{"id":3196,"date":"2022-02-14T17:37:59","date_gmt":"2022-02-14T23:37:59","guid":{"rendered":"https:\/\/microsoftgeek.com\/?p=3196"},"modified":"2022-02-14T17:39:57","modified_gmt":"2022-02-14T23:39:57","slug":"how-to-create-and-configure-expressroute-circuits","status":"publish","type":"post","link":"https:\/\/microsoftgeek.com\/?p=3196","title":{"rendered":"How to Create and Configure ExpressRoute Circuits"},"content":{"rendered":"\n<p>One of the main objectives for an organization moving to a public cloud, in any type of shape or form, is regarding the overall performance experience: It cannot be a downgraded version of what they have with their on-premises services. Microsoft is well aware of that, therefore created some time back the possibility to use private connections from your datacenter to MS Azure\u2019s datacenters in order to guarantee this performance.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/1-ExpressRoute-Circuits-configuration-diagram-1024x490.png\" alt=\"ExpressRoute Circuits configuration diagram\" class=\"wp-image-6842\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/1-ExpressRoute-Circuits-configuration-diagram.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<p>ExpressRoute connections do not go over the public Internet, are available through specific connectivity providers. And also not all regions have ExpressRoute available.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/2-ExpressRoute-Peering-location-map-1024x532.png\" alt=\"ExpressRoute Peering location map\" class=\"wp-image-6843\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/2-ExpressRoute-Peering-location-map.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<p>Here are some of the main benefits of using ExpressRoute:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Layer 3 connectivity between your on-premises network and the Microsoft Cloud through a connectivity provider. Connectivity can be from an any-to-any (IPVPN) network, a point-to-point Ethernet connection, or through a virtual cross-connection via an Ethernet exchange.<\/li><li>Connectivity to Microsoft cloud services across all regions in the geopolitical region.<\/li><li>Global connectivity to Microsoft services across all regions with the ExpressRoute premium add-on.<\/li><li>Dynamic routing between your network and Microsoft over industry standard protocols (BGP).<\/li><li>Built-in redundancy in every peering location for higher reliability.<\/li><li>Connection uptime SLA.<\/li><li>QoS support for Skype for Business.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"expressroute-step-by-step\">ExpressRoute Step by Step<\/h2>\n\n\n\n<p>Let\u2019s jump into the step by step process on setting ExpressRoute in your environment:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Sign in to the Azure Portal.<\/li><li>Select&nbsp;<strong>New &gt; Networking &gt; ExpressRoute<\/strong><\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/3-Azure-console-Networking-ExpressRoute.png\" alt=\"Azure console Networking ExpressRoute\" class=\"wp-image-6844\"\/><\/figure><\/div>\n\n\n\n<p><strong><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/3-Azure-console-Networking-ExpressRoute.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\"><li>You\u2019ll see the Create ExpressRoute circuit page. Complete the following values:<ul><li><strong>Tier<\/strong>&nbsp;determines whether an ExpressRoute standard or an ExpressRoute premium add-on is enabled. You can specify Standard to get the standard SKU or Premium for the premium add-on.<\/li><li><strong>Data metering<\/strong>&nbsp;determines the billing type. You can specify Metered for a metered data plan and Unlimited for an unlimited data plan.<\/li><li><strong>Peering Location<\/strong>&nbsp;is the physical location where you are peering with Microsoft. The Peering Location indicates the physical location where you are peering with Microsoft. While they are not related, it is a good practice to choose a Network Resource Provider geographically close to the Peering Location of the circuit.<\/li><\/ul><\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/4-Create-ExpressRoute-circuit.png\" alt=\"Create ExpressRoute circuit\" class=\"wp-image-6845\"\/><\/figure><\/div>\n\n\n\n<p>The following is an example using&nbsp;<em>Equinix<\/em>&nbsp;as a service provider.<br><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/4-Create-ExpressRoute-circuit.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"4\"><li>Access \u201cAll Resources\u201d on the left side and check the properties of the circuit you just created.<\/li><li>You should be able to see this information on the circuit:<\/li><\/ol>\n\n\n\n<ul class=\"wp-block-list\"><li>Provider status: Not provisioned<\/li><li>Circuit status: Enabled<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/5-Circuit-status.png\" alt=\"Circuit status\" class=\"wp-image-6847\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/5-Circuit-status.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"6\"><li>In order to complete the provisioning process, you need to copy the service key and send it to your Internet service provider. Each of these keys is specified by each circuit, so if you have more than one ExpressRoute, you\u2019ll need to send the service keys for each of them.