Here are some key points around Azure VNET to VNET Peering.
- Virtual network (VNet) peering enables you to connect two VNets in the same region through the Azure backbone network (no Internet). Once peered, the two VNets appear as one for connectivity purposes.
- If your VNets are in the same region, you do not need to use a Gateway. Rather, connect VNETs in the same regions with VNET Peering.
- If VNETs are in different regions, you need to use a Gateway.
- Each VNet, regardless of whether it is peered with another VNet, can still have its own gateway and use it to connect to an on-premises network.
- VNet-to-VNet traffic within the same region is free for both directions.
- Cross region VNet-to-VNet egress (outbound) traffic is charged with the outbound inter-VNet data transfer rates based on the source regions
BENEFITS OF PEERING
The traffic between VMs in the peered VNets is routed through the Azure infrastructure (Backbone) (not through a gateway) much like traffic is routed between VMs in the same VNet. This yields a low-latency, high-bandwidth connection between resources in different VNets. VMs in the peered VNets can communicate with each other directly by using private IP addresses.
- The peered VNets must exist in the same Azure region.
- The peered VNets must have non-overlapping IP address spaces.
- You can peer VNets that exist in two different subscriptions. A privileged user of both subscriptions authorizes the peering. The subscriptions are associated to the same Active Directory tenant.
- The network throughput is based on the bandwidth that’s allowed for the VM proportionate to its size. Though the communication between VMs in peered VNets has no additional bandwidth restrictions, there is a maximum network bandwidth depending on the VM size that still applies.