Create a virtual network (VNet)

1.1 Design and Implement IP Addressing for Azure Resources

📘Microsoft Azure Networking Solutions (AZ-700)

1. What is an Azure Virtual Network (VNet)?

An Azure Virtual Network (VNet) is a private network inside Azure.

It allows Azure resources such as:

  • Virtual machines (VMs)
  • Azure services
  • Containers

to communicate securely with each other.

A VNet works like a private IP network in a data center, but it is fully managed by Azure.

Key Points for Exam

  • A VNet is isolated by default
  • Only resources inside the VNet can communicate unless you allow access
  • VNets use private IP addressing

2. Why Do We Create a VNet?

You create a VNet to:

  • Control IP addressing
  • Control network traffic
  • Secure communication between Azure resources
  • Connect Azure to on-premises networks or other VNets

AZ-700 Focus

The exam checks if you understand:

  • How VNets are created
  • How IP ranges are planned
  • How subnetting works inside a VNet

3. Core Components of a VNet

When creating a VNet, you must understand these components:

3.1 Address Space

An address space defines the IP range for the VNet.

  • Uses private IP ranges
  • Written in CIDR format

Common Private IP Ranges

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16

Exam Rules

  • Address spaces must not overlap with other VNets or on-premises networks
  • IP planning is critical before creating the VNet

3.2 Subnets

A subnet divides a VNet into smaller networks.

  • Every VNet must have at least one subnet
  • Subnets help organize resources
  • Each subnet has its own IP range

Important Subnet Rules

  • Subnet IP range must be inside the VNet address space
  • Subnet ranges cannot overlap
  • Subnets can be resized (with limits)

Exam Tip

Azure reserves 5 IP addresses in every subnet:

  • First IP (network address)
  • Last IP (broadcast)
  • 3 additional Azure-reserved addresses

4. Steps to Create a Virtual Network (Conceptual)

The exam does not test button-clicking, but you must know the logical steps.

Step 1: Choose Subscription and Resource Group

  • VNets must belong to a resource group
  • Resource group controls management and access

Step 2: Define VNet Name and Region

  • VNets are regional
  • Resources communicate faster inside the same region

Step 3: Configure Address Space

  • Define the main IP range for the VNet
  • Use CIDR notation

Step 4: Create Subnets

  • Create one or more subnets
  • Assign smaller IP ranges from the VNet address space

5. VNet Region and Scope

Regional Scope

  • A VNet exists in one Azure region
  • Resources in different regions need:
    • VNet peering
    • VPN
    • ExpressRoute

Exam Reminder

VNets cannot span regions, but can connect across regions.

6. Default Settings During VNet Creation

When creating a VNet, Azure allows you to configure:

6.1 DNS Settings

  • Azure provides default DNS
  • You can specify custom DNS servers

Exam Focus

Custom DNS is often used when:

  • Integrating with on-premises environments
  • Using private name resolution

6.2 Security Defaults

VNets are:

  • Private by default
  • No inbound internet access unless configured

Security is enforced using:

  • Network Security Groups (NSGs)
  • Azure Firewall (advanced scenarios)

7. Important Design Considerations (Very Important for Exam)

7.1 IP Address Planning

  • Plan for future growth
  • Avoid overlapping IP ranges
  • Consider hybrid connectivity

7.2 Subnet Size Planning

  • Small subnets can cause IP exhaustion
  • Azure reserves IPs automatically

7.3 Service Requirements

Some Azure services require:

  • Dedicated subnets
  • Specific subnet names
  • Minimum subnet sizes

This is commonly tested in scenario-based questions.

8. VNet and Azure Services Integration

A VNet can integrate with:

  • Virtual machines
  • Load balancers
  • Application gateways
  • Private endpoints
  • VPN gateways

Exam Tip

Not all Azure services need a VNet, but many advanced networking services do.

9. VNet Limits (High-Level Awareness)

For the exam, remember:

  • VNets have limits (subnets, IPs, peerings)
  • Limits depend on:
    • Subscription
    • Azure region
  • Limits can often be increased by request

You are not expected to memorize numbers, but you should know limits exist.

10. Common Exam Mistakes to Avoid

❌ Overlapping address spaces
❌ Forgetting subnet IP reservations
❌ Assuming VNets span regions
❌ Thinking VNets allow internet access by default

11. How This Topic Appears in the AZ-700 Exam

You may see:

  • Scenario-based questions
  • IP range selection questions
  • Subnet planning questions
  • Hybrid network design questions

Example Exam Focus Areas

  • Choose correct address space
  • Identify correct subnet design
  • Understand when VNets can or cannot communicate

12. Key Takeaways (Must Remember)

✔ A VNet is a private network in Azure
✔ VNets require IP address planning
✔ Subnets divide VNets into smaller networks
✔ VNets are region-specific
✔ Proper design prevents future network issues

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by