|
| 1 | +--- |
| 2 | +title: 'Next hop IP support for Virtual WAN' |
| 3 | +titleSuffix: Azure Virtual WAN |
| 4 | +description: Learn about Next hop IP support for Virtual WAN |
| 5 | +author: cfields475 |
| 6 | +ms.service: azure-virtual-wan |
| 7 | +ms.topic: concept-article |
| 8 | +ms.date: 04/21/2025 |
| 9 | +ms.author: cfields |
| 10 | +ms.custom: references_region |
| 11 | + |
| 12 | +--- |
| 13 | +# Next hop IP support for Virtual WAN |
| 14 | + |
| 15 | +Azure Virtual WAN hub router, also called virtual hub router, acts as a route manager and provides simplification in routing operation within and across virtual hubs. The virtual hub router exposes the ability to [peer with the hub](scenario-bgp-peering-hub.md), thus exchanging routing information directly through Border Gateway Protocol (BGP) routing protocol. Network Virtual Appliances (NVA) or a BGP end point provisioned in a virtual network connected to a virtual hub can directly peer with the virtual hub router. Peering with the hub is supported if the NVA supports the BGP routing protocol. The ASN (Autonomous System Number) of the NVA must be different from the virtual hub ASN. |
| 16 | + |
| 17 | +With the added support for Next hop IP in Virtual WAN, you can peer with NVAs or BGP endpoints that are deployed behind a load balancer. Deploying behind a load balancer can provide load balancing, improved connectivity, and performance. |
| 18 | + |
| 19 | +## Benefits and considerations |
| 20 | + |
| 21 | +Key benefits |
| 22 | + |
| 23 | + * NVAs and BGP endpoints can now advertise routes with the next hop as a load balancer or any other devices that aren't the NVA itself. |
| 24 | + |
| 25 | +Considerations |
| 26 | + |
| 27 | + * NVAs or BGP endpoints can't advertise next hop IPs that are in a different region. |
| 28 | + * All the Considerations with [BGP peering with the hub](scenario-bgp-peering-hub.md) still apply. |
| 29 | + |
| 30 | +## Scenario: Setting the Next Hop IP to a load balancer |
| 31 | + |
| 32 | +In this scenario, the virtual hub named "Hub 1" is connected to a virtual network (VNet-1). The goal is to have the NVA (NVA-1) set the next hop for the route **10.222.222.0/24** to the load balancer (**192.168.1.40**). |
| 33 | + |
| 34 | +:::image type="content" source="./media/next-hop-ip/scenario.png" alt-text="Screenshot that shows the environment." lightbox="./media/next-hop-ip/scenario.png"::: |
| 35 | + |
| 36 | +## Workflow |
| 37 | + |
| 38 | +1. Configure BGP peering with the hub |
| 39 | + |
| 40 | + Instructions on how to configure BGP peering with the hub, can be found [here](scenario-bgp-peering-hub.md). |
| 41 | + |
| 42 | +2. Verify the current next hop is in the effective route table |
| 43 | + |
| 44 | + Verify what routes are currently being advertised and what the next hop IPs are for those routes. |
| 45 | + |
| 46 | + :::image type="content" source="./media/next-hop-ip/effective-routes-before.png" alt-text="Screenshot that shows the route before changing the next hop IP." lightbox="./media/next-hop-ip/effective-routes-before.png"::: |
| 47 | + |
| 48 | + The next hop for route **10.222.222.0/24** is the NVA. |
| 49 | + |
| 50 | +3. Change the next hop in the NVA and verify in the next hop |
| 51 | + |
| 52 | + Use the NVA to change the next hop IP for the route **10.222.222.0/24** to the load balancer **192.168.1.40**. |
| 53 | + |
| 54 | + Check the effective routes to verify the next hop IP for the route **10.222.222.0/24** has changed to the load balancer (**192.168.1.40**). |
| 55 | + |
| 56 | + :::image type="content" source="./media/next-hop-ip/effective-routes-after.png" alt-text="Screenshot showing the routes after changing the next hop IP." lightbox="./media/next-hop-ip/effective-routes-after.png"::: |
| 57 | + |
| 58 | +## Troubleshooting |
| 59 | + |
| 60 | +1. Verify BGP peering with the hub is set up correctly and working before attempting to set a custom next hop. Instructions on setting up BGP peering with the hub can be found [here](scenario-bgp-peering-hub.md). |
| 61 | + |
| 62 | +2. Verify the BGP peering status is up. In the "BGP peer" section, select on "BGP Status". |
| 63 | + |
| 64 | + :::image type="content" source="./media/next-hop-ip/bgp-peers.png" alt-text="Screenshot showing the confonfigured BGP peers." lightbox="./media/next-hop-ip/bgp-peers.png"::: |
| 65 | + |
| 66 | + Verify the BGP peer is up. |
| 67 | + |
| 68 | + :::image type="content" source="./media/next-hop-ip/bgp-peers-up.png" alt-text="Screenshot showing the bgp peers are up." lightbox="./media/next-hop-ip/bgp-peers-up.png"::: |
| 69 | + |
| 70 | +3. Check the current limitations for BGP peering with the hub. |
| 71 | + |
| 72 | +4. Verify the new next hop IP is the correct address. Check to see if the next hop is set in a different region. NVAs or BGP endpoints can't advertise next hop IPs that are in a different region. |
| 73 | + |
| 74 | +## Next steps |
| 75 | + |
| 76 | +* To learn more about BGP peering with the hub, see [BGP peering with the hub](scenario-bgp-peering-hub.md). |
0 commit comments