BGP in my Azure Data Center

SOLVED
DerikA
Getting noticed

BGP in my Azure Data Center

I have some questions around enabling BGP to advertise routes between my data center and my Meraki Organization.

 

Situation: I manage the Meraki branch and hub networks, our SysAdmin and 3rd party vender manage our Azure datacenter. We have several spoke branches and 2 hubs, our corporate office and our vMX in Azure. Right now all the routing for the data center subnets to reach our branch subnets is done via a static route table in Azure (controlled by our SysAdmin). My vMX in Azure has all the data center subnets set up as local networks so they are advertised to all the branch MX devices (controlled by me). All my branch locations are set to load balance traffic over both WAN links and the AutoVPN is set to Active-Active so we have VPN tunnels active on both WAN links. Our branch and Azure subnets are getting more complex so I want to activate BGP to advertise the Meraki and data center subnets, eliminating static routes.

 

My questions are:

 

1) If I activate BGP can I still have load balancing and Active-Active VPN tunnels or will I need to set a primary uplink and disable VPN tunnels on the secondary unlink?

 

2) If BGP is activated will the routes throughout my Meraki networks be disrupted as iBGP is establishing routes?

 

1 ACCEPTED SOLUTION

Hmm, reading on some Azure documentation it looks like BGP can only be enabled on an Azure VPN Gateway and not between the vMX and the internal Azure subnets. I'll post an update once I have spoken to my Azure admins.

View solution in original post

3 REPLIES 3
PhilipDAth
Kind of a big deal
Kind of a big deal

To the best of my knowledge, you can not run BGP between a virtual appliance inside of Azure and Azure itself.  It only supports doing this over a VPN (which you can't do).

What I've been told by our 3rd party vender that works with our Azure environment is that Azure only uses BGP or static routing. So, (me knowing very little of Azure) wouldn't it make sense that the we could set up a BGP peer in Azure which then could host the data center subnets? Basically replicating scenario 1 in BGP document from Meraki.

 

https://documentation.meraki.com/MX/Networks_and_Routing/BGP

 

Hmm, reading on some Azure documentation it looks like BGP can only be enabled on an Azure VPN Gateway and not between the vMX and the internal Azure subnets. I'll post an update once I have spoken to my Azure admins.

Get notified when there are additional replies to this discussion.