Share via

default 0.0.0.0/0 route to hub from spokes

Mateen Baig 71 Reputation points
2021-10-25T06:44:44.48+00:00

Hi, I do not understand why the 0.0.0.0/0 route to NVA in HUB is not working unless i also add a route of vNET prefix.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
Answer accepted by question author
  1. GitaraniSharma-MSFT 50,186 Reputation points Microsoft Employee Moderator
    2021-11-12T02:22:11.21+00:00

    Hello @Mateen Baig ,

    Below is the summary of our offline discussion on this issue:

    We found that the 0.0.0.0/0 route in your UDR was showing Invalid with next hop type "Null". So, I requested you to select the Next hop type as NVA. If that doesn't work, delete & recreate the route to make sure it is created correctly.

    Also, if you want to add a route on your GatewaySubnet which says traffic to all your spoke subnets should go via NVA then a broader address prefix of your Vnet should work, unless there is another route which is more specific than UDR route somewhere because Azure always selects a route based on LPM (Longest Prefix Match) algorithm.
    https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#how-azure-selects-a-route

    Azure always selects a route using LPM (Longest Prefix Match) algorithm. UDR gets preference when there are 2 similar routes.

    Example: If a route table has two routes as below:
    10. 0.0.0/24 address prefix -> default route
    10. 0.0.0/16 address prefix -> UDR
    Traffic destined for 10.0.0.5 will select the route with the next hop type specified in the route with the 10.0.0.0/24 address prefix (default route and not UDR), because 10.0.0.0/24 is a longer prefix than 10.0.0.0/16, even though 10.0.0.5 is within both address prefixes.

    Similarly, if a route table has two routes as below:
    0. 0.0.0/0 address prefix -> UDR
    0. 0.0.0/0 address prefix -> default route
    Any traffic destined outside the subnet will prefer UDR as both UDR and default route have same address prefix and there is no LPM.

    So, the route priority in Azure is as below:
    LPM > UDR > BGP route > system route

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Bechir Gharbi 301 Reputation points
    2021-10-28T14:17:50.333+00:00

    Hi,
    0.0.0.0/0 is the system route to internet.
    In your case you should put the destination spoke VNet in the address prefix of the source VNet route table.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.