BGP peering between vMX and Azure vHub

Canaday
New here

BGP peering between vMX and Azure vHub

Has anyone tried to BGP peer between  vMX and an Azure secure hub or vHub?  If so, how did you perform this peering and are there any documents or guidance in building it?  Anything is helpful.

6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal

Is that even possible?

jdsilva
Kind of a big deal

If it is possible it would be done the way described in this doc I would think:

 

https://documentation.meraki.com/MX/Networks_and_Routing/BGP

 

You'd have to make the vMX an AutoVPN hub, and then peer it with the Azure vHub... But the real question here is BGP supported at all on the vMX?

SebT
Here to help

Hi all... Did anyone managed to solve this?

LloydG
Here to help

Hey, we had a similar issue with getting connections to work from vWAN hub to Azure ER and vNETs.

The way we got it to work with HA functions is as follows;

 

Deploy 2x vMX's with auto-vpn from sites as per normal.

 

Use the guide: https://docs.microsoft.com/en-us/azure/virtual-wan/scenario-route-through-nva

 

Create a Azure standard internal load-balancer with a health check to port 80 to both of the vMXs.

 

Point the static route to the internal IP of the Load-Balancer.

 

We're got full HA working to the vMXs, with ping from a site laptop to local peered vNETs to the vWAN hub, plus connectivity to private express-route hosts directly from sites over the auto-VPN to the vMX.

 

I make no comment if this is the most efficient approach but it works for us - but you won't get BGP routes.

GregLiu
Here to help

It seems there is easy way to solve this, and Microsoft has introduced Router Server as a control plane, fyi below:

https://docs.microsoft.com/en-us/azure/route-server/overview

it is still in public preview stage, if anyone like to try it out, there following is github has more details;

 

it is routing control plane in Azure which could be used via  BGP to peering with vMX and peering with MS VNET as well.

  

SebT
Here to help

Hi All, for the record, we have tried using BGP Peering with vMX.

 

Azure Secure vHub <-> vMX  using BGP. 

 

Found out some traffic stop working, not sure why. Raised support to Microsoft, they mentioned vHub <-> vMX okay but secure vHub <-> vMX now still not okay. link below:

 

https://learn.microsoft.com/en-us/azure/virtual-wan/scenario-bgp-peering-hub#benefits-and-considerat... 

Get notified when there are additional replies to this discussion.