AS Path Prepending with Microsoft Peering

@Alex Ferentsein

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

If you are using Microsoft Peering, that means a certain Public IPV4 Range "Advertised public prefixes" is validated by Microsoft.

Microsoft verifies if the specified 'Advertised public prefixes' and 'Peer ASN' (or 'Customer ASN') are assigned to you in the Internet Routing Registry. If you are getting the public prefixes from another entity and if the assignment is not recorded with the routing registry, the automatic validation will not complete and will require manual validation. If the automatic validation fails, you will see the message 'Validation needed'.

Certain IPs would be advertised from your OnPrem into Microsoft.

• Only then, Microsoft would send the traffic destined to the OnPrem Public IPs via the ExpressRoute.
• Else, no Traffic flows inside the Microsoft Peering.

I would suggest you to revalidate the address prefix advertised from your OnPrem to Microsoft Peering.

I hope this answers your question a)

For Microsoft Peering, traffic flow would use the source and destination IPs from one of the validated 'Advertised public prefixes'.

Now for b)

You must understand that the connection is Active - Active by default.

• The primary and secondary connections are mere labels for connection#1 and connection#2.
• It does not mean one connection is considered "primary" or preferred by Azure.
• Also note that the bandwidth is provided for the entire circuit and not for a single connection, meaning - it is recommended to have an Active - Active setup and not a Active - Passive (As this would put too much load on a single connection)

You can still make a connection primary from your end by advertising more specific routes and BGP AS path prepending to make one path prefer over the other if that is your intention/use-case.

Refer : Why Active-active connections are recommended ?

Thanks,

Kapil

@KapilAnanth-MSFT , thanks, but you've NOT answered (a) nor (b).

@Alex Ferentsein

For a)

• I am not exactly sure what you mean by "default gateways" as I am not sure about the router side configuration.
• From each the /30 subnet you specify, the first usable IP address is assigned to your router and Microsoft uses the second usable IP for its router.
• The "Advertised public prefixes" uses this IP to route into Microsoft Routing domain.
• Refer : Microsoft peering
  • 

For b)

Your statement says that you are not "advertise default or Intranet routes".

• However, for Microsoft peering to work , you should advertise some Public IP prefixes you own.
• There are two /30 subnets, one for each Primary Connection and Secondary Connection.
  • If you advertise a lengthier AS path for secondary connection, Microsoft will prefer the primary connection (shorter one).

Kindly let us know if this helps or you need further assistance on this issue.

Thanks,

Kapil

@Alex Ferentsein

I have summarized my comments and posted it as a new answer.

I would highly appreciate if you could Accept the answer and close this thread

Original posters help the community find answers faster by identifying the correct answer.

Should there be any follow-up questions or concerns, please let us know and we shall try to address them.

Thanks,

Kapil