Azure Route Server

MSDN Documentation > Azure > Networking > Virtual WAN > Azure Route Server

Azure Route Server

Azure Route Server simplifies network connectivity between your virtual machines, virtual networks, and on-premises networks in Azure. It allows you to establish a hub-and-spoke network topology by automating route propagation from your Network Virtual Appliances (NVAs) and VPN/ExpressRoute gateways to your virtual networks. This eliminates the need for manual route management, reducing complexity and operational overhead.

Key Concepts

  • Centralized Routing: Route Server acts as a central point for exchanging routes within your Azure environment.
  • NVA Integration: Seamlessly integrates with popular Network Virtual Appliances (e.g., firewalls, load balancers) deployed in Azure.
  • Automated Route Propagation: Automatically advertises routes learned from connected gateways and NVAs to your virtual networks.
  • Hub-and-Spoke Simplification: Enables easy implementation of hub-and-spoke architectures without complex route table configurations.
  • Scalability and High Availability: Designed to be highly available and scalable to meet the demands of your network.

How it Works

When you deploy Azure Route Server, it establishes BGP (Border Gateway Protocol) peering sessions with your connected NVAs and Azure VPN/ExpressRoute gateways. These gateways advertise their learned routes to the Route Server, which then aggregates and propagates these routes to all connected virtual networks. This ensures that your virtual machines can reach resources in your on-premises network and other connected virtual networks through the Route Server and its associated gateways/NVAs.

Use Cases

  • Connecting branch offices to Azure resources via VPN or ExpressRoute.
  • Enabling traffic inspection and security policies by routing traffic through NVAs.
  • Simplifying routing in complex, multi-VNet Azure environments.
  • Migrating on-premises network topologies to Azure.

Deployment and Configuration

Deploying Azure Route Server typically involves the following steps:

  1. Create a Route Server resource in your Azure subscription.
  2. Associate the Route Server with your Virtual WAN hub or a dedicated hub VNet.
  3. Configure BGP peering between the Route Server and your NVAs or VPN/ExpressRoute gateways. This involves exchanging ASN (Autonomous System Number) and BGP peer IP addresses.
  4. Ensure that your virtual networks are associated with the hub containing the Route Server.

Note: Azure Route Server requires the use of BGP for route exchange. Ensure your NVAs and gateways support BGP.

Example Configuration Snippet (Conceptual)

Below is a conceptual example of how BGP peering might be configured:


# Example configuration for a Firewall NVA
resource "azurerm_network_security_group" "example" {
  # ... other configurations
}

resource "azurerm_virtual_network" "hub" {
  # ... hub VNet configurations
}

resource "azurerm_route_server" "example" {
  name                = "myRouteServer"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  sku                 = "Standard"
  public_ip_address_id = azurerm_public_ip.example.id

  # In a real scenario, you'd define peerings here or via separate resources
  # The ASN and peer IPs are critical for BGP
  asn                 = 65001
  peer_ip             = "10.0.0.5" # Example IP for an NVA
}

# Example peering configuration (abstracted)
# In Azure portal or CLI, you would configure peerings after creating the Route Server
# This would specify the NVA/Gateway, its ASN, and its BGP peer IP

Benefits

  • Reduced Complexity: Automates route management, simplifying network operations.
  • Enhanced Connectivity: Provides robust connectivity between Azure and on-premises environments.
  • Improved Agility: Enables faster deployment and modification of network configurations.
  • Cost-Effective: Reduces the need for manual configuration and potential errors.

Further Reading