Exercise - create and configure Azure Route Server

10 minutes

The following steps explain how to create and configure Azure Route Server (ARS). Here, you'll use Azure Command Line Interface (CLI). However, you can use Azure portal, PowerShell or Terraform to achieve same effect.

Create Resource Group & Virtual Network

It's recommended to deploy Azure VMware Solution private cloud as part of Azure Landing Zone Architecture. Using Landing Zone architecture helps to meet changing requirements effectively, meet governance requirements faster and promote reuse of shared services to drive cost optimization. In this architecture, a separate subscription is used to deploy Azure VMware Solution private cloud. Azure Landing Zone connectivity subscription should be used to deploy Azure Networking services such as Azure Route Server, Azure ExpressRoute Gateway, Azure Firewall, etc.

The first step you'll take is to configure Azure VMware Solution private cloud with the right resource group and virtual network to enable outbound internet connectivity.

Use the commands below to deploy them:

az group create -l <your-preferred-azure-region> -n <resource-group-name>

az network vnet create  -n <vnet-name>  -g <resource-group-name>  --address-prefix 10.0.0.0/16

az network vnet subnet create  -n RouteServerSubnet -g <resource-group-name> --vnet-name <vnet-name>  --address-prefix 10.0.0.0/24

az network public-ip create  -n <name-for-route-server-pip>  -g <resource-group-name>  --version IPv4  --sku Standard

$ars_subnet_id=$(az network vnet subnet show  --name RouteServerSubnet  --resource-group <resource-group-name> --vnet-name <vnet-name>  --query id -o tsv)

Now that you have AVS private cloud configured, you need to set up a route exchange mechanism. To do this, you'll start by deploying Azure Route Server.

Deploy Azure Route Server

Azure Route Server uses BGP to exchange routes between a custom or third party NVA router and ExpressRoute Gateway. ExpressRoute Gateway is the one, which is used to terminate Azure VMware Solution private cloud. Use the instructions below to create Azure Route Server.

az network routeserver create --name <routeserver-name>  --resource-group <resource-group-name>  --hosted-subnet $ars_subnet_id  --public-ip-address <name-for-route-server-pip>

Enable Branch-to-branch connectivity

The last step is to set up your route exchange mechanism is to enable branch-to-branch connectivity:

az network routeserver update --name <routeserver-name>  --resource-group <resource-group-name>   --allow-b2b-traffic true

You've now completed two important tasks. First, you've configured Azure VMware Solution private cloud correctly for outbound internet connectivity. Second, you've set up a route exchange mechanism between ARS and Azure VMware Solution private cloud. You'll look at introducing security into the design in next unit.

Knowledge Check

Which of the following can be used to configure BGP peer in Azure Route Server?

Public IP address.

Private IP address.

FQDN names.

All of the above.

What will happen to connectivity between Azure VMware Solution private cloud and Azure when "branch-to-branch" connectivity is enabled on Azure Route Server?

Connectivity won't be affected.

Connectivity loss for long duration.

There will be a loss of connectivity momentarily.

You must answer all questions before checking your work.

Exercise - create and configure Azure Route Server

Create Resource Group & Virtual Network

Deploy Azure Route Server

Enable Branch-to-branch connectivity

Knowledge Check

Feedback