Meraki

Community

BGP in my Azure Data Center

Solved
DerikA
Getting noticed
‎Feb 9 2022 4:54 PM
‎Feb 9 2022 4:54 PM

BGP in my Azure Data Center

I have some questions around enabling BGP to advertise routes between my data center and my Meraki Organization.

 

Situation: I manage the Meraki branch and hub networks, our SysAdmin and 3rd party vender manage our Azure datacenter. We have several spoke branches and 2 hubs, our corporate office and our vMX in Azure. Right now all the routing for the data center subnets to reach our branch subnets is done via a static route table in Azure (controlled by our SysAdmin). My vMX in Azure has all the data center subnets set up as local networks so they are advertised to all the branch MX devices (controlled by me). All my branch locations are set to load balance traffic over both WAN links and the AutoVPN is set to Active-Active so we have VPN tunnels active on both WAN links. Our branch and Azure subnets are getting more complex so I want to activate BGP to advertise the Meraki and data center subnets, eliminating static routes.

 

My questions are:

 

1) If I activate BGP can I still have load balancing and Active-Active VPN tunnels or will I need to set a primary uplink and disable VPN tunnels on the secondary unlink?

 

2) If BGP is activated will the routes throughout my Meraki networks be disrupted as iBGP is establishing routes?

 

0 Kudos
1 Accepted Solution
In response to PhilipDAth
DerikA
Getting noticed
‎Feb 10 2022 6:51 AM
‎Feb 10 2022 6:51 AM

Hmm, reading on some Azure documentation it looks like BGP can only be enabled on an Azure VPN Gateway and not between the vMX and the internal Azure subnets. I'll post an update once I have spoken to my Azure admins.

View solution in original post

0 Kudos
3 Replies 3
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 10 2022 1:25 AM
‎Feb 10 2022 1:25 AM

To the best of my knowledge, you can not run BGP between a virtual appliance inside of Azure and Azure itself.  It only supports doing this over a VPN (which you can't do).

In response to PhilipDAth
DerikA
Getting noticed
‎Feb 10 2022 5:22 AM
‎Feb 10 2022 5:22 AM

What I've been told by our 3rd party vender that works with our Azure environment is that Azure only uses BGP or static routing. So, (me knowing very little of Azure) wouldn't it make sense that the we could set up a BGP peer in Azure which then could host the data center subnets? Basically replicating scenario 1 in BGP document from Meraki.

 

https://documentation.meraki.com/MX/Networks_and_Routing/BGP

 

0 Kudos
In response to PhilipDAth
DerikA
Getting noticed
‎Feb 10 2022 6:51 AM
‎Feb 10 2022 6:51 AM

Hmm, reading on some Azure documentation it looks like BGP can only be enabled on an Azure VPN Gateway and not between the vMX and the internal Azure subnets. I'll post an update once I have spoken to my Azure admins.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.