Share via

Looking to replace our current network with a "hub and spoke" topology

Mark Pearson 160 Reputation points
2025-11-11T14:32:59.7266667+00:00

Hi,

We currently have 2 seperated environments in Azure. One for Dev and one for Live.

Up until now, we have added all created resources into the existing VNET's (one for DEV and one for LIVE) so all resources can see eachother easily.

As we start to expand our resources within Azure, it has now reached a point where I would like to create a hub and spoke topology so i can easily and securley connect my resources and have greater control over each resource type within it's network.

So to my questions:

  1. Is it possible to create a whole new hub and spoke network along side what I have without causing any issues with the existing networking? This would allow me to create and test connectivity before I commit any changes to my existing networking.
    1. If so, can I easily move over existing resources to the new hub and spoke once configures and tested, or would I have to create new resources?
  2. Is there another way to migrate from what I have to a hub and spoke topology?

Happy to answer any questions, and any and all help is appreciated.

Regards

Mark

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
0 comments
Answer accepted by question author
  1. Luis Arias 9,481 Reputation points Volunteer Moderator
    2025-11-14T09:58:54.4766667+00:00

    Hello Mark Pearson,

    Welcome to Microsoft Q&A, I will reply each question one by one:

    Is it possible to create a whole new hub and spoke network along side what I have without causing any issues with the existing networking? This would allow me to create and test connectivity before I commit any changes to my existing networking. If so, can I easily move over existing resources to the new hub and spoke once configures and tested, or would I have to create new resources?

    Yes, you can absolutely create a new hub-and-spoke network in parallel to your current environment. This is actually the recommended approach when transitioning from flat VNETs to a more segmented topology. It lets you test connectivity and routing without touching production. Once validated, you can migrate resources though some may require redeployment depending on their type.

    Is there another way to migrate from what I have to a hub and spoke topology?

    Microsoft advises building a new hub-and-spoke topology in parallel to your existing environment. Once everything checks out, you can start migrating resources either by moving them directly (if supported) or redeploying them into the new structure.

    If you plan to use Infrastructure as Code (terraform or bicep) I suggest to check Azure Verified Modules(https://azure.github.io/Azure-Verified-Modules/) help standardize and accelerate this deployment with best practices baked in.

    Another suggestion is for managing IP ranges and connectivity at scale, Azure VNM(https://learn.microsoft.com/en-us/azure/virtual-network-manager/overview) lets you centrally define and apply network groups, routing, and security rules across your spokes and hub, making the transition smoother and more controlled.

    Additional references:

    If this resolves your question, please accept the answer.

    Luis

    0 comments
Answer accepted by question author
  1. Ravi Varma Mudduluru 3,700 Reputation points Microsoft External Staff Moderator
    2025-11-11T15:17:30.2633333+00:00

    Hello @Mark Pearson,

    Thanks for reaching out to Microsoft Q&A.

    1. Is it possible to create a whole new hub and spoke network along side what I have without causing any issues with the existing networking? This would allow me to create and test connectivity before I commit any changes to my existing networking.

    Yes, it's possible to create a new HUB and Spoke network using an existing VNet. However, if the environment is in production, this approach is not recommended for including an existing VNet in the HUB and Spoke topology.

    If so, can I easily move over existing resources to the new hub and spoke once configures and tested, or would I have to create new resources?

    Yes, you can move an existing resource to the new hub and spoke network after testing connectivity, or you may create a new resource for improved connectivity.

    Is there another way to migrate from what I have to a hub and spoke topology?

    No, that is not the recommended approach. It is better to create a new HUB and spoke VNet and test the connectivity before moving the production application to the HUB and spoke topology.

    Reference Document: Hub-spoke network topology in Azure

    Kindly let us know if the above helps or you need further assistance on this issue.

    Please "Accept the Answer" if the information helped you. This will help us and others in the community as well.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.