Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disable BGP propagation guidance #618

Closed
victorar opened this issue Jun 14, 2021 · 2 comments
Closed

Disable BGP propagation guidance #618

victorar opened this issue Jun 14, 2021 · 2 comments
Assignees
Labels
documentation Improvements or additions to documentation

Comments

@victorar
Copy link
Contributor

Current ESLZ guidance for hub and spoke network architecture when connectivity between landing zones across two hubs is required, is to cross-connect the ExpressRoute circuits across hubs.

While this scenario addresses the required connectivity needs, spokes across hubs will communicate directly bypassing the firewall. We need to update the guidance to indicate that, if customer requires traffic across hubs to be inspected by their firewall, they have to either 1) create more specific route entries in their UDRs (so that traffic across hubs is redirected via the local firewall) or 2) disable BGP propagation on the spokes, as this will simplify the route configuration in the UDR.

@victorar victorar added the documentation Improvements or additions to documentation label Jun 14, 2021
@sitarant
Copy link
Contributor

Amended guidance on hub and spoke
https://github.com/MicrosoftDocs/cloud-adoption-framework-pr/pull/2007

@victorar
Copy link
Contributor Author

Closing issue as PR has been merged.

@ghost ghost locked as resolved and limited conversation to collaborators Jan 11, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Improvements or additions to documentation
Projects
None yet
Development

No branches or pull requests

2 participants