Azure ExpressRoute

Let's go to the last option of on-premises connectivity: Azure ExpressRoute. To make it clear: Azure ExpressRoute is in no way comparable to the Azure Site-to-Site or Azure Point-to-Site connections. So, the question arises: What is Azure ExpressRoute? Azure ExpressRoute is a service that allows you to establish a private connection between a Microsoft Data Center and the infrastructure on site or in a collocation environment.

Azure ExpressRoute connections do not take place over the public internet. This provides you with a greater security, a greater reliability, and a faster speed with less latency than a traditional internet connection.

Let's look at Azure ExpressRoute once in detail. The following diagram shows an example of a typical Azure ExpressRoute environment:

What can you see in the diagram? The starting point of our architecture is your Customer Network (or on-premises network), which is connected to a Partner Edge. The Partner Edge is an Internet service provider (ISP) solution and offers you technologies called Multi-Protocol Label Switching (MPLS) or ISP IP VPN.

MPLS is a type of data-carrying technique for telecommunications networks that directs data from one network to the next, based on short path labels rather than long network addresses. This technology avoids long and complex routing tables. The labels identify virtual links between distant nodes. MPLS can encapsulate packets of various network protocols; that's why it is named multi-protocol. MPLS supports nearly all common access technologies, including T1/E1, ATM, frame relay, and dark fiber connects, into points of presence or DSL.

The partner edge is then connected to Microsoft Edge via the so-called ExpressRoute Circuit, that represents a logical connection between your on-premises infrastructure and Microsoft cloud services through a connectivity provider. The Azure ExpressRoute circuit is rented by you for a certain range. What many do not know is that from Microsoft you get this bandwidth but delivered twice as an active/active connection to your internet service provider.  

An Azure ExpressRoute circuit (or Azure ExpressRoute connection) has multiple routing domains (or peering types): a public Azure routing domain, a private Azure routing domain, and Microsoft routing domains.

All routing domains are configured identically for high availability on a router pair (with an active/active configuration or a payload distribution configuration).

Now I have some more details on the theme of peering. The three peering types are:

  • Microsoft peering: Microsoft peering includes the connectivity to all Microsoft SaaS offers (such as Office 365 or Dynamics CRM). You can enable bidirectional connectivity between your WAN and Microsoft Cloud Services through the Microsoft peering routing domain.
  • Azure public peering: Azure public peering includes all Azure PaaS offers such as Azure Storage, Azure SQL Databases, and Azure Web Apps that provide a public IP address. You can privately connect to services hosted on public IP addresses, including VIPs of your cloud services, through the public peering routing domain. You can connect the public peering domain to your demilitarized zone (DMZ) and connect to all Azure services on their public IP addresses from your WAN without having to connect through the internet.
  • Azure private peering: Azure compute services, namely virtual machines and cloud services that are deployed within a virtual network, can be connected through the private peering domain. The private peering domain is considered to be a trusted extension of your core network into Microsoft Azure. You can set up bidirectional connectivity between your network and Azure virtual networks.
At the moment, Microsoft is trying to merge the peering types, Azure public peering and Microsoft peering (Preview).
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.15.229.111