Azure Virtual WAN demystified | whiteboarding session

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everybody with you at Microsoft again for another whiteboarding video this time it's on Azure virtual LAN and we're here today with Stefan below Nessa and this being recorded on August what is it August 26 what was 26 August 22 26 Monday so we will be it's a bit of a preface we will be mentioning some stuff that is not just here yes but things are coming so please check the documentation site on life or when things are coming but that's just a bit of a disclaimer to start to start with okay Steph hi talk to us about as your virtual where's what it is and also taking into consideration everything behind what we need to understand as a customer or the person wanting to implement this to get the best performance they need to understand all the other concepts were got okay how much done yet what so about just under 30 minutes excellence we gotta go way back first right before we start to introduce the concept of Azure virtual LAN let's talk more about networking in general networking in Asia networking at Microsoft and go backwards so the first thing really we need to understand these Microsoft has become the second largest global network on tat I mean right believe it believe it at all so we've got a great slide that mark is now working to the video that shows what mark so it's at this stage what the global reach is right so we've got pops point of presence ages appearing everywhere applause bro like Ross the blah blah blah and this is this is really where the power of the marks of network becomes really interesting because you can get from one point of the planet to the other at a very lower than low latency very high bandwidth when you utilize that and will come later to how that you know interacts with Azure virtual wise just go through that list again you've got you got pops your pup's yeah edges you got clearing locations right and pops an edge is a pretty much - sorry much the same so think of it well let's go one step back and say well first of all you have the other data center smart a traditionally Yahoo data centers where your pops and edge incoming points so it's 54 plus data centers and as I speak there's probably another one being built somewhere now I myself decided to go we gotta get out of that and start to establish more presence across the globe but there is no data center to be able to come in into that global network and this is where those papa nature's come into play all right so there's these things like in Oakland for example there you go busy pop is not a scintilla is a pop fantastic New Zealand Australia connectivity beautiful so that's more close to home of course but this top hat is this is multiple locations and we've got like 200 plus I believe this stage where we've got really a point of presence when there is no doubt surrendered that global pitch Network all right so traditionally back in the days if somebody you birth for example wanted to access the Sydney data center in Asia what we'd have to do we'll just internet and as we all know crossing the big deserts takes long time the latency is just awful so what these marks of ages will do for you is that a user sitting in an internet cafe somewhere in Perth ting actually right here can actually connect to one of those bulbs improve the box of network through the Microsoft global network reach get on to a presence right get back to Sydney does and they get back to Melbourne data center at a much faster rate that it would take to go through the internet now in comparison with some of the marks of competitors and this is a big knowledge so we can just divulge this AWS for example as more the tendency of vlogging about the routing of anything outside to the Internet as opposed to Microsoft has really that idea of saying let's bring that all in as fast as possible onto the edge network so that we can carry all that traffic in go as fast as possible through whatever the location the the ANU use of data needs to get the user traffic needs to get so that's what the dosage pops are really good for right so when we talk about this we can lead into the office 365 story now you probably have heard a lot about office 365 dreams and verses of historicity part through peering verses of his physics path through expressions let's make one thing clear the best methodology to get to office 365 is the internet there's no way around that the majority of the investment from marks of goes towards office 365 access on that internet right so you want to split that traffic as fast as possible coming up your aim device coming up your network you want to go as fast as possible on the internet to get to office 365 and you want to go as fast as possible to the edge network when it comes down to all your traffic distant to you your Sydney data center your Azure data center exeter exeter ok you might want to actually just just on that with with the with just system to a quick recap the pops are such edge stripes they're all scattered across the globe there's over 140 of them Melvin what reasons we've got so it's bringing the Microsoft servers it's question of the customer so it's much much quicker and also to have customers want to to look at where they're situated they can go to a public web site peering DB calm yes that's right being our a SN 807 five it'll come up with a list of all our pop sites that's fine well they're located yeah something just quickly yep because we're talking about how speed of connectivity with office 365 versus Azure and over the public internet versus real web do want to draw up on the board for us a classic diagram of the plan today with the hair pinning effect with all the internet going out through like a Colo for example I hope it helped type of things so no say just so users can understand what the rap begins today just quickly because it's all I'd also to cover this how do we do we do - we should put that on so basically you look at you are here so you are a beautiful end-user and you have an incoming points and let's represent the Internet okay now your data center sits here this