You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/expressroute/active-validation-of-s2s-vpn-to-backup-expressroute-privatepeering.md
+6-3Lines changed: 6 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,7 +17,8 @@ In the article titled [Designing for disaster recovery with ExpressRoute private
17
17
18
18
Unlike geo-redundant ExpressRoute circuits, you can use ExpressRoute-VPN combination only in active-passive mode. One of the major drawbacks of using any backup network connectivity in the passive mode is that the passive connection would often fail alongside the primary connection because of lack of active validation and maintenance of the passive connection. Therefore, in this article let's focus on how to validate and actively maintain S2S VPN connectivity that is backing an ExpressRoute private peering.
19
19
20
-
>[!NOTE] When a given route is advertised via both ExpressRoute and VPN, Azure would prefer routing over ExpressRoute.
20
+
>[!NOTE]
21
+
>When a given route is advertised via both ExpressRoute and VPN, Azure would prefer routing over ExpressRoute.
21
22
>
22
23
23
24
In this article, let's see how to validate the connectivity both from the Azure perspective and from the perspective of the network equipment that peer with the Microsoft Enterprise Edge devices. Ability to validate from either end will help irrespective of the type of--Layer 2 or Layer 3--network service provider you have.
@@ -71,7 +72,8 @@ The on-premises route advertisement of the firewalls to the primary and secondar
71
72
Prefix Nexthop MED Lclpref AS path
72
73
* 10.1.11.0/25 Self I
73
74
74
-
>[!NOTE] Configuring the S2S VPN in active-active mode not only provides high-availability to your disaster recovery backup network connectivity, but also provides higher throughput to the backup connectivity. In other words, configuring S2S VPN in active-active mode force create multiple underlying tunnels.
75
+
>[!NOTE]
76
+
>Configuring the S2S VPN in active-active mode not only provides high-availability to your disaster recovery backup network connectivity, but also provides higher throughput to the backup connectivity. In other words, configuring S2S VPN in active-active mode force create multiple underlying tunnels.
75
77
>
76
78
77
79
### Configuring for symmetric traffic flow
@@ -198,7 +200,8 @@ Failure to see route exchanges indicate connection failure. See [Troubleshooting
198
200
199
201
Now that we have confirmed successful route exchanges over the VPN connection, we are set to do a failover from the ExpressRoute connectivity and test the data plane of the VPN connectivity.
200
202
201
-
>[!NOTE] In production environments failover testing has to be done during well notified network maintenance work-windows as they can be service disruptive.
203
+
>[!NOTE]
204
+
>In production environments failover testing has to be done during well notified network maintenance work-windows as they can be service disruptive.
202
205
>
203
206
204
207
Prior to do the failover, let's trace route the current path in our setup from an on-premises server and a VM in the spoke Vnet.
0 commit comments