Azure VNet Peering VS VNet Gateways

A virtual network is nothing but, like On-premises network which we use switches and routers to communicate with servers and clients as same as Azure VNet is also used for communicating with azure resources. (Virtual Machine, Databases, etc.)

Before we start you have to know more about the vNet and the Subnet and how it works:
Subnetting is the process of dividing a network into small networks,

• We can divide the VNet IP Range into multiple Parts of unique Subnet IP ranges.
• Resources within the subnet will communicate with each other and also communicate across the subnets in the same VNet with the help of Network Security Groups, so communication between the Subnets is up to our choice.

For the vNETs, the resources in different VNets can’t communicate with each other.

Overview
Virtual network peering. Virtual network peering connects two Azure virtual networks. Once peered, the virtual networks appear as one for connectivity purposes. Traffic between virtual machines in the peered virtual networks is routed through the Microsoft backbone infrastructure, through private IP addresses only. No public internet is involved. You can also peer virtual networks across Azure regions (global peering).

Why use Peering Service?
Enterprises looking for internet-first access to the cloud or considering SD-WAN architecture or with high usage of Microsoft SaaS services need robust and high-performing internet connectivity. Customers can make that transition happen by using Peering Service. Microsoft and service providers have partnered to deliver reliable and performance-centric public connectivity to the Microsoft cloud. Some of the key customer features are listed here:

• Best public routing over the internet to Microsoft Azure Cloud Services for optimal performance and reliability.
• Ability to select the preferred service provider to connect to the Microsoft cloud.
• Traffic insights such as latency reporting and prefix monitoring.
• Optimum network hops (AS hops) from the Microsoft cloud.
• Route analytics and statistics: Events for (BGP) route anomalies (leak or hijack detection) and suboptimal routing.
  

Capabilities

• Provides connectivity over private IP.
• Supports cross-subscription connectivity.
• Supports cross-region connectivity.

Limitations

• Address space cannot overlap.
  
• Does not support transitive routing by default. You could setup a Network Virtual appliance. A VM acts as a router and that could forward traffic.
  

VPN gateways. A VPN gateway is a specific type of virtual network gateway that is used to send traffic between an Azure virtual network and an on-premises location over the public internet. You can also use a VPN gateway to send traffic between Azure virtual networks. Each virtual network can have at most one VPN gateway.

We can communicate with Azure to On-Premises by the help of VPN Gateway. VPN Gateway is like normal VPN, it is used to communicate with Azure resources.

Comparison of virtual network peering and VPN Gateway

Which one to use?

• VNet peering: Designed for VNet-to-Vnet connectivity. Typically used for private low-latency interconnectivity.
• VPN gateway: Designed for hybrid connectivity. Generally used where encryption and/or transitive routing is needed.

VNet Peering and VPN Gateways can also co-exist via gateway transit

Typical scenarios

• VNet peering: Data replication, database failover, and other scenarios needing frequent backups of large data.
  
• VPN gateway: Encryption-specific scenarios that are not latency sensitive and do not need high throughout.
  

Conclusion
Azure offers VNet peering and VNet gateways to connect VNets. Based on your unique scenario, you might want to pick one over the other. We recommend VNet peering within region/cross-region scenarios.