Azure Networking
Activity 1: Create a network and add vms into it
- Lets create a network with 3 subnets as mentioned below
- Steps to create a vnet with 3 subnets:
- Create a resource group
- Create a virtual network in that resource group
- docs link Refer Here
- Network Security Group: This allows us to write rules to allow or deny traffic.
- Creating NSG
- Create a linux vm and add it to web subnet with webnsg
- Try connecting to vm, it fails
- lets add inbound rules to allow 22 from my laptop,80 port from anywhere
-
Now when we access http from any where it works, whereas ssh is accessible only from my local system
-
Exericise: Create a network with vms and nsgs as shown below
Network Security Group (NSG)
- This allows us to write rules to allow or deny traffic.
- NSG can be attached to nic or entire subnet
- NSG has rules with priority (lower the rule number higher the priority)
- NSG Rules are differnet for incoming traffic and outgoing traffic
- Each rule has
- source/destination address
- protocol
- port
- action
- Refer Here for official docs
- Good Practices:
- Always start with priority number greater than 100
- Dont use consecutive numbers for nsg rules as some other items might come down the line in the future
