Virtual network peering enables you to seemlessly connect two Azure virtual networks. Once peered, the virtual networks appear as one, for connectivity purposes. The traffic between virtual machines in the peered virtual networks is routed through the Microsoft backbone infrastructure, much like traffic is routed between virtual machines in the same virtual network, through private IP addresses only
In this example i created Virtual network (net1-vnet-10.0.0.0/22) with 2 subnets:10.0.0.0/24 and 10.0.1.0.24.
vm1-10.0.0.0/24
vm2-10.0.1.0/24
net2-vnet-10.0.4.0/22 with 10.0.4.0/24 subnet-associated with vm3
vm3 will communicate with vm3 through vm1
Creating Virtual mahines
deployvm12.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"virtualMachineSize": {
"type": "string",
"defaultValue": "Standard_B1ms",
"metadata": {
"description": "Virtual machine size"
}
},
"virtualMachine1Name": {
"type": "string",
"defaultValue": "vm1",
"metadata": {
"description": "Virtual machine name"
}
},
"virtualMachine2Name": {
"type": "string",
"defaultValue": "vm2",
"metadata": {
"description": "Virtual machine name"
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Default Admin username"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Default Admin password"
}
},
"storageAccountType": {
"type": "string",
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Storage Account type for the VM and VM diagnostic storage"
},
"allowedValues": [
"Standard_LRS",
"Premium_LRS"
]
},
"virtualNetworkName": {
"type": "string",
"defaultValue": "net1-vnet",
"metadata": {
"description": "Virtual network name"
}
}
},
"variables": {
"virtualMachine1Name": "[parameters('virtualMachine1Name')]",
"virtualMachine2Name": "[parameters('virtualMachine2Name')]",
"nic1": "net1-nic1",
"nic2": "net1-nic2",
"virtualNetworkName": "[parameters('virtualNetworkName')]",
"subnet1Name": "subnet-1",
"subnet2Name": "subnet-2",
"publicIPAddress1Name": "net1-pip1",
"publicIPAddress2Name": "net1-pip2",
"subnet1Ref": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnet1Name'))]",
"subnet2Ref": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnet2Name'))]",
"diagStorageAccountName": "[concat('net1',uniqueString(resourceGroup().id))]",
"networkSecurityGroup1Name": "net1-nsg1",
"networkSecurityGroup2Name": "net1-nsg2"
},
"resources": [
{
"name": "[variables('virtualMachine1Name')]",
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2017-03-30",
"location": "[resourceGroup().location]",
"comments": "The first virtual machine",
"dependsOn": [
"[variables('nic1')]",
"[variables('diagStorageAccountName')]"
],
"properties": {
"osProfile": {
"computerName": "[variables('virtualMachine1Name')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"windowsConfiguration": {
"provisionVmAgent": "true"
}
},
"hardwareProfile": {
"vmSize": "[parameters('virtualMachineSize')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2016-Datacenter",
"version": "latest"
},
"osDisk": {
"createOption": "fromImage"
},
"dataDisks": []
},
"networkProfile": {
"networkInterfaces": [
{
"properties": {
"primary": true
},
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('diagStorageAccountName')), '2017-06-01').primaryEndpoints['blob']]"
}
}
}
},
{
"name": "[variables('virtualMachine2Name')]",
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2017-03-30",
"location": "[resourceGroup().location]",
"comments": "The second virtual machine",
"dependsOn": [
"[variables('nic2')]",
"[variables('diagStorageAccountName')]"
],
"properties": {
"osProfile": {
"computerName": "[variables('virtualMachine1Name')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"windowsConfiguration": {
"provisionVmAgent": "true"
}
},
"hardwareProfile": {
"vmSize": "[parameters('virtualMachineSize')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2016-Datacenter",
"version": "latest"
},
"osDisk": {
"createOption": "fromImage"
},
"dataDisks": []
},
"networkProfile": {
"networkInterfaces": [
{
"properties": {
"primary": true
},
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic2'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('diagStorageAccountName')), '2017-06-01').primaryEndpoints['blob']]"
