SalesBuy
1-855-856-7678
Technical SupportSupport
Windows Azure Virtual Network Configuration Schema
Updated: April 25, 2013
The NetworkConfiguration schema specifies Virtual Network configuration settings. The default extension is .xml.
Basic Virtual Network Schema
The basic format of the Windows Azure Virtual Network configuration file is as follows:
Example:
<NetworkConfiguration xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration"> <VirtualNetworkConfiguration> <Dns> <DnsServers> <DnsServer name="ID1" IPAddress="IPAddress1" /> <DnsServer name="ID2" IPAddress="IPAddress2" /> <DnsServer name="ID3" IPAddress="IPAddress3" /> </DnsServers> </Dns> <LocalNetworkSites> <LocalNetworkSite name="ID4"> <VPNGatewayAddress>VPNGatewayAddress1</VPNGatewayAddress> <AddressSpace> <AddressPrefix>AddressPrefix1</AddressPrefix> </AddressSpace> </LocalNetworkSite> <LocalNetworkSite name="ID5"> <VPNGatewayAddress>VPNGatewayAddress2</VPNGatewayAddress> <AddressSpace> <AddressPrefix>AddressPrefix4</AddressPrefix> </AddressSpace> </LocalNetworkSite> </LocalNetworkSites> <VirtualNetworkSites> <VirtualNetworkSite name="name1" AffinityGroup="AffinityGroup1"> <Gateway profile="Small"> <VPNClientAddressPool> <AddressPrefix>AddressPrefix1</AddressPrefix> <AddressPrefix>AddressPrefix2</AddressPrefix> <AddressPrefix>AddressPrefix3</AddressPrefix> </VPNClientAddressPool> <ConnectionsToLocalNetwork> <LocalNetworkSiteRef name="ID2"/> </ConnectionsToLocalNetwork> </Gateway> <DnsServersRef> <DnsServerRef name="ID5" /> </DnsServersRef> <Subnets> <Subnet name="name1"> <AddressPrefix>AddressPrefix1</AddressPrefix> </Subnet> <Subnet name="name2"> <AddressPrefix>AddressPrefix2</AddressPrefix> </Subnet> <Subnet name="name3"> <AddressPrefix>AddressPrefix3</AddressPrefix> </Subnet> </Subnets> <AddressSpace> <AddressPrefix>AddressPrefix1</AddressPrefix> <AddressPrefix>AddressPrefix2</AddressPrefix> <AddressPrefix>AddressPrefix3</AddressPrefix> </AddressSpace> </VirtualNetworkSite> </VirtualNetworkSites> </VirtualNetworkConfiguration> </NetworkConfiguration>
Network Configuration Namespace
The XML namespace for the network configuration file is:
http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration
Schema Elements
The network configuration file includes these elements, described in detail in subsequent sections of this topic:
NetworkConfiguration Element
The NetworkConfiguration element is the top-level element of the network configuration file.
VirtualNetworkConfiguration Element
The VirtualNetworkConfiguration element provides you with the ability to configure a virtual network space that is dedicated to your subscription without overlapping with other networks.
DNS Element
The DNS element is the parent element to the DNS Servers element.
Example:
<Dns>
<DnsServers>
<DnsServer name="ID1" IPAddress="IPAddress1" />
<DnsServer name="ID2" IPAddress="IPAddress2" />
<DnsServer name="ID3" IPAddress="IPAddress3" />
</DnsServers>
</Dns>
DnsServers
In the DnsServers element, you can specify the IP address of DNS servers you plan to use in your subscription for name resolution. If you don’t specify a DNS server, Windows Azure will default to using its own DNS service. The DNS server IP addresses can be changed at any time. Changing DNS server settings will require all VMs in the virtual networks that are impacted to be rebooted. Name resolution may not work if the VMs don’t pick up the updates.
