On 28th of September, Microsoft has released the Virtual Network peering, in GA.
This new functionality gives you the opportunity to connect 2 Virtual Network in Azure between them, by using the network of the Azure Datacenter. Bye bye VPN S2S between virtual network 🙂
Some prerequisites are needed to do this:
- Be on the same Azure Region (West Europe for me)
- Do not overlap networks of each VNet
The pricing of this new feature is available here and depends on the data transferred through this feature: https://azure.microsoft.com/en-us/pricing/details/virtual-network/
You can do the VNet Peering between:
- ARM VNet to ARM VNet in the same subscription
- ARM VNet to Classic VNet in the same subscription
- ARM VNet to ARM VNet in different subscription
Arm to Arm Virtual Network peering
To start a VNet peering between 2 ARMs Virtual network, go on the first virtual network, in the Peerings part and click on Add:
Provide a name, choose the Resource Manager mode, choose to which virtual network you want to peer if you want to enable or disable this connection, and choose other options for the routing between gateway on each network, etc.:
The Peering Status is currently Initiated because we need to do the same peering on the other virtual network:
On the second virtual network, click on Add on the Peerings part:
Now, the status is Connected because the 2 Virtual networks are connected:
I’ll do a ping from one VNet, to the other:
The ping is working fine 🙂
Arm to Classic Virtual Network peering
In my classic portal, I have one virtual network with one VM connected to it.
In this case, only one link is needed to create the peering, from ARM to Classic:
As you can see, the peering is directly connected:
To test the connectivity, I’ll do a ping from a classic VM to an ARM VM:
And it works again 🙂
Arm to Arm Virtual Network peering in 2 different subscriptions
To create a network peering between 2 networks in 2 different subscriptions, you MUST be Owner of the 2 subscriptions. Add a peering and check the box I know my resource ID. Provide the VNet of the other subscription with the following format, by replacing XXX-XXX-XXX-XXXX by your subscription ID and by changing the resource group name and the virtual network name:
/subscriptions/XXXXX-XXXX-XXXX-XXXX-XXXXXXXXX/resourceGroups/Network/providers/Microsoft.Network/virtualNetworks/FLOAPP-VNet
I checked the box Use remote gateways to be able to use my ExpressRoute connected to the remote virtual network.
Do the same on the other network:
When it’s done, the connection is done:
These new features are very useful to connect different subscription/VNet between us, without passing through the internet because you use the network backbone of Azure datacenter.
