Microsoft Azure ExpressRoute by Andy Shuttleworth
ExpressRoute is becoming a key connectivity method in to Microsoft’s Azure cloud services.
Exchange Provider – Exchange Provider’s have a direct connection in to Azure data centres that you can hook your WAN service on to. This means terminating your existing WAN services in an Exchange Provider’s data centre. This is a very versatile option as typically your WAN provider will already have a presence in the Exchange Provider’s facility and if not, it is likely that you will have a number of connection options to their facility from your existing sites. This can mean shorter lead times to get access to the EP’s data centre but that’s where the issues can start, as it means your EP then needs to “cross connect” your WAN termination point on to their ExpressRoute connection. This typically means being reliant on 3rd parties for 3 key setup activities:
Another drawback of Exchange Provider’s services is that in effect you are still paying for Outbound data transfers. The advantage here is that the outbound transfers are provided on a dedicated port speed, which means you can at least predict performance of your service on Azure, if not so easily, your costs.
Network Service Providers – Network Service Providers are slightly different. This is a direct connection into the Azure Data Centres from an existing MPLS WAN service that you may have. MPLS is a method of sharing a vendor’s wide area network in a secure way. It is widely accepted that MPLS is a proportionally secure approach (proportional to cost), of transferring data over large distances. The drawback here is that very few organisations offer this service currently in to Azure and it means you really should have an MPLS WAN already if you wish for short lead times and low levels of change. That said there is nothing stopping you from migrating to an MPLS service or even creating a separate, additional WAN service on MPLS and using a couple of points in your network to route diversely. The great thing about NSP ExpressRoute is the ability to pay for a set port speed per month, which includes data transfers in and out of Azure. This vastly simplifies your monthly expenditure on Azure and means you can predict your costs far easier. The other major benefit of this type of connectivity is that it reduces the level of 3rd party involvement that you need to engage with, meaning once the setup of MPLS is complete, the actual configuration on Azure is self-service. Therefore you can manage one 3rd party to get MPLS up and running and use your in house expertise to do the last bit of configuration to get the connection actually working.
In short, both options are somewhat similar in general in that they both advertise routes through BGP; the connectivity to your Azure services at the Azure network level is similar (if not the same) and they both have current restrictions in using both ExpressRoute and VPN as part of the same service, which is rumoured to be changing as part of the roadmap over the coming 4 – 5 months.
Of course everybody’s circumstances are slightly different and every organisation will have different priorities such as cost, flexibility, choice, lead times etc and of course it depends on your current WAN setup, number of WAN endpoints and so on… I would look to understand the following about your existing WAN setup and think about the following points before deciding on which connectivity route to Azure you should choose:
Further information on Shaping Cloud’s Infrastructure Consultancy Services and ExpressRoute please get in touch.