Asr vnet has same ip address space as main vnet

Question

Asr vnet has same ip address space as main vnet

tayfun tek 66

As you know, when we create azure site recovery, it creates asr-vnet for the target region.

I noticed that asr-vnet has same IP address space with main-vnet. We're also planning to establish VPN connection from on-premise to main-vnet.

My concern is if both Vnets have the same IP address space, does it trigger any IP overlap situations?

Thanks

Accepted answer

1 additional answer

Your answer

Answer 1

KapilAnanth-MSFT 49,611 Microsoft Employee Moderator

@tayfun tek

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand that you would like to understand about the address space overlap constraints and best practises in Azure.

From your verbatim,

I take it that you are planning to connect mainVnet and OnPremises.
Also, I assume that you are not planning to connect mainVNet and asr-vnet.
Please let me know if my understanding is incorrect.

Having overlapping address space in a single Network (Azure + OnPrem which are connected) is not a best-practise and is not recommended.

However, since you are planning to connect only mainVnet and OnPremises, I do not see any challenges/scenario where you would end up with an Overlapping Address Range.

Your scenario is illustrated here : Hybrid resources: full failover.

In the asr-vnet, you only provision gateways but do not establish a connection before failover.
And After failover, you can delete/disconnect the original connection object and create a new connection with the asr-vnet.

Kindly let us know if the below helps or you need further assistance on this issue.

P.S:

In case you have a requirement to connect overlapping IP Addresses across Azure S2S, you can consider NAT on VPN Gateway

Thanks,

Kapil

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

tayfun tek 66 Reputation points

2023-01-25T12:46:51.73+00:00

Hello Kapil,

thanks, it helped me so much to clarify my doubts.

Then, we can say indirectly in case we have multiple vnets they have no connection to each other or on-premise, the having same IP address space is not a problem. Am I right?
tayfun tek 66 Reputation points

2023-01-25T12:53:40.25+00:00

Hello Kapil, thanks, it helped me so much to clarify my doubts. Then, we can say indirectly in case we have multiple vnets they have no connection to each other or on-premise, the having same IP address space is not a problem. Am I right?
KapilAnanth-MSFT 49,611 Reputation points Microsoft Employee Moderator

2023-01-25T13:32:05.83+00:00

@tayfun tek

That is correct.

As long as you are not going to introduce the same address ranges into a single Network (either by Peering or S2S or ExpressRoute), you can have VNets with same address space in Azure.

Glad we could be of service :)

Cheers,

Kapil
tayfun tek 66 Reputation points

2023-01-25T13:46:19.8533333+00:00

thanks Kapil

Answer 2

Luke Murray 11,436 MVP Volunteer Moderator

It does, if the address space matches, it won't be able to be peered:

User's image

Your best bet would be to change the address space to the range that doesn't overlap with on-premises and any other network in Azure, to avoid routing issues..

https://learn.microsoft.com/en-us/azure/virtual-network/update-virtual-network-peering-address-space#modify-the-address-range-prefix-of-an-existing-address-range

Share via

Asr vnet has same ip address space as main vnet

1 additional answer

Your answer