Azure Routing explained in plain English with a story in 10 mins-User Defined Routes, Route priority

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments

+1 for correct use of Curious George in a network diagram

👍︎︎ 2 👤︎︎ u/dave007 📅︎︎ Apr 01 2021 🗫︎ replies
Captions
hello and welcome to a show muncom in this video we'll talk about routing in Azure explained in plain English with the story and will be covering the following topics each in less than 5 minutes how a short routes traffic by default or system routes how routing priorities work and how ashford selects are out what a user-defined route is how it is created and applied let's get started modern zoo was a fictional company which had an assured virtual network called domestic animals virtual network with an address space of 10.0.0.0 4/16 within which they had to submit a cat subnet and a dog submit they had vm resources spun up in both the subnets the virtual network was also connected to a non premised network with an address space of 192 dot 168 0.0 /t using a site-to-site VPN the modern zoo had a new CDO Curious George George was curious about everything that happened around him he was amazed at how the VMS from the cat subnet are able to talk to the VMS from the dog submit the first response that was given was hey these two VMs without able to talk to each other because well they're in the same virtual network but Curious George was not one who was satisfied with superficial answers he wanted to know how they talked and he'd really wanted to know so for the sake of Curious George let's go a level deeper and understand how these VMs are able to talk to each other all this happens because of routing but Before we jump into the specific route let's understand with an analogy and an example of water route paperless and how it works let's say you are living in New York City and you wanted to get to California so in this case the destination is California so in order to get your destination the first hop or the next hop would be the New York City John F Kennedy Airport right we'll use this analogy of a destination and the next hop towards this video for a larger example going back to George question by default even without us doing anything I should automatically create certain routes and associates that to every resource that is inside of a virtual network we can see this by clicking on a VM and then choosing the network interface card associated to it and then clicking on effective routes these set of routes which are automatically created for us are called system routes because you don't have to create them manually in this example we see that the address range of the virtual network that we created that is 10.0.0.0 forward slash 16 has a route here and it has a next hop as virtual network well what does that mean the keyword virtual network means that a shirred takes his automatic routes to route between the resources inside of a virtual network and the source here does not mean the source address the source means how or who created these routes in this case it's default so he guessed it as should created it on your behalf the next question Curious George had was how is the VM communicating back to on-prem in this case if we go back and look at the effective routes we would see the following entries where the destination is the address range of the entre Mies networks that is 192 168 0.04 classics T and the next hop is a virtual network gateway in this case we see the source as also what your network gateway because virtual network gateway is what created this route for us remember this is also automatically created when we create the connection we didn't have to create this manually great George curiosity was frenched a few weeks pass by and modern zoo acquired a new virtual network called wild animals virtual network with an address range of 10.1 to 0.0 /linedasharray this network was connected to the domestic animals virtual network using virtual network peering once again Curious George wondered how Alliant subnet can talk to a dog subnet if you go back and look at the effective routes after the virtual network pairing was set up we now see that there is a route with the source as default because as you created this on behalf of us and destination asked the wild animals which will network address range that is 10.10 to zero /t and the next hop has virtual network peering which is what we would expect similarly you would also see a similar route on the wild animal side as well which would have a destination as domestic animals virtual network address range and the next hop as virtual network peering a few weeks pass by and now we have a new zookeeper virtual appliance inside the zookeeper subnet zookeeper hated this chaotic traffic meeting he did not like the fact that wild animals could talk to domestic animals without passing through the zookeeper and even the fact that subnets within a virtual network could talk to each other for example he did not want a dog subnet VM to talk to a cat suburbia directly without passing through the zookeeper but he was also reasonable in some aspects so he defined four rules for the modern Zoo organization rule number one domestic animals virtual network should not talk to wild animals virtual network without passing through the zookeeper rule number two no two washing machines can talk to each other inside the domestic animals virtual network there was an exception to rule number two though the VMS inside the dog subnet could talk to each other without passing through the zookeeper rule number three any traffic from the dog subnet to the Heine subnet should be dropped even before reaching the zookeeper appliance so how do we accomplish this so far we have talked about system broads or routes that were created automatically in order to accomplish this let's take a look at user-defined routes but before we look at user-defined routes let's look at how routing priorities work inside of a shop let's say you have three different routes first one destination is 10.0.0.0 for its