Understanding Azure Virtual Networks and Subnets: A Beginner's Guide

What is an Azure Virtual Network (VNet)?

An Azure Virtual Network (VNet)is a section of the Azure cloud where you can run your Azure resources, such as virtual machines (VMs), databases, and applications. VNets allow these resources to communicate securely with each other, with the internet, and with on-premises networks.

Key Features of Azure VNets

1. Isolation and Security:

   • Each VNet is isolated from other VNets in Azure, providing a secure environment for your applications.

   • Resources within a VNet can communicate with each other without being exposed to the public internet.

2. Subnets:

   • VNets can be segmented into subnets, which are smaller address spaces within the VNet. This allows for better organization and management of resources.

   • Each subnet can have its own security policies and routing configurations.

3. IP Address Management:

   • VNets use private IP address spaces (e.g., RFC 1918 addresses) to assign IP addresses to resources.

   • You can define the address range for your VNet using CIDR notation (e.g., 192.148.30.0/26).

4. Connectivity Options:

   • VNets can connect to other VNets through VNet peering, allowing seamless communication between them.

   • You can also connect VNets to on-premises networks using VPN gateways or ExpressRoute, creating hybrid cloud environments.

5. Routing and Filtering:

   • Azure automatically routes traffic between subnets within a VNet.

   • You can implement custom routing rules using route tables and filter traffic using Network Security Groups (NSGs).

Benefits of Using Azure Virtual Networks

• Improved Security: Isolation features enhance security by controlling access to resources.

• Simplified Management: Centralized management for configuring network infrastructure in Azure.

• Scalability: Easily scale your network by adding or removing subnets as needed.

• Flexibility: Various connectivity options allow you to meet specific networking requirements.

Understanding Subnets

A subnet is a subdivision of a VNet that allows you to group related resources together. Subnets help in applying specific access controls and policies.

Subnet Characteristics

• Each subnet has its own IP address range defined from the VNet's address space.

• Subnets can be configured with different security settings and routing rules.

• You can reserve certain IP addresses within subnets for specific purposes (e.g., network gateway).

Steps on Creating an Azure virtual network with four subnets with this address space 192.148.30.0/26

Step 1: Log in to Azure Portal

• Open your web browser and navigate to Azure Portal.

• Sign in with your Azure account credentials

  

Step 2: Create a Resource Group (Optional)

• If you don't have a resource group, you can create one:

  • In the left-hand menu, select Resource groups.

  • Click on + Create.

  • Fill in the required details:

    • Resource group name: Choose a name (e.g., MyResourceGroup).

    • Region: Select your preferred region.

  • Click Review + create, then click Create.

    

Step 3: Create the Virtual Network

• In the Azure portal, search for Virtual networks and select it.

• Click on + Create to start creating a new VNet.

• Fill in the required details:

  • Subscription: Select your subscription.

  • Resource group: Choose the resource group you created or an existing one.

  • Name: Enter a name for your VNet (e.g., MyVNet).

  • Region: Select the same region as your resource group

    

    

Step 4: Configure Address Space

• Navigate to the IP Addresses tab.

• Under IPv4 address space, enter:

  • Address space: 192.148.30.0/26

• This address space allows for a total of 64 IP addresses (from 192.148.30.0 to 192.148.30.63)

  

Step 5: Add Subnets

You will now add four subnets within this address space:

1. Subnet 1

   • Click on + Add subnet.

   • Enter the following details:

     • Subnet name: Subnet1

     • Subnet address range: 192.148.30.0/28

   • Click Add

     

2. Subnet 2

   • Click on + Add subnet again.

   • Enter:

     • Subnet name: Subnet2

     • Subnet address range: 192.148.30.16/28

   • Click Add

     

3. Subnet 3

   • Click on + Add subnet again.

   • Enter:

     • Subnet name: Subnet3

     • Subnet address range: 192.148.30.32/28

   • Click Add

     

4. Subnet 4

   • Click on + Add subnet once more.

   • Enter:

     • Subnet name: Subnet4

     • Subnet address range: 192.148.30.48/28

   • Click Add

     

     

Step 6: Review and Create

• After adding all four subnets, click on the button labeled Review + create at the bottom of the page.

• Review your configuration to ensure everything is correct.

• Once validated, click on the Create button to deploy the Virtual Network

  

  

Step 7: Verify Deployment

• After deployment completes, navigate to your resource group and select your newly created Virtual Network (e.g., MyVNet).

• In the left pane, click on Settings, then select Subnets to view and confirm that all four subnets are correctly configured with their respective address ranges

  

Summary of Subnets Created

HOW I CAME ABOUT THE IP ADDRESSES IN DETAIL

Step 1: Understanding the Address Space

• CIDR Notation: /26 means the first 26 bits of the address are reserved for the network, leaving 6 bits for host addresses.

• Number of Addresses:
  2^ (32−26) =64 total IP addresses.

  • Usable Addresses: 64 addresses per subnet include:

    • 1 Network Address (first address)

    • 1 Broadcast Address (last address)
      Hence, 64−2=62 usable IPs for hosts

Step 2: Subnetting

To divide the /26 block into 4 subnets, we need to allocate 2 more bits for subnetting.

• New Subnet Mask: /28 (26 bits + 2 subnet bits).

• Number of New Subnets: 2^2 = 4

• Addresses per Subnet: 2^{32-28} = 16 addresses per subnet.

  • Usable IPs per subnet: 16 - 2 = 14

Step 3: Subnet Ranges

Here’s how the address space splits:

1. Subnet 1

   • Network Address: 192.148.30.0

   • Subnet Mask: /28 (255.255.255.240)

   • Range of IPs: 192.148.30.0 to 192.148.30.15

   • Usable IPs: 192.148.30.1 to 192.148.30.14

   • Broadcast Address: 192.148.30.15

2. Subnet 2

   • Network Address: 192.148.30.16

   • Subnet Mask: /28 (255.255.255.240)

   • Range of IPs: 192.148.30.16 to 192.148.30.31

   • Usable IPs: 192.148.30.17 to 192.148.30.30

   • Broadcast Address: 192.148.30.31

3. Subnet 3

   • Network Address: 192.148.30.32

   • Subnet Mask: /28 (255.255.255.240)

   • Range of IPs: 192.148.30.32 to 192.148.30.47

   • Usable IPs: 192.148.30.33 to 192.148.30.46

   • Broadcast Address: 192.148.30.47

4. Subnet 4

   • Network Address: 192.148.30.48

   • Subnet Mask: /28 (255.255.255.240)

   • Range of IPs: 192.148.30.48 to 192.148.30.63

   • Usable IPs: 192.148.30.49 to 192.148.30.62

   • Broadcast Address: 192.148.30.63

Each subnet has a fixed size of 16 IPs.

By subnetting the original address space of 192.148.30.0/26, we have successfully created four subnets, each with a /28 prefix, allowing for efficient use of IP addresses while maintaining manageable network segments for devices and hosts within an organization or infrastructure setup. This approach not only enhances network organization but also improves security and performance by isolating different segments of the network, which can be particularly useful in environments like cloud services or enterprise network

Learn more : Azure networking services overview | Microsoft Learn