A VNet-to-VNet connection is a simple way to connect multiple VNets together. Connecting a virtual network to another virtual network is similar to creating a site-to-site IPSec connection to an on-premises environment. Both the connection types use the Azure virtual private network (VPN) gateway. The VPN gateway provides a secure IPSec/IKE tunnel, and each side of the connection communicates in the same way. The difference is in the way the local network gateway is configured.

The local network gateway address space is automatically created and populated when a VNet-to-VNet connection is created. When the address space of one VNet is updated, this will result in the other VNet automatically routing the traffic to the updated address space. This makes it more efficient and quicker to create a VNet-to-VNet connection instead of an S2S connection.

There are a couple of reasons why you might want to set up a VNet-to-VNet connection:

• Cross-region geo-redundancy and geo-presence: Using a VNet-to-VNet connection, you can set up your own geo-replication or synchronization without going over internet-facing endpoints. You can set up highly available workloads with geo-redundancy across multiple Azure regions using the Azure Load Balancer and Azure Traffic Manager. 
• Regional multi-tier applications with isolation or administrative boundaries: In the case of isolation or administrative requirements, you can set up multitier applications with multiple networks in the same region. Those networks can then all be connected together. 

You can combine VNet-to-VNet communication with multisite configurations. Network topologies that combine inter-virtual network connectivity with cross-premises connectivity can be established using these configurations, as shown in the following diagram:

To create a VNet-to-VNet connection, go through the steps shown in the following example.