Plan for IP addressing
It's important your organization plans for IP addressing in Azure. Planning ensures the IP address space doesn't overlap across on-premises locations and Azure regions.
Design considerations:
Overlapping IP address spaces across on-premises and Azure regions creates major contention challenges.
Azure VPN Gateway can connect overlapping, on-premises sites with overlapping IP address spaces through network address translation (NAT) capability. This feature is generally available in Azure Virtual WAN and in preview for standalone Azure VPN Gateway.
You can add address space after you create a virtual network. This process doesn't need an outage if the virtual network is already connected to another virtual network via virtual network peering. Instead, each remote peering needs a resync operation done after the network space has changed.
Azure reserves five IP addresses within each subnet. Factor in those addresses when you're sizing virtual networks and encompassed subnets.
Some Azure services require dedicated subnets. These services include Azure Firewall and Azure VPN Gateway.
You can delegate subnets to certain services to create instances of a service within the subnet.
Design recommendations:
Plan for non-overlapping IP address spaces across Azure regions and on-premises locations in advance.
Use IP addresses from the address allocation for private internet, known as RFC 1918 addresses.
Don't use the following address ranges:
224.0.0.0/4(multicast)255.255.255.255/32(broadcast)127.0.0.0/8(loopback)169.254.0.0/16(link-local)168.63.129.16/32(internal DNS)
For environments that have limited availability of private IP addresses, consider using IPv6. Virtual networks can be IPv4-only or dual stack IPv4+IPv6.

Don't create large virtual networks like
/16. It ensures that IP address space isn't wasted. The smallest supported IPv4 subnet is/29, and the largest is/2when using classless inter-domain routing (CIDR) subnet definitions. IPv6 subnets must be exactly/64in size.Don't create virtual networks without planning the required address space in advance.
Don't use public IP addresses for virtual networks, especially if the public IP addresses don't belong to your organization.