This article examines the data flow and performance benefits of Microsoft Azure's ExpressRoute and ExpressRoute FastPath features in Hub & Spoke environments. It outlines the default asymmetric data routing and the enhancements achieved through FastPath. Key updates and constraints for FastPath, as well as IP address limits and monitoring metrics, are also discussed.
The data flow between On-Premises and Azure using ExpressRoute is asymmetric by design.
The traffic from On-Premises to Azure transits via the ExpressRoute Gateway, but the return traffic (Azure to On-Premises) bypasses the ExpressRoute Gateway and is forwarded directly to the MSEEs.
If multiple ExpressRoute Circuits are advertising identical On-Premises routes and are connected to the same ExpressRoute Gateway, Azure to On-Premises traffic is distributed (ECMP) across the different ExpressRoute Circuits available unless traffic engineering is configured to prioritise one path over the others.
Enabling ExpressRoute FastPath allows On-Premises to Azure traffic to bypass the ExpressRoute Gateway, providing improved data path performances.
FastPath on ExpressRoute Direct circuit connections now also honors:
ExpressRoute FastPath is configured per connection.
This results in reduced latency and the capability to exceed the ExpressRoute Gateway's maximum throughput limit of 10 Gbps with the UltraPerformance or ErGW3AZ Gateway SKU, or the 40 Gbps limit of the upcoming ExpressRoute Scalable Gateway SKU.
Current constraints and limitations:
As per documentation, the following limits apply for the number of FastPath IPs. The limit is applied per ExpressRoute provider circuit (in the "Service Provider model") or per ExpressRoute Direct port (when using the "Direct model"):
ExpressRoute SKU | Bandwidth | FastPath IP limit |
---|---|---|
ExpressRoute Direct | 100 Gbps | 200k |
ExpressRoute Direct | 10 Gbps | 100k |
ExpressRoute provider circuit | =< 10 Gbps | 25k |
It is important to note that when calculating the limit for FastPath IPs, only endpoints with assigned private IP addresses within a subnet or VNet range are counted. The entire address range won't be included in the calculation of consumed IPs.
Azure Monitor offers metrics for ExpressRoute Direct resources, which includes the ability to track the number of configured FastPath routes at the port level.
Key takeaway: FastPath is configured per connection, while the FastPath IP limit is per Service Provider circuit or per ExpressRoute Direct port (= an overall limit for all the FastPath-enabled connections terminating on that port).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.