You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-network-manager/how-to-deploy-spoke-to-spoke-topology-two-hubs.md
+36-5Lines changed: 36 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -141,7 +141,7 @@ In these steps, you create a routing rule for the Azure Firewall subnet in regio
141
141
For this example, the remote regions address prefixes will be summarized. Summarizing address prefixes offers the benefit of not needing to change the routing rules for the FW subnet even if new spokes are added to each region. However, it's important to pre-define the address prefixes used in each region, including for future use.
142
142
143
143
1. In the **Rule collections** window, select the rule collection for the Azure Firewall subnet in region 1 - **rc-azfw-<region1>**.
144
-
2.4.In the **Edit a rule collection** window, select **+ Add**.
144
+
2. In the **Edit a rule collection** window, select **+ Add**.
145
145
3. In the **Add a routing rule** window, enter or select the following information:
146
146
147
147
|**Field**|**Value**|
@@ -151,9 +151,20 @@ For this example, the remote regions address prefixes will be summarized. Summar
151
151
|**Destination IP addresses/CIDR ranges**| Enter the summarized address prefix for the remote region - region 2. In this example, **10.1.0.0/16** is used.|
152
152
|**Next hop type**| Select **Virtual appliance**.</br> Select **Import Azure firewall private IP address**. Select the remote Azure Firewall in region 2. |
153
153
154
-
155
154
4. Select **Add** to add the routing rule to the rule collection.
156
-
5. Select the **X** to close the **Edit a rule collection** window.
155
+
5. select **+ Add** to add a default Internet rule.
156
+
In the **Add a routing rule** window, enter or select the following information:
157
+
158
+
| **Field** | **Value** |
159
+
|------|-------|
160
+
| **Name** | Enter a name for the routing rule for. |
161
+
| **Destination type** | Select **IP Address**. |
162
+
| **Destination IP addresses/CIDR ranges** | Enter the default route of **0.0.0.0/0**.|
163
+
| **Next hop type** | Select **Internet**. |
164
+
165
+
166
+
6. Select **Add** to add the routing rule to the rule collection.
167
+
7. Select the **X** to close the **Edit a rule collection** window.
157
168
158
169
> [!NOTE]
159
170
> A summarized prefix allows you to use a larger address range for the destination IP addresses. This is useful when you have multiple spoke virtual networks in each region and you want to avoid adding multiple routing rules for each spoke virtual network. Also, future changes to the spoke virtual networks in each region will not require changes to the routing rules for the Azure Firewall subnet.
@@ -173,8 +184,19 @@ In this step, you create a routing rule for the spoke virtual networks in region
173
184
|**Destination IP addresses/CIDR ranges**| Enter the default route of **0.0.0.0/0**.|
174
185
|**Next hop type**| Select **Virtual appliance**.</br> Select **Import Azure firewall private IP address**. Select the Azure Firewall in region 2. |
175
186
176
-
4. Select **Add** to add the routing rule to the rule collection.
177
-
5. Select the **X** to close the **Edit a rule collection** window.
187
+
5. select **+ Add** to add a default Internet rule.
188
+
In the **Add a routing rule** window, enter or select the following information:
189
+
190
+
| **Field** | **Value** |
191
+
|------|-------|
192
+
| **Name** | Enter a name for the routing rule for. |
193
+
| **Destination type** | Select **IP Address**. |
194
+
| **Destination IP addresses/CIDR ranges** | Enter the default route of **0.0.0.0/0**.|
195
+
| **Next hop type** | Select **Internet**. |
196
+
197
+
198
+
6. Select **Add** to add the routing rule to the rule collection.
199
+
7. Select the **X** to close the **Edit a rule collection** window.
178
200
179
201
### Create a routing rule for Azure Firewall in region 2
180
202
@@ -193,6 +215,9 @@ In these steps, you create a routing rule for the Azure Firewall subnet in regio
193
215
194
216
4. Select **Add** to add the routing rule to the rule collection.
195
217
5. Select the **X** to close the **Edit a rule collection** window.
218
+
6. From the **Rule collections** window, select **Rules** under **Settings**, and review the listing of all rules in the routing configuration.
219
+
220
+
:::image type="content" source="media/how-to-deploy-spoke-to-spoke-topology-two-hubs/review-rules-in-configuration-thumb.png" alt-text="Screenshot of rules window listing all rules and rule collections in routing configuration." lightbox="media/how-to-deploy-spoke-to-spoke-topology-two-hubs/review-rules-in-configuration.png":::
196
221
197
222
## Deploy the routing configuration
198
223
@@ -203,6 +228,12 @@ In this step, you deploy the routing configuration to apply the routing rules to
203
228
3. In the **Deploy a configuration** window, select all regions where you want to deploy the routing configuration.
204
229
4. Select **Next** and **Deploy** to deploy the routing configuration.
205
230
231
+
## Confirm routing configuration
232
+
233
+
In this step, you confirm the routing configuration by testing network connectivity between the spoke virtual networks in each region.
234
+
235
+
:::image type="content" source="media/how-to-deploy-spoke-to-spoke-topology-two-hubs/View-route-table-on-subnet-thumb.png" alt-text="Screenshot of subnets showing applied route table from deployment of routing configuration." lightbox="media/how-to-deploy-spoke-to-spoke-topology-two-hubs/View-route-table-on-subnet.png":::
236
+
206
237
## Adding spoke virtual network to the existing Multi Hub-Spoke topologies
0 commit comments