NOTE: The Azure Hub VNet is no longer available to new customers.
This service will go away on: <date to be determined>
Existing customers are encouraged to migrate to the new UW Azure Platform via a UW-IT managed subscription.
The UW Azure Platform includes redundant ExpressRoute circuits homed in geo-redundant locations,
simplified networking via Azure VWAN capabilities, DNS resolution that supports private links,
stronger security standards, and a 10% discount on Azure costs.
This page will be removed when this service is retired
but is left as a courtesy for existing customers.
The UW Azure Hub VNet provides common good services which UW customers using Azure can leverage.
What services does the UW Azure Hub VNet provide?
The UW Azure Hub VNet provides the following services:
- 1GB/sec shared ExpressRoute connectivity to the UW network
- NETID Active Directory domain controllers
- UW Azure Bridge DNS solution
How does the UW Azure Hub VNet work?
A central hub VNet is a recommended design pattern for hosting common infrastructure resources that are required by one or more spoke VNets. UW-IT has implemented a hub VNet to enable customers to connect to the NETID Active Directory (AD) domain controllers and campus network resources. A VNet is the fundamental security boundary in Azure and is partly defined by an IP Address space. A VNet address space is divided into one or more subnets for use by customer resources. Architecturally, this makes your VNet a spoke in a hub/spoke relationship. The VNet peering allows your VNet traffic to be routed to the hub VNet. In addition to peering to the UW hub VNet, you can also ask for ExpressRoute gateway transit to be enabled on the peering relationship. This allows your VNet traffic to be routed to the hub VNet and then, if needed, routed through the gateway to the UW network. The network routing described above is transitive, so clients on the UW network can also reach your VNet. Routing between spoke VNets is *not* enabled by default. UW-IT has extended the campus address space into Azure by reserving 10.4.0.0/17 for use in Azure. A customer may establish a VNet and request that it connect to the Hub VNet, via VNet Peering. The peering relationship may or may not utilize the UW-IT Shared Express Route connection. Multiple customers may establish a similar peering relationship to the Hub VNet as shown in the figure.
