Part 1 – Azure BGP Network Triangulation

In this post we’ll setup the Azure configuration in Region 1 (West Europe)
we
You will need to create in advance, two VNets (vnspoke1 and vnhub0).
The VNet vnspoke1 uses address space 10.10.1.0/24. Create a subnet within this VNet and place a VM within that we will use for our ping tests. Your setup should resemble to following:
we-pre-ps
As VNet peering is a relatively new capability within Azure, for clarity are the network peering setting from the portal for vnspoke1:
peer-spoke1
and vnhub0:
peer-hub0
The VNet vnhub0 uses address space 10.10.0.0/24 within this create  a default gateway subnet that will hold our Virtual Network Gateway “gwwebgp”. This PowerShell sets up this gateway
# set some variables for Resource Group, VNet Name, Location, Name Azure
# Gateway, Name of our local home network definition, The private ASN number to use
# for the Azure West Europe network,  The private ASN number to use for our Home
# network, The BGP address used at home, the subnet range for BGP 
$rg=”atnettest”
$vn=”vnhub0″
$loc=’westeurope’
$vngwname=’gwwebgp’
$gwlocal=’homenet’
$VNet1ASN=65010
# Private ASN for home network
$LNGASN=65168
# these BGP addresses come from part 3
$BGPPeerIP5=’10.168.0.253′
$locprefix=’10.168.0.253/32′
# assumes VNet vnhub0 & gateway subnet already created
$vnet = Get-AzureRmVirtualNetwork -ResourceGroupName $rg -Name $vn
$gwpip= New-AzureRmPublicIpAddress -Name gwpip -ResourceGroupName $rg -Location $loc -AllocationMethod Dynamic
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name ‘GatewaySubnet’ -VirtualNetwork $vnet
# get a public ip for the gateway
$gwipconfig = New-AzureRmVirtualNetworkGatewayIpConfig -Name gwipconfig1 -SubnetId $subnet.Id -PublicIpAddressId $gwpip.Id
#
# make the gateway – will take a while – typically about 30 minutes
#
date
New-AzureRmVirtualNetworkGateway -Name $vngwname -ResourceGroupName $rg -Location $loc -IpConfigurations $gwipconfig -GatewayType Vpn -VpnType RouteBased -GatewaySku Standard -Asn $VNet1ASN -EnableBgp $true
#New-AzureRmVirtualNetworkGateway -Name $vngwname -ResourceGroupName $rg -Location $loc -IpConfigurations $gwipconfig -GatewayType Vpn -VpnType RouteBased -GatewaySku HighPerformance -Asn $VNet1ASN -EnableBgp $true
date
# get the public ip for local gw we’ll need to make a note of this for part 3
Get-AzureRmPublicIpAddress -Name gwpip -ResourceGroupName $rg
$gateway1 = Get-AzureRmVirtualNetworkGateway -Name $vngwname -ResourceGroupName $rg
# get the BGP ip for local gw – we’ll need to make a note of this for part 3
$gateway1.BgpSettingsText
#
# In the following replace a.b.c.d in the following with your home public IP address
New-AzureRmLocalNetworkGateway -Name $gwlocal -ResourceGroupName $rg
-Location $loc -GatewayIpAddress ‘a.b.c.d’ -AddressPrefix $locprefix -Asn $LNGASN -BgpPeeringAddress $BGPPeerIP5
# get local network gateway
$local = Get-AzureRmLocalNetworkGateway -Name $gwlocal -ResourceGroupName $rg
# connect the two
New-AzureRmVirtualNetworkGatewayConnection -Name westeurtohome -ResourceGroupName $rg -Location $loc -VirtualNetworkGateway1 $gateway1 -LocalNetworkGateway2 $local -ConnectionType IPsec -RoutingWeight 10 -SharedKey ‘abc1234’-enablebgp $true
This should leave you with a Standard BGP enabled gateway in VNet vnhub0:
we-post-ps

3 thoughts on “Part 1 – Azure BGP Network Triangulation”

  1. Pingback: Azure BGP Network Triangulation (from your home!) – Azure in Action
  2. Pingback: Part 2 – Azure BGP Network Triangulation – Azure in Action
  3. Pingback: Part 3 – Azure BGP Network Triangulation – Azure in Action

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s