DnsServer
In the DnsServer element, you may specify up to 9 DNS servers in this section. DNS server names must be uniquely identifiable within the subscription. After the DNS servers have been specified and the network configuration file has been uploaded to Windows Azure, you cannot update or add DNS server names or IP addresses once a virtual machine or cloud service has been deployed to the Virtual Network, regardless of whether or not the service is running.
| Attribute | Type | Description |
|---|---|---|
|
name |
string |
Optional If you do not specify any DNS servers, Windows Azure will be set as the default DNS service. You can specify up to 9 DNS servers. DNS server names must be unique within this configuration file. |
|
IPAddress |
string |
Required if the DNSServer element is specified. Only IPv4 addresses are permitted. This can either be the IP address of your own DNS server, or the IP address of a public DNS server. |
LocalNetworkSites Element
The LocalNetworkSites element is where you provide a description of your on-premises network. You can specify more than one local network site per subscription. For this release, you can specify a total of 10 local network sites. These settings are only required if you are configuring a cross-premises network configuration.
Example:
<LocalNetworkSites> <LocalNetworkSite name="ID4"> <VPNGatewayAddress>VPNGatewayAddress1</VPNGatewayAddress> <AddressSpace> <AddressPrefix>AddressPrefix1</AddressPrefix> </AddressSpace> </LocalNetworkSite> <LocalNetworkSite name="ID5"> <VPNGatewayAddress>VPNGatewayAddress2</VPNGatewayAddress> <AddressSpace> <AddressPrefix>AddressPrefix4</AddressPrefix> </AddressSpace> </LocalNetworkSite> </LocalNetworkSites>
LocalNetworkSite
Each local network site is referred to by a name in Windows Azure. In the LocalNetworkSite element, specify the name for your local network site.
 Important |
|---|
| You cannot update this element once a gateway has been deployed for this virtual network. |
| Attribute | Type | Description |
|---|---|---|
|
name |
string |
Required for cross-premises connectivity only. Each local network site is referred to by a name. The name must be uniquely identifiable within the subscription. The name must not contain any spaces and cannot begin with a number. You cannot change the name once it is defined. |
VPNGatewayAddress
In the VPNGatewayAddress element, you can establish IPsec VPN tunnels between your virtual networks and your on-premises local network sites. In order to do this, you’ll have to configure a VPN gateway appliance on your local premises (either software or hardware) that can be reached by a public IP address. You can specify only 1 public IPv4 address per local network site. For more information about supported VPN devices, see About VPN Devices for Virtual Network.
| Attribute | Type | Description |
|---|---|---|
|
VPNGatewayAddress |
string |
Required for cross-premises connectivity only. This is the VIN Gateway IP address. It must be a valid public IPv4 address assigned to your on-premises VPN device. Only IPv4 addresses are permitted. You can specify only one IP address per local network site. |
AddressSpace
In the AddressSpace element, for AddressPrefix, specify the address space that you will use for your local network site. This is the address space of your on-premises network. The IP address ranges that you specify must not overlap with the IP address ranges of any other local network sites or virtual network sites.
| Attribute | Type | Description |
|---|---|---|
|
AddressPrefix |
string |
Required for cross-premises connectivity only. This setting requires a VPN gateway device that can be reached by a public IP address. Specify the public IPv4 address space per local network site, using CIDR notation. Only IPv4 addresses are permitted. Addresses can be either public or private. The IP address ranges must not overlap with the IP address ranges of any other local network sites or virtual network sites. |
VirtualNetworkSites Element
The VirtualNetworkSites section holds the description of virtual networks. You can define up to 10 Virtual Network sites per subscription. In order to configure this section, you must also know the affinity group that you want the virtual network sites to be associated with. The affinity group must be created prior to uploading this configuration file.
Example:
<VirtualNetworkSites> <VirtualNetworkSite name="name1" AffinityGroup="AffinityGroup1"> <Gateway profile="Small"> <VPNClientAddressPool> <AddressPrefix>AddressPrefix1</AddressPrefix> <AddressPrefix>AddressPrefix2</AddressPrefix> <AddressPrefix>AddressPrefix3</AddressPrefix> </VPNClientAddressPool> <ConnectionsToLocalNetwork> <LocalNetworkSiteRef name="ID2"/> </ConnectionsToLocalNetwork> </Gateway> <DnsServersRef> <DnsServerRef name="ID5" /> </DnsServersRef> <Subnets> <Subnet name="name1"> <AddressPrefix>AddressPrefix1</AddressPrefix> </Subnet> <Subnet name="name2"> <AddressPrefix>AddressPrefix2</AddressPrefix> </Subnet> <Subnet name="name3"> <AddressPrefix>AddressPrefix3</AddressPrefix> </Subnet> </Subnets> <AddressSpace> <AddressPrefix>AddressPrefix1</AddressPrefix> <AddressPrefix>AddressPrefix2</AddressPrefix> <AddressPrefix>AddressPrefix3</AddressPrefix> </AddressSpace> </VirtualNetworkSite> </VirtualNetworkSites>
VirtualNetworkSite
In the VirtualNetworkSite element you specify the name and affinity group for your virtual network sites. Each virtual network site must have a unique name and must be associated with an affinity group that has been previously created. Each affinity group can have multiple virtual network site associated with it.
| Attribute | Type | Description |
|---|---|---|
|
name |
string |
Required The name must be unique within the subscription.
|
|
AffinityGroup |
string |
The name of the affinity group that you want this virtual network site to be associated with. The affinity group must already exist in order to refer to it in this section. |
AddressSpace
In the AddressSpace element, you can specify any private IP address space that conforms to RFC 1918. Addresses that you specify cannot overlap with those specified for other virtual network sites or local network sites.
| Attribute | Type | Description |
|---|---|---|
|
AddressPrefix |
string |
Required Addresses must be private IP addresses. Addresses that you specify cannot overlap with the address space of connected local networks. |
Subnets
The Subnets is an optional element where you can specify the subnets that you want to create within the address space of your virtual network sites. This allows you to map roles to specific subnets that you specify. You can define multiple subnets for each virtual network site that you create.
Subnet
In the Subnet element, you can specify multiple subnets. The IP addresses of the subnets you specify must be fully contained within the IP address range for the virtual network it resides in. Subnet address spaces must not overlap within the virtual network.
If you want cross-premises connectivity, this is the section where the GatewaySubnet is specified. The name GatewaySubnet is reserved for use in cross-premises connectivity.
| Attribute | Type | Description |
|---|---|---|
|
name |
string |
Optional Subnet names must be unique with the VNet. The name GatewaySubnet is a reserved subnet name used for cross-premises connectivity. If you want to configure cross-premises connectivity, you must define a GatewaySubnet. |
|
AddressPrefix |
string |
Required if name is specified. You can define multiple subnets within a virtual network. The IP address range must be fully contained within the virtual network’s address space. No overlap is permitted with any other subnet in the virtual network. The smallest supported subnet is /29. |
DNSServersRef
In the DNSServersRef element, you can specify the DNS servers that will be used for name resolution in this virtual network. You must reference the DNS servers that you previously specified in the Dns Element.
| Attribute | Type | Description |
|---|---|---|
|
DNSServersRef |
string |
Optional Windows Azure will be set as the default DNS service for the virtual network if you do not specify any DNS servers. If you choose not to specify any DNS servers in this section, name resolution will not work across a VPN link. Only DNS servers already defined in the DNS element of this configuration file can be entered here. You can specify up to 9 DNS servers in this section. Modifying DNS servers in this section is permitted. Any modification will require you to manually reboot every virtual machine in the virtual network to pick up the changes. |
Gateway
The Gateway element describes the gateway used for cross-premises connectivity from the virtual network. If you don’t require cross-premises connectivity, this section is optional.
| Attribute | Type | Description |
|---|---|---|
|
profile |
string |
Required for cross-premises connections only. For this release, the only available option is Small. |
VPNClientAddressPool
The VPNClientAddressPool reserves a pool of IP addresses for VPN clients. This object is used for point-to-site connectivity.
| Attribute | Type | Description |
|---|---|---|
|
AddressPrefix |
string |
Required for point-to-site VPN connections only. You can specify more than one address prefix. Address prefixes specified in this section must be non-overlapping with other address prefixes and cannot be a subset of the virtual network’s address space. You can add, update, or delete address prefixes if no addresses from the prefix are assigned to VPN clients. |
ConnectionsToLocalNetwork
This section allows you to reference one or more external network sites to connect to. For this release, you can only specify one site. Any site that you reference in this section must be defined in this network configuration file.
| Attribute | Type | Description |
|---|---|---|
|
LocalNeteworkSiteRef |
string |
Required for cross-premises connections only. For this release, you may only reference one site. Any site that you reference must be defined in the LocalNetworkSite element of this configuration file. |
See Also