<\/li><\/ol>\n\n\n\n<p>The following is a&nbsp;<strong>service key sample, it should not be the same value for you<\/strong>:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/6-service-key-sample.png\" alt=\"service key sample\" class=\"wp-image-6848\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/6-service-key-sample.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"7\"><li>After this step is completed by your service provider, you should be able to see the \u201cProvisioned\u201d value.<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/7-Connection-status.png\" alt=\"Circuit Connection status\" class=\"wp-image-6849\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/7-Connection-status.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"understanding-expressroute-pairing-domains\">Understanding ExpressRoute Pairing Domains<\/h2>\n\n\n\n<p>An ExpressRoute circuit has multiple routing domains associated with it: Azure public, Azure private, and Microsoft. Each of the routing domains is configured identically on a pair of routers (in active-active or load sharing configuration) for high availability.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Azure private pairing<\/strong>: The private peering domain is considered to be a trusted extension of your core network into Microsoft Azure, this peering lets you connect to virtual machines and cloud services directly on their private IP addresses. You can set up bi-directional connectivity between your core network and Azure virtual networks (VNets).<\/li><li><strong>Azure public pairing<\/strong>: Connection related to services such as Azure Storage,\u00a0SQL databases, and Web sites are offered on public IP addresses. You can privately connect to services hosted on public IP addresses, including VIPs of your cloud services. Usually, these connections with the public peering domain are integrated with organizations\u2019 DMZ, connecting to all Azure services on their public IP addresses from their WAN without having to connect through the internet.<\/li><li><strong>Microsoft pairing<\/strong>: Connectivity to all other Microsoft online services (Office 365, Dynamics 365, and Azure PaaS services) is through the Microsoft peering. This type of pairing is not usually needed and only should be applied in special scenarios.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"configuring-expressroute-and-azure-private-pairing\">Configuring ExpressRoute and Azure Private Pairing<\/h2>\n\n\n\n<p>Having reviewed the peering types and domains, I\u2019ll use the Private Pairing as an example since it is usually the most common ExpressRoute scenario.<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Before you begin, make sure you have the following pre-requisites:<ol><li>A \/30 subnet for the primary link. The subnet must not be part of an address space reserved for virtual networks.<\/li><li>A \/30 subnet for the secondary link. The subnet must not be part of an address space reserved for virtual networks.<\/li><li>A valid VLAN ID to establish this peering on. Ensure that no other peering in the circuit uses the same VLAN ID.<\/li><li>AS number for peering. You can use both 2-byte and 4-byte AS numbers. You can use a private AS number for this peering. Ensure that you are not using 65515.<\/li><li>Optional \u2013 An MD5 hash if you choose to use one.<\/li><\/ol><\/li><li>Select the Azure Private peering row, as shown in the following example:<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/8-Select-Azure-Private-peering.png\" alt=\"Select Azure Private peering\" class=\"wp-image-6850\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/8-Select-Azure-Private-peering.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\"><li>Configure private peering with the pre-requisites mentioned earlier:<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/9-Private-peering-information.png\" alt=\"Private peering information\" class=\"wp-image-6851\"\/><\/figure><\/div>\n\n\n\n<p><a href=\"https:\/\/www.starwindsoftware.com\/blog\/wp-content\/uploads\/2017\/12\/9-Private-peering-information.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<p>With that, you will have your ExpressRoute circuit available and configure with private peering, therefore you will be able to experience a solid and reliable performance with Microsoft Azure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the main objectives for an organization moving to a public cloud, in any type of shape or form, is regarding the overall performance experience: It cannot be a downgraded version of what they have with their on-premises services. Microsoft is well aware of that, therefore created some time back the possibility to use [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69,35,1,16],"tags":[],"class_list":["post-3196","post","type-post","status-publish","format-standard","hentry","category-azure","category-cloud-computing","category-networking-stuff","category-vpn"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3196","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3196"}],"version-history":[{"count":3,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3196\/revisions"}],"predecessor-version":[{"id":3199,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3196\/revisions\/3199"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3196"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3196"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3196"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}