
  • In the displayed pane, select Virtual Networks. Select virtual network from the sidebar
  • In the “Virtual Networks” portal pane, select + Create. Select Create
  • At the Resource group label select "create new" to create a new resource group. Give the resource group a name and click Ok. Keep in mind that this is the "parent directory" for the virtual networks to be created. Create Resource group Click Ok
  • Also, give a name to the virtual network at the "virtual network name" label. Virtual network name
  • Select a Region from the dropdown list at the Region label. In this case, I selected East US. Select Region
  • Next, Select the IP Addresses tab at the top of the page. Select IP addresses tab

II. Create subnets for the first Virtual Network.

  • At the dropdown menu displayed above the address space box on the displayed page, check that the dropdown is set to Add IPv4 address space Add IPv4 address space
  • In the address space box, change Subnet address range to 10.1.0.0/16 (This is usually the default IP address so you may not need to change it in this instance).
  • locate a pen icon at the bottom corner, in the address space box (next to the garbage can icon). Click on this icon to edit the default Subnet name. The address space box
  • Change Subnet name to frontend
  • Also, change Subnet address range to 10.1.0.0/24 using the size label. Leave all other settings as their defaults.

  • Click Add to close the Edit Subnet pane. This
    completes the creation of the first Subnet.
    Edit Subnet

  • The next step is to create the second subnet. As you can see, the
    frontend subnet is listed in the box. We need to create another
    subnet in this virtual network. Again, locate the pen
    icon at the bottom (next to the garbage can icon). Click on this icon to
    add another Subnet.
    create second subnet

  • Also, change the subnet name to backend, then change the
    Subnet address range to 10.1.0.0/24.
    second subnet

  • Again, leave all other settings as their defaults. Click Add to close the edit subnet pane.

  • Select Review + Create to validate the configurations and Create to create the first virtual network.

Review + Create
Create
Deployment in progress
Deployment completed

III. Creating the second virtual networks

  • Creating the second virtual network is similar to creating the first virtual network.
  • click the hamburger icon at the top left-hand side corner of the Azure portal.
  • Again, in the displayed pane, select “Virtual Networks”.
  • In the “Virtual Networks” portal pane, select “+ Create”.
  • At the Resource group label select from the drop-down menu the first Resource group that was created.
  • Also, give a name to the virtual network at the "virtual network name" label. Here the name I supplied was Hub-vnet.
  • Select a similar Region from the dropdown like the first virtual network list at the Region label. In the previous virtual network, I selected East US. Resource group & network name
  • Next, Select the IP Addresses tab at the top of the page.
  • set the IPv4 address space to 10.1.0.0/16

IV. Create a subnet for the second Virtual Network.

  • In the address space box, locate a pen icon at the bottom (next to the garbage can icon).
  • Click on this icon to edit the default Subnet name.

  • At the flyout pane, change subnet purpose to Azure Firewall from
    the Default settings.
    subnet purpose

  • Change Subnet name label to AzureFirewallSubnet
    subnet name

  • Also, change Subnet address range to 10.1.0.0/26.
    starting address

  • Leave all other settings as their defaults.

  • select the save button to Close the edit Subnet pane. This
    completes the creation of the Subnet for the second virtual network.
    Select Save

  • Select Review + Create to validate the settings.
    Review + Create

  • After validation is complete select the Create button to create the
    second virtual network and watch the process complete deployment.
    Create
    deployment in progress
    deployment complete

Step 2: Setup a peer relationship between the virtual networks

  • Once the deployment is complete for the second virtual network, navigate back to the portal. In the search bar type resource groups and select Resource Groups from the results.
  • Select the required Resource group in the main pane and confirm that both virtual networks have been deployed. The virtual networks
  • Setting up a peer relationship between the two virtual networks aims to allow traffic to flow in both directions between the app-vnet and hub-vnet virtual networks.
  • In the Portal and the resource group view, Select the first virtual network created from the table. In my case it was the app-vnet virtual network. app-vnet virtual network
  • On the app-vnet overview page select settings the left-hand sidebar of the portal. settings
  • Scroll down and select peerings to add peering. peerings
  • In the app-vnet peerings pane, Select + Add. + Add

  • Fill out under the Remote virtual network summary heading supply a
    name for Peering link name with app-vnet-to-hub.
    Peering link name.

  • Select the first virtual network from the drop-down.
    hub-vnet virtual network

  • Scroll the page down to the Local virtual network summary heading.
    Fill out the Peering link name with hub-to-app-vnet.
    hub-to-app-vnet Peering link name

  • Leave all other settings as their defaults. Select Add to create the
    virtual network peering.
    Add peering button

  • You should see a notification at the top right of the page that says
    Adding virtual network peering
    Adding virtual network peering

  • Once the process completes, and after the configuration updates,
    this validates that the Peering status is set to Connected.
    (you may have to refresh the page to see the updated status)

Perring status is connected
Deployment succeded

Conclusion.

This article explains how to provide network isolation and segmentation for a web application, in an Azure virtual network with subnets with address space. We have learned the following:

  • Creating virtual networks
  • Creating subnets within the virtual networks, and
  • Configuring virtual networking peering which means allowing two or more virtual networks to connect and appear as one for connectivity purposes.

It's been great sharing my journey into cloud engineering and I hope to see you soon on the other articles.

Cover Image by Alina Grubnyak on Unsplash

Top comments (0)

Read next

0xarnav profile image

[Frontend Challenge] Space Markup 🚀

Arnav -

lulu_liu_c90f973e2f954d7f profile image

How to Secure Your Kubernetes with Ingress-Nginx and SafeLine

Lulu -

jiayufagao profile image

1.2.1 Modeling Workflow ABCD

FagaoMBSE -

dumka profile image

Understanding Core Concepts in Cloud Computing

Dumka Esaenwi -