Azure Virtual WAN ExpressRoute Gateway
This document provides detailed information about the ExpressRoute gateway in Azure Virtual WAN, including its architecture, capabilities, configuration, and best practices.
What is an ExpressRoute Gateway?
An Azure Virtual WAN ExpressRoute gateway is a resource that enables connectivity between your on-premises networks and Azure Virtual WAN hubs via Azure ExpressRoute. It allows you to extend your private, high-bandwidth, low-latency connections into your Azure Virtual WAN topology.
Key Features and Benefits
- Scalable Bandwidth: Supports various bandwidth configurations to meet your performance needs.
- High Availability: Designed for resilience with built-in redundancy.
- Global Reach: Integrates with Azure's global network for consistent connectivity.
- Simplified Management: Leverages the Virtual WAN portal for easy deployment and management.
- Private Connectivity: Provides a private connection, separate from the public internet.
Architecture
The ExpressRoute gateway is deployed within a Virtual WAN hub. It acts as the termination point for your ExpressRoute circuits. When you connect ExpressRoute circuits to your Virtual WAN hub, traffic destined for your Azure resources within the hub (or peered virtual networks) is routed through the ExpressRoute gateway.
Deployment and Configuration
Deploying an ExpressRoute gateway involves the following steps:
- Create a Virtual WAN: If you don't have one already, create a Virtual WAN resource in the Azure portal.
- Create a Virtual Hub: Within your Virtual WAN, create a Virtual Hub. This hub will host the ExpressRoute gateway.
- Create an ExpressRoute Gateway: In the Virtual Hub, select "ExpressRoute gateway" and click "Create". You'll need to specify the scale units (which determine bandwidth) and whether to enable active-active mode.
- Connect ExpressRoute Circuit: Navigate to your ExpressRoute circuit in the Azure portal. Under "Connections", create a new connection and select your Virtual WAN hub. You'll need to peer your circuit with the gateway's Autonomous System Number (ASN).
Scale Units and Bandwidth
The bandwidth of the ExpressRoute gateway is determined by the number of scale units you select during deployment. Each scale unit provides approximately 500 Mbps of throughput. For example, 2 scale units provide 1 Gbps, and 4 scale units provide 2 Gbps.
Routing Considerations
The ExpressRoute gateway participates in the routing within your Virtual WAN. It learns routes from your on-premises network via the ExpressRoute circuit and advertises routes to Azure resources and other connected sites (VPN). You can configure custom route tables and propagate routes to ensure optimal traffic flow.
Key routing aspects include:
- Route Propagation: Routes are propagated from the ExpressRoute gateway to the hub's default route table and to any associated virtual networks.
- Route Tables: You can use custom route tables within the hub to segment traffic and control route propagation.
- BGP Peering: Border Gateway Protocol (BGP) is used for route exchange between the ExpressRoute gateway and your on-premises edge device.
Monitoring and Troubleshooting
Azure Monitor provides insights into the performance and health of your ExpressRoute gateway. You can monitor metrics such as:
- Data In/Out
- Packet Drop Rate
- Connection Status
For troubleshooting, Azure Network Watcher tools can be invaluable. Analyze connection logs and routing information to diagnose connectivity issues.
Use Cases
- Connecting large enterprises with significant on-premises infrastructure to Azure.
- Migrating workloads to Azure while maintaining low-latency private connectivity.
- Implementing hybrid cloud solutions requiring high throughput and predictable performance.
Next Steps
Explore the following resources for more in-depth information: