Hello,
Let me start by saying I'm not a network expert, but have setup a network in Azure with a VPN connection to our corporate network so I have a little bit of knowledge. We started our Azure adventure with a PaaS PoC and the network was created with two basic subnets, a front and a back. We now want to further our understanding of Azure by implementing a IaaS PoC and while we were designing our solution came across this information: https://msdn.microsoft.com/en-us/library/azure/dn630228.aspx
"If you have both VMs and PaaS instances in your virtual network, you may want to separate the VMs that have static DIPs from your PaaS instances by creating a separate subnet for the VMs and deploying them to that subnet. It’s not only helpful for you to be able to see your static VMs in a separate subnet and know immediately which have a static DIP, but for this release, it also prevents a new PaaS instance from acquiring the static DIP from a VM that is in the process of being stop/deprovisioned (not just restarted). This is a current limitation in this release for mixed VM/PaaS subnets and static DIPs."
So my question is would anyone be willing to give some design advice based on their azure experience in creating a network subnet design that incorporates the stated technical limitation regarding VM and Paas instances in a virtual network? What does your design look like? Are there patterns for the network design we should be looking at?
Thank you,
JES