is here and let's say office 365 is there so this is the mark soft sort of things okay now you and then use a year so for example you might need to connect to your DS now the traditional methodology it would be you either go VPN across on the internet or some other might say you've got over the Internet you end up on an MPLS Network and then that goes to your DC now from UVC you might an express that connection Express route traditionally will go to either so you might an Express route here yeah and still Express route Mike should go to office 365 as well same circuits two separate theories now say you a here and you're trying to access to Outlook now your outlook will then go oh in a minute I'm gonna round back to my DC from my PC through my dear that's my internet um I actually go back to the office 365 here now this one is gonna have to come back all the way to the DC and then come back all the way here unless you start circulating traffic and say hang on what I'm here because there is a great connectivity here with those gateways going from here straight to the Internet down day now there's a few things here that are interplay of course is where you look at it here versus where you need to access your resources and how many ops are you going to go through on the internet to actually get to that this is where those fault becomes quite interesting because you can actually set stop there so let's go to a max of pot that is close to me and then carry on the traffic trademarks of the edge network all the way and this is where this diagram is really interesting because what we can see here is that you've got a user sitting in England trying to access a data center in India in Agra now you can see here you've got all the different pops along with the number of hots with the different pops that will go through to get they let alone all the different type of route that it can take so you can really go oh right near the traffic will go from one rail toward the next packet will go through a different route and it's all different light and seeds or different routes it's all everything different now when we look at what soft edging marks what pops can do for you at this stage your end user will connect to the pot and then from there will be carried all the way to India through the marks of the age network this is where the marks of its network becomes really attractive because at that point you no longer of the potential diversity in the route that it going to take because you know it's always going to go through the Microsoft age it's going to be a lot faster a lot more bandwidth I mean the bandwidth right now is sitting out whether we say mark one point one point six paradise between data centers I mean amazing right one point six petabytes who would ever need that kind of resources but do we go so in terms of the regional architecture that we see that Knox has implemented and if you look at the marks of backbone each of the back Bowman will dinner ever ever regional help a regional point of presence that will connect to each of the DC's that are in a region so for example a big misnomer to say when you deploy a V net and and Magna were just discussing this is you deploy a vena you do not deploy a v-net in a dozen you deployed Venus at the regional point why because you might have Dallas arrived machines Venus that are across the appearing in set for Excel so you need to bandwidth in between those things right and this is where this is where the band could become really interesting in the latency between all these different disease now moving on to virtual lab it's ten minutes on this because we need to understand the bank of the behind the scenes how it all fits together and the benefits of adding until the actor has helped me that's how I first of all let's talk about MPLS versus sd1 now for those who don't know quickly what is Union as an MPLS sees MPLS is your traditional older methodology of connecting two sides together right where by a provider will give you a private IP so that you can connect those two things together now there's been a recent reports on you know the security of those things it's unencrypted traffic between two sides so the question is always how secure is an MPLS network this is not the subject of his talk today but look into it because there's quite some scary stuff happening only now sd1 is really a technology that was introduced to start to use the Internet's as a one technology to replace that MPLS right which is a lot cheaper of course so now what will happen is a provider will create sd1 devices will deploy those devices you plug it in turn Internet open your internet connection onto those devices bang you have an instant one how beautiful is that it's all encrypted of course because it goes across the internet so we got strong encryption the provider is responsible for that and you also have the ease of use because traditionally does those devices will be managed through a central console and all you have to do release plugging it onto the internet will self declare itself to a management console and there is your way it is not easy say even your receptionist could literally fly into the Braves so you get a brand new site somewhere else you don't need any technical people you just send out the device there plug in the whatever Internet connectivity they've got but you're on the way to perfect how good is that all right so now sd1 marks I've thought of that and thought well in a minute how can we utilize that kind of technology using our H Network and this is where it becomes really interesting is that instead of just doing the internet and go across the internet for everything why don't we get use the Internet as the last month and say we're going to connect through an SD when - the first point of present the closest possible age income to post plus possible point of presence the MUX of dads and then use our internal network h network to do all the communication so in other words it's the same as an office reasons five user to such they can out that they were sitting into internet cafe or they can include a outlook that office 365 comm they're