Q. What is the new VNet to VNet peering connectivity option in Azure?

A. A virtual network is bound to a subscription and region which means a single organization may have multiple virtual networks that they wish to connect. Traditionally this requirement has been solved by using the Azure site-to-site VPN solution however the downside of this approach is that the bandwidth is limited to that of the site-to-site VPN gateway which is typically around 80 Mbps which is also taking bandwidth away from the gateway for on-premises connectivity.

Azure virtual network peering now allows virtual networks to be connected using the Azure backbone without utilizing the site-to-site VPN and exposing the full bandwidth VMs are capable of. There are a number of requirements:

  • Virtual networks must be in the same region
  • They can be in the same or different subscriptions
  • They must not use overlapping IP ranges
  • Peering is not transitive. If virtual network 1 is connected to virtual network 2 and virtual network 2 is connected to virtual network 3 then virtual network 1 has no connectivity to virtual network 3 and a direct peer between virtual network 1 and virtual network 3 is required
  • ASM virtual networks cannot be peered to each other but can be peered to an ARM virtual network. ARM virtual networks can be peered with each other

More information on the virtual network peering and its implementation can be found at: