Reset ExpressRoute circuit peerings using Azure PowerShell
This article describes how to enable and disable peerings of an ExpressRoute circuit using PowerShell. Peerings are enabled by default when you create them. When you disable a peering, the BGP session on both the primary and the secondary connection of your ExpressRoute circuit disconnects. You lose connectivity for this peering to Microsoft. When you enable a peering, the BGP session on both the primary and the secondary connection of your ExpressRoute circuit establishes. The connectivity to Microsoft reconnects for this peering. You can enable and disable peering for Microsoft Peering and Azure Private Peering independently on the ExpressRoute circuit.
There are a two scenarios where you can find it helpful to reset your ExpressRoute peerings.
- If you want to test your disaster recovery design and implementation. For example, you have two ExpressRoute circuits. You can disable the peerings on one circuit and force your network traffic to fail over to the other circuit.
- Enable Bidirectional Forwarding Detection (BFD) on either Azure Private Peering or Microsoft Peering of your ExpressRoute circuit. BFD gets enabled by default on Azure Private Peering if you created your ExpressRoute circuit after August 1, 2018 and for Microsoft Peering after January 10, 2020. If your circuit was created before the date listed, you need reset the peering to enable BFD.
Working with Azure PowerShell
The steps and examples in this article use Azure PowerShell Az modules. To install the Az modules locally on your computer, see Install Azure PowerShell. To learn more about the new Az module, see Introducing the new Azure PowerShell Az module. PowerShell cmdlets are updated frequently. If you are not running the latest version, the values specified in the instructions may fail. To find the installed versions of PowerShell on your system, use the Get-Module -ListAvailable Az cmdlet.
You can use Azure Cloud Shell to run most PowerShell cmdlets and CLI commands, instead of installing Azure PowerShell or CLI locally. Azure Cloud Shell is a free interactive shell that has common Azure tools preinstalled and is configured to use with your account. To run any code contained in this article on Azure Cloud Shell, open a Cloud Shell session, use the Copy button on a code block to copy the code, and paste it into the Cloud Shell session with Ctrl+Shift+V on Windows and Linux, or Cmd+Shift+V on macOS. Pasted text is not automatically executed, press Enter to run code.
There are a few ways to launch the Cloud Shell:
| Option | Link |
|---|---|
| Click Try It in the upper right corner of a code block. |  |
| Open Cloud Shell in your browser. |  |
| Click the Cloud Shell button on the menu in the upper right of the Azure portal. |  |
Reset a peering
If you're running PowerShell locally, open your PowerShell console with elevated privileges, and connect to your account. Use the following example to help you connect:
Connect-AzAccountIf you have multiple Azure subscriptions, check the subscriptions for the account.
Get-AzSubscriptionSpecify the subscription that you want to use.
Select-AzSubscription -SubscriptionName "Replace_with_your_subscription_name"Run the following commands to retrieve your ExpressRoute circuit.
$ckt = Get-AzExpressRouteCircuit -Name "ExpressRouteARMCircuit" -ResourceGroupName "ExpressRouteResourceGroup"Identify the peering you want to disable or enable. Peerings is an array. In the following example, Peerings[0] is Azure Private Peering and Peerings[1] Microsoft Peering.
Name : ExpressRouteARMCircuit ResourceGroupName : ExpressRouteResourceGroup Location : westus Id : /subscriptions/########-####-####-####-############/resourceGroups/ExpressRouteResourceGroup/providers/Microsoft.Network/expressRouteCircuits/ExpressRouteARMCircuit Etag : W/"cd011bef-dc79-49eb-b4c6-81fb6ea5d178" ProvisioningState : Succeeded Sku : { "Name": "Standard_MeteredData", "Tier": "Standard", "Family": "MeteredData" } CircuitProvisioningState : Enabled ServiceProviderProvisioningState : Provisioned ServiceProviderNotes : ServiceProviderProperties : { "ServiceProviderName": "Coresite", "PeeringLocation": "Los Angeles", "BandwidthInMbps": 50 } ServiceKey : ########-####-####-####-############ Peerings : [ { "Name": "AzurePrivatePeering", "Etag": "W/\"cd011bef-dc79-49eb-b4c6-81fb6ea5d178\"", "Id": "/subscriptions/########-####-####-####-############/resourceGroups/ExpressRouteResourceGroup/providers/Microsoft.Network/expressRouteCircuits/ExpressRouteARMCircuit/peerings/AzurePrivatePeering", "PeeringType": "AzurePrivatePeering", "State": "Enabled", "AzureASN": 12076, "PeerASN": 123, "PrimaryPeerAddressPrefix": "10.0.0.0/30", "SecondaryPeerAddressPrefix": "10.0.0.4/30", "PrimaryAzurePort": "", "SecondaryAzurePort": "", "VlanId": 789, "MicrosoftPeeringConfig": { "AdvertisedPublicPrefixes": [], "AdvertisedCommunities": [], "AdvertisedPublicPrefixesState": "NotConfigured", "CustomerASN": 0, "LegacyMode": 0, "RoutingRegistryName": "NONE" }, "ProvisioningState": "Succeeded", "GatewayManagerEtag": "", "LastModifiedBy": "Customer", "Connections": [] }, { "Name": "MicrosoftPeering", "Etag": "W/\"cd011bef-dc79-49eb-b4c6-81fb6ea5d178\"", "Id": "/subscriptions/########-####-####-####-############/resourceGroups/ExpressRouteResourceGroup/providers/Microsoft.Network/expressRouteCircuits/ExpressRouteARMCircuit/peerings/MicrosoftPeering", "PeeringType": "MicrosoftPeering", "State": "Enabled", "AzureASN": 12076, "PeerASN": 123, "PrimaryPeerAddressPrefix": "3.0.0.0/30", "SecondaryPeerAddressPrefix": "3.0.0.4/30", "PrimaryAzurePort": "", "SecondaryAzurePort": "", "VlanId": 345, "MicrosoftPeeringConfig": { "AdvertisedPublicPrefixes": [ "3.0.0.3/32" ], "AdvertisedCommunities": [], "AdvertisedPublicPrefixesState": "ValidationNeeded", "CustomerASN": 0, "LegacyMode": 0, "RoutingRegistryName": "NONE" }, "ProvisioningState": "Succeeded", "GatewayManagerEtag": "", "LastModifiedBy": "Customer", "Connections": [] } ] Authorizations : [] AllowClassicOperations : False GatewayManagerEtag :Run the following commands to change the peering state to disabled.
$ckt.Peerings[0].State = "Disabled" Set-AzExpressRouteCircuit -ExpressRouteCircuit $cktThe peering should be in a disabled state you set.
Run the following commands to change the peering state back to enabled.
$ckt.Peerings[0].State = "Enabled" Set-AzExpressRouteCircuit -ExpressRouteCircuit $cktThe peering should be in an enabled state you set.
Next steps
If you need help with troubleshooting an ExpressRoute problem, see the following articles:
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for