Azurecloud~5 mins

ExpressRoute for dedicated connections in Azure - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Sometimes you need a private, fast, and reliable connection between your on-site network and Azure cloud. ExpressRoute creates a dedicated link that does not use the public internet, making your connection safer and more stable.

When you want to connect your company’s data center directly to Azure without using the internet.

When you need a fast and consistent network connection for critical business apps hosted in Azure.

When you want to transfer large amounts of data securely between your office and Azure.

When your internet connection is not reliable enough for your cloud workloads.

When you want to reduce network latency for applications running between your local network and Azure.

Config File - expressroute.json

expressroute.json

{
  "name": "myExpressRouteCircuit",
  "location": "eastus",
  "properties": {
    "serviceProviderProperties": {
      "serviceProviderName": "Equinix",
      "peeringLocation": "Silicon Valley",
      "bandwidthInMbps": 1000
    },
    "sku": {
      "name": "Standard_MeteredData",
      "tier": "Standard",
      "family": "MeteredData"
    },
    "allowClassicOperations": false
  }
}

This JSON defines an ExpressRoute circuit named myExpressRouteCircuit in the eastus region.

The serviceProviderProperties specify the provider Equinix, the peering location Silicon Valley, and bandwidth of 1000 Mbps.

The sku section sets the circuit type to Standard with metered data billing.

The allowClassicOperations is set to false to restrict classic deployment models.

Commands

This command creates a new ExpressRoute circuit named myExpressRouteCircuit in the eastus region with 1000 Mbps bandwidth using Equinix as the provider and Silicon Valley as the peering location.

Terminal

az network express-route create --name myExpressRouteCircuit --resource-group myResourceGroup --location eastus --bandwidth 1000 --provider Equinix --peering-location "Silicon Valley" --sku Standard_MeteredData

Expected OutputExpected

{ "authorizations": [], "circuitProvisioningState": "Succeeded", "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/expressRouteCircuits/myExpressRouteCircuit", "location": "eastus", "name": "myExpressRouteCircuit", "peeringLocations": [ "Silicon Valley" ], "provisioningState": "Succeeded", "serviceProviderProperties": { "bandwidthInMbps": 1000, "peeringLocation": "Silicon Valley", "serviceProviderName": "Equinix" }, "sku": { "name": "Standard_MeteredData", "tier": "Standard", "family": "MeteredData" }, "type": "Microsoft.Network/expressRouteCircuits" }

→

--name - Sets the name of the ExpressRoute circuit

→

--bandwidth - Specifies the bandwidth in Mbps

→

--provider - Specifies the service provider for the circuit

This command shows the details of the ExpressRoute circuit to verify it was created correctly.

Terminal

az network express-route show --name myExpressRouteCircuit --resource-group myResourceGroup

Expected OutputExpected

{ "name": "myExpressRouteCircuit", "location": "eastus", "serviceProviderProperties": { "serviceProviderName": "Equinix", "peeringLocation": "Silicon Valley", "bandwidthInMbps": 1000 }, "sku": { "name": "Standard_MeteredData", "tier": "Standard", "family": "MeteredData" }, "provisioningState": "Succeeded" }

→

--name - Specifies the circuit name to show

This command creates a private peering on the ExpressRoute circuit, which is needed to connect your on-premises network privately to Azure.

Terminal

az network express-route peering create --circuit-name myExpressRouteCircuit --resource-group myResourceGroup --peering-type AzurePrivatePeering --peer-asn 65010 --vlan-id 200

Expected OutputExpected

{ "name": "AzurePrivatePeering", "peeringType": "AzurePrivatePeering", "peerASN": 65010, "vlanId": 200, "provisioningState": "Succeeded" }

→

--peering-type - Sets the peering type, here private peering

→

--peer-asn - Sets the Autonomous System Number for your network

→

--vlan-id - Sets the VLAN ID for the peering

This command checks the details of the private peering to confirm it is set up properly.

Terminal

az network express-route peering show --circuit-name myExpressRouteCircuit --resource-group myResourceGroup --name AzurePrivatePeering

Expected OutputExpected

{ "name": "AzurePrivatePeering", "peeringType": "AzurePrivatePeering", "peