In this post we’ll setup the Azure configuration in Region 2 (North Europe) and also setup the BGP Region 1 (West Europe) to Region 2 (North Europe) link.
As in part 1 you’ll need to create in advance, two VNets (vnspoke1 and vnhub0).The VNet vnspoke1 uses address space 10.11.1.0/24. Create a subnet within this VNet and place a VM within that we will use for our ping tests. Your setup should resemble to following:
The peering is setup in the same way as in part 1.
Here’s the PowerShell to create the North Europe Gateway and ready it for connection to our Home VyOS router.
$rg=”atnettest2″
$vn=”vnhub0″
$loc=’northeurope’
$vngwname=’gwnebgp’
$gwlocal=’homenet’
$VNet1ASN=65011
# Private ASN for home network
$LNGASN=65168
# these BGP addresses come from part 3
$BGPPeerIP5=’10.168.0.253′
$locprefix=’10.168.0.253/32′
# get the vnet and gateway subnet
$vnet = Get-AzureRmVirtualNetwork -ResourceGroupName $rg -Name $vn
$gwpip= New-AzureRmPublicIpAddress -Name gwpip -ResourceGroupName $rg -Location $loc -AllocationMethod Dynamic
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name ‘GatewaySubnet’ -VirtualNetwork $vnet
# get a public ip for the gateway
$gwipconfig = New-AzureRmVirtualNetworkGatewayIpConfig -Name gwipconfig1 -SubnetId $subnet.Id -PublicIpAddressId $gwpip.Id
#
# make the gateway – will take a while – typically about 30 minutes
#
date
#New-AzureRmVirtualNetworkGateway -Name $vngwname -ResourceGroupName $rg -Location $loc -IpConfigurations $gwipconfig -GatewayType Vpn -VpnType RouteBased -GatewaySku Standard -Asn $VNet1ASN -EnableBgp $true
date
# get the public ip for local gw we’ll need to make a note of this for part 3
Get-AzureRmPublicIpAddress -Name gwpip -ResourceGroupName $rg
$gateway1 = Get-AzureRmVirtualNetworkGateway -Name $vngwname -ResourceGroupName $rg
# get the BGP ip for local gw – we’ll need to make a note of this for part 3
$gateway1.BgpSettingsText
# In the following replace a.b.c.d in the following with your home public IP address
New-AzureRmLocalNetworkGateway -Name $gwlocal -ResourceGroupName $rg -Location $loc -GatewayIpAddress ‘81.108.251.116’ -AddressPrefix $locprefix -Asn $LNGASN -BgpPeeringAddress $BGPPeerIP5
## get local gateway and on-prem local info
$local = Get-AzureRmLocalNetworkGateway -Name $gwlocal -ResourceGroupName $rg
## connect the two
New-AzureRmVirtualNetworkGatewayConnection -Name northeurtohome -ResourceGroupName $rg -Location $loc -VirtualNetworkGateway1 $gateway1 -LocalNetworkGateway2 $local -ConnectionType IPsec -RoutingWeight 10 -SharedKey ‘abc1234’-enablebgp $true
Now setup the gateway to gateway BGP link:
# set some variables
$rg1=”atnettest”
$rg2=”atnettest2″
$loc1=’westeurope’
$loc2=’northeurope’
$vngwname1=’gwwebgp’
$vngwname2=’gwnebgp’
$Connection12 = “wetone”
$Connection21 = “netowe”
#get the West Europe Gateway
$gateway1 = Get-AzureRmVirtualNetworkGateway -Name $vngwname1 -ResourceGroupName $rg1
# check BGP on on
$gateway1.BgpSettingsText
#get the North Europe Gateway
$gateway2 = Get-AzureRmVirtualNetworkGateway -Name $vngwname2 -ResourceGroupName $rg2
# check BGP ip address
$gateway2.BgpSettingsText
# Create the links (two are needed)
New-AzureRmVirtualNetworkGatewayConnection -Name $Connection12 -ResourceGroupName $rg1 -VirtualNetworkGateway1 $gateway1 -VirtualNetworkGateway2 $gateway2 -Location $loc1 -ConnectionType Vnet2Vnet -SharedKey ‘AzureA1b2C3’ -EnableBgp $True -RoutingWeight 10
New-AzureRmVirtualNetworkGatewayConnection -Name $Connection21 -ResourceGroupName $rg2 -VirtualNetworkGateway1 $gateway2 -VirtualNetworkGateway2 $gateway1 -Location $loc2 -ConnectionType Vnet2Vnet -SharedKey ‘AzureA1b2C3’ -EnableBgp $True -RoutingWeight 10
Azure in Action 
2 thoughts on “Part 2 – Azure BGP Network Triangulation”