Azure Virtual WAN Route Server

Azure Virtual WAN Route Server simplifies the management of routing between your Virtual WAN Hub and your network appliances, such as firewalls and network virtual appliances (NVAs). It automates BGP peering and route propagation, reducing the complexity of your network configuration.

What is Route Server?

Route Server is a managed service within Azure Virtual WAN that extends routing capabilities. It allows you to connect your on-premises networks and other cloud environments to your Virtual WAN Hub and distribute routes efficiently. It uses the Border Gateway Protocol (BGP) to exchange routing information.

Note: Route Server is a feature of Virtual WAN Hubs. It's designed to work seamlessly with other Virtual WAN components.

Key Benefits

  • Simplified Management: Automates BGP peering and route exchange.
  • Scalability: Handles a large number of routes and connections.
  • Centralized Routing: Provides a single point for managing routing policies.
  • Enhanced Connectivity: Enables seamless connectivity between different network types (e.g., VPN, ExpressRoute, NVAs).

How it Works

Route Server establishes BGP peering with network devices connected to your Virtual WAN Hub. It learns routes from these devices and propagates them to other connected branches and networks. This ensures that traffic can be routed efficiently across your entire Virtual WAN.

Virtual WAN Route Server Diagram

Conceptual diagram of Route Server in Virtual WAN.

Use Cases

  • Connecting Firewalls/NVAs: Route traffic through your security appliances before it enters or leaves your Virtual WAN.
  • Multi-Site Connectivity: Manage routing for multiple on-premises sites connected via VPN or ExpressRoute.
  • Hub-and-Spoke Routing: Centralize routing for spoke VNETs connected to a Virtual WAN Hub.

Configuring Route Server

You can enable and configure Route Server directly within your Virtual WAN Hub settings in the Azure portal. This typically involves:

  1. Navigating to your Virtual WAN Hub.
  2. Enabling the Route Server feature.
  3. Configuring BGP peering with your connected network devices.

Example BGP Configuration

When configuring your network appliance, you'll need to specify the BGP peer IP address and ASN provided by Azure Route Server. For example, if your appliance is connecting to the Route Server, the configuration might look something like this:


# Example configuration for a firewall appliance
router bgp 65515  # Azure ASN
 neighbor 10.0.1.4  # Route Server BGP peer IP
  remote-as 65515  # Azure ASN
  update-source GigabitEthernet0/1
  address-family ipv4 unicast
   route-map INBOUND_ROUTES in
   route-map OUTBOUND_ROUTES out
  exit-address-family
 neighbor 10.0.1.5  # Route Server BGP peer IP (if multiple interfaces)
  remote-as 65515
  update-source GigabitEthernet0/2
  address-family ipv4 unicast
   route-map INBOUND_ROUTES in
   route-map OUTBOUND_ROUTES out
  exit-address-family
Tip: Refer to the specific documentation for your network appliance vendor for detailed BGP configuration steps.

Route Distribution Policies

Route Server supports route distribution policies to control which routes are advertised to and learned from your connected devices. You can use route maps or BGP community values to influence routing behavior.

Route Maps

Route maps allow you to filter and modify routes based on various criteria. They are applied inbound or outbound to BGP neighbor sessions.

BGP Communities

Azure Virtual WAN uses specific BGP community values to signal routing preferences and policies. For example, you can use communities to influence route propagation between different regions or network types.

Next Steps

Explore the following resources to deepen your understanding and implement Route Server in your Virtual WAN environment: