Thoughts from the clouds
In Azure you have two main ways of managing your virtual network connectivity: self-managed hub-and-spoke and Virtual WAN. Virtual WAN is a solution where Microsoft manages part of your virtual networks for you, and in exchange it gives you some benefits such as any-to-any routing out of the box. However, what if you need that … Continue reading Interregional traffic in hub-and-spoke
Disclaimer: this post is going to be quite geeky. So this is not the kind of post you want to read if you don’t need this stuff. But hey, I needed to tell someone after getting this to work, plus this might be useful for somebody else, since I struggled to find these details out … Continue reading Simulating VPN sites in Azure with Ubuntu 24.04 and StrongSwan
Wow, that was a long title. Let me give you another one: if you haven’t tested your High Availability (HA) or Disaster Recovery (DR) plans, you shouldn’t rely on them. This is of course regardless of whether your infrastructure runs on your premises, on public cloud, or anywhere else. In this post I am going … Continue reading You want to use AS-path as your virtual hub routing preference
In a previous blog we had a setup with a Network Virtual Appliance (NVA) for Internet egress and hybrid connectivity based on Azure Virtual Network Gateways. There is another fairly typical use case with regards to traffic between on-premises an Azure: firewalling it with an NVA: In some situations customers will combine the role of … Continue reading Using Route Server to firewall onprem traffic with an NVA
Some times User-Defined Routes can cause traffic issues in Azure due to asymmetries, learn how to identify those problems and fix them!
NOTE: the good old Cisco Cloud Services Router (CSR) has been deprecated, and its replacement is the Catalyst 8000v. However, I have not been able to make the Cat8Kv work in Azure: the reload command (required to activate its license) apparently always takes a manual confirmation, and some of the IPsec policies I used to … Continue reading BGP Azure Lab Maker
You might know what Azure Virtual WAN is: in essence it is a network connectivity model in Azure where you can attach your Virtual Networks, your VPN branches, your ExpressRoute sites and your remote users connecting over VPN to it, and everybody can talk to each other. The main component of Azure Virtual WAN is … Continue reading Connect two Virtual WANs to each other over VPN
Cloudtrooper 