I am currently planning our migration to accessing resources within Azure using our Express Route Circuits (think of Azure been directly connected to our MPLS network) and was wondering what people’s recommendations regarding VNet/Subnet IP Address assignment scheme are when using AWS/Azure.
Unfortunately (and for historical reasons) we are very unorganized IP Address scheme which is making it difficult to come up a good addressing scheme within Azure. Essentially the networking team (they not a proper networking team and I have more networking experience than them) are only able to allocate me with two /16 subnet ranges for use within Azure – 172.17.0.0/16 and 172.18.0.0/16. For awareness, 10.0.0.0/8 is reserved and I cannot utilize it and 192.168.0.0/16 is not an ideal as range a number of networks scattered thought the range. The rest of 172.16.0.0/12 are used by our third party’s which we have S2S VPNs for and need to route traffic to.
Our plan is that we want all our services/servers hosted in Azure, to be located in two different data centres, so the two /16’s help in this case. My first thought are:
- Assign one /16 to our main/preferred Azure DC and the other to the DR DC.
- Divide the /16 into 26 separate /20 network range.
- Each /20 network is assigned to a subscription (think of a subscription as a Business unit, Ie Accounts, Development, Sales)
- The /20 network is then submitted depending on the business/application requirements ie device the /20 into /27’s for each application/server.
Is anyone able to suggest anything better in regards to subnetting for our Azure/AWS networking?
Apologies if I made any mistakes in my subnetting. Subnetting is not my strong point.
Thanks
No comments:
Post a Comment