Over a million developers have joined DZone.

Provisioning Azure ExpressRoute Private Peering [Snippet]

DZone's Guide to

Provisioning Azure ExpressRoute Private Peering [Snippet]

With Azure CLI 2.0 out for Linux, macOS, and Windows, it's easy set up Private Peering with a few commands. This snippet covers some command commands to use.

· Cloud Zone
Free Resource

Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.

The new Azure CLI 2.0 was recently released for general availability on Linux, macOS, and Windows (see this article for the announcement). In this post, I’m providing a step-by-step walk-through of using the Azure CLI 2.0 to provision ExpressRoute Private Peering with the new UltraPerformance VNET Gateway that provides up to 10Gbps throughput.

Note that you can also clone or fork this sample script snippet via my GitHub repo.

For more details on Azure ExpressRoute, see our official documentation site.

# Sample step-by-step Azure CLI 2.0 commands for configuring ExpressRoute Private Peering with UltraPerformance VNET Gateways

# Install Azure CLI 2.0
curl -L https://aka.ms/InstallAzureCli | bash

# Restart shell after initial installation of CLI 2.0
exec -l $SHELL

# Authenticate to Azure via Azure AD credentials
az login

# Select Azure Subscription
az account set --subscription "subscription-name-or-id"

# Create new Resource Group for ExpressRoute circuit
az group create --name "expressroute-rg" --location "azure-region"

# List the ExpressRoute providers to determine provider name, peering location and circuit bandwidth
az network express-route list-service-providers 

# Provision ExpressRoute circuit
az network express-route create --name "expressroute-circuit" --resource-group "expressroute-rg" --location "azure-region" --provider "expressroute-provider" --peering-location "peering-location" --bandwidth <bandwidth-in-mbps> --sku-family "MeteredData" --sku-tier "Standard"

# Get properties of the new ExpressRoute circuit
# Share "serviceKey" value with provider for provisioning circuit
# When "serviceProviderProvisioningState" equals "Provisioned" move forward with next step
az network express-route show --name "expressroute-circuit" --resource-group "expressroute-rg"

# Configure Azure Private Peering for ExpressRoute circuit
az network express-route peering create --name "private-peering" --type "AzurePrivatePeering" --circuit-name "expressroute-circuit" --resource-group "expressroute-rg" --peer-asn <peer-asn-number> --primary-peer-subnet "x.x.x.x/30" --secondary-peer-subnet "x.x.x.x/30" --vlan-id <vlan_id> --shared-key "optional-key-for-generating-MD5-hash"

# Get properties of Azure Private Peering
az network express-route peering show --name "private-peering" --circuit-name "expressroute-circuit" --resource-group "expressroute-rg"

# Provision UltraPerformance ExpressRoute VNET Gateway
az network public-ip create --name "vnet-gateway-1-ip" --resource-group "vnet-resource-group" --location "azure-region"
az network vnet-gateway create --name "vnet-gateway-1" --resource-group "vnet-resource-group" --location "azure-region" --public-ip-address "vnet-gateway-1-ip" --vnet "vnet-name" --gateway-type "ExpressRoute" --sku "UltraPerformance"

# Link ExpressRoute circuit to VNET Gateway in same subscription
az network vpn-connection create --name "vpn-connection-1" --resource-group "vnet-resource-group" --location "azure-region" --vnet-gateway1 "vnet-gateway" --express-route-circuit2 "expressroute-circuit-resource-id"

# Link ExpressRoute circuit to VNET Gateway in different subscription
az network express-route auth create --name "expressroute-auth-1" --circuit-name "expressroute-circuit" --resource-group "expressroute-rg"
az network express-route auth show --name "expressroute-auth-1" --resource-group "expressroute-rg" --circuit-name "expressroute-circuit" 
az network vpn-connection create --name "vpn-connection-1" --resource-group "vnet-resource-group" --location "azure-region" --vnet-gateway1 "vnet-gateway" --express-route-circuit2 "expressroute-circuit-resource-id" --authorization-key "authorization-key"

Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.

microsoft azure ,cloud ,private peering ,cli

Published at DZone with permission of Keith Mayer, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}