How to configure virtual hub routing - Azure portal
A virtual hub can contain multiple gateways such as a site-to-site VPN gateway, ExpressRoute gateway, point-to-site gateway, and Azure Firewall. The routing capabilities in the virtual hub are provided by a router that manages all routing, including transit routing, between the gateways using Border Gateway Protocol (BGP). The virtual hub router also provides transit connectivity between virtual networks that connect to a virtual hub and can support up to an aggregate throughput of 50 Gbps. These routing capabilities apply to customers using Standard Virtual WANs. For more information, see About virtual hub routing.
This article helps you configure virtual hub routing using Azure portal. You can also configure virtual hub routing using the Azure PowerShell steps.
Create a route table
In the Azure portal, navigate to the virtual hub.
On the Virtual HUB page, in the left pane, select Route Tables. The Route Tables page will populate the current route tables for this hub.
Select + Create route table to open the Create Route Table page.
On the Basics page, complete the following fields, then click Labels to move to the Labels page.
- Name: Name the route table instance.
- Route name: Name the route.
- Destination type: Select from the dropdown.
- Destination prefix: You can aggregate prefixes. For example: VNet 1: 10.1.0.0/24 and VNet 2: 10.1.1.0/24 can be aggregated as 10.1.0.0/16. Branch routes apply to all connected VPN sites, ExpressRoute circuits, and User VPN connections.
- Next hop: A list of virtual network connections, or Azure Firewall.
- Next Hop IP: If you select a virtual network connection for Next hop, you'll see Configure static routes when you click Configure. This is an optional configuration setting. For more information, see Configuring static routes.
On the Labels page, configure label names. Labels provide a mechanism to logically group route tables. Configure any required labels, then move to the Associations page.
On the Associations page, associate connections to the route table. You'll see Branches, Virtual Networks, and the Current settings of the connections. After configuring settings, move to the Propagations page.
On the Propagations page, select the settings to propagate routes from connections to the route table.
Select Create to create the route table.
Edit a route table
In the Azure portal, go to your Virtual HUB -> Route Tables page. To open the Edit route table page, click the name of the route table you want to edit. Edit the values you want to change, then click Review + create or Create (depending on the page that you are on) to save your settings.
Delete a route table
In the Azure portal, go to your Virtual HUB -> Route Tables page. Select the checkbox for route table that you want to delete. Click "…", and then select Delete. You can't delete a Default or None route table. However, you can delete all custom route tables.
View effective routes
In the Azure portal, go to your Virtual HUB -> Effective Routes page.
From the dropdowns, select the route table to view routes learned by the selected route table. Propagated routes from the connection to the route table are automatically populated in Effective Routes of the route table. For more information, see About effective routes.
To download this information to a csv file, click Download at the top of the page.
Configure routing for a virtual network connection
In the Azure portal, go to your Virtual WAN -> Virtual network connections page.
On the Add connection page, configure the connection settings. For information about routing settings, see About routing.
- Connection name: Name your connection.
- Hubs: Select the hub you want to associate with this connection.
- Subscription: Verify the subscription.
- Resource group: Select the resource group that contains the virtual network to which you want to connect.
- Virtual network: Select the virtual network you want to connect to this hub. The virtual network you select can't have an already existing virtual network gateway.
- Propagate to none: This is set to No by default. Changing the switch to Yes makes the configuration options for Propagate to Route Tables and Propagate to labels unavailable for configuration.
- Associate Route Table: From the dropdown, you can select a route table that you want to associate.
- Propagate to labels: Labels are a logical group of route tables. For this setting, select from the dropdown.
- Static routes: Configure static routes, if necessary. Configure static routes for Network Virtual Appliances (if applicable). Virtual WAN supports a single next hop IP for static route in a virtual network connection. For example, if you have a separate virtual appliance for ingress and egress traffic flows, it would be best to have the virtual appliances in separate VNets and attach the VNets to the virtual hub.
- Bypass Next Hop IP for workloads within this VNet: This setting lets you deploy NVAs and other workloads into the same VNet without forcing all the traffic through the NVA. This setting can only be configured when you're configuring a new connection. If you want to use this setting for a connection you've already created, delete the connection, then add a new connection.
Once you've completed the settings you want to configure, click Create to create the connection.