Azure – Networking – Part 11 – ExpressRoute
Hope, you all are doing good :). Now a days I am exploring one of the very important service provided by Azure is ExpressRoute. In my last project we have used this service for our customer but it was configured by someone else.
There are many articles and videos on ExpressRoute are available in net. But then I thought, what’s wrong , if we add one more to it. It will clear my understanding as well as it might help some one to understand ExpressRoute 🙂 .
Here I will only share some basics of ExpressRoute. I will not be able to share any presentation of all configuration as I don’t have all prerequisite available but will try to touch most of the important part of ExpressRoute.
Tool Installation Articles :
- Configure Azure Command Line Interface ( Azure CLI) On Windows
- Configure PowerShell For Microsoft Azure Az Module On Windows
Previous Azure series :
- Learn Basics Of Azure Networking In 60 Hours
- Learn Basic Of Azure Active Directory And Azure Identity And Access Management
- Azure DevOps – Learn at one place
If you have missed our previous articles on networking, please check them in following links.
Next Article : Part 12 – Azure VPN Network Gateway
ExpressRoute is an Azure service that enable us to establish a dedicated private, reliable and high speed connectivity with bandwidths up to 10 Gbps between our data center an Microsoft Azure.
ExpressRoute connections enable access to the following services:
- Microsoft Azure services
- Microsoft Office 365 services
- Microsoft Dynamics 365
Benefits of Express Route :
- Layer 3 connectivity between our on-premises network and the Microsoft Cloud through a connectivity provider
- Dedicated Network with Privacy
- Cross Region Connectivity with Premium add-on
- Provide Predictable network Performance
- Built-in redundancy in every peering location for higher reliability and availability.
- Dynamic routing between our network and Microsoft.
- Support Hybrid Application.
ExpressRoute Health Monitor :
ExpressRoute circuits can be monitored for availability, connectivity to VNets and bandwidth utilization using Network Performance Monitor (NPM).
ExpressRoute Connectivity Model :
We can create a connection between our data center and the Microsoft cloud in following three different ways.
Cloud Exchange – Co-located Connectivity Model :
If one organisation using co-located service of a cloud exchange, organisation can ask for virtual cross-connections to the Microsoft cloud through the co-location provider’s Ethernet exchange. Cloud exchange provider can offer layer 2 and layer 3 cross-connection between co-located infrastructure and Microsoft data center
Point-to-point Ethernet Connectivity Model :
A Point to Point Ethernet service is a private dedicated secure data connection, connecting from our data center to Microsoft cloud. It also provide layer 2 and layer 3 connections. We don’t need to encrypt data as it is very secure by nature.
Any-to-any (IPVPN) networks Connectivity Model :
With this network connection, we can connect our own WAN to Microsoft cloud. This connection is based on IPVPN ( Internet Protocol Virtual Private Network ). It is separated from the public internet, travelling packets via a private connection to each remote site or branch office to make it look just like any other branch office.
ExpressRoute Domains/Peering :
Multiple routing domains/peerings has associated with An ExpressRoute circuit. There are generally following three types of domains/peerings.
Azure Public Peering :
Now in new ExpressRoute circuits Azure Public Peering has been deprecated .
Azure Private Peering :
The private peering domain is very secured and trusted extension of our network. Azure compute services (IaaS) and cloud services (PaaS) can be deployed within a virtual network and that can be connected through the private peering domain. Communication can be bi-directional between our On-premise network and Azure virtual networks .
Microsoft Peering :
Microsoft Peering can be used, in a case where we need a secure and trusted bi-directional communication between on-premise network with any Microsoft service (Saas) like Office 365, Dynamic 365 etc. The connection must be based on IP .
ExpressRoute workflows for circuit provisioning :
The following image walks us through the service provisioning and routing configuration workflows at a high level.
Differents between ExpressRoute VS VPN :
|VPN traverses the public internet when not used with ExpressRoute||ExpressRoute is a private, secure and faster connection|
|VPN maximum speed is 1.2 gbis||ExpressRoute maximum speed is 10 gb|
|VPN latency is higher||ExpressRoute latency is lower|
Other important references :
As I have already discussed, we can found many more articles from Microsoft on ExpressRoute. Here I have tried to summarized basic concept of ExpressRoute from different articles. For more detail level information can be found from the following links.
- ExpressRoute prerequisites & checklist
- Create and modify an ExpressRoute circuit
- Create and modify peering for an ExpressRoute circuit
- Connect a virtual network to an ExpressRoute circuit using the portal
- Configure route filters for Microsoft peering: Azure portal
- ExpressRoute FAQ
Thanks for reading 🙂 . My next article of this series is Part 12 – Azure VPN Network Gateway .
Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.
If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles