Skip to main content
Jorge Bernhardt Jorge Bernhardt
  1. Posts/

How to resize peered Azure VNets with no downtime

·681 words·4 mins· 100 views · 5 likes ·
Add-AzVirtualNetworkPeering Azure PowerShell Connect-AzAccount format-table

In a previous article called “ Connect Azure VNets using VNet Peering,” I explained that changes to the settings of a virtual network that has peered couldn’t be done without deleting the existing peering. This limitation was recently removed by Azure, and that is why in this article, I want to show you how to resize peered Azure virtual network without downtime.

Prerequisites>

Prerequisites #

  • You already have an existing peering between two Azure virtual networks properly configured. If you want to know how to create a virtual network peering, check out this link.
  • The Az.Network module version 4.9.0 or later must be installed.
Azure PowerShell Workaround>

Azure PowerShell Workaround #

If you want to know how to install the PowerShell Azure module on your machine, check out this link. The simplest way to get started is to sign in interactively at the command line.

Connect-AzAccount

This cmdlet will bring up a dialog box prompting you for your email address and password associated with your Azure account. If you have more than one subscription associated with your mail account, you can choose the default subscription. To perform this task, we will use the following commands:

Get-AzSubscription
Select-AzSubscription -Subscription "My Subscription"

Once you set your default subscription, you’re ready to start.

Set the variables>

Set the variables #

First, I will use the Get-AzVirtualNetwork cmdlet to store the VNet-Hub and VNet-spoke networks in two variables.

$rgHub = "RG-DEMO-HUB"
$rgSpoke = "RG-DEMO-NE"

$vNetHub = Get-AzVirtualNetwork `
    -Name "VNET-HUB" `
    -ResourceGroupName $rgHub

$vNetSpoke = Get-AzVirtualNetwork `
    -Name "VNET-DEMO-NE" `
    -ResourceGroupName $rgSpoke
Get the VNet peering information>

Get the VNet peering information #

Next, you should use the Get-AzVirtualNetworkPeering cmdlet to get the virtual network peering information.

Get-AzVirtualNetworkPeering `
    -VirtualNetworkName $vNetSpoke.Name `
    -ResourceGroupName $rgSpoke

Use the same command to get all the peerings in the hub virtual network.

Get-AzVirtualNetworkPeering `
    -VirtualNetworkName $vNetHub.Name `
    -ResourceGroupName $rgHub

Important: Make a note of the virtual network peering name, you’ll need to use it in the next steps.

Add a range of addresses to the peered VNet>

Add a range of addresses to the peered VNet #

Using the following commands, we will add a range of addresses to the spoke virtual network.

$vNetSpoke.AddressSpace.AddressPrefixes.Add("10.5.0.0/16")
$vNetSpoke | Set-AzVirtualNetwork

Important: An address range must be specified in CIDR notation and cannot overlap with other address ranges within the same virtual network.

Check the status of the peering links #

After the changes to the spoke network have been applied, you can verify that the peering connections are not correctly synchronized using the following commands.

Get-AzVirtualNetworkPeering `
    -VirtualNetworkName $vNetSpoke.Name `
    -ResourceGroupName $rgSpoke `
    | Format-Table Name, peeringState, PeeringSyncLevel

Get-AzVirtualNetworkPeering
RemoteNotInSync: When you update the address space in the spoke virtual network, the peering state of the link from the spoke virtual network to the hub virtual network is RemoteNotInSync.

Get-AzVirtualNetworkPeering `
    -VirtualNetworkName $vNetHub.Name `
    -ResourceGroupName $rgHub `
    | Format-Table Name, peeringState, PeeringSyncLevel

Get-AzVirtualNetworkPeering
LocalNotInSync: When you update the address space in the spoke virtual network, the peering state of the link from the hub virtual network to the spoke virtual network is LocalNotInSync. The new address space has not peered with the remote virtual network.

Sync the peering links #

This action is required for each remote-peered VNet to learn of the newly added address prefix. To perform a “synchronization” of the address space on the peering link, you should use the Sync-AzVirtualNetworkPeering cmdlet with the following syntax.

Sync-AzVirtualNetworkPeering `
    -Name "NE-HUB" `
    -VirtualNetworkName $vNetSpoke.Name `
    -ResourceGroupName $rgSpoke

Sync-AzVirtualNetworkPeering 

Sync-AzVirtualNetworkPeering `
    -Name "HUB-NE" `
    -VirtualNetworkName $vNetHub.Name `
    -ResourceGroupName $rgHub

Sync-AzVirtualNetworkPeering

Check the status of the peering links #

Finally, to check the virtual network peering status after sync, you should use the Get-AzVirtualNetworkPeering cmdlet as shown below.

Get-AzVirtualNetworkPeering `
    -VirtualNetworkName $vNetSpoke.Name `
    -ResourceGroupName $rgSpoke `
    | Format-Table Name, peeringState, PeeringSyncLevel

Get-AzVirtualNetworkPeering `
    -VirtualNetworkName $vNetHub.Name `
    -ResourceGroupName $rgHub `
    | Format-Table Name, peeringState, PeeringSyncLevel

Thanks for reading my post. I hope you find it helpful.

If you want to know more about Azure VNet Peering, check out this link.