In today’s globalized world, customers have begun to maintain and expand their presence in the cloud across different geographic regions. With these increased deployments in Azure regions comes the increasing complexity of customers’ hybrid networks. Establishing connectivity is no longer as simple as exchanging IP addresses between a pair of Azure regions and on-premises locations. Connectivity now requires additional configuration and reconfiguration of IP prefixes and route filters over time as the number of regions and local locations grows. Introducing community support for the Border Gateway Protocol (BGP) for Azure ExpressRoute, now in preview, removes this burden for customers connecting privately to Azure. Supporting this feature will also help simplify and unlock new network designs.

A brief overview of ExpressRoute

With ExpressRoute, customers can extend their on-premises networks to the Microsoft cloud over a private connection. With ExpressRoute, customers can connect to services in the Microsoft cloud, including Microsoft Azure and Microsoft 365, without having to traverse the public internet. An ExpressRoute connection offers more reliability, lower latency, and higher security than a public Internet connection.

Globalized hybrid networks with ExpressRoute

A common scenario for customers to use ExpressRoute is to access workloads deployed in their Azure virtual networks. ExpressRoute facilitates the exchange of Azure and on-premises private IP address ranges using a BGP session over a private connection, enabling seamless extension of customers’ existing networks to the cloud.

When a customer begins using multiple ExpressRoute circuits to multiple Azure regions, their traffic may take more than one path. The following hybrid network architecture diagram shows the occurrence of suboptimal routing when setting up a multi-region mesh network with ExpressRoute circuits:

To ensure that traffic to Region A takes the optimal path via ExpressRoute Circuit 1, the customer could configure a route filter locally to ensure that Region A’s routes are only learned at the customer edge by ExpressRoute Circuit 1 and not at all by ExpressRoute Circuit 2 This approach results in the customer maintaining a comprehensive list of IP prefixes in each region and having to update this list regularly as new virtual networks are added and private IP address space in the cloud expands. As the customer continues to expand its presence in the cloud, this burden may become excessive.

Simplified routing with BGP communities

With the introduction of BGP community support for ExpressRoute, customers can easily expand their hybrid multi-region networks without the tedious work of maintaining IP prefix lists. A BGP community is a group of IP prefixes that share a common property called the BGP community tag or value. On Azure, customers can now:

Once these values ​​are configured in customers’ virtual networks, ExpressRoute maintains them on the corresponding private IP prefixes shared with the customer’s on-premises customers. When these prefixes are learned locally, they are learned along with the configured BGP community values. For example, a customer can set a custom value of 12076:10000 in a virtual network in East US, and then start receiving the virtual network prefixes locally along with the values ​​12076:1000 and 12076:50004 (the regional value). . Customers can then configure their route filters based on these community values ​​instead of specifying IP prefixes.

With the ability to make routing decisions on-premises based on BGP communities, customers no longer need to maintain IP prefix lists or update their route filters each time they expand their address space in an existing region. Instead, they can filter based on regional BGP community values ​​and update their configurations when deploying workloads in a new region.

Understand complex networks

Customers can expand their Azure workloads across regions over time, as previously described, but can also continue to build more complex networks within each region. You can move from simpler single virtual network deployments to hub-and-spoke or mesh topologies with hundreds of resources. If there are connectivity or performance issues for traffic sent from these resources to the on-premises site, the complexity of the cloud network can make troubleshooting difficult. With custom BGP community values ​​configured in each virtual network within a region, a customer can quickly find the specific virtual network where traffic in Azure is coming from and narrow their investigation accordingly.

Leverage custom BGP communities with your Azure workloads

With the ability to simplify cross-regional hybrid network designs and speed up troubleshooting, custom BGP communities are a great way for customers to improve stream express route Setups and prepare for future growth.

Learn more about how to do it configure custom BGP communities for your own hybrid networks.

Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.