Generic Networking Terms

• Ingress: Incoming or Inbound
• Egress: Outgoing or Outbound

AWS Networking Model

• AWS follows regional networking model i.e. a private network is scoped with in a region.
• subnets are scoped to Availability zones and subnets will have infra elements connected to network
• AWS network is created using a service called as VPC (Virtual private cloud)
• VPC can have multiple subnets and by default systems/instances can communicate within vpc with no extra configuration
• VPCs by default will not have internet access
• AWS by default creates a vpc in every region called as default vpc. Default vpcs have
  • subnets according az’s
  • internet access enabled
  • This vpc is used by default when you are creating ec2 instances.
    
• For default vpc and other navigations follow classroom recording
  • finding default vpcs
  • deleting default vpc and recreating
• When we create vpc, we get the following by default
  • route table: this is default route table (router) which is by default connected with every subnet and allows all internal communication within vpc
  • network acl
  • default security group
• In AWS if our network needs internet access that is provided with the help of internet gateway which are two types
  • internet gateway: This give bi directional capacity. i.e. the systems (ec2) can have public ip and can be accessed over internet
  • egress only internet gateway: This gives one directional internet
• To establish internet connection we need to configure route in route table to communicate with internet gateway
• Configuring restrictions or router rules is generally based on CIDR ranges since we can restrict based on fixed part (network id)
  • network range: allow 10.10.0.0/16 => allow any device which has ip from 10.10.0.0 to 10.10.255.255
  • anywhere: allow 0.0.0.0/0 => allow devices with ip 0.0.0.0 to 255.255.255.255 (any ip)
  • specific ip: allow 100.24.23.22/32 => allow device with specific ip 100.24.23.22

Lets create a vpc in mumbai region

• In AWS there are no names only id’s and tags
• Generally a tag is a name value pair, A Tag with name as Name and value is shown as name in many aws resources
• region: mumbai (ap-south-1)
• vpc range: 192.168.0.0/16
• Lets create 3 subnets
  • web:
    • az: a (ap-south-1a)
    • cidr: 192.168.0.0/24
  • app
    • az: a (ap-south-1a)
    • cidr: 192.168.1.0/24
  • db
    • az: a (ap-south-1a)
    • cidr: 192.168.2.0/24
• Create VPC using Console (Watch classroom recording)
  
• Lets create an internet gateway (Watch classroom recording)
  

Azure Networking Model

• Azure follows regional network model i.e network belongs to a region
• Networks are created with the help of service virtual networks
• Subnets also belong to region
• While creating infra select zone as vms can be on same subnet but different zones
• Azure virtual network enables all internal communication by default across subnets
• Azure virtual network is connected to internet by default
• In Azure there is no concept of default virtual networks i.e. when you create virtual machine in azure it also creates virtual network
  

Azure Resource Model

Lets create a virtual network with 3 subnets in Azure

• Watch classroom video for screenshots or view quickstart