A walkthrough of how NAT works in Azure and how the new NAT Gateway can be leveraged. Rounded off with a demo!
Пікірлер: 71
@henriquealexandreh2 жыл бұрын
Objective and concise explanation. Thanks a mil John. Have a lovely weekend!
@sruthireddy1979 Жыл бұрын
Thank you so much John .. you explain very well with depth yet simple way... You are a great trainer 👍
@VijayKumar-id9vy3 жыл бұрын
Hey John, This video is useful and clear to understand. Thank you for making this video.
@SynysterGuitarX Жыл бұрын
As always, very good explanation John! We actually are going to use the NatGw and this video will clear up alot of questions. 👍🏻
@prashanth48994 жыл бұрын
Premium quality explanation. Love to watch your videos.
@NTFAQGuy4 жыл бұрын
Thank you!
@stuartwilliams71032 жыл бұрын
Thanks John a very useful recap on NAT Gateway
@user-bn1sl1us2d4 жыл бұрын
Thanks for the demo and lecture.
@maciejpakulski11822 жыл бұрын
As always, super high quality content. Thanks !
@johnashby84614 жыл бұрын
Great overview! The AZ explanation is excellent.
@NTFAQGuy4 жыл бұрын
Thank you.
@iamdedlok3 жыл бұрын
John, my man, you are a legend. Thank you so much. Best video on the internet to explain Azure NAT/NAT Gateway. Your videos alone makes youtube premium worth it.
@NTFAQGuy3 жыл бұрын
Great but I have no advertising on my videos anyway. You don’t need premium :)
@iamdedlok3 жыл бұрын
@@NTFAQGuy Fantastic ;-) More kudos to you!
@angellopez66872 жыл бұрын
This tutorial is just excellent. Thanks John!!
@NTFAQGuy2 жыл бұрын
You're very welcome!
@JS-vl5gd3 жыл бұрын
Great tech videos as always, John! By the way, the 172 ip range goes from 172.16.x.x to 172.31.x.x The 172.12.x.x would be a public ip address. I don't know that much it's just that that range was hammered into my head last week that now I can tell the private ip ranges from the public ones! Keep up the good work!
@NTFAQGuy3 жыл бұрын
Yep sometimes my brain does strange things :) thanks
@sambhavpandey2 жыл бұрын
Very nicely explained Azure NAT. thank you.
@NTFAQGuy2 жыл бұрын
Glad it was helpful!
@chrisadams27 Жыл бұрын
Great video, thank you!
@david1dinan4 жыл бұрын
Great explanation.
@NTFAQGuy4 жыл бұрын
Thank you!
@DANISHAAMIR7864 жыл бұрын
Hi, I love to watch your videos. Great work. Can you please make a video explaining azure Load balancer with multiple frontend and also cosmos db logical and physical partition key concept. Thanks.
@nareshgb15 ай бұрын
great video.
@NTFAQGuy5 ай бұрын
Thanks!
@deepeshshah80953 жыл бұрын
Hey John, once again awesome video. Can you please cover one video for VWan Hub please.
@MassaKingWOfficial2 жыл бұрын
Oh shit, feels like I timed traveled lol I'm so used to the new video format that this video hit me different when my browser was done rendering it 😁
@NTFAQGuy2 жыл бұрын
Lol
@sajidshamir4 жыл бұрын
nice work..
@NTFAQGuy4 жыл бұрын
Thanks
@yuhechen72584 жыл бұрын
Very useful.
@NTFAQGuy4 жыл бұрын
Glad to hear that
@MMTheWGA4 жыл бұрын
Thanks John, very clearly explained from the ground up! Thought you would be using BING for the IP address search, not Goog....!! :-P
@NTFAQGuy4 жыл бұрын
hehe. I did try bing first but it does not show your IP if you just ask that question and instead I would have had to use a site like whatismyip that then shows a bunch of adverts. This was the lesser evil ;-)
@therockfaith3 жыл бұрын
you are awesome :) Thanks a lot
@NTFAQGuy3 жыл бұрын
Glad it helped!
@maxsnts4 жыл бұрын
How does this behave in the case of traffic that opens a connection one way and expects the remote peer to open a connection back, like passive FTP connections for instance?
@jimmy92973 жыл бұрын
#JohnSavill , I am always a fan of your great videos, your dedication and discipline towards the work :) . Keep posting, keep sharing
@SecurityMadeSimple3 жыл бұрын
what an absolute awesome video a major light bulb moment 😂
@NTFAQGuy3 жыл бұрын
Great to hear
@suzukisamurai993 жыл бұрын
Great video! John.. quick question: i need to have a subnet spanning multiple AZs with computer resources on multiple AZs. In this case should i have just 1 regional NAT gateway instead of multiple zonal gateways?
