Forum Discussion

Lyndon678's avatar
Lyndon678
Copper Contributor
Mar 26, 2025

Az Virtual Network Manager Multi-Region Hub-Spoke Topology

I'm evaluating Network Manager for a customer with a fairly default topology scenario being multi-region hub-spoke with inter-region meshed hubs. However, I find the existing documentation unclear and the product not intuitive enough on how to achieve this. There is a matching graphic on this following learn article, but the accompanying text above rather mentions the global mesh option to connect spokes in different regions, not hubs...

https://learn.microsoft.com/en-us/azure/architecture/networking/architecture/hub-spoke#automation-with-azure-virtual-network-manager

My configuration approach so far is:

  • Network groups containing all VNets of a region
    • Hub & spoke connectivity configuration applied with group and selecting matching regional hub VNet
  • Network group of hub VNets
    • Mesh connectivity configuration with global mesh enabled applied to group

However, when I look at the visualization, there seems to be no connection among the hubs.

Is this the right way or did I miss/misinterpret something?

Network Manager
virtual network

4 Replies

  • VikramSingh-2323's avatar
    VikramSingh-2323
    MCT
    Apr 02, 2025

    Point 3.2 : Hub vNets in each region will need to make use of Global Peering between them, with Transit Gateway functionality enabled as you will have further spokes connected to the hubs. Depending on the requirement you may have FW's etc also sitting these hubs in which case traffic from one hub can be routed to that and then use local peering of Hub with spokes to let that appliance forward traffic further down. Hope that makes sense.

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Mar 30, 2025

    Would suggest taking a look at below key points as well:

     

    1. Global Mesh Connectivity:
      • The global mesh option primarily connects spokes across regions, not hubs. To achieve inter-region hub connectivity, you may need to explicitly configure peering between the hub VNets in different regions.
    2. Hub-to-Hub Connections:
      • Ensure that the hub VNets in each region are peered with each other. This step is crucial for enabling direct communication between hubs.
      • Verify that the peering settings allow traffic forwarding and gateway transit if needed.
    3. Network Groups and Connectivity Configurations:
      • Your approach of grouping VNets by region and applying hub-spoke connectivity configurations is correct for regional setups.
      • For inter-region hub connections, create a separate connectivity configuration specifically for the hub VNets and apply it to the network group containing the hubs.
    4. Visualization in Azure Portal:
      • If the visualization doesn't show hub-to-hub connections, double-check the peering status and ensure that the connectivity configurations are applied correctly.
    • Lyndon678's avatar
      Lyndon678
      Copper Contributor
      Mar 31, 2025

      Thanks for the structured reply. However, could you please elaborate more on the point 3.2? What kind of connectivity configuration do I need to create for connecting the hub VNets when on the other hand you say in point one, that I need to create manual peerings for inter-region hub connectivity?

      • Boscim's avatar
        Boscim
        Copper Contributor
        Apr 22, 2025

        Mesh network configuration connects all associated VNETS in the same Network Group together in a mesh topology. You can extend this across Azure regions with the Global Mesh option.
        Described better here: https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-connectivity-configuration

        However, I may have misunderstood your topology design slightly. Are you aiming for full mesh, hub-spoke full mesh or hub-to-hub?

        Cheers!

Resources