}
}
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('diagStorageAccountName')]",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"sku": {
"name": "[parameters('storageAccountType')]"
},
"kind": "Storage",
"properties": {}
},
{
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Virtual Network",
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.0.0.0/22"
]
},
"subnets": [
{
"name": "[variables('subnet1Name')]",
"properties": {
"addressPrefix": "10.0.0.0/24"
}
},
{
"name": "[variables('subnet2Name')]",
"properties": {
"addressPrefix": "10.0.1.0/24"
}
}
]
}
},
{
"name": "[variables('nic1')]",
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Primary NIC",
"dependsOn": [
"[variables('publicIPAddress1Name')]",
"[variables('networkSecurityGroup1Name')]",
"[variables('virtualNetworkName')]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"subnet": {
"id": "[variables('subnet1Ref')]"
},
"privateIPAllocationMethod": "Dynamic",
"publicIpAddress": {
"id": "[resourceId('Microsoft.Network/publicIpAddresses', variables('publicIPAddress1Name'))]"
}
}
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup1Name'))]"
}
}
},
{
"name": "[variables('nic2')]",
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Primary NIC",
"dependsOn": [
"[variables('publicIPAddress2Name')]",
"[variables('networkSecurityGroup2Name')]",
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"subnet": {
"id": "[variables('subnet2Ref')]"
},
"privateIPAllocationMethod": "Dynamic",
"publicIpAddress": {
"id": "[resourceId('Microsoft.Network/publicIpAddresses', variables('publicIPAddress2Name'))]"
}
}
}
]
}
},
{
"name": "[variables('publicIPAddress1Name')]",
"type": "Microsoft.Network/publicIpAddresses",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Public IP for Primary NIC",
"properties": {
"publicIpAllocationMethod": "Dynamic"
}
},
{
"name": "[variables('publicIPAddress2Name')]",
"type": "Microsoft.Network/publicIpAddresses",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Public IP for Primary NIC",
"properties": {
"publicIpAllocationMethod": "Dynamic"
}
},
{
"name": "[variables('networkSecurityGroup1Name')]",
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2016-09-01",
"location": "[resourceGroup().location]",
"comments": "Network Security Group (NSG) for Primary NIC",
"properties": {
"securityRules": [
{
"name": "default-allow-rdp",
"properties": {
"priority": 1000,
"sourceAddressPrefix": "*",
"protocol": "Tcp",
"destinationPortRange": "3389",
"access": "Allow",
"direction": "Inbound",
"sourcePortRange": "*",
"destinationAddressPrefix": "*"
}
}
]
}
},
{
"name": "[variables('networkSecurityGroup2Name')]",
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2016-09-01",
"location": "[resourceGroup().location]",
"comments": "Network Security Group (NSG) for Primary NIC",
"properties": {
"securityRules": [
{
"name": "default-allow-rdp",
"properties": {
"priority": 1000,
"sourceAddressPrefix": "*",
"protocol": "Tcp",
"destinationPortRange": "3389",
"access": "Allow",
"direction": "Inbound",
"sourcePortRange": "*",
"destinationAddressPrefix": "*"
}
}
]
}
}
],
"outputs": {}
}
deployvm3.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"virtualMachineSize": {
"type": "string",
"defaultValue": "Standard_B1ms",
"metadata": {
"description": "Virtual machine size"
}
},
"virtualMachineName": {
"type": "string",
"defaultValue": "vm3",
"metadata": {
"description": "Virtual machine name"
}
},
"adminUsername": {
"type": "string",
"metadata": {
"description": "Default Admin username"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Default Admin password"
}
},
"storageAccountType": {
"type": "string",
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Storage Account type for the VM and VM diagnostic storage"
},
"allowedValues": [
"Standard_LRS",
"Premium_LRS"
]
},
"virtualNetworkName": {
"type": "string",
"defaultValue": "net2-vnet",
"metadata": {
"description": "Virtual network name"
}
}
},
"variables": {
"virtualMachineName": "[parameters('virtualMachineName')]",
"nic1": "net2-nic1",
"virtualNetworkName": "[parameters('virtualNetworkName')]",
"subnet1Name": "subnet-1",
"publicIPAddressName": "net2-pip1",