@NTFAQGuy3 жыл бұрын
if subnet is spanning AZs then yes you would go regional but realize thats not the same as zone-redundant and you have no visibility into how its implemented. Your safest is to have separate subnets per AZ with zonal gateway or don't use nat gateway and use standard load balancer with NAT rules.
@yahorsinkevich44513 жыл бұрын
Nice! Thank you! Wondering why there is no private NAT Gateways :) To do the same kind of thing but withing VNET
@NTFAQGuy3 жыл бұрын
Private endpoints :)
@yahorsinkevich44513 жыл бұрын
@@NTFAQGuy I think I head about it somewhere :)
@dunx1823 жыл бұрын
Thanks for the great video. Out of interest (and completely off topic), how many Ironmans have you done?
@NTFAQGuy3 жыл бұрын
15 fulls. Hopefully another 5 in 2021 if COVID allows :)
@Kavinnathcse3 жыл бұрын
Excellent tutorial.. for ipv6 we have Egress-only internet gateways in aws. Is there similar services in azure?
@NTFAQGuy3 жыл бұрын
For regular internet egress you don’t need a special gateway in azure unless you want it. It is natively available. I cover this in the azure networking lesson of the masterclass.
@1234croydon4 жыл бұрын
Hi.. great video as always John. I have a query about usage of Nat gateway public ip with function app. I have a function app which is vnet integrated (regional) and its associated to a subnet. This subnet is attached to a NAT gateway which has a public ip. The problem I am trying to solve is by default the outbound ip of a function app is a list of possible ip’s which could potentially change and the api provider will need to whitelist the new IP. I tried the above setup but the outbound request still originated from the function app listed ip and not the nat gateway is. Hopefully this question made sense. If not please let me know I will try to rephrase it😊
@NTFAQGuy4 жыл бұрын
I'm afraid I've not tried that configuration. I'd have to set that up but not something have cycles to do right now, sorry :-(
@bazookaman34 жыл бұрын
Vnet integration, by default, only sends outbound traffic to your vnet that is RFC1918. Try the application setting for WEBSITE_VNET_ROUTE_ALL as described here docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet . I’m wondering if nat gateway will pick up the traffic after that?
@1234croydon4 жыл бұрын
BazookaMan3 i did try that setting. Unfortunately that still picked the function app ip and not Nat gateway :(
@maltek64572 жыл бұрын
Is the NAT Gateway compatible with an Azure Firewall? For now I have setup the Azure Firewall for inbounrd traffic but if I want to use it for outbound in the future aswell do I bypass the Firewall if I use a NAT Gateway?
@NTFAQGuy2 жыл бұрын
Docs discuss their default behavior. docs.microsoft.com/en-us/azure/firewall/integrate-with-nat-gateway
@josephmathew96624 жыл бұрын
Can nat gateway replace az firewall for outbound network traffic if for a budget friendly architecture?
@NTFAQGuy4 жыл бұрын
not sure about budget replacement :-) but you can certainly use nat gateway to facilitate outbound however realize azure firewall has a lot of other capabilities. Depends on what you need.
@maxsnts4 жыл бұрын
Not to be pedantic, but the private space at 172 starts at 16 does it not? making 172.12 a public address?
@NTFAQGuy4 жыл бұрын
Quite right, whoops :) too many numbers in my head :)
@maxsnts4 жыл бұрын
@@NTFAQGuy Happens to everyone. Good luck for Ironman!
@prasadpandit57353 жыл бұрын
Hi... Can you please let me know how to remove NAT gateway from the subnet using Azure powershell
@NTFAQGuy3 жыл бұрын
that is covered in the docs. just search for remove nat gateway azure powershell
@IvanIvanov-kn5oz2 жыл бұрын
If you have a session coming from outside to the public address of the VM, which path the return traffic will take?? through NAT gateway?? They are using different public addresses and you won`t be able to establish a session. Is there any kind of source NAT when session is coming from outside to public address of the VM??
@NTFAQGuy2 жыл бұрын
Return uses same path as ingress
@MrJ0SH813 жыл бұрын
Skip right to NAT Gateways here 9:33
@MuhammadWaqas-gr4gg2 жыл бұрын
Hello John, What i got is, even if we deploy a VM in seperate AZ and NAT Gateway in another AZ but VM subnet is associated with NAT gateway.....in that case VM traffic will also route through Nat Gateway...however this is not good approach...m i right????
@NTFAQGuy2 жыл бұрын
Yes
@mike96112 жыл бұрын
When using the NAT Gateway resource is the outbound public IP only for your networks that use it? Pretty sure the answer is yes. I just want to be sure that I am the only one using that outbound IP for setting up policies for restrictions to other resources in azure and elsewhere based upon IP. I imagine if I don't use this or some similar resource to restrict outbound to the public internet that it uses a shared public IP that would not be as useful to use for restricting traffic.
@mike96112 жыл бұрын
And thank you for all the amazing videos! I have learned so much in a very short time thanks to you.