Show Menu

Azure ExpressRoute Cheat Sheet by

Azure ExpressRoute Cheatsheet

Create an Expres­sRoute circuit and peering

Where is the menu to config Expres­sRoute circuit in Azure portal?
Create a resource > Networking > Expres­sRoute.
What we do after we create a circuit on Azure Portal?
Send the provider the value in the Service key field to enable them to configure the connec­tion.
What we do after the provider status is reported as Provis­ioned?
For Layer 2 connec­tivity, configure the routing for the peerings. For L3, the provider will configure that.

Expres­sRoute Circuit Properties

Circuit name
A meaningful name for your circuit, without any white space or special charac­ters.
The Expres­sRoute provider with which you've registered your subscr­iption.
Peering location
A location enabled by the Expres­sRoute provider in which to create your circuit.
Select your bandwidth, from 50 Mbps up to 10 Gbps. Start with a low value. You can increase it later with no interr­uption to service. However, you can't reduce the bandwidth if you set it too high initially.
Select Standard if you have up to 10 virtual networks and only need to connect to resources in the same geopol­itical region. Otherwise, select Premium.
Billing model
Select Unlimited to pay a flat fee regardless of usage. Or select Metered to pay according to the volume of traffic that enters and exits the circuit.
The subscr­iption you've registered with your Expres­sRoute provider.
Resource group
The Azure resource group in which to create the circuit.
The Azure location in which to create the circuit.

Configure Private Peering

Peer ASN
The autonomous system number for your side of the peering. This ASN can be public or private, and 16 bits or 32 bits.
Primary subnet
This is the address range of the primary /30 subnet that you created in your network. You'll use the first IP address in this subnet for your router. Microsoft uses the second for its router.
Secondary subnet
This is the address range of your secondary /30 subnet. This subnet provides a secondary link to Microsoft. The first two addresses are used to hold the IP address of your router and the Microsoft router.
This is the VLAN on which to establish the peering. The primary and secondary links will both use this VLAN ID.
Shared key
This is an optional MD5 hash that's used to encode messages passing over the circuit
Use private peering to connect your network to your virtual networks running in Azure.

Configure Microsoft Peering

Advertised public prefixes
This is a list of the address prefixes that you use over the BGP session. These prefixes must be registered to you, and must be prefixes for public address ranges.
Customer ASN
This is optional. It's the client­-side autonomous system number to use if you are advert­ising prefixes that aren't registered to the peer ASN.
Routing registry name
This name identifies the registry in which the customer ASN and public prefixes are regist­ered.
Use Microsoft peering to connect to Office 365 and its associated services.

Connect a VNet to an Expres­sRoute circuit

What we create before connect to a private circuit?
Must create an Azure virtual network gateway by using a subnet on one of your Azure virtual networks.
What a virtual network gateway provides
Provides the entry point to network traffic that enters from your on-pre­mises network. It directs incoming traffic through the virtual network to your Azure resources.
What we use to control traffic that's routed from on-pre­mises network?
Network security groups and firewall rules
How many virtual networks can be linked to an Expres­sRoute circuit
Up to 10 virtual networks, but these virtual networks must be in the same geopol­itical region as the Expres­sRoute circuit.
How many Expres­sRoute circuit can a single virtual network can connect to?
You can link a single virtual network to four Expres­sRoute circuits if necessary.
What is Connection Weight property?
If there are multiple circuits across different providers to prefer one circuit to another.
What is Expres­sRoute Direct option?
An ultra-­hig­h-speed option from Microsoft.
How is Expres­sRoute Direct different with Expres­sRoute?
It provides dual 100-Gbps connec­tivity
What is FastPath
When FastPath is enabled, it sends network traffic directly to a virtual machine that's the intended destin­ation. The traffic bypasses the virtual network gateway, improving the perfor­mance between Azure virtual networks and on-pre­mises networks.
What FastPath doesn't support?
FastPath doesn't support virtual network peering (where you have virtual network peering. It also doesn't support user-d­efined routes on the gateway subnet.

Archit­ecture of Expres­sRoute

A circuit provides a physical connection for transm­itting data through the Expres­sRoute provider's edge routers to the Microsoft edge routers.

How Azure Expres­sRoute works

Where Expres­sRoute is supported?
across all regions and locations
Why we need to work with an Expres­sRoute partner to implement Expres­sRoute?
The partner provides the edge service: an authorized and authen­ticated connection that operates through a partne­r-c­ont­rolled router. The edge service is respon­sible for extending your network to the Microsoft cloud.
What are circuits?
The connec­tions to an endpoint in an Expres­sRoute location that enable customer to peer on-pre­mises networks with the virtual networks available through the endpoint.
What a circuit provides?
provides a physical connection for transm­itting data through the Expres­sRoute provider's edge routers to the Microsoft edge routers.
Do circuit establ­ishes via public internet?
No, A circuit is establ­ished across a private wire rather than the public internet.
What are the prereq­uisites for Expres­sRoute
- An Expres­sRoute connec­tivity partner or cloud exchange provider that can set up a connection from your on-pre­mises networks to the Microsoft cloud.
- An Azure subscr­iption that is registered with your chosen Expres­sRoute connec­tivity partner.
- An active Microsoft Azure account to request an Expres­sRoute circuit.
- An active Office 365 subscr­iption
Expres­sRoute network and routing requir­ements
- Ensure that BGP sessions for routing domains have been config­ured. For each Expres­sRoute circuit, Microsoft requires redundant BGP sessions between Micros­oft’s routers and customer peering routers.
- Using NAT to IP Public is mandatory to connect through Microsoft peering. Microsoft will reject anything except public IP addresses through Microsoft peering.
- Reserve several blocks of IP addresses in your network for routing traffic to the Microsoft cloud. 1 /29 or 2 /30.
- One of these subnets is used to configure the primary circuit to the Microsoft cloud, and the other implements a secondary circuit.
- Use the first address in these subnets to commun­icate with services in the Microsoft cloud. Microsoft uses the second address to establish a BGP session.
Expres­sRoute supports two peering schemes:
- private peering to connect to Azure IaaS and PaaS services deployed inside Azure virtual networks.
- Microsoft peering to connect to Azure PaaS services, Office 365 services, and Dynamics 365.
What is the constraint of Expres­sRoute private peering?
The resources that customer access must all be located in one or more Azure virtual networks with private IP addresses. Customer can't access resources through their public IP address over a private peering.
Expres­sRoute availa­bility
Microsoft guarantees a minimum of 99.95 percent availa­bility for an Expres­sRoute dedicated circuit.

Expres­sRoute Peering

- private peering to connect to Azure IaaS and PaaS services deployed inside Azure virtual networks.

- Microsoft peering to connect to Azure PaaS services, Office 365 services, and Dynamics 365.

Create a New Circuit Connection



No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Microsoft Flight Simulator 2020 Keyboard Shortcuts
          Microsoft Azure SKUs Cheat Sheet

          More Cheat Sheets by ilperdan0

          Structure and Syntax of ARM Templates Cheat Sheet