Route Tables in Azure Virtual WAN
Route tables are a fundamental component of Azure Virtual WAN's routing architecture. They are used to store routes that determine how network traffic is forwarded between different network resources within your Virtual WAN hub, and to on-premises sites or other virtual networks.
Understanding Route Tables
Each Virtual WAN hub has a set of route tables. These route tables are dynamically populated based on the connections established to the hub, such as:
- Site-to-Site VPN connections
- Azure ExpressRoute connections
- VNet connections
- User-defined routes (UDRs) applied to the hub or connected resources
The hub uses these route tables to make forwarding decisions. By default, a hub contains a Default route table. When you connect resources to the hub, they are associated with this Default route table. You can also create custom route tables to segment traffic and implement more granular routing policies.
Key Concepts
-
Route Propagation
Routes from connected resources are propagated to the relevant route tables in the hub. For example, routes from a VNet connection are propagated to the hub's Default route table and any other route tables that the VNet connection is associated with.
-
Route Distribution
Routes learned by the hub can be distributed to connected resources. This allows resources to learn about the network topology and reachability. You can control which route tables receive which routes.
-
Route Association
Each connection (e.g., VNet connection, Site-to-Site VPN connection) is associated with a specific route table. This association determines which routes are advertised to that connection.
Note: Understanding route propagation and distribution is crucial for designing a scalable and secure network architecture with Virtual WAN.
Types of Route Tables
-
Default Route Table
This is the primary route table in every hub. All VNet connections are implicitly associated with the Default route table. By default, routes learned from all connections are propagated to the Default route table.
-
Custom Route Tables
You can create custom route tables to isolate routing domains or to control route propagation and distribution more precisely. For instance, you might use a custom route table to segment traffic between different departments or applications.
Managing Route Tables
Route tables can be managed through the Azure portal, Azure CLI, Azure PowerShell, or ARM templates. Key management operations include:
- Creating and deleting custom route tables.
- Associating connections with route tables.
- Configuring route propagation and distribution.
- Viewing the routes present in a route table.
Example: Route Propagation and Association
Consider a scenario with two VNet connections (VNetA and VNetB) and a Site-to-Site VPN connection (Site1) connected to a Virtual WAN hub. By default:
- Routes from VNetA are propagated to the hub's Default route table.
- Routes from VNetB are propagated to the hub's Default route table.
- Routes from Site1 are propagated to the hub's Default route table.
- VNetA is associated with the Default route table, so it learns routes from VNetB and Site1.
- VNetB is associated with the Default route table, so it learns routes from VNetA and Site1.
- Site1 is associated with the Default route table, so it learns routes from VNetA and VNetB.
Using custom route tables, you could modify this behavior. For example, you could create a custom route table 'DepartmentX' and associate VNetA with it, while VNetB remains associated with the Default route table. You would then configure route propagation to send VNetA's routes to 'DepartmentX' and VNetB's routes to the Default table.
Route tables are essential for building complex network topologies within Azure Virtual WAN, enabling sophisticated routing control and traffic management.