Use of BGP MED to influence inbound routes (Microsoft to Customer)

AviGounder-7052 21 Reputation points
2022-05-27T20:20:26.17+00:00

Hi,
Could you please advise if the use of BGP MED is officially supported to influence ingress traffic (Microsoft to Customer)? Unfortunately, AS-PATH prepend is not really an option for Express Route private peering with Azure if the customers is using Private ASN. I am aware of the alternative method by configuring the weight of a connection but would prefer to optimise ingress/egress routing on the on-premise routers as much as possible instead of modifying the connection weight on Azure side.

Thanks!

Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
373 questions
0 comments
Accepted answer
  1. Luis Rodriguez 6,201 Reputation points Microsoft Employee
    2022-05-27T23:06:39.447+00:00

    Hello @AviGounder-7052

    Welcome to Microsoft Q&A Platform,

    BGP MED is not officially supported yet. The supported methods are described below:

    https://video2.skills-academy.com/en-us/azure/expressroute/expressroute-optimize-routing#suboptimal-routing-from-microsoft-to-customer

    If you think that adding this feature can be beneficial please share your feedback on this topic with the networking program managers via Azure Feedback:

    https://feedback.azure.com/d365community/forum/8ae9bf04-8326-ec11-b6e6-000d3a4f0789

    Thank you,

    ----------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. risolis 8,721 Reputation points
    2022-05-27T23:22:52.293+00:00

    Hello @AviGounder-7052

    Thanks for your post.

    Just add another suggestion for what @Luis Rodriguez just gathered as well as great info : )

    I would say the following point to review or keep in mind so, let me mention them below:

    -You can either have a circuit provider delivering services as MPLS circuit on which can be used as L2VPN or VPLS VPN (Layer 2 VPNs over MPLS domains)

    -You can either have a circuit provider delivering services as MPLS circuit on which can be used as L3VPN over MPLS domain as well

    -If you can obtain a Internet link or circuit along with a Public IP block as well as a Public BGP ASN and influence the traffic in this way

    -You can use BGP private ASNs as well as for BGP peering toward Azure Network

    -You can use BGP communities to play with your BGP routing in case you have multiple dedicated circuit and so on...

    For now those are the available options for this scenario.

    Many thanks : )

    Looking forward to your feedback,

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.