Forum Discussion
Direct Routing w/ Azure VM based SBC
Hi,
That is true, since both Azure and Teams services uses Microsoft Network the traffic will never go out on public internet. But the traffic that comes from your PSTN provider in to your SBC will go out on the public internet, but you can check with your provider so they have connections in the same peering locations as Microsoft to minimize the number of hops on public internet.
This might help you: https://www.peeringdb.com
Hi,
That is true, since both Azure and Teams services uses Microsoft Network the traffic will never go out on public internet. But the traffic that comes from your PSTN provider in to your SBC will go out on the public internet, but you can check with your provider so they have connections in the same peering locations as Microsoft to minimize the number of hops on public internet.
This might help you: https://www.peeringdb.com
LinusCansby Thank you for the quick follow up! But I hope I can press you for more information. I am trying to understand how this is accomplished and it may be my own lack of understanding of what should be intuitively obvious. From what I understand the FQDN's for the Microsoft Phone System resolve to public IP addresses (see attachment). So how does Microsoft keep the traffic destined to those public IP's on their backbone?
Your SBC will connect to sip.pstnhub.microsoft.com (failover to sip1 and sip2), these addresses will resolve to one of the IP addresses mentioned in your attachment depending on the location of your SBC. So if a SBC in Europe connects to sip.pstnhub.microsoft.com it will resolve to a IP in Europe data centers (52.114.76.76). Since both your SBC and sip.pstnhub.microsoft.com is located in Microsoft Global Network their routers will know that the traffic should not go out to public internet.
It is like if you have a computer and a server in your network, your routers will know that they should not send traffic from the client to the server out on public internet.
LinusCansby Thank You again! And yes, that was about as intuitively obvious as it gets. In my mind, I inappropriately over simplified the networking architecture and associated the publicly accessible IP addresses only w/ gateway devices that are only able to be accessible via the public internet.
