22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 ### Bind на loopback-адрес и стандартный порт, ### так как ко2 votes
actually, vnet peering is able to single hub architecture.
[ Spoke vnet1 ] ----------- [ Hub vnet1 ] -----<ER/S2S>---
- spoke to hub use remote gateway
- hub to spoke allow gateway transit
---<ER/S2S>---- [ Spoke vnet1 ] -------- [ Hub vnet1 ] --- <ER/S2S> ---
- spoke to hub use remote gateway
- hub to spoke allow gateway transit(both vnets)
I want to use multi gateway, use scenario is below.
[Spoke vnet1] is owned by managed service provider. This service has VPN option on VPN gateway. but, cannot deploy VPN of this restriction.3 votes
Are there any plan to support next hop address based on FQDN so route table can be failover based on DNS ?1 vote
This is a common theme of service providers that Just Do Not Get It. The entire point of IPv6 is that the address space is no longer limited to tiny blocks.
The standard is to provide a /64 to customers. That should be the bare minimum for a cloud service being provided to enterprises. A /125 is a joke.
The RIPE.NET recommendation is /48 for everybody: https://bit.ly/2rynO5M1 vote
What does Service Tag depency on other service tags mean? For example for Azure Monitor service tag has dependency on Stroage service tag. Does this mean we need to add Storage as well for Azure Monitor or does this mean Azure monitor includes IPs for Storage service tag?1 vote
Is there a Azure product which is comparable to AWS's transit gateway?1 vote
Allow to add multiple Service Tags to NSG rule. Right now we can add multiple subnets, ranges, IPs and ports, Great idea would be to add also multiple service tags to source/destination as now we create multiple rules for one host to multiple service tags.3 votes
Great idea! Adding to our list of items to review for planning.
The Ability to change/define the BGP IP address assigned to the Virtual Network Gateway (automatically by Azure) when enabling BGP
The BGP Peer IP addresses when randomly assigned creates issues with the On-premise networks and private IP addresses ranges being advertised and currently in use. Customers have VPN's to various other devices and platforms, the static address provided creates routing issues when the BGP peer advertised is a part of a cutomer On-premise network.1 vote
Azure Network Topology Diagram is great but it will be more useful & better if that can be extended from Vnet to vnet as well & this will give us better understating how the whole azure setup is done. It will also help us to troubleshoot more better way. Is there any plan to add this feature in near future?1 vote
A lot of folks report problems deleting a VNET. One thing I found which works is to create the VNET in a dedicated resource group, and then, if you need to delete the VNET, delete the entire resource group. This seems to work. Of course, there are authorization implications, but those should be manageable by assigning rights with service principals at the subscription or individual resource level.1 vote
The client does not always have BGP options on their local firewall and traffic can go through one tunnel or the other. With the option of setting the priority helps and solve the problem.1 vote
ASGs are wonderful. They decouple ACLs from subnets, and so allow me to segment my application tiers without having to create separate subnets for each tier.
However, the moment I need to use UDRs, I'm back to using subnets for each tier. It would be great to be able to define UDRs for an ASG, so I can decouple routing from subnets just as I can currently decouple ACLs from subnets.3 votes
To make HA scenarios a lot simpler with NVAs that support BGP (which most of them do nowadays) each VNET should allow you to establish a BGP session directly with it so you can advertise and learn routes dynamically straight to the VNET.
This would help so many HA scenarios and also making sure traffic flows are symmetric a lot simpler by using BGP local preference, AS Path and Weight attributes.
Perhaps this could be enabled via a VNET service endpoint on your VNET as required?11 votes
Hi, would be nice to have a column to list the default address ranges for vNet and subnet associated with CIDR eg
10.252.0.0/18 10.252.0.0-10.252.63.2551 vote
Add metrics for routes to provide an easy way to utilize backup routes in Azure.6 votes
I want to integrating App service on the exsiting VNET that already has static (or dynamic) IP.31 votes
Please allow one to move a VM or VM NIC to a different VNET. Its pretty crazy that one of the suggested options is a backup and restore to change the virtual machines network3 votes
Is it possible to create and add our own service tag mapping to multiple ip address ranges? These days, we need to have our own service tag for outside cloud vendor's service such as payment or customer review.39 votes
This is a great idea and one that we are currently planning for. Stay tuned!
A virtual network that spans subscriptions. Multiple different subscriptions can deploy to the same virtual network in a region.
If you are interested in this feature, please up-vote and add details about your company/scenario.
We appreciate the feedback.
- VNet Team [MSFT]
When implementing complicated access controls inside a virtual network, we always need to allow connections from AzureBastionSubnet of the virtual network.
It would be nice we have AzureBastionSubnet service tag which automatically describes a specific Azure Bastion subnet for each virtual network where resources NSG attached reside in.7 votes
Thanks for your feedback. Azure Bastion is currently in preview.
We will consider this ask.
- Anavi N [MSFT]
- Don't see your idea?