bgp neighbor IP address in express route table

Gongya Yu 170 Reputation points
2024-06-14T04:12:21.08+00:00

After a vnet is peered with the vnet with express router, the express route table has some bgp routes with ASN 65515.
For those routes, how can I know where the next hop points ? How does Azure assign these IPs ?

thanks !!!

Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
339 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. akinbade abiola 6,420 Reputation points
    2024-06-14T07:35:40.3566667+00:00

    Hello Gongya Yu,

    Thanks for your question.

    To get the next hop point, you can use route tables via the Azure CLI

    az network express-route list-routes --resource-group $RESOURCE_GROUP_NAME --name $EXPRESS_ROUTE_CIRCUIT_NAME --path primary

    https://video2.skills-academy.com/en-us/cli/azure/network/express-route?view=azure-cli-latest#az-network-express-route-list-route-tables-examples

    You can also check effective Routes via the Portal.

    The IPs are assigned based on your Vnet config and internal routing.

    https://video2.skills-academy.com/en-us/azure/expressroute/expressroute-troubleshooting-expressroute-overview#verification-via-the-azure-portal

    Regards,

    You can mark it 'Accept Answer' if this helped.

  2. KapilAnanth-MSFT 39,206 Reputation points Microsoft Employee
    2024-06-18T09:35:46.9133333+00:00

    @Gongya Yu ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I will take this reference architecture as your environment,

    • ER-Nexthop-2

    I also see you have a similar question raised here where it was pointed out that the IPs you see wrt ASN 65515 belongs to the ExpressRoute Gateway.

    Now, to address your queries,

    1.These IPs in red should be within GatewaySubnet.

    • Yes

    2.Are they virtual network gateway IPs

    • They belong the GatewaySubnet where the ExpressRoute Gateway is deployed.
    • You must understand that in Azure, VNET Gateway is a PaaS Service and what this means is that the entire subnet in which it is deployed is dedicated to the Gateway service and the service can use any IPs within the GatewaySubnet's range.
    • Since they are in the range of GatewaySubnet, we can say they belong to the VNET Gateway but not exclusively to the Gateway itself - i.e., the IPs can change.

    3.If yes, we have 3 IPs in our environment. why ?

    • From your architecture, I can see only 2 IPs
    • 192.168.0.12 and 192.168.0.13

    4.When a virtual network gateway is deployed, MS deploys two by default, right ?

    • Is there any MS Document where it was mentioned that ExpressRoute gateway deploys 2 instances by default?
    • AFAIK, when a ExpressRoute gateway is deployed, there are multiple instances deployed into the GatewaySubnet.
    • Again, this is a PaaS service and the exact instance count is masked to the user.
    • You see two BGP Routes to differentiate between Primary and Secondary.

    5.The system route table for GatewaySubnet is not visible from Azure Portal, right ?

    • Yes
    • System/effective routes are not available for any subnet in Azure for that matter.

    6.If I create a route table associated to GatewaySubnet, this route table will override the system route table. right ?

    • See : How Azure selects a route
    • Azure routing follows "longest prefix match algorithm"
    • If you were to create a UDR in the RouteTable that has a better prefix match than the system assigned ones, Yes - UDRs will override the system routes.

    7.Any CLI can read the default system route table for GatewaySubnet ?

    Cheers,

    Kapil

    Please Accept an answer if correct.

    Original posters help the community find answers faster by identifying the correct answer.

    0 comments