2 hubs and vnet peering with expressroute

Jasper Van Damme 111 Reputation points
2020-09-02T08:40:16.107+00:00

Hello,

We are working on the design phase of our vnets and its connectivity to Expressroute.
We have several stakeholders that require Expressroute connectivity and our in the same AD domain etc. So the most logical scenario would be to use the hub-and-spoke with a shared expressroute.

However, one of the stakeholders would like their own hub as well. My question is, can you use vnet peering as follows:

Stakeholder VM vnet peered to stakeholder vnet hub peered to central hub vnet with expressroute. Will the expressroute connectivity work in this case?

Br,
Jasper

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,139 questions
Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
322 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 96,266 Reputation points MVP
    2020-09-02T16:18:20.273+00:00

    This scenario should be possible as long you get the routing sorted from Azure to on-premises networks and back from on-premises network to Azure networks.
    You have 2 helpful options in the configuration of the vnet peerings: "Allow Gateway Transit" and "Use Remote Gateway" on the "Azure part". The routing on-premises you have to get sorted by adding the appropriate routes to the Azure vNets.

    Maybe this is helpful.

    Regards

    Andreas Baumgarten

    (Please don't forget to Accept as answer if the reply is helpful)

    0 comments
  2. TravisCragg-MSFT 5,676 Reputation points Microsoft Employee
    2020-09-04T23:43:28.173+00:00

    As long as you only have 1 Gateway (VPN or ExpressRoute) everything should work fine. The major limit with VNET Peering is that it can only access a gateway in 1 direction (Gateway Transit / Remote Gateways).

    You might also want to look into Azure WAN

  3. Anonymous
    2021-01-02T18:39:04.6+00:00

    @Jasper Van Damme ,
    You may connect another HUB vNet to same ER Circuit with the ER authorisation [ Default 10 for Standard ER Circuit ] and limit can be extended with a request to Microsoft. However, Please note both HUBs will be part of same routing domain .

    https://learn.microsoft.com/en-us/azure/expressroute/expressroute-faqs#are-virtual-networks-connected-to-the-same-circuit-isolated-from-each-other

    0 comments