Overview
Azure networking provides the foundation for how resources communicate securely and efficiently. This tutorial covers Virtual Networks, Subnets, Network Security Groups, Load Balancers, and DNS.
Virtual Networks (VNet)
A VNet is a logical isolation of the Azure cloud dedicated to your subscription. It enables you to segment your resources and control traffic.
Below is a sample ARM template to create a VNet with two subnets.
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-05-01",
"name": "myVNet",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": { "addressPrefixes": ["10.0.0.0/16"] },
"subnets": [
{ "name": "subnetApp", "properties": { "addressPrefix": "10.0.1.0/24" } },
{ "name": "subnetDB", "properties": { "addressPrefix": "10.0.2.0/24" } }
]
}
}
]
}Network Security Groups (NSG)
NSGs let you control inbound and outbound traffic to resources at subnet or NIC level.
- Allow/deny rules based on protocol, port, and IP.
- Prioritize rules using a numeric order.
Load Balancers
Azure Load Balancer distributes incoming traffic across multiple VMs for high availability.
| Type | Use‑Case |
|---|---|
| Public LB | Internet‑facing services |
| Internal LB | Service‑to‑service traffic within a VNet |
Azure DNS
Azure DNS provides ultra‑reliable, low‑latency DNS resolution for your domain names.
Use Azure CLI to create a DNS zone:
az network dns zone create -g MyResourceGroup -n contoso.comBest Practices
- Separate workloads using distinct subnets.
- Apply NSG rules least‑privilege principle.
- Use Azure Monitor for network diagnostics.
- Implement Azure Firewall for centralized security.