question

anilkumar-3187 avatar image
0 Votes"
anilkumar-3187 asked GitaraniSharmaMSFT-4262 commented

Question on route tables in Azure

Hello,

I am new to Azure, pls don't get upset if I am doing/asking something silly.

In order to understand how user defined routing work in Azure, I have created below resources:

  • In my subscription

  • Virtual machine VM1 in Vnet1 and VM3 in Vnet3

  • Both Vnet1 and Vnet3 are peered so ping works between VM1 and VM3.

  • Also created one routing table

  • In another subscription where I have been granted Contributor Access

  • Virtual machine VM4 in Vnet4

  • No peering is configured to and from Vnet4

I want to route my connection from VM3 to VM1 - it should come via VM4. While creating a new route I have provided:

  • Address space of Vnet1 under Address prefix

  • Selected Virtual Appliance under Next hop type (I know I just have VM, not NPA as such, I hope it would work and I have enabled IP forwarding from NIC of VM4. )

  • Then provided the public IP of VM4 under next hop address (it's static and standard tier) and saved the changes.

Ran Tracert and found routing is not working as expected. I can some other option to select from while creating routes like virtual network and internet but I don't know how routing will work those options.

Pls help me understand how to make it work. Thank you!!






azure-virtual-network
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I have even tried peering VNet4 with both Vnet1 and Vnet3 - still tracert command from Vm3 to IP of VM1 gives only one record....looks like routing is not working.

Pls help/guide if possible for you.....

0 Votes 0 ·

1 Answer

GitaraniSharmaMSFT-4262 avatar image
0 Votes"
GitaraniSharmaMSFT-4262 answered GitaraniSharmaMSFT-4262 commented

Hello @anilkumar-3187 ,

Apologies for the delay in response.

All your configuration looks fine except the NVA setup.

While IP forwarding is an Azure setting, the virtual machine must also run an application able to forward the traffic, such as firewall, WAN optimization, and load balancing applications. The operating system of your VM must be able to forward network traffic and be configured to do so. To determine required settings within the virtual machine, see the documentation for your operating system or network application.
Please refer:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#user-defined
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding
https://docs.microsoft.com/en-us/azure/virtual-network/diagnose-network-routing-problem#considerations

You need to turn on IP forwarding within the NVA VM OS following the steps mentioned in the below tutorial (this tutorial assumes you're using Windows Server 2019 Datacenter):
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal#turn-on-ip-forwarding-within-myvmnva

Kindly let us know if the above helps or you need further assistance on this issue.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you @GitaraniSharmaMSFT-4262 for taking time to help !!

I checked my routing table was not associated with any subnet and IP forwarding was enabled from Azure VM NIC level but not OS level. I fixed both the issues then even ping from source VM to destination VMs stopped working. I had to scrap the whole setup as it was making things very complex and I had limited Azure credit.

I will setup new ENV with all three VMs in a single VNet but different subnets and update the status in this post by Friday EOD IST.

Thanks again....

1 Vote 1 ·

Thank you for the update @anilkumar-3187. Will wait for your next response. I would suggest you to follow the tutorial that I have added in my answer as it will help you in setting up the environment easily.

1 Vote 1 ·
anilkumar-3187 avatar image anilkumar-3187 GitaraniSharmaMSFT-4262 ·

Thank you @GitaraniSharmaMSFT-4262 for your valuable help - I had set up new ENV with three VMs mapped to three subnets of single VNet. Then created, configured route table - tracert showed traffic was routing through NVA, also effective route had entry for next hop.

Stay blessed n happy and pls keep contributing towards community when you get time !!

1 Vote 1 ·
Show more comments