![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 95%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,773 questions
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you would like to know the best practices for Azure Hub and Spoke network topology with multiple Azure Subscription(s).
Please note that Azure Subscription is a logical boundary for billing. It does not affect Peering between two VNETs (Hub and Spoke) in two different subscriptions.
With Regular VNET Hub and Spoke:
You can refer to the documentation on Hub-spoke network topology in Azure for more details on Hub VNet and Spoke VNet(s) topology.
- Please make sure the VNET Gateway and the Hub VNET are in the same subscription/resource group.
- Make sure Gateway Transit is enabled between the peering(s) from Spoke VNet(s) to Hub VNet.
With Azure vWAN,
This only masks the Hub from you.
It still let's you manage :
- Virtual Networks (Spokes only) to be connect to the Hub
- Azure Firewall which is directly deployed into the Hub
- ExpressRoute/VPN Gateway that is deployed into the Hub
- Define the address range of the Hub even
Almost all of the use cases of traditional Hub Spoke VNET architecture can be achieved by using a vWAN as well.
Thanks,
Kapil
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.