-
Episode #1: VNET connectivity, impact of Virtual Network Gateways, On-Prem route propagation options
-
Episode #5: Episode #5: NVA Routing 2.0 with Azure Route Server, IPSec/VxLAN & BGP
Coming from the On-Prem, I will try to share in this set of articles some of my basic but key learnings that helped me a lot in the first months of my Azure Cloud Networking journey.
This guide has been inspired by many conversations with customers and colleagues and aims at providing a better understanding of the routing mechanisms in Azure and how they translate from On-Prem networking.
The focus will be on private routing in hub & spoke topologies*. For clarity, network security and resiliency best practices as well as internet breakout considerations have been left out of this guide.
The pre-requisites are general understanding of Azure Virtual Networks (VNETs) and of native (non-cloud) networking.
Along with the point of view shared in these repos, please check out the following recent and insightful resources on Azure Networking :
- Jose Moreno’s recent post highlights the differences between Cloud and On-Prem Networking
- John Savill’s latest (v2) masterclass on Azure Networtking
* The impact of vWAN on VNET and branch communications is not discussed here, and would require an entire series on its own 🙂. However, in a vWAN tiered VNET design, the upper Spoke and transit VNETs would still follow some of the principles described in this guide.
I have been thinking of many ways to present the information and have finally decided to propose a step by step approach, starting from basic VNET peering connectivity and building up from there on the impact of adding an Azure Virtual Network Gateway (Expressroute or VPN) and how to influence the propagation of On-Prem routes (Episode #1).
Episode #2 will be about clarifying some of the Azure routing elements and the used terminology.
In Episode #3 and Episode #4, things will finally start unfolding as we will see how traditional On-Prem routing interoperates with Azure routing when deploying NVAs (routers, firewalls, SDWAN hubs or IPSec concentrators), and how this leads to more complex designs.
And finally Episode #5 will address a few ways to take away some of that complexity.
Feel free to jump to any section that could be an interest to you!