Azure ExpressRoute peering guidance

Microsoft recently announced that they will be merging Public Peering and Microsoft Peering. Previously, Public Peering was used to access Azure PaaS services and Microsoft Peering was used to access Microsoft SaaS services such as O365.

Each Azure PaaS services by region and SaaS Service are tagged with BGP Community values, and these can be used to specify route filters on the ExpressRoute connection. For more information on route filters see the following link,https://docs.microsoft.com/en-us/azure/expressroute/how-to-routefilter-portal

The use of Route Filters to provide access different service types over the same routing domain simplifies the management of and configuration of ExpressRoute and also provides some additional capabilities:

  • Customers can create a single routing domain for Azure PaaS and SaaS services.
  • Customer can selectively choose community tags for services/regions that they want to receive via Microsoft peering
  • Manage the size of the route tables for routers within your network that learns routes from Microsoft peering
  • Enable new scenarios where SaaS services hosted on Azure can initiate connections to on-premises networks.

 

This brings up other interesting questions:

  • Currently Microsoft Peering requires ExpressRoute premium add-on, will this continue to be the case?
  • What is the long-term future of Public Peering?
  • Microsoft Peering guidance for O365 usage, will this still be by exception and access controlled by granting access to the O365 routes by request?

 

Will update once Microsoft publish updated guidance to address some of these publically.