I call them bread crumbs, but to me, it’s really a way to self document my virtual networks in Azure. I build a lot of virtual networks and connect them between on-premises and Azure. I’ve had up to three virtual networks running at one time within my single on-premises infrastructure. As I setup and manage these virtual networks, troubleshooting is always something I need to be prepared to do, so I try to make my configurations as self documenting as possible. One of the ways I do this is through my bread crumbs. Consider this example:
- My ISP provides a public facing IP address for my on-premises network. Let’s say they gave me the IP address of x.y.z.220. I take the last octet (220) and use that as my first breadcrumb.
- When I setup my Point to Site network, I use the address scheme of 172.16.220.0/24 and put the 220 in the third octet as a bread crumb.
- When I define my local network (because I was creating a new on-premises network) I use the IP scheme of 192.168.220.0/24 and put the 220 in the third octet as a bread crumb as well.
- Then when I build my virtual network in Azure, I use the IP scheme 10.220.0.0/16 and use the second octet as my bread crumb here since I can have multiple subnets in an Azure virtual network.
This gives me the ability to see from a simple IPCONFIG command what type of connectivity I have to my hybrid network. This bread crumb has been instrumental to me as a troubleshooting tool with my virtual networks. While I agree this scheme may not work for everyone, I encourage you to build a standard naming scheme to ease in the long term management of your network.
Simply put, my networks that include .220 are all pointing to the same Site-to-Site network to Azure. My mobile users all start with 172. and when I see the .220 I know which network they are connected to and my on-premises (192.) and Azure networks (10.) also tell me exactly where my server is running, or how my user is connected to my network.
One last note: The Public Facing IP address, must be a public IPv4 address and cannot be NAT’d.
Until next time,