I am drawing network architecture for my solution based on Azure. One of the ask is to list the network protocols used for inter-resource communication (e.g. Azure Storage to Data Factory). I tried to get a comprehensive view in Azure documentation but couldn't reach to get what I wanted.
May I take your help to understand the network protocols used in the following scenarios?
- Azure VNET to VNET
- Communication between Azure PaaS services (since PaaS services are web pages, are they by default use HTTPS)?
- Azure VM to PaaS service like Azure SQL
CodePudding user response:
Azure VNET to VNET
• When communication between two virtual networks happen in Azure, the network protocols used in this scenario depend on the type of resources deployed in it, i.e., hosted in that virtual network. By default, only TCP, UDP and ICMP TCP/IP protocols are allowed within the virtual networks for communication purposes. DHCP via unicast (over UDP port 68 and 67) and UDP source port 65330, Multicast, Broadcast, IP-in-IP encapsulated packets and Generic Routing Encapsulation (GRE) packets are blocked within VNETs.
Communication between Azure PaaS services (since PaaS services are web pages, are they by default use HTTPS)?
• Communication between Azure PaaS services also depends on the type of communication that happen between them through the underlying resources and services that they offer. Also, mostly the communication between Azure PaaS services is TCP HTTPS protected by TLS 1.2 encryption level security certificates ensuring the security of the communication channel and protected by default Microsoft FQDN for the services.
Azure VM to PaaS service like Azure SQL
• The communication protocol between the Azure VM and Azure SQL is purely over TCP/IP over a specified and dedicated port for SQL transactions like 1433.