In the past I’ve already explained a bit on ExpressRoute… This is a topic on which I’ve had a vast amount of discussions in the past.
Thomas was a worthy sparring partner and truly had a big share in those discussions. Recently he pinged me to say that the naming has shifted. So we’ll be covering that today.
In the past we have three scenario’s to connect to Azure ;
Where the VPN connection over internet is the one everyone gets from the first minute of the discussion. Though the difference between the “Exchange Provider” and the “Network Service Provider” was often the real debate. Here I’ve always said that the “Exchange Provider” was to be compared with a leased / direct connection, where you manage everything on top of that yourself. In OSI terms, you start from layer 2… The “Network Service Provider” concept was a managed concept, where you got a layer 3 solution (in OSI terms). The telecom provider took care of all the complexity for you. Offcourse, as you can imagine, there is a cost difference between both.
If we take a look towards the Azure documentation, we notice a new visualization ;
You can create a connection between your on-premises network and the Microsoft cloud in three different ways
Co-located at a cloud exchange. If you are co-located in a facility with a cloud exchange, you can order virtual cross-connections to the Microsoft cloud through the co-location provider’s Ethernet exchange. Co-location providers can offer either Layer 2 cross-connections, or managed Layer 3 cross-connections between your infrastructure in the co-location facility and the Microsoft cloud.
Point-to-point Ethernet connections. You can connect your on-premises datacenters/offices to the Microsoft cloud through point-to-point Ethernet links. Point-to-point Ethernet providers can offer Layer 2 connections, or managed Layer 3 connections between your site and the Microsoft cloud.
Any-to-any (IPVPN) networks. You can integrate your WAN with the Microsoft cloud. IPVPN providers (typically MPLS VPN) offer any-to-any connectivity between your branch offices and datacenters. The Microsoft cloud can be interconnected to your WAN to make it look just like any other branch office. WAN providers typically offer managed Layer 3 connectivity.
They seem to have forgotten the “VPN over Internet” method. Though where this still exists, I’ve always stated that ExpressRoute is THE way to go when you are serious about Azure. VPN connectivity simply cannot provide the SLA’s you expect on enterprise level.
So now let’s look into the different options…For each scenario, I’ll draw up a little sketch to explain the situation and color the ExpressRoute implementation in red. This so that you can get a more in-depth image of the differences between the three ways.
The “Any-to-Any”-connection is what used to be the “Network Service Provider” scenario. Here you add an “ExpressRoute” to your existing “IPVPN/MPLS” cloud / solution.
The “Point-to-Point”-connection is what used to be the “Exchange Provider”-scenario. Here you get a direct connection from a Microsoft Azure Location to your own location. This location can be “On-Premise” or in a hosted datacenter.
In the past, a complexity was also added with as there was a cost difference between a point-to-point connection to your OnPremise/Hosted environment when compared to a datacenter which had “ExpressRoute” “On Net”. The “On Net” terminology is by telecom & datacenter providers to indicate that there is no additional cost needed to provide the connectivity, as the datacenter is already foreseen with connectivity from the carrier.
Here we notice that an additional naming has been introduced, being the “CloudExchange Colocation”. There are several datacenter which have been blessed with an “On Net” situation in regards to “ExpressRoute”.
The naming used in terms of ExpressRoute has changed. Underneath the technology implementations remain the same, though the new naming is more clear to explain the different concept.