Writing this lines during my winter holiday, the first thing coming to mind is that 2021 has been a difficult year. But you already know that. Many challenges impacting billions of people, both on professional and personal planes. I feel incredibly lucky for working in an industry that hasn’t been hit by the pandemic. There … Continue reading 50,000 thanks!
After some questions in my previous blog post CLI-based analysis of an ExpressRoute private peering I decided to write an addition that includes what Expressroute Global Reach looks like for the CLI lover. In essence, Global Reach allows to use Microsoft’s backbone network for onprem-to-onprem communication. But how does it do it exactly? I have … Continue reading ExpressRoute Global Reach under the covers
As you might have read, one of the new kids on the block in Azure Networking is the Gateway Load Balancer. You can refer to Microsoft docs for more details on what it does and why it was created, suffice to say that it is essentially a way to insert an NVA in a network … Continue reading What language does the Azure Gateway Load Balancer speak?
Some time ago I posted a blog commenting on a possible design for interconnecting multiple Azure regions by means of Network Virtual Appliances (NVAs) and the Azure Route Server (ARS), where I used an overlay tunnel between the NVAs with VXLAN as encap protocol. I have received multiple questions to whether it would be possible … Continue reading Multi-region design with Azure Route Server without an overlay
If you work in Azure, you probably know about Connection Monitor, a tool that generates synthetic traffic to test connectivity and measure response times. You configure sources (Virtual Machines) to generate traffic that can be addressed to destinations such as other Virtual Machines or any external endpoint outside of Azure. Alerts can be automatically generated … Continue reading Test like a champ with Azure Connection Monitor
Quite frequently I see Azure connectivity diagrams that do not reflect accurately the topology of Azure Virtual Networks connnected to on-premises data centers via ExpressRoute. Additionally, I got the question last week of how to do some basic BGP troubleshooting in the involved networking devices in a way which is understandable by network administrators (read … Continue reading CLI-based analysis of an ExpressRoute private peering
Hey everybody! In this post I would like to talk about some of the settings that you can configure in VNet Peerings, and how those actually work. Even if you have been using VNet peerings for years now, I bet I have some surprises for you. TL;DR: Do not rely in the VirtualNetwork service tag … Continue reading VNet peering settings, those familiar strangers
Azure can be used to offer Point-To-Site (P2S) connectivity for individual users, that by leveraging a VPN client on their systems (Windows, Linux or Mac) can get connectivity to Azure resources. This P2S connectivity is often limited to Azure resources, but by leveraging the Azure Route Server, additional access is offered. For example, if an … Continue reading Sending Internet Traffic from P2S Clients Through an NVA
There are a couple of ways in which you can deploy NVAs in Azure, from a redundancy perspective: 1+1 (active/passive): least scalable solution, your maximum throughput will be equivalent of the one of the active NVA, while you normally have to pay for 2 VMs and 2 NVA licenses 1+1 (active/active): 2 NVAs forwarding traffic … Continue reading Azure Route Server and NVAs running on Scale Sets
Azure Files is a very convenient storage option when you need persistent state in Azure Kubernetes Service or Azure Red Hat OpenShift. It is cheap, it doesn’t count against the maximum number of disks that can be attached to each worker node, and it supports many pods mounting the same share at the same time. … Continue reading Mounting Azure Files shares from OpenShift