In this post we will discuss various important network terminology and concept in cloud networking (especially Azure and AWS related terminologies).
Virtual Network (VNET)/ Virtual Private Cloud (VPC)
VNET or Virtual network = Virtual + Network, i.e., Virtual network is network which is virtual.
Virtual – “virtual” word is used in the context of cloud technology. For example, if we are using Microsoft Azure cloud platform, we must configure some network within which our compute resources will be provisioned, that network is called Virtual Network or VNET. In case of AWS cloud platform, virtual network is known as VPC (Virtual private Cloud).
Network – in simple words network is a range of IP address where the IP addresses can be assigned to various devices or appliances, and we say, ‘those devices are part of that network’.
If we divide any VNET/VPC into multiple small network then it each of this small network is called subnet.
NIC – Network Interface Card, in Azure with each VM we need to attach NIC (s), and on the NIC public/private IP is assigned.
ENI – Elastic Network Interface, in AWS with each VM (ec2 instance), we need to attach ENI, and on ENI IP is assigned.
VNET/ VPC Peering
VNET/VPC peering is something which allows communication between one VNET/VPC to another VNET/VPC using private IP. That means the communication within two VNET become secure using VNET/VPC peering.
Communication within VNET or VPC
By default, communication between the subnets in a VNET/VPC is allowed. For example, we have a VNET/VPC and within that VM-1 in subnet-1 and VM-2 in subnet-2. Here, by default VM-1 and VM-2 can communicate with each other.
Routing & Route Table
Routing basically means on which path you want to send your network traffic. There is something called “Route Table”, it is nothing but a table which has our routes. So whatever routes we create for our network traffic those routes will appear in the ‘Route Table’.
While creating a ‘route’ there is two component we need to know –
- Destination network – it is the network where you want to send your network traffics.
- Next hop – This is one place on the path of network traffic flow, via which network traffic will reach destination.
NSG and NACL
In case of Azure, NSG (Network Security Group) is applied at subnet label to filter out the network traffic. Similar concept exist in AWS which is knows as NACL (Network Access Control List), it is applied at the subnet label to filter out the network traffic.
There is ‘security group’ in AWS as well, but here ‘security group’ is applied at instance level (AWS ec2 instance).
Public IP communication in cloud networking
When any resource (e.g., a VM) within a VNET/VPC want to communicate with the internet (which is public network), then it needs to use public IP.
Private IP Communication in cloud networking
Below are few places where private IP communication happen –
- When subnet to subnet communication happen within a VNET/VPC, then it uses private IP.
- In case VNET/VPC peering, communication between the VNET/VPC happen through private IP.
- VPN connection (VPN tunnel), private lease connection etc. uses private IP for communication.
Communication over tunnel
Communication over VPN tunnel happen using private IP (or native IP).
These are few very basic concept in Azure & AWS networking.
If you are interested in learning DevOps, please have a look at the below articles, which will help you greatly.
- Kubernetes Series: Part 1 – Introduction to Kubernetes | Background of Kubernetes
- Kubernetes Series: Part 2 – Components of Kubernetes cluster | Kubernetes cluster in detail
- Kubernetes Series: Part 3 – What is Minikube and How to create a Kubernetes cluster (on Linux) using Minikube?
- Introduction to Ansible | High Level Understanding of Ansible
- Basics of automation using Ansible | Automate any task
- Automation of Java installation – using Ansible
- 10 frequently used ansible modules with example
- Jenkins Pipeline as code – High level information
- What is End-to-End Monitoring of any web application and Why do we need it?
- What is “Monitoring” in DevOps? Why do we need to Monitor App/DB servers, Transactions etc.?
- DevOps Engineer or Software Developer Engineer which is better for you?- Let’s discuss
- How To Be A Good DevOps Engineer?
- Network Connectivity Troubleshooting Guide for Beginners
- How to do git push, git pull, git add, git commit etc. with Bitbucket