Practice Test
True/False: Virtual network peering allows resources in either virtual network to communicate with each other.
- True
- False
Answer: True
Explanation: Virtual network peering allows private connectivity between two virtual networks. Resources in either virtual network can communicate with each other, as if they are on the same network.
Which of the following are valid peering types in Azure?
- a) Local peering
- b) Global peering
- c) VNet peering
- d) Network peering
Answer: a) Local peering, b) Global peering
Explanation: Azure supports Local peering and Global peering of virtual networks.
True/False: Peering between virtual networks in Azure can exist across different Azure regions.
- True
- False
Answer: True
Explanation: Global peering allows to connect virtual networks across Azure regions, providing a seamless and private connectivity experience.
Which of the following is NOT a configuration for virtual network peering?
- a) Traffic forwarded from one network to another
- b) Traffic between resources in the peered networks
- c) Traffic via a gateway
- d) Traffic between resources in separate Azure subscriptions
Answer: d) Traffic between resources in separate Azure subscriptions
Explanation: The configuration for virtual network peering includes forwarded traffic, traffic between resources, and traffic via a gateway. However, the configuration does not involve traffic between resources in separate Azure subscriptions.
True/False: Peering traffic makes use of the underlying Azure network, not the public internet.
- True
- False
Answer: True
Explanation: Traffic that is flowing between virtual networks through peering utilizes the underlying Azure network, not the public internet.
True/False: Virtual network peering charges are based on both inbound and outbound data transfer.
- True
- False
Answer: True
Explanation: With Azure, virtual network peering charges are applied for both inbound and outbound data transfer between peered networks.
Multiple Choice: Virtual network peering supports _____.
- a) Uni-directional access
- b) Bi-directional access
- c) No access
Answer: b) Bi-directional access
Explanation: Virtual network peering supports bi-directional access. If network ‘A’ is peered with network ‘B’, resources in both networks can communicate with each other.
True/False: Deleting a peering in Azure is a reversible operation.
- True
- False
Answer: False
Explanation: Deleting a peering removes the connection and all related configurations, the action is not reversible and you would have to reconfigure the peering from scratch if it’s deleted.
Multiple Choice: Virtual network peering can be done _____.
- a) Within different Azure subscriptions
- b) With different Azure Active Directory tenants
- c) Both a and b
Answer: c) Both a and b
Explanation: Virtual network peering supports peering virtual networks that are in different Azure subscriptions and also different Azure Active Directory tenants.
True/False: You can have more than one virtual network peering between the same two virtual networks.
- True
- False
Answer: False
Explanation: You cannot have more than one virtual network peering between the same two virtual networks. Peering is always a one-to-one relationship between networks.
Interview Questions
What is virtual network peering in Azure?
Virtual network peering in Azure allows the linking of two Azure virtual networks, making them appear as one for connectivity purposes. The traffic between virtual machines in the peered virtual networks directly routes through Microsoft’s backbone infrastructure, providing low-latency, high-bandwidth connections.
What are the prerequisites for virtual network peering?
The prerequisites for virtual network peering include: both networks must be in the same Azure subscription, both virtual networks must be in the same region, and neither virtual network can have overlapping IP ranges.
Are there any charges for data transfer between peered virtual networks?
Yes, outbound data transfer is subject to charges. However, peering within the same region incurs no additional costs; inter-region peering does have associated costs specified in Azure’s bandwidth pricing page.
Are there any restrictions on virtual network peering?
Yes, peering is non-transitive, which means if there are more than two virtual networks, each network needs to be peered with every other one. Further, each network can have a maximum of 500 peering connections.
What happens if I delete a virtual network that has a peering relationship?
If a virtual network in a peering relationship is deleted, the peering relationship is also deleted, and network traffic between the two virtual networks is interrupted.
What are the types of peering in Azure?
Azure supports two types of peering – Virtual Network (VNet) peering for resources within the same region, and Global VNet peering for resources across different Azure regions.
Can I peer virtual networks in different subscriptions?
Yes, you can peer virtual networks in different Azure subscriptions as long as those subscriptions are associated with the same Azure Active Directory tenant.
Can I add or remove address ranges from a peered VNet?
Yes, you can add or remove address ranges in a peered VNet, but it does require the peering connection to be recreated.
Is virtual network peering in Azure secure?
Yes, the traffic between peered virtual networks is private and secure, similar to traffic within a single network. Neither the Internet, public IP addresses, nor gateways are involved in the data transfer.
Can I enable/disable network access control on a peered virtual network?
Yes, you can use network security groups to control inbound and outbound access to a peered virtual network.
What is required to enable communication over private IP addresses?
To enable communication over private IP address, both virtual networks should exchange IP routes either through Azure (for virtual networks in the same subscription) or through VPN gateways (for virtual networks in different subscriptions).
Can Virtual Network Peering be configured across Azure Active Directory tenants?
No, Virtual Network Peering can be set up only between Virtual Networks that are under the same Azure Active Directory tenant.
Is the traffic between Virtual Networks encrypted when Peering is enabled?
No, the network traffic between peered virtual networks is not encrypted by default.
Can I peer a VNet with a virtual network in a different region?
Yes, using Azure’s Global VNet Peering function, you can peer a VNet with a virtual network in a different Azure region.
Can I use the same address space in peered VNets?
No, overlapping address spaces are not allowed. Each VNet must have a unique address space.
extutorials.com