"subnet1Ref": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnet1Name'))]",
"diagStorageAccountName": "[concat('diags',uniqueString(resourceGroup().id))]",
"networkSecurityGroupName": "net2-nsg1"
},
"resources": [
{
"name": "[variables('virtualMachineName')]",
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2017-03-30",
"location": "[resourceGroup().location]",
"comments": "This is the virtual machine that you're building.",
"dependsOn": [
"[variables('nic1')]",
"[variables('diagStorageAccountName')]"
],
"properties": {
"osProfile": {
"computerName": "[variables('virtualMachineName')]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]",
"windowsConfiguration": {
"provisionVmAgent": "true"
}
},
"hardwareProfile": {
"vmSize": "[parameters('virtualMachineSize')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2016-Datacenter",
"version": "latest"
},
"osDisk": {
"createOption": "fromImage"
},
"dataDisks": []
},
"networkProfile": {
"networkInterfaces": [
{
"properties": {
"primary": true
},
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('diagStorageAccountName')), '2017-06-01').primaryEndpoints['blob']]"
}
}
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('diagStorageAccountName')]",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"sku": {
"name": "[parameters('storageAccountType')]"
},
"kind": "Storage",
"properties": {}
},
{
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Virtual Network",
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.0.4.0/22"
]
},
"subnets": [
{
"name": "[variables('subnet1Name')]",
"properties": {
"addressPrefix": "10.0.4.0/24"
}
}
]
}
},
{
"name": "[variables('nic1')]",
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Primary NIC",
"dependsOn": [
"[variables('publicIpAddressName')]",
"[variables('networkSecurityGroupName')]",
"[variables('virtualNetworkName')]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"subnet": {
"id": "[variables('subnet1Ref')]"
},
"privateIPAllocationMethod": "Dynamic",
"publicIpAddress": {
"id": "[resourceId('Microsoft.Network/publicIpAddresses', variables('publicIpAddressName'))]"
}
}
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
}
}
},
{
"name": "[variables('publicIpAddressName')]",
"type": "Microsoft.Network/publicIpAddresses",
"apiVersion": "2017-06-01",
"location": "[resourceGroup().location]",
"comments": "Public IP for Primary NIC",
"properties": {
"publicIpAllocationMethod": "Dynamic"
}
},
{
"name": "[variables('networkSecurityGroupName')]",
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2016-09-01",
"location": "[resourceGroup().location]",
"comments": "Network Security Group (NSG) for Primary NIC",
"properties": {
"securityRules": [
{
"name": "default-allow-rdp",
"properties": {
"priority": 1000,
"sourceAddressPrefix": "*",
"protocol": "Tcp",
"destinationPortRange": "3389",
"access": "Allow",
"direction": "Inbound",
"sourcePortRange": "*",
"destinationAddressPrefix": "*"
}
}
]
}
}
],
"outputs": {}
}
#Create resource group:
New-AzureRmResourceGroup -Name ExampleResourceGroup -Location “your azure location”
#deploy VM’s
New-AzureRmResourceGroupDeployment -Name ExampleDeployment -ResourceGroupName ExampleResourceGroup -TemplateFile “C:\Templates\deployvm12.json”
New-AzureRmResourceGroupDeployment -Name ExampleDeployment -ResourceGroupName ExampleResourceGroup -TemplateFile “C:\Templates\deployvm3.json”
Create net peering between net1-vnet and net2-vnet
Click net1-vnet-Peering-add
Enter name and associated net2-vnet
Check allow forwarded traffic
allow gateway transit
do the same from net2-vnet,create peering to net1-vnet
In vm1 properties click networking-NIC
Ipconfiguration-Ipforwarding-Enabled
Create routing table (specify vm1 as next hop for network 10.0.0/22)
New-networking-Route Table
On Route Table properties click Routes-add
Basically this setting is: in order to reach 10.0.0.0/22 go through 10.0.0.4 (vm1)
In Route Table properties click on Subnets-Associate
Associate net2-vnet and it’s subnet (where vm3 is located)
Now install basic router on vm1 (all traffic will go through that machine)
Now, from vm3 try pinging vm2 (see that vm1-10.0.04 is specified as next hop)
geekdudes 