Last Update: Nov 19, 2024 | Published: Oct 28, 2022
If you are working in a multi-cloud environment involving Microsoft Azure and Amazon Web Services, you may be using AWS Direct Connect or Azure ExpressRoute to set up a private interconnection to your on-premises resources. In this article, I’ll explain how you can enable AWS Direct Connect redundancy with Microsoft’s Azure ExpressRoute by using physical or virtual connections.
Even if you don’t use the full capacity of those expensive private connections, it’s important to set up redundancy just in case something goes wrong in your cloud environment. This article will focus on building a redundant AWS Direct Connect connection using Azure ExpressRoute, as this is the most common scenario. However, the solution I’m going to detail should also work with the Google Cloud Platform and other cloud providers.
When enabling private connections to AWS or Azure in your multi-cloud environment, AWS Direct Connect and Azure ExpressRoute are the way to go.
AWS Direct Connect lets you set up a private connection between your on-premises resources to the AWS cloud, and Azure ExpressRoute does the same with Microsoft’s Azure cloud. With these private connections set up, your cloud environment will look like the one shown below.
As soon as you make progress with your multi-cloud environment, you should be looking into creating redundancy for the two private connections to your on-premises network. Most customers may just be tempted to implement additional Azure ExpressRoute and AWS Direct Connect connections. In that case, this environment would look like the one in the schema beneath.
Such additional private connections usually have high costs as you need additional WAN connections, and regular providers tend to have high charges and long-term contracts. However, there are alternative solutions to set up redundancy while reducing costs for your organization.
To build a better redundancy solution, I’ll explain how you can add another Azure ExpressRoute and AWS Direct Connect private connection in your multi-cloud environment without using physical connections. You can create these additional private connections by using virtual routers and interconnection services.
There are various providers such as phoenixNAP’s Megaport Cloud Router and the German Internet Exchange operator DE-CIX which offer versatile interconnection services. In the example that follows, I’ll be using Megaport as they provide a SaaS-based model with pay-as-you-need pricing.
After creating your Megaport account, you can start building your virtual network with a Megaport Cloud Router.
Once you have set up your Megaport Cloud Router, you can create virtual Azure ExpressRoute and AWS Direct Connect connections using Megaport’s AWS Direct Connect Gateway and a virtual cross-connection to the Microsoft Cloud. However, You should choose a peering location that’s near the Azure and AWS data centers you chose. You should also make sure to set your AWS Direct Connect and Azure ExpressRoute peering locations in the same location.
After deployment your virtual private connections, your environment architecture should look like the one shown in the image below: In addition to our physical private connection between our on-premises router to AWS and Azure, we now have the additional Cloud Router from Megaport to route the traffic between both cloud environments.
The next step is to connect our Azure ExpressRoute connection to Megaport’s Azure Virtual Gateway, and our AWS Direct Connect connection to Megaport’s AWS Direct Connect Gateway.
Afterward, the gateways will receive the Border Gateway Protocol (BGP) routes from the Megaport Cloud Router, and your AWS and Azure workloads will be able to access other workloads across your cloud environment.
For your Azure resources, you’ll need to add Azure Route Server, Network Virtual Appliances or ExpressRoute Global Reach to interconnect your two ExpressRoute connections and enable the on-premises to AWS routing.
If you are using Microsoft’s Azure Virtual WAN virtual networking service, no additional change is needed. Azure Virtual WAN can let you avoid setting up additional user-defined routes, Azure Route Server, and Network Virtual Appliances to route traffic between your different branches.
Once everything is configured properly, you will have redundant connectivity between your on-premises resources and your AWS and Azure workloads. If one connection to your on-premises environment fails, AWS traffic would transit through your Azure ExpressRoute connections and the Megaport Cloud Router.
As you can see with this solution, you can leverage AWS Direct Connect, Azure Express Route, and a Megaport Cloud Router to create redundancy in your hybrid cloud environment. You will still have slightly higher costs with this solution that uses virtual private connections to AWS and Azure, but it’s still much cheaper than adding additional on-premises connections for redundancy.
With a Megaport Cloud Router, you can have a reduced Azure ExpressRoute and AWS Direct Connect capacity until you are in a redundancy and disaster case. As soon as you enter a disaster or failover situation, you can increase the traffic capacity. When the situation is solved, you’re free to reduce the capacity again and redeploy your connections.
Related Article: