Azure ExpressRoute

Azure ExpressRoute lets you create private connections between Azure datacenters and your on‑premises infrastructure or colocation environment. These connections do not go over the public Internet, offering higher reliability, faster speeds, consistent latencies, and greater security.

Key Benefits

• Dedicated, private fiber connections
• Predictable performance with SLA‑backed bandwidth guarantees
• Enhanced security and compliance (no exposure to public Internet)
• Global reach – connect to multiple Azure regions from a single circuit
• Support for both Layer‑2 (VLAN) and Layer‑3 (BGP) networking models

How ExpressRoute Works

When you provision an ExpressRoute circuit, a provider establishes a dedicated link from your premise to an Azure peering location. You then configure peering (Private, Public, or Microsoft) to control traffic flow.

// Sample BGP configuration snippet for a private peering
router bgp 65001
  neighbor 10.0.0.1 remote-as 12076
  address-family ipv4 unicast
    network 10.1.0.0 mask 255.255.255.0
    neighbor 10.0.0.1 activate
    neighbor 10.0.0.1 soft-reconfiguration inbound
  exit-address-family
Copy

Getting Started

1. Plan your connectivity: Determine required bandwidth, region, and provider.
2. Create an ExpressRoute circuit: Use the Azure portal or CLI.
3. Configure peering: Set up Private and/or Microsoft peering based on workloads.
4. Connect your on‑premises network: Work with your connectivity provider for the physical link.
5. Validate and monitor: Use Azure Monitor & Network Watcher to track health.

Provisioning via Azure CLI

# Create a resource group
az group create --name rg-expressroute --location eastus

# Create an ExpressRoute circuit (SKU: Standard, 200Mbps)
az network express-route create \
  --resource-group rg-expressroute \
  --name erc-demo \
  --location eastus \
  --bandwidth 200 \
  --sku Standard \
  --provider "YourProvider" \
  --peering-location "Equinix SE2"

# Create a Private Peering
az network express-route peering create \
  --resource-group rg-expressroute \
  --circuit-name erc-demo \
  --name AzurePrivatePeering \
  --peering-type AzurePrivatePeering \
  --peer-asn 65001 \
  --primary-peer-subnet 10.0.0.0/30 \
  --secondary-peer-subnet 10.0.0.4/30 \
  --vlan-id 200
Copy

Pricing Overview

ExpressRoute pricing consists of two components: Port Hours (based on the circuit's provisioned bandwidth) and Data Transfer (outbound data after the first 5 GB per month). Pricing varies by region and provider.

Related Topics

• ExpressRoute Overview
• ExpressRoute FAQ
• Azure Virtual Network
• Azure Stack Hub