last 16 next stop as virtual network similarly we have another route with a destination of 10 dot zero dot one dot 0 /z 4 and the next stop has virtual appliance and we have a third route which is ten to zero dot one dot v /t two and annex wapis none when you look at these routes the route which is most specific or the longest prefix wins and takes the highest precedence in other words if you convert the address to binary the address with the longest subnet mask wins in this case that is going to be slash 32 because that is the most specific the next precedence is given to the slash 24 route and the least preference is given to the slide 16 rod great but what if all three routes are exactly the same but they came from different sources for example route number one came from source default or systems out route number two came from virtual network gateway note that BGP routes also fall under this category BGP is border gateway protocol through which routes are exchanged for expressed out connection and also in some cases side to side VPN will talk about that in another video the third route consists of a user-defined route as the source in this case if you observe all three routes have exactly the same prefix so how does I should pick her out as she picks that out in the following order the highest president goes to user-defined routes the next preference is given to virtual network gateway or BGP routes the least preference is given to the system road what that means is you can override any of the default routes using user defined routes great now that we understand this let's go back to see how the zookeeper can accomplish his requirements using user-defined routes the way the user defined routes are created is first a route table is created second routes are added onto the Rob table third that our table is now associated to a subnet remember user defined routes can only be associated to a subnet and not a network interface card directly or a virtual network user defined routes have five options for the next hop type let's look at each of them option number one is none which means blackhole traffic that is if you set the next hop as none the traffic that is destined to the destination will be dropped or black hole in our case we will use this for the rule number three which is dropping the traffic from the dog subnet destined to the hina submit the second next hop type is virtual appliance what this means is when we set the next hop as virtual appliance and an IP address the traffic gets through on network virtual appliance like the zookeeper before reaching its destination in order to accomplish a rule number one and rule number two we will use this as the next stop that is the address range of the wild animals virtual network and we'll provide the next stop as the IP address of the virtual appliance similarly the IP address range of the domestic animals virtual network with the next hop as the IP address of the virtual appliance we added this tool because rule number two specifies that no two VMS inside the domestic animals virtual network can talk to each other the third next hop type is virtual network the next hop of virtual network means it takes the default assured routing we would want to use this for our exception to rule number two which is traffic inside the dog subnet that is two VMs inside the dog subnet should just take the default Asha routes and not traverse through the zookeeper because that would just cause too much burden on the zookeeper appliance the fourth option is the virtual network gateway that is specified when you want it when you want the traffic to go through the virtual network gateway and the last one is internet that is the next hop you specify when you want traffic to take the Microsoft backbone or the Internet route by default when you create a virtual network Asher creates its 0.0.0.0 forward slash zero route to the Internet this quad zero is a special rub which essentially means anything does which does not match any other rule follows this rule sort of like a catch on awesome just to recap what we discussed the first concept was how a short routes traffic by default using system routes second how routing priorities work in assure number three what is a user-defined route and how can we use it for our advantage if you want to understand more about special cases like servers endpoints and how that changes routing please check out the video I made on service endpoints by clicking more the link above thank you for watching I'll see you again in the next video [Music]
Info
Channel: azuremonk - cloud in plain english
Views: 25,844
Rating: undefined out of 5
Keywords: lessthan5min, #lessthan5min, explained, simplified, in less than 5 minutes, less than 5 minutes, azure, udr, user defined routes, azure networking, networking, azure routing, networking in azure
Id: tXLScLO-DRI
Channel Id: undefined
Length: 12min 3sec (723 seconds)
Published: Thu May 14 2020
Related Videos
Microsoft Azure Master Class Part 6 - Networking
John Savill's Technical Training
57K
Beginners Guide to Terraform with Azure: PART- 01
Bee-a-Learner
9K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.1M
How To Speak by Patrick Winston
MIT OpenCourseWare
5.1M
AZ-900 Episode 10 | Networking Services | Virtual Network, VPN Gateway, CDN, Load Balancer, App GW
Adam Marczak - Azure for Everyone
165K
Azure Route Server Overview
John Savill's Technical Training
9.5K
ExpressRoute Deep Dive
John Savill's Technical Training
37K
Azure Private Endpoint & Private Link explained in plain English with a story & demo in 5 minutes
azuremonk - cloud in plain english
28K
Azure Virtual Network Service Endpoints - explained in plain English with a story and demo
azuremonk - cloud in plain english
30K
Understanding DNS in Azure
John Savill's Technical Training
32K
How to setup Site to Site (S2S) VPN from local OnPrem to Azure Cloud in 10 steps
ConsulCat
20K
Showdown - Service Endpoints vs Private Endpoints in Microsoft Azure
HarvestingClouds
14K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.