Introduction & Overview
Designing an ExpressRoute Solution
Implementing an ExpressRoute Solution
The course is part of these learning paths
As dependency on cloud services grows, so does the need for a reliable, low-latency network connection to the cloud. Also, some organizations and government agencies require a dedicated connection that does not pass network traffic over the public internet. Azure ExpressRoute provides a dedicated, redundant connection to Azure cloud services.
In this course, we examine Azure ExpressRoute. Azure ExpressRoute creates a reliable, dedicated connection between an organization's on-premises environment and Microsoft Azure. We cover design considerations when planning for ExpressRoute, requirements for installing ExpressRoute, and management and troubleshooting tasks. The learning objectives for this course map to the Azure AZ-700: Designing and Implementing Microsoft Azure Networking Solutions exam.
- Choose between provider and direct model (ExpressRoute Direct)
- Design and implement Azure cross-region connectivity between multiple ExpressRoute locations
- Select an appropriate ExpressRoute SKU and tier
- Design and implement ExpressRoute Global Reach and ExpressRoute FastPath
- Choose between private peering only, Microsoft peering only, or both
- Configure private peering and Microsoft peering
- Create and configure an ExpressRoute gateway
- Connect a virtual network to an ExpressRoute circuit
- Recommend a route advertisement configuration
- Configure encryption over ExpressRoute
- Implement Bidirectional Forwarding Detection
- Diagnose and resolve ExpressRoute connection issues
- System or network administrators with responsibilities for connecting an on-premises network to Azure
- Anyone preparing for the Azure AZ-700: Designing and Implementing Microsoft Azure Networking Solutions exam
- A basic understanding of networking, routing, and VPN concepts
Welcome to the lecture on creating an ExpressRoute circuit. Before we get started with deploying an ExpressRoute circuit, there are a couple prerequisites that need to be in place. We need connectivity to an ExpressRoute provider. This typically involves a contract for service for a number of years. We reviewed the different options available to provision an ExpressRoute circuit earlier. Each provider has their own steps for onboarding ExpressRoute. This lecture will focus on the steps in Azure for creating an ExpressRoute circuit. We also need an Azure Account, as well as redundancy at each peering location.
Each ExpressRoute circuit provides redundant paths. There is a requirement for redundant BGP sessions between Microsoft and the peering router. It wouldn't make sense to have redundant paths and have a single point of failure where the ExpressRoute circuit terminates. The organization or the circuit provider must set up managed BGP routing sessions. Finally, Network Address Translation, or NAT, must be in place for Microsoft peering. Microsoft peering peers to public IP addresses. If using Microsoft peering, the internal private IP addresses have to use Network Address Translation to access the Microsoft public IPs.
Let's review the steps to create an ExpressRoute circuit next. Before we get started, please note that with most Microsoft and Azure services, we can walk through the setup in a demo and then delete the resources when finished with no or minimal costs involved. That's not the case with ExpressRoute. ExpressRoute requires a commitment of service from a third party network provider. The steps in this and upcoming lectures are meant only as an illustration of the process to deploy and configure ExpressRoute in Azure.
Start by logging into the Azure Portal and go to Create a Resource, and search for ExpressRoute. Select ExpressRoute to create a new ExpressRoute circuit. Provide the ExpressRoute circuit a new or existing Resource Group, select the location and give it a name. Go to configuration next. In the configuration page, we need to supply the values for each setting. Port type sets the ExpressRoute circuit to provider or direct.
Next, we can create a new circuit or import settings from an existing circuit as a way to migrate a circuit. The provider specifies the third party provider of the circuit. Peering location specifies the physical or the local peering location. Select the bandwidth on the circuit and set the SKU, either local, standard, or premium. Set the billing mode to metered or unlimited. This setting can't be changed once ExpressRoute is deployed. Azure Classic is the predecessor to Azure Resource Manager or ARM. There are still some environments using Azure Classic.
The last step indicates to allow Classic or not to. Once the options are set, go to tags and add tags as needed. Go to Review and Create. Click Next. Once validation passes, click Create. That won't take long to finish. Go to the ExpressRoute circuit once finished. Notice the circuit shows as not provisioned under provider status. Also notice the service key. The service provider needs this key to provision the circuit. The service key links the physical circuit to this instance of the ExpressRoute resource. The status will change from not provisioned to provisioning when the provider is enabling the circuit. It will change to provisioned once the circuit is ready. Those are the steps for creating an ExpressRoute circuit.
Travis Roberts is a Cloud Infrastructure Architect at a Minneapolis consulting firm, a Microsoft MVP, MCT, and author. Travis has 20 years of IT experience in the legal, pharmaceutical, and marketing industries and has worked with IT hardware manufacturers and managed service providers. In addition, Travis has held numerous technical certifications throughout his career from Microsoft, VMware, Citrix, and Cisco.