Skip to content

Azure ExpressRoute

ExpressRoute circuits connect your on-premises infrastructure to Microsoft through a connectivity provider.

Pasted image 20240923113114.png

ExpressRoute peering

An ExpressRoute circuit has two routing domains/peerings associated with it: Azure Private and Microsoft. Each peering is configured identically on a pair of routers (in active-active or load sharing configuration) for high availability.

Pasted image 20240923113232.png

Pasted image 20240923114447.png

Azure private peering

Azure compute services, namely virtual machines (IaaS) and cloud services (PaaS), that are deployed within a virtual network can be connected through the private peering domain. The private peering domain is considered to be a trusted extension of your core network into Microsoft Azure. You can set up bi-directional connectivity between your core network and Azure virtual networks (VNets). This peering lets you connect to virtual machines and cloud services directly on their private IP addresses.

Microsoft peering

Connectivity to Microsoft online services (Microsoft 365, Azure PaaS services and Microsoft PSTN services) occurs through Microsoft peering. We enable bi-directional connectivity between your WAN and Microsoft cloud services through the Microsoft peering routing domain. You must connect to Microsoft cloud services only over public IP addresses that are owned by you or your connectivity provider and you must adhere to all the defined rules.

0.1. References

https://learn.microsoft.com/en-us/azure/expressroute/expressroute-circuit-peerings

END