What is Azure Route Server?

Azure Route Server simplifies dynamic routing between your network virtual appliance (NVA) and your virtual network. It allows you to exchange routing information directly through Border Gateway Protocol (BGP) routing protocol between any NVA that supports the BGP routing protocol and the Azure Software Defined Network (SDN) in the Azure Virtual Network (VNet) without the need to manually configure or maintain route tables. Azure Route Server is a fully managed service and is configured with high availability.

Important

Azure Route Servers created before November 1, 2021, that don't have a public IP address associated, are deployed with the public preview offering. The public preview offering is not backed by General Availability SLA and support. To deploy Azure Route Server with the General Availability offering, and to achieve General Availability SLA and support, please delete and recreate your Route Server.

How does it work?

The following diagram illustrates how Azure Route Server works with an SDWAN NVA and a security NVA in a virtual network. Once you’ve established the BGP peering, Azure Route Server will receive an on-premises route (10.250.0.0/16) from the SDWAN appliance and a default route (0.0.0.0/0) from the firewall. These routes are then automatically configured on the VMs in the virtual network. As a result, all traffic destined to the on-premises network will be sent to the SDWAN appliance. While all Internet-bound traffic will be sent to the firewall. In the opposite direction, Azure Route Server will send the virtual network address (10.1.0.0/16) to both NVAs. The SDWAN appliance can propagate it further to the on-premises network.

Diagram showing Azure Route Server configured in a virtual network.

Key benefits

Azure Route Server simplifies configuration, management, and deployment of your NVA in your virtual network.

  • You no longer need to manually update the routing table on your NVA whenever your virtual network addresses are updated.

  • You no longer need to update User-Defined Routes manually whenever your NVA announces new routes or withdraw old ones.

  • You can peer multiple instances of your NVA with Azure Route Server. You can configure the BGP attributes in your NVA and, depending on your design (for example, active-active for performance or active-passive for resiliency), let Azure Route Server know which NVA instance is active or which one is passive.

  • The interface between NVA and Azure Route Server is based on a common standard protocol. As long as your NVA supports BGP, you can peer it with Azure Route Server. For more information, see Route Server supported routing protocols.

  • You can deploy Azure Route Server in any of your new or existing virtual network.

Route Server Limits

Azure Route Server has the following limits (per deployment).

Resource Limit
Number of BGP peers supported 8
Number of routes each BGP peer can advertise to Azure Route Server 1 1000
Number of routes that Azure Route Server can advertise to ExpressRoute or VPN gateway 2 200
Number of VMs in the virtual network (including peered virtual networks) that Azure Route Server can support 3 4000

1 If your NVA advertises more routes than the limit, the BGP session will get dropped. In the event BGP session is dropped between the gateway and Azure Route Server, you'll lose connectivity from your on-premises network to Azure.

2 Please be aware of the ExpressRoute Private Peering limit of 1000 routes per connection from Virtual Network Gateway towards ExpressRoute circuit. For instance, the total number of routes from all Virtual Network Address Spaces + ARS Branch-to-branch, must not exceed 1000.

3 The number of VMs that Azure Route Server can support isn't a hard limit, and it depends on how the Route Server infrastructure is deployed within an Azure Region.

FAQ

For frequently asked questions about Azure Route Server, see Azure Route Server FAQ.

Next steps