1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Implementing Azure ExpressRoute

Recommending a Route Advertisement Configuration

Start course
Overview
Difficulty
Intermediate
Duration
59m
Students
233
Ratings
5/5
starstarstarstarstar
Description

As dependency on cloud services grows, so does the need for a reliable, low-latency network connection to the cloud. Also, some organizations and government agencies require a dedicated connection that does not pass network traffic over the public internet. Azure ExpressRoute provides a dedicated, redundant connection to Azure cloud services.  

In this course, we examine Azure ExpressRoute. Azure ExpressRoute creates a reliable, dedicated connection between an organization's on-premises environment and Microsoft Azure. We cover design considerations when planning for ExpressRoute, requirements for installing ExpressRoute, and management and troubleshooting tasks. The learning objectives for this course map to the Azure AZ-700: Designing and Implementing Microsoft Azure Networking Solutions exam.

Learning Objectives

  • Choose between provider and direct model (ExpressRoute Direct)
  • Design and implement Azure cross-region connectivity between multiple ExpressRoute locations
  • Select an appropriate ExpressRoute SKU and tier
  • Design and implement ExpressRoute Global Reach and ExpressRoute FastPath 
  • Choose between private peering only, Microsoft peering only, or both
  • Configure private peering and Microsoft peering
  • Create and configure an ExpressRoute gateway
  • Connect a virtual network to an ExpressRoute circuit
  • Recommend a route advertisement configuration
  • Configure encryption over ExpressRoute
  • Implement Bidirectional Forwarding Detection
  • Diagnose and resolve ExpressRoute connection issues

Intended Audience

  • System or network administrators with responsibilities for connecting an on-premises network to Azure
  • Anyone preparing for the Azure AZ-700: Designing and Implementing Microsoft Azure Networking Solutions exam

Prerequisites

  • A basic understanding of networking, routing, and VPN concepts
Transcript

Welcome back, in this section, we'll take a closer look at route advertisements and configuration recommendations. ExpressRoute uses Border Gateway Protocol, or BGP, to advertise and manage routing information. BGP is a path vector protocol. That means it tracks paths through other autonomous systems to reach a destination network. BGP routers listen for advertised routes. If a network is not advertised, BGP will have no way to learn and send data to that network.

ExpressRoute, as we've established, requires routing configuration and management. In many instances, connectivity providers offer services to set up and manage routing. This is a good option for environments that may not have the skills in-house to manage BGP.

Let's take a closer look at how routes are advertised in Azure. The ExpressRoute Gateway advertises the address spaces of connected Virtual Networks, or VNets in Azure. Individual subnets cannot be included or excluded from the advertisement. Also, we can peer VNets in Azure, creating a connection between two or more VNets. If the peered virtual network has the feature Use Remote Gateway enabled, the address space for the peered virtual network will be advertised as well.

Let's talk about some routing configuration options and how they may apply to an environment. First is BGP communities. A BGP community is optional information that can be added to the prefix and advertised to BGP neighbors. For example, an organization has two offices and ExpressRoute circuits peered with Microsoft in east and west US. There are app services for each office in the east and US region. The offices are connected over a WAN network. The goal is to have users connect to the app services in the same region as their office over the local express route circuit. But users from both east and west connect over a single ExpressRoute connection. This is because each ExpressRoute circuit is advertising both prefixes with the same preference. BGP Communities solve this by adding information about which prefix is from Azure West and Azure East. Each ExpressRoute circuit can now get a preference for the peered location.

Let's move on to AS Path. The Autonomous System, or AS Path, is the list of autonomous systems that traffic is routed through to get to a specific router or subnet. BGP will attempt to find the most efficient path when making routing decisions. AS Path Prepending manipulates the path, making it a little longer. This will influence the path used to reach a subnet.

Let's take a look at another example. We have the same environment as before with an office in east and west US. Each office has an ExpressRoute connection and are advertising the prefix for on-premises servers. This is a hybrid environment with Microsoft Exchange Online and servers in the west office.

Next, an attempt to move a mailbox is made. Exchange Online initiates the connection but connects through East. This is not an efficient route for a mailbox move. There are two ways to solve this.

First, the remote prefix could be removed from each ExpressRoute connection. This way, ExpressRoute is only advertising the local network. But that removes high availability, should one of the ExpressRoute circuits go down. The better option is to use AS PATH Prepending. This way, both prefixes are advertised on both circuits. The path to the 172.2.0.0 network is lengthened to East, and the path to 172.2.0.2 is lengthened to the West, providing optimal paths to both sites, while retaining high availability if one path should fail. BGP Communities and AS Path Prepending are options available to configure routing advertisements with ExpressRoute and BGP. Thank you for joining me in this lecture, I look forward to seeing you in the next.

About the Author
Avatar
Travis Roberts
Cloud Infrastructure Architect
Students
455
Courses
4

Travis Roberts is a Cloud Infrastructure Architect at a Minneapolis consulting firm, a Microsoft MVP, MCT, and author. Travis has 20 years of IT experience in the legal, pharmaceutical, and marketing industries and has worked with IT hardware manufacturers and managed service providers. In addition, Travis has held numerous technical certifications throughout his career from Microsoft, VMware, Citrix, and Cisco.