Microsoft AZ-700: Troubleshoot ExpressRoute Connection Issues

Reading Time: 2 minutes

Notes from MS Learn AZ-700 Module 3: Design and Implement Azure ExpressRoute – Unit 10: Troubleshoot ExpressRoute Connection Issues

Azure net eng supporting ExpressRoute will have to diag and resolve connection issues.

ExpressRoute connectivity has 3 traditional zones

  • Customer Network
  • Provider Network
  • MS DC

Offered with ExpressRoute Direct (10/100Gbps) customer can connect to MS Enterprise Edge routers directly meaning no provider network zone

  • Verify circuit provisioning and state via Azure Portal
    • Provisioning ExpressRoute creates redundant L2 connections between CE/PE-MSEE (2)/(4) and MSEE (5)
      • Service Key is unique ID for ExpressRoute Circuit – required by partner to tshoot if assistance needed
    • Steps
      • In Azure Portal find ExpressRoute Circuit
        • Under essentials status and enabled values are displayed
          • Circuit status = MS side status
          • Provider status = Provisions or Not provisioned
        • Must be Circuit status:Enabled and Provider status: Provisioned to be operational
  • Validate peering config
    • Once SP provisions ExpressRoute Circuit, multiple eBGP routing configs possible between Ces/MSEE-Pes and MSEEs as noted above
    • Each ExpressRoute circuit can have
      • Azure private peering
      • Microsoft peering
      • Both
    • Check peering under the ExpressRoute in Azure Portal
    • In IPVPN model, SP handles config of peer (L3)
      • After configured if peering blank refresh to pull current routing config from circuit
  • Validate ARP
    • ARP (RFC 826) is L2 mapping of MAC to IP. Used to validate L2 config and tshoot basic L2 issues
    • ARP Table provides mapping for individual peering’s.
      • Map of on-prem router int IP to MAC
      • Map of ExpressRoute router int to MAC
      • Age of mapping ARP can validate L2 config and tshoot basic L2 connectivity
    • Next Steps
      • Validate L3 config of ExpressRoute Circuit
        • Get route summary for BGP status validation
        • Get route table to see prefixes advertised via ExpressRoute
      • Validate in/out bytes
      • Open MS Support ticket if still issues
  • ExpressRoute monitoring tools
    • Uses Network insights for detailed topo mapping of all ExpressRoute components such as peering’s, connections, gateways). Also has preloaded metrics dashboard for availability, throughput, drops, gateway metrics.
    • Analyze metric for ExpressRoute from other Azure services using explorer
      • Open Metrics from Azure Monitor menu
        • View ExpressRoute metrics: filter by resource type ExpressRoute circuits
        • View Global Reach metrics: filter by resource type ExpressRoute circuits > select ExpressRoute circuit that has Global Reach enabled
        • View ExpressRoute Direct metrics: filter by resource type > ExpressRoute Ports
Share this article:

Permanent link to this article: https://www.packetpilot.com/microsoft-az-700-troubleshoot-expressroute-connection-issues/

Leave a Reply

Your email address will not be published.