sitting in Perth then automatically they connect in through a pop pop site in Perth and then comes into a network same as an SD waiting device yeah branch site and Perth will connect and that's right well local pop this is where the story expense right because when we talk about as approach when we get different type of connectivity right we can do branch offices so we can move to 3,000 of thousand offers that are all connected through one big one right which then will connect through the actual mark soft edge network all together beautiful and then in addition to that you can then also if all the what we call the point to site which is all the individual users phone internet cafe going to the closest possible pop bank coming down to your network through the mark soft age happy look towards that great and then it doesn't stop there because you go back to a previous video on express routes get this you can actually connect Express route to as do you want to to verge from wine as well so that you can have your DC connected to your SD one as in algebra as well all your branch offices and your remote workers all talking together one happy family here is that it's great okay diagram it so we've got a actually a PowerPoint presentation here and so basically here is exactly what I've just described you have all your branches that are connecting to what we call it hard now when we talk about how to set up the actual virtual LAN you can recreate a hub for region and these these branch offices and point people will connect to a hub will end up somewhere on our inner region within box office now you need a hug you can only have one helper region and you need a region per hub traditionally because you can still connect if you want to enough this that is sitting in Mumbai to connect back to our hub in Sydney there's no problem but then beware that really you will use the internet to get already so potentially if there's a pop in Mumbai your device could connect Microsoft's backbone across to the correct that's right now at this stage there is no connectivity in public in general availability between two lots but it's it for its great it's coming it's gone so we we are in there now once you have that connectivity established between almost the wrong family between all your branch offices in your hub there will automatically be able to communicate why the pair of BGP we love BGP go back to the Express route if you don't know what BGP is anyway so BGP will advertise all around so any new branch of fishy connects King it's available all the branch offices can communicate with it's fantastic now last but not least we spoke about Express route connecting but of course you can also connect all your v nets to this so now normally your DC is connected to your when through virtual one as a virtual one but also your v8 Janeiro which is really it was originally the primary use for this is to go back to the v-neck you know but if you have a DC on-prem and it user expression or if it doesn't even we can still use the internet with us do you want what's that so let's play us some scenarios I guess with looking at traditional MPLS versus I think HD Wayne is and x1 vs. yeah I don't even cover them but just talk to the DA so in traditional methodology you would start with an MPLS Network each of those sites will then connect to the MPLS network then you can get a third-party provider to give you an Express route connection which on layer 3 will then connects to that MPLS and become just another site effectively to hook you up to a gateway that will seal in Asia that will then connect to all your Venus now in addition to that for those branch offices traditionally internet connectivity then centralized through a data center to go to the office 365 etcetera etcetera all each of the branch will ever a separate internet connection to actually get out and and do that that's that's not free the the traditional what you see most in the in the larger enterprise these days now when we evolved from that when we say ok whatever it is do you want well if the one will do effectively will deliver to your branch offices the same as what an MPLS will do at a fraction of the cost because all it needs is an internet tell and from day it will hook up to basically your global network and then go back down through your SDI on virtual appliance inside of Asia ok so this is effectively doing what as your virtual one would do but yourself alright so get a third-party appliance you know in your v-net in your india and boom connect it all up through the internet ok now when we go further we did story we then introduced our virtual so we might just remember hey man the concert oh yeah and remember like the the ballot that krinke remember creature his cat yeah and when he turned when he went by the powers of Grayskull he turned into a battle cat yeah yes that's exactly right that's exactly right so like let's face it you think about as your virtual when it's really is the wine but on steroids for those like Clark gave us reading you to Superman that's exactly right that's what it what is the same but one's better all right virtual one is the same principle in the background except that you get a lot closer to the edge through those pops so you don't have to go all the way across the internet from one location to another you just literally go from one location of course encrypted so an IPSec tunnel to the first available pop and then from there you effectively use the internal box of its global network edge network to get to our virtual LAN try a pub to then get to your V net or from there get this office 365 how good starts so now you're waiting obviously different little hops that you can get out on the Internet same principle with Express route is of course also connected in this case to your pop through your third party provider who are they using that goes back to the virtual hub the as a virtual one hub that then goes back to your V nuts now this here and sorry I'm getting a bit messy on my diagram here but this is what stick up so keep an eye out for this it's coming very soon in in your local provider and your local