Virtual network peering example

Virtual network peering connects two Azure virtual networks, allowing traffic to be freely routed between the two. Once peered, the two virtual networks act as one with respect to connectivity. Network security group rules are still observed. Virtual network peering is simple and easy to set up, but the limitation is that the IP ranges of two peered virtual networks can't overlap. See pricing for virtual network peering for the associated cost.

Example

This example shows how to connect using virtual network peering. The IP ranges of two peered virtual networks can't overlap. BigAnimal VNets use the 10.240.0.0/14 address space and can't be peered with VNets using this same space.

Note

If your cluster was deployed before April 19, 2022, your BigAnimal VNet might be using the 10.0.0.0/8 address space.

Assume that your cluster is on a subscription called development and is being accessed from a Linux client VM on another subscription called test. It has the following properties:

  • Cluster:
    • Subscription: development
    • Cluster ID: p-mckwlbakq5
    • Account ID: brcxzr08qr7rbei1
    • Organization's domain name: biganimal.io
  • Linux client VM called vm-client:
    • Subscription: test
    • Resource group: rg-client
    • Virtual network: vnet-client
    • Virtual network subnet: snet-client

Prerequisites

To walk through an example in your own environment, you need:

  • Your cluster URL. You can find the URL in the Connect tab of your cluster instance in the BigAnimal portal.

  • The IP address of your cluster. You can find the IP address of your cluster using the following command:

    dig +short p-mckwlbakq5.brcxzr08qr7rbei1.biganimal.io
    Output
    10.240.1.218
  • A PostgreSQL client, such as psql, installed on your client VM.

You need to add two peering links, one from the client VM's VNet vnet-client and the other from your cluster's VNet vnet-japaneast.

Note

In this example, you create virtual network peering for virtual networks that belong to subscriptions in the same Azure Active Directory tenants. For steps to create virtual network peering for virtual networks that belong to subscriptions in different Azure Active Directory tenants, see peering virtual networks from different Azure Active Directory tenants.

  1. In the Azure portal, search for Virtual networks. When Virtual networks appears in the search results, select it. Don't select Virtual networks (classic), as you can't create a peering from a virtual network deployed through the classic deployment model.

  2. Select the client VM's virtual network vnet-client from the list that you want to create a peering for.

  3. Under Settings, select Peerings and then select + Add.

  4. From the Peerings page of the client VM's virtual network vnet-client, add two peering links called peer-client-edb and peer-edb-client to join the address space of two virtual networks together.

    To simplify the process, Azure creates both peering links for you when you add peering from either side.

    image25

    image7

Step 2: Access the cluster

Access the cluster with its domain name from your cluster's connection string. It's accessible from vnet-client after peering.

dig +short p-mckwlbakq5.brcxzr08qr7rbei1.biganimal.io 
psql -h p-mckwlbakq5.brcxzr08qr7rbei1.biganimal.io -U edb_admin
Output
10.240.1.123 
Password for user edb_admin: 

psql (13.4 (Ubuntu 13.4-1.pgdg28.84+1), server 13.4.8 (Debian 13.4.8-1+deb10)) 
WARNING : psql major version 13, server major version 13. Some psql features might not work. 
SSL connection (protocol : TLSV1.3cipherTLS_AES_256_GCM_SHA384, bits : 256, compression : off) Type "help" for help. 

edb_admin=>