|
1 | 1 | --- |
2 | 2 | title: Subnet extension in Azure |
| 3 | +titleSuffix: Azure Virtual Network |
3 | 4 | description: Learn about subnet extension in Azure. |
4 | | -services: virtual-network |
5 | 5 | author: asudbring |
6 | | -manager: narayan |
7 | | -tags: azure-resource-manager |
8 | 6 | ms.service: virtual-network |
9 | 7 | ms.topic: conceptual |
10 | 8 | ms.workload: infrastructure-services |
11 | | -ms.date: 10/31/2019 |
| 9 | +ms.date: 04/06/2023 |
12 | 10 | ms.author: allensu |
13 | 11 | --- |
14 | 12 |
|
15 | 13 | # Subnet extension |
16 | | -Workload migration to the public cloud requires careful planning and coordination. One of the key considerations can be the ability to retain your IP addresses. Which can be important especially if your applications have IP address dependency or you have compliance requirements to use specific IP addresses. Azure Virtual Network solves this problem for you by allowing you to create VNet and Subnets using an IP address range of your choice. |
17 | 14 |
|
18 | | -Migrations can get a bit challenging when the above requirement is coupled with an additional requirement to keep some applications on-premises. In such as a situation, you'll have to split the applications between Azure and on-premises, without renumbering the IP addresses on either side. Additionally, you'll have to allow the applications to communicate as if they are in the same network. |
| 15 | +Workload migration to the public cloud requires careful planning and coordination. One of the key considerations can be the ability to retain your IP addresses. Which can be important especially if your applications have IP address dependency or you have compliance requirements to use specific IP addresses. Azure Virtual Network solves this problem for you by allowing you to create virtual networks and subnets using an IP address range of your choice. |
| 16 | + |
| 17 | +Migrations can get a bit challenging when the above requirement is coupled with an extra requirement to keep some applications on-premises. In such as a situation, you have to split the applications between Azure and on-premises, without renumbering the IP addresses on either side. Additionally, you have to allow the applications to communicate as if they are in the same network. |
19 | 18 |
|
20 | 19 | One solution to the above problem is subnet extension. Extending a network allows applications to talk over the same broadcast domain when they exist at different physical locations, removing the need to rearchitect your network topology. |
21 | 20 |
|
22 | | -While extending your network isn't a good practice in general, below use cases can make it necessary. |
| 21 | +While extending your network isn't a good practice in general, the following use cases can make it necessary. |
23 | 22 |
|
24 | 23 | - **Phased Migration**: The most common scenario is that you want to phase your migration. You want to bring a few applications first and over time migrate rest of the applications to Azure. |
| 24 | + |
25 | 25 | - **Latency**: Low latency requirements can be another reason for you to keep some applications on-premises to ensure that they're as close as possible to your datacenter. |
| 26 | + |
26 | 27 | - **Compliance**: Another use case is that you might have compliance requirements to keep some of your applications on-premises. |
27 | 28 |
|
28 | 29 | > [!NOTE] |
29 | 30 | > You should not extend your subnets unless it is necessary. In the cases where you do extend your subnets, you should try to make it an intermediate step. With time, you should try re-number applications in your on-premises network and migrate them to Azure. |
30 | 31 |
|
31 | 32 | In the next section, we'll discuss how you can extend your subnets into Azure. |
32 | 33 |
|
33 | | - |
34 | 34 | ## Extend your subnet to Azure |
35 | | - You can extend your on-premises subnets to Azure using a layer-3 overlay network based solution. Most solutions use an overlay technology such as VXLAN to extend the layer-2 network using an layer-3 overlay network. The diagram below shows a generalized solution. In this solution, the same subnet exists on both sides that is, Azure and on-premises. |
36 | 35 |
|
37 | | - |
| 36 | + You can extend your on-premises subnets to Azure using a layer-3 overlay network based solution. Most solutions use an overlay technology such as VXLAN to extend the layer-2 network using an layer-3 overlay network. The following diagram shows a generalized solution. In this solution, the same subnet exists on both sides that is, Azure and on-premises. |
| 37 | + |
| 38 | +:::image type="content" source="./media/subnet-extension/subnet-extension.png" alt-text="Diagram of Subnet Extension example."::: |
38 | 39 |
|
39 | 40 | The IP addresses from the subnet are assigned to VMs on Azure and on-premises. Both Azure and on-premises have an NVA inserted in their networks. When a VM in Azure tries to talk to a VM in on-premises network, the Azure NVA captures the packet, encapsulates it, and sends it over VPN/Express Route to the on-premises network. The on-premises NVA receives the packet, decapsulates it and forwards it to the intended recipient in its network. The return traffic uses a similar path and logic. |
40 | 41 |
|
|
0 commit comments