region so yeah keep an eye out for this before you go next time yeah the emoticon but just reminder as well as safe from this cans branch up here the top left traffic to office 365 is local South Laurel Oakley internet breakup which is a policy on the SD Randall now one of the actually what what what marks points just reminded me to remind people of is there's really two way of connecting wits as your virtual wine you can use an appliance then go to your favorites you know distributed that's whether we won't name any one now because we don't want to make any any preferences but you'll see on the on the on the web side there's a there's a lot of providers or you can do it yourself know if the list is not in there if you if you you looking for is no internet you can buy your preferred VPN concentrator or whatever and do all the management yourself it's a lot easier when you use one of the provides obviously because they take care of all the breakouts has in dedica of the rep splitting and everything else built into based on what success traffic versus who rest work correct so if you if the when you bar monitors appliances the appliance is pre-configured to already fall as a virtual one therefore they know hang on a minute if I need to go through a fish for 65 split over there please if I need to go to my Venus come over here it's all done if using your on you go take care of that yourself not that it's hard but you know it's one of those services that is this drug same essential management it's back to DSD one you know all good old adage okay so now one of the scenarios would be the coexistence between the two MPLS and sd1 now what would you do that one may ask well you could potentially do backups you know say you've got your primary MPLS provider and you establishing an MPLS an SD one connectivity network outside of that as a backup just in case the MPLS goes now or you migrating away from MPLS you know whatever whatever the case may be so in this case we can see on the diagram you get your traditional NBS and when your connectivity back to your branches and also your data center of course and you can then use the internet on the sd1 to actually go through here potentially to another site or to your data center as well as go back down there to your health in this case if you use of course as your virtual life is more of a MPLS /hd when in /as as virtual ties together I believe a lot is actually it's going before the other man you'll be like an arrow here saying coming stirring that's fun coming to ya keep an eye out it's very very soon all right so well that's actually an interesting slide because it's already been depicted there so but this is definitely the coming suit so they're coming soon sort of things so it's a this diagram it's more a high-level to show you that you you will you know if you're sitting in Sydney branch you'll hit the Sydney pop to get onto that marks of global network the edge network Sam if you in both you'll hit the purple the Perth but that's really not to say program is it yeah same with the you know if you go Melbourne except for etc so where you are this is really become interesting if you're sitting in in in Wellington in Auckland in New Zealand you don't have to go across the internet across the ditch to come all the way back to Sydney you can just hit the local top and make marks of carrying traffic across for you because it's a lot cheaper and to get a MPLS connection across that bridge makes sense all right well that's pretty much Anna smart if you have any other questions but that pretty much ease as your virtual one in a nutshell in yeah it's 25 minutes and just just on the hub to hub thing at the moment there's nothing stopping you if you've got a hdon appliance in LA for example and another way in an SD well appliance and say Perth you can connect them to the same hub and say Australia East for exactly right no problems at all is just beware that you will cross the internet through those ops first plus there's limitations as well with one heart as well which is what is a 20 do you give it so many actually those limitations good point because I forgot about those who they are amazing and every limitations but two gigabits per site gigabit to you because I 20 gigabit per hub a thousand ranch sites per hub and 10,000 point to site connection per half so you can add vendors and employees connecting to the same hub you can have a thousand branch office connect into soap hub and get up to 20 gigabits of internal communication through that hub for each of your sites how good's that excellent so it's brilliant just go check it out very easy to set up actually set up set one up in my lab when it came out took me I don't know without appliance without the help of the vendor appliance it took me an hour and it was all set up so it's it's very easy stuff whether we talk about the management side of things so with traditional MPLS you've got your your provider who manages the device for the the company which is handy moving the HD when then housing management come into it is is there's traditionally no management testing one you need your internal people to know about it so but with the new Microsoft Azure networking of a speed program you can go to your favorite MSP that is signed up to the program to come and manage those devices for you so you can go to your favorite vendor put as your virtual one they will do you buy up your bottles the appliances you send them up very easy to set up then you go talk to your favorite MSP you signed up to the program and they can come and magic for you just like an MPLS design as an example if you're currently using a provider today for MPLS that same provider could be a this way if so a HD when that's hot if that's the case will then you don't deserve in providing at the same relationship there's rasa and Christmas parties or whatever else everybody's happy exactly I thank you very much - no worries thanks back

Info

Channel: Marc Kean

Views: 15,027

Rating: undefined out of 5

Keywords: Azure, Networking

Id: UcOogJIu3Dw

Channel Id: undefined

Length: 26min 48sec (1608 seconds)

Published: Mon Aug 26 2019