Azure – Networking – Part 11 – ExpressRoute

Hello Friends,

Hope, you all are doing good :). Now a days I am exploring one of the very important service provided by Azure is ExpressRoute. In my last project we have consume this service for our customer but it was configured by some one else.

There are many articles and videos on ExpressRoute are available in net. But then I thought, what’s wrong , if we add one more to it. It will clear my understanding as well as it might help some one to understand ExpressRoute 🙂 .

Here I will only share some basics of ExpressRoute. I will not be able to share any presentation of all configuration as I don’t have all prerequisite available but will try to touch most of the important part of ExpressRoute.

 If you have missed our previous articles, please check it in following links.

Part 6 – Azure Application Gateway Features

Part 7 – Create An Application Gateway With URL-Based Routing Configuration- 1

Part 8 – PowerShell To Create An Application Gateway With URL-Based Routing Configuration- 2

Part 9 – Configure Custom Domain In Azure DNS

Part 10 – Issue when Configure DNS Records In Azure DNS

ExpressRoute :

ExpressRoute is an Azure service that enable us to establish a dedicated private, reliable and high speed connectivity with bandwidths up to 10 Gbp between our data center an Microsoft Azure.

ExpressRoute connections enable access to the following services:

  • Microsoft Azure services
  • Microsoft Office 365 services
  • Microsoft Dynamics 365

Benefits of Express Route :

  • Layer 3 connectivity between our on-premises network and the Microsoft Cloud through a connectivity provider
  • Dedicated Network with Privacy
  • Cross Region Connectivity with Premium add-on
  • Provide Predictable network Performance
  • Built-in redundancy in every peering location for higher reliability and availability.
  • Dynamic routing between our network and Microsoft.
  • Support Hybrid Application.

ExpressRoute Health Monitor :

ExpressRoute circuits can be monitored for availability, connectivity to VNets and bandwidth utilization using Network Performance Monitor (NPM).

Concepts :

ExpressRoute Connectivity Model :

We can create a connection between our data center and the Microsoft cloud in following three different ways.

Cloud Exchange Co-located Connectivity Model :

If one organisation using co-located service of a cloud exchange, organisation can ask for virtual cross-connections to the Microsoft cloud through the co-location provider’s Ethernet exchange. Cloud exchange provider can offer layer 2 and layer 3 cross-connection between co-located infrastructure and Microsoft data center

Figure 1 : Azure – Networking- ExpressRoute – Cloud Exchange -Co located area
Point-to-point Ethernet Connectivity Model :

Point to Point Ethernet service is a private dedicated secure data connection, connecting from our data center to Microsoft cloud. It also provide layer 2 and layer 3 connections. We don’t need to encrypt data as it is very secure by nature.

Figure 2 : Azure – Networking- ExpressRoute – Point to Point
Any-to-any (IPVPN) networks Connectivity Model :

With this network connection, we can connect our own WAN to Microsoft cloud. This connection is based on IPVPN ( Internet Protocol Virtual Private Network ). It is separated from the public internet, travelling packets via a private connection to each remote site or branch office to make it look just like any other branch office. 

Figure 3 : Azure – Networking- ExpressRoute – Any to Any network connection

ExpressRoute Domains/Peering :

Multiple routing domains/peerings has associated with An ExpressRoute circuit. There are generally three types of domains/peerings.Azure Public Peering

Figure 4 : Azure – Networking- ExpressRoute domains/peerings
Azure Public Peering :

Now in new ExpressRoute circuits Azure Public Peering has been deprecated .

Azure Private Peering :

The private peering domain is very secured and trusted extension of our network d. Azure compute services (IaaS) and cloud services (PaaS) can be deployed within a virtual network and that can be connected through the private peering domain. Communication can be bi-directional between our On-premise network and Azure virtual networks . Microsoft Peering. We can connect multiple VNet to a Private Peering domain.

Microsoft Peering :

Microsoft Peering can be used, in a case where we need a secure and trusted bi-directional communication between on-premise network with any Microsoft service (Saas) like Office 365, Dynamic 365 etc. The connection must be based on IP .

ExpressRoute workflows for circuit provisioning :

The following image walks us through the service provisioning and routing configuration workflows at a high level.

Figure 5 : Azure- Networking- ExpressRoute – provisioning workflow

Differents between ExpressRoute VS VPN :

VPN ExpressRoute
VPN traverses the public internet when not used with ExpressRoute ExpressRoute is a private, secure and faster connection
VPN maximum speed is 1.2 gbis ExpressRoute maximum speed is 10 gb
VPN latency is higher ExpressRoute latency is lower


Other important references :


As I have already discussed, we can found many more articles from Microsoft on ExpressRoute. Here I have tried to summarized basic concept of ExpressRoute from different articles. For more detail level information can be found from the following links.

Thanks for reading  🙂

Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.

If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles

Advertisements

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.