How do you find the path from one spoke vnet in one hub to a spoke vnet in another?

Netwiedz 66 Reputation points
2023-01-14T01:29:46.06+00:00

I am a traditional network guy used to routing tables to identify traffic paths. In Azure I am not clear on how to find a specific traffic path. And I think the design I've walked into may not be optimal. Consider an Azure setup with two hubs and a legacy hub and spokes off the hubs.

VM HostA1 is connected to vNet SpokeA1 which peers with vNet Hub-A.

vNet SpokeA1 peers also with vNet AzureSwitch (think it's a legacy vnet)

Hub-A peers to Hub-B

Hub-A also peers with vNet AzureSwitch

VM HostB1 is connected to vNet Spoke B1 which peers with vNet Hub0B

vNet Spoke B1 also peers with vNet AzureSwitch

If I nMap scan HostB1 from HostA1 I get results. But it's not clear to me if the traffic is going due to the face that each spoke vNet is connected to AzureSwitch. Or is the scan working because the traffic flows SpokeA1 to Hub-A to Hub-B to Spoke B1 and on to HostB1.

How can I verify the traffic flow? If I run a traceroute the response is as if there were no routers between the two hosts.
Maybe there's a tool in Azure that would verify the effective path?

I think they created the two hubs to separate production and development. But it seems to me that could as easily have been done with one hub and letting the Azure firewall restrict the traffic as needed. And thoughts on this bit also apprecaited.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,595 questions
0 comments No comments
{count} votes

Accepted answer
  1. msrini-MSFT 9,286 Reputation points Microsoft Employee
    2023-01-14T08:48:05.9233333+00:00

    Hi, You can navigate to the virtual machine's NIC and select the effective route to get the routing table of that Virtual Machine. With vnet peering transitive didn't work. That is if vnet A is peered with vnet b and vnet b is peered with vnet c, vnet a and vnet c are not connected.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.