Issue with Private peering and VLAN configuration via Express route

Ali Md 0 Reputation points
2023-08-09T16:08:54.14+00:00

I am in the process of establishing a private peering connection via ExpressRoute with a service provider. This connection is backhauled to our DC as a Layer 2 connection, utilizing a VLAN tag (e.g., VLAN 300). In the provider's portal, the C-tag has been assigned a different VLAN ID.

My current endeavor involves configuring the circuit on the router as a sub-interface, utilizing the C-tag's VLAN ID through the use of dot1q. However, I am encountering an issue with incomplete ARP entries and I am unable to successfully ping the Azure resources.

I kindly request your guidance on this matter. If possible, could you provide a sample configuration for the router's side, tailored to this specific scenario? Your assistance would be greatly appreciated.

Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
373 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ChaitanyaNaykodi-MSFT 26,101 Reputation points Microsoft Employee
    2023-08-10T00:49:28.0533333+00:00

    @Ali Md

    Welcome to the Microsoft Q&A forum.

    I understand you re facing issues while configuring private peering for your express route circuit. where you are encountering an issue with incomplete ARP entries and unable to successfully ping the Azure resources.

    Not sure if you have already referred to this troubleshooting documentation here

    If a problem with the on-premises or connectivity provider occurs, the ARP table shows one of two things. You see the on-premises MAC address show incomplete or only see the Microsoft entry in the ARP table. As shown belowUser's image

    The recommended solution here is to open a support request with your connectivity provider to debug such issues. If the ARP table does not have IP addresses of the interfaces mapped to MAC addresses, review the following information:

    1. If the first IP address of the /30 subnet assigned for the link between the MSEE-PR and MSEE is used on the interface of MSEE-PR. Azure always uses the second IP address for MSEEs.
    2. Verify if the customer (C-Tag) and service (S-Tag) VLAN tags match both on MSEE-PR and MSEE pair.

    You don't see an ARP table shown for a peering if there are issues on the Microsoft side. If this is the issue it is recommended to open a support request. Please let me know if you do not have a support plan, I can help in that regard.

    Regarding the sample configuration for the router's side, you can refer to these configuration samples for Cisco IOS-XE based routers and Juniper MX series routers. You can also reach out to device vendor's sales/technical team to find appropriate configurations to meet your needs.

    Hope this answers your query. Please let me know if you have any additional questions. Thank you!

    ​​Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.