How can we improve Azure Networking?

Dynamic routing within VNET

I would like to have the option to dynamically route traffic within a subnet in Azure.
Example: I have a two VMs acting as tunnel endpoints for 4G<->Network devices. These VMs are connecting to the same endpoints over Internet but use different technologies and have different connection availability. One is fast but unreliable, the other one slow but reliable. This setup is exported from my on premise VMware setup. But for this to work I have to be able to dynamically choose which VM I want to route traffic to, be it using Cisco route tracking or OSPF.

I've set up a POC where the routing works if I manually enter the remote subnets in the Azure route table and point it to the IP of the gateway VM. But not otherwise.

This kills my whole idea of moving my setup to Azure.

3 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • MexicanChile commented  ·   ·  Flag as inappropriate

        So, that means Azure internal Subnet devices will point to the "Azure VPN Gateway" (AVG), and then this AVG will have BGP sessions to external devices ?

        Can I have this setup with VPN tunnels terminating in Azure-VM-Firewalls that can talk BGP too ? (i.e. 2 Active Fortigate-Firewalls in Azure), one FW being the primary. All the routing being done between the AVG, Azure-Fortigate-FWs and the External Devices (which also talk BGP) ???

        What I have is an environment in Azure with 2 Fortigates (BGP enabled) + 1 VirtualGatewayExpressRoute (BGP enabled) ... External Azure ASM (not sure it this can handle BGP or only static routes to form a VPN to ARM) ... and External VPN's to on-premises Firewalls(BGP too) ... Can I have BGP between everything to avoid using UDR's inside Azure ???

        Thanks

      Feedback and Knowledge Base