Optimize routing for Azure ExpressRoute

When you have multiple ExpressRoute circuits, you have more than one path to connect to Microsoft. This can lead to suboptimal routing, where traffic takes a longer path, increasing latency and affecting application performance and user experience. This article explains how to optimize routing using standard routing technologies.

Path selection for Microsoft peering

To ensure traffic flows over the desired path with multiple ExpressRoute circuits, you need to manage paths to the Internet using an Internet Exchange (IX) or Internet Service Provider (ISP). BGP uses a best path selection algorithm based on factors like the longest prefix match (LPM). To ensure traffic destined for Azure through Azure uses the ExpressRoute path, implement the Local Preference attribute. This setting ensures the path is always preferred on ExpressRoute.

Consider the following example scenario:

To prefer ExpressRoute paths, configure Local Preference as follows:

Cisco IOS-XE configuration from R1 perspective:

R1(config)#route-map prefer-ExR permit 10
R1(config-route-map)#set local-preference 150

R1(config)#router BGP 345
R1(config-router)#neighbor 1.1.1.2 remote-as 12076
R1(config-router)#neighbor 1.1.1.2 activate
R1(config-router)#neighbor 1.1.1.2 route-map prefer-ExR in

Junos configuration from R1 perspective:

user@R1# set protocols bgp group ibgp type internal
user@R1# set protocols bgp group ibgp local-preference 150

Suboptimal routing from customer to Microsoft

Imagine you have two offices in China, one in Beijing and one in Shanghai, connected via a WAN. You have two ExpressRoute circuits, one in China North and one in China East, both connected on the WAN. You intend for Beijing users to connect to Azure operated by 21Vianet China North and Shanghai users to Azure operated by 21Vianet China East. However, without knowing which prefix is from which region, your WAN may route both offices' traffic to the China East circuit, causing suboptimal routing for Beijing users.

Solution: use BGP Communities

To optimize routing, use BGP Community values to identify prefixes from each Azure region. For example, 12076:51302 for China East and 12076:51301 for China North. Configure higher local preference values for the appropriate prefixes in each region to ensure traffic takes the optimal path.

Suboptimal routing from Microsoft to customer

In this scenario, Azure connections take a longer path to reach your network. For example, Exchange Online connections to on-premises servers may route through the wrong ExpressRoute circuit. Without hints, Azure can't determine which on-premises prefix is closer to which circuit.

Solution: use AS PATH prepending

Advertise your on-premises prefixes on the appropriate ExpressRoute circuits or use AS PATH prepending to influence routing. Lengthen the AS PATH for prefixes in the less preferred region to ensure Azure prefers the optimal path.

Suboptimal routing between virtual networks

With ExpressRoute, you can enable VNet-to-VNet communication by linking them to an ExpressRoute circuit. Suboptimal routing can occur when VNets are linked to multiple circuits. For example, VNets in China East and China North may route traffic through the remote circuit due to ECMP routing.

Solution: assign a high weight to local connection

Assign a higher weight to the local connection to ensure VNets prefer the optimal path. This configuration ensures traffic takes the shortest path between VNets.

Next steps

• Learn about designing ExpressRoute for high availability.
• Learn about designing ExpressRoute for disaster recovery.