Does an Azure vnet affect performance

Question

Does an Azure Vnet improve or degrade performance compared to a connection via public endpoint?

By performance I mean latency or throughput.

For example when connecting from a web app to a database.

Answer 1

If communicating resources are on the same VNet OR in VNets that are on the SAME Azure Region, there will be NO degradation. On the oder hand, if the peer VNets are on different Azure Regions, there will be degradation because the peers are in different data centers.

Answer 2

Vnets are primarily used to add an additional layer of security. They do not offer performance benefits - but if you use Vnet connectivity in any part of your application then you need to be aware of the correct configuration to avoid (unnecessary) degradation.

Lets' say for example you have a simple web app made up of an App Service instance with a SQL Database. If you connect your App to a Vnet to access some on-premise resource (via VPN or Expressroute), and that vnet is configured with forced tunnelling to on-premise then you will have degradation: Traffic from the web app to SQL db is getting hair-pinned via your on-premise network. If you then set-up a Service Endpoint for the SQL database on your VNet, the traffic will stay in Azure and you will get optimal routing Source. However it won't be any faster than if you had no VNet.

For a more detailed explanation take a look at this blog: Improve security and performance with Virtual Network Service Endpoints and Firewalls for Azure Storage