Cross-border connectivity and interoperability

Cross-border connectivity

Network latency in China

In general, network latency between China and the rest of the world is inevitable, because of the unpredictable network connection. For cross-border data transfer, typically there is latency of about three times. It's a best practice to:

  • Host the workload targeting Chinese users on Azure China.
  • Deploy the workload to the closest Azure region for users located outside of China.

Through VPN site-to-site or ExpressRoute

If you host your workload within China, consider global connectivity and interoperability from a hybrid cloud scenario. For more information, see Performance and connectivity considerations.

Azure Active Directory federation

Azure Active Directory (Azure AD) has features to support all common scenarios. The guides Authentication with on-premises Active Directory and Azure AD Connect show recommended ways and mechanisms for cloud authentication with on-premises Active Directory. It supports:

  • Multi-national corporations that have multiple domains.
  • Multi-national corporations that have a unified domain.

Implementation and considerations

Cross-border IaaS interoperability

Although Azure China regions are disconnected with Azure global regions, you can still link the infrastructure as a service (IaaS) virtual machines in cross-border regions. The following diagram shows this design.

Diagram of IaaS

If you need support, contact your Microsoft representative.

Cross-border PaaS interoperability

Although Azure China regions are disconnected with Azure global regions, you can still link the platform as a service (PaaS) in cross-border regions. The following diagram shows this design.

Diagram of PaaS

If you need support, contact your Microsoft representative.