Azure Gateways BGP deep-dive - ExpressRoute, VPN, Route Server

Рет қаралды 3,248

Adam Stuart

Күн бұрын

Пікірлер: 9

@vinceresente Ай бұрын

Love the detail and clarity , as always 😊 , thanks @Adam and @Daniel

@siliconview Ай бұрын

Thanks. Very informative!

@thomaswinther8774 Ай бұрын

Good stuff as always! If we had FastPath enabled, how would it affect the flows?

@AdamStuart1 Ай бұрын

kzbin.info/www/bejne/jarLnYCLaL14gacsi=vqqu5uMDxur1bllK :)

@thomaswinther8774 27 күн бұрын

I have a scenario, with no route server, where VPN GW is using a different AS number than default. I see the VPN routes in the ER GW with the CLI command "..vnet-gateway list-learned-routes...", as EBGPs pointing to VPN GW. I guess the ER GW has them because they're external routes, right? But why are they then not announced to the MSEEs/Circuit? Can you help me get my head around that, or maybe link to more reading on it. Thanks! From ER GW learned-routes(VPN GW has ASN 65009): 10.32.32.0/20 10.71.0.50 EBgp 10.71.0.50 65009

@AdamStuart1 26 күн бұрын

@@thomaswinther8774 you certainly need azure route server to make er to vpn transit work.

@vishs8722 Ай бұрын

Thanks Adam would this work if the azure gw was doing p2s instead of S2S, could VPN clients connect back to the express route ?

@AdamStuart1 Ай бұрын

Officially that is still unsupported with Route Server, its supported on VWAN today. Doc: learn.microsoft.com/en-us/azure/route-server/route-server-faq#can-azure-route-server-provide-transit-between-expressroute-and-a-point-to-site-p2s-vpn-gateway-connection-when-enabling-the-branch-to-branch

@thomasaiwilcox Ай бұрын

Technically unsupported according to the docs but I have implemented it and it did work for p2s users getting to on prem. This was a split tunnel however, not full tunnel which as Adam mentioned is only supported with virtual wan