Azure / ExpressRoute / Introduction

ExpressRoute Introduction

What is Azure ExpressRoute?

Azure ExpressRoute lets you create private connections between Azure datacenters and your on‑premises infrastructure or colocation environment. These connections do not travel over the public internet, offering higher reliability, faster speeds, lower latencies, and consistent network performance.

ExpressRoute is ideal for enterprises that need to:

  • Transfer large volumes of data securely.
  • Ensure compliance with regulatory requirements.
  • Integrate legacy systems that demand deterministic network performance.
  • Back up and disaster‑recover critical workloads.

Key Benefits

  • Private Connectivity: Bypass the public internet.
  • High Throughput: Up to 10 Gbps per circuit.
  • Low Latency & Predictable Performance: SLA‑backed.
  • Security & Compliance: Seamless integration with Azure Private Link and Service Endpoints.
  • Flexible Redundancy: Dual‑circuit options for resilience.

How ExpressRoute Works

ExpressRoute circuits are provisioned through a connectivity provider or a Network Service Provider (NSP). Once the circuit is established, you can link it to Azure services via:

  1. Microsoft peering – for Azure PaaS services (e.g., Azure Storage, SQL).
  2. Private peering – for Azure Virtual Networks.
  3. Exchange peering – for Microsoft partner services.

Below is a sample architecture diagram.

+----------------+      +----------------------+      +------------------+
| On‑Premises LAN | ---> |   ExpressRoute       | ---> | Azure Virtual    |
| (Router/Switch) |      |   Provider Edge (PE) |      | Network (VNet)   |
+----------------+      +----------------------+      +------------------+

Prerequisites

  • Active Azure subscription.
  • Supported connectivity provider (e.g., Equinix, AT&T, BT).
  • Network configuration for BGP (Border Gateway Protocol).
  • Allocated IPv4 or IPv6 address space for the circuit.

Getting Started

Follow these steps to provision your first ExpressRoute circuit.

  1. Create a circuit: 
    az network express-route create \
  --name MyCircuit \
  --resource-group MyRG \
  --location "East US" \
  --bandwidth 2000 \
  --peering-location "Seattle" \
  --sku Standard
  2. Configure peering: 
    az network express-route peering create \
  --resource-group MyRG \
  --circuit-name MyCircuit \
  --peering-type AzurePrivatePeering \
  --peer-asn 65515 \
  --vlan-id 300 \
  --primary-peer-subnet 10.0.0.0/30 \
  --secondary-peer-subnet 10.0.0.4/30
  3. Link to a Virtual Network: 
    az network vnet create \
  --name MyVNet \
  --resource-group MyRG \
  --address-prefix 10.1.0.0/16

az network vnet peering create \
  --name MyVNet-ER-Peer \
  --resource-group MyRG \
  --vnet-name MyVNet \
  --remote-vnet /subscriptions/xxxx/resourceGroups/MyRG/providers/Microsoft.Network/expressRouteCircuits/MyCircuit \
  --allow-gateway-transit true
Full Quickstart Guide

Further Resources