Azure Hub And Spoke 2.0

I have recently had a couple of recent conversations that have made me reconsider the way we traditionally implement the hub and spoke Virtual Network design in Azure, which has some limitations. The idea is to introduce a relatively simple but powerful modification to the design that achieves these objectives: TL,DR: The main modification introduced … Continue reading Azure Hub And Spoke 2.0

Azure VMware Solution networking voodoo

One of the most common and yet complex networking designs in Azure is interconnecting Azure IaaS workloads deployed in a Virtual Network, vSphere virtual machines in an Azure VMware Solution private cloud, and on-premises networks. My esteemed colleague Robin Heringa kindly gave me access to an AVS cluster, so armed with the fantastic possibilities that … Continue reading Azure VMware Solution networking voodoo

Azure Firewall’s sidekick to join the BGP superheroes

Azure Firewall is a fantastic product: oversimplifying, an architecture that scales out great, provides traffic forwarding and security in Azure, and is very easy to integrate in a network. Some times you need to manipulate the default routing of Azure VNets, and Azure Route Server offers an invaluable tool for that. However, Azure Route Server … Continue reading Azure Firewall’s sidekick to join the BGP superheroes

ExpressRoute Global Reach under the covers

After some questions in my previous blog post CLI-based analysis of an ExpressRoute private peering I decided to write an addition that includes what Expressroute Global Reach looks like for the CLI lover. In essence, Global Reach allows to use Microsoft’s backbone network for onprem-to-onprem communication. But how does it do it exactly? I have … Continue reading ExpressRoute Global Reach under the covers