Export (0) Print
Expand All

ExpressRoute Technical Overview

Updated: February 13, 2015

Microsoft Azure ExpressRoute lets you create private connections between Azure datacenters and infrastructure that’s on your premises or in a co-location environment. With ExpressRoute, you can establish connections to Azure at an ExpressRoute partner co-location facility, or directly connect to Azure from your existing WAN network (such as a MPLS VPN provided by a network service provider). Use ExpressRoute to extend your network to Azure and unlock hybrid IT scenarios.

ExpressRoute connections offer higher security, more reliability, faster speeds and lower latencies than typical connections over the Internet. In some cases, using ExpressRoute connections to transfer data between your on-premises network and Azure can also yield significant cost benefits. If you already have created a cross-premises connection from your on-premises network to Azure, you can migrate to an ExpressRoute connection while keeping your virtual network intact.

See the ExpressRoute FAQ for more details.

In order to connect your on-premises network and services hosted in Azure (compute, storage, media services, websites and other services), you must order a circuit through a connectivity provider. There are two connectivity provider types to choose from: direct layer 3 through an exchange provider, or layer 3 through a network service provider. You can choose to enable one or both types of connectivity through your circuit to your Azure subscription. You will be able to connect to all supported Azure services through the circuit only if you configure both direct layer 3 and layer 3 connectivity.
Note the following:

  • If you are connecting to Azure through an exchange provider location, you will need a pair of physical cross-connections and will need to configure a pair of BGP sessions per physical cross connection (one public peering and one for private peering) in order to have a highly available link. The cross-connects go into the exchange provider’s cloud connectivity infrastructure. They do not connect directly to Azure routers.

  • If you connect to Azure through a network service provider, the network service provider takes care of configuring routes to all the services. Work with your network service provider to have routes configured appropriately.

The figure below shows a logical representation of connectivity between your infrastructure and Azure. In the diagram, a circuit represents a redundant pair of logical cross connections between your network and Azure configured in Active-Active configuration. The circuit is partitioned to 2 sub-circuits to isolate traffic.
The following traffic is isolated:
- Traffic is isolated between your premises and Azure compute services. Azure compute services, namely virtual machines (IaaS) and cloud services (PaaS) deployed within a virtual network are covered.
- Traffic is isolated between your premises and Azure services hosted on public IP addresses. The services that are supported can be found here: Supported Azure Services.

ExpressRoute Connection

There are two connectivity option types for ExpressRoute. You can select either type, or you can choose both:

- Connectivity through an exchange provider

- Connectivity through a network service provider

We partner with cloud exchange service providers such as Equinix and TeleCity group, and also with point-to-point connectivity service providers such as Level 3, to offer connectivity between Azure and the customer’s premises. We offer circuit bandwidths from 200 Mbps to 10 Gbps (200 Mbps, 500 Mbps, 1 Gbps and 10 Gbps).

If you want a direct layer 3 connection through an exchange provider, you can do this one of 3 ways:

  • You can be co-located with Equinix or TeleCity in the locations we offer services in. In those locations, we have their equipment connected with the cloud exchange / Cloud IX infrastructure in the facility.

  • You can work with Level 3 to have an Ethernet circuit setup between your on-premises network and Azure. For an exchange provider direct level 3 connection, we configure a pair of cross-connections between Azure infrastructure and the connectivity provider’s infrastructure in active-active configuration to ensure that the connection is highly available and is resilient to failures.

  • You can work with your local metro Ethernet service provider to acquire a leased line in order to connect to the closest exchange provider facility that can connect to Azure.

No matter which way you decide, for a direct level 3 connection, we configure a pair of cross-connections between Azure infrastructure and the connectivity provider’s infrastructure in active-active configuration to ensure that the connection is highly available and is resilient to failures. After you meet the prerequisites, you can then setup BGP sessions between your routers and the Microsoft routers in order to exchange routes and have traffic flow between your network and Azure.

For more information about configuration and to see real-world examples, you can do the following:

We partner with Telcos such as AT&T, Verizon, British Telecom, Level 3 IPVPN and SingTel to offer connectivity between Azure and your on-premises location. We offer circuit bandwidths from 10 Mbps to 1 Gbps. If you use VPN services from any of the network service providers in the network service provider table below, they can extend the networks into Azure without having to deploy any new hardware or making major configuration changes to your existing networks.

For more information about configuration and to see real-world examples, you can do the following:

 

Properties Connectivity through Network Service Providers Connectivity through Exchange Providers

Supported Service Providers

AT&T, Level 3, Verizon, British Telecom, SingTel, Orange, IIJ, Tata Communications, Telstra

Colt, Equinix, Level 3, TeleCity Group

Supported Bandwidth Options

10 Mbps, 50 Mbps, 100 Mbps, 500 Mbps, 1 Gbps

200 Mbps, 500 Mbps, 1Gbps, 10Gbps

Pricing

Pricing Details

Pricing Details

Routing

Managed by the network service provider

Customer managed

High Availability

Network service provider offers redundant connectivity in the same location

Customer must establish a pair of cross connects through the exchange provider

 

Service Provider Atlanta Chicago Dallas Los Angeles New York Seattle Silicon Valley Washington DC Amsterdam London Hong Kong Singapore Sydney Tokyo

Aryaka

Coming soon

Colt

Available

Coming soon

Equinix

Available

Available

Available

Available

Available

Available

Available

Available

Available

Available

Available

Available

Available

Available

Level 3 EVPL Service

Coming soon

Coming soon

Coming soon

Available

Available

Available

TeleCity Group

Available

Available

Zayo Group

Coming soon

 

Service Provider Atlanta Chicago Dallas Los Angeles New York Seattle Silicon Valley Washington DC Amsterdam London Hong Kong Singapore Sydney Tokyo

AT&T

Available

Available

British Telecom

Coming soon

Coming soon

Available

Available

Internet Initiative Japan Inc. (IIJ)

Available

Level 3 IP VPN Service

Coming soon

Coming soon

Coming soon

Available

Available

Available

Orange

Available

Available

SingTel

Available

Tata Communications

Available

Available

Telstra

Available

Verizon

Available

Available

Available

Available

If your network service provider is not listed in the table above, you may still connect to Azure by using ExpressRoute. Check with your network service provider to see if they are present in any of the exchange locations listed above. If they are, have your service provider extend your network to the exchange location of choice. You can then order an ExpressRoute circuit through the exchange provider to connect to Azure.

In order to connect to Azure by using ExpressRoute, you’ll need to verify that the following perquisites have been met. You must have the following:

  1. Microsoft Azure Account

  2. A relationship with a network service provider or an exchange provider from the supported list above through whom connectivity needs to be facilitated. You must have an existing business relationship with the network service provider or exchange provider. You’ll need to make sure that the service you use is compatible with ExpressRoute. If you want to use a network service provider and your network service provider is not in the list above, you can still get connected to Azure. See What if my network service provider isn’t listed in the table?

  3. Contact your Microsoft account team. We recommend contacting your Microsoft account team. Your account team can work with you and your service provider to prioritize your request.

  4. Connectivity to the service provider’s infrastructure. You must meet the criteria of at least one of the following items listed:

    • You are a VPN customer of the network service provider and have at least one on-premises site connected to the network service provider’s VPN infrastructure. Check with your network service provider to see if your VPN service meets the requirements for ExpressRoute.

    • Your infrastructure is co-located in the exchange provider’s datacenter.

    • You have Ethernet connectivity to the exchange provider’s Ethernet exchange infrastructure.

  5. IP addresses and AS numbers for routing configuration.

    • You must use your own public AS numbers for configuring BGP sessions with Azure.

    • You can use private AS numbers. If you choose to do so, it must be > 65000. For more information about AS numbers, see Autonomous System (AS) Numbers.

    • IP addresses to configure routes. A /28 subnet is required. This must not overlap with any IP address ranges used in your on-premises or in Azure.

See Also

Show:
© 2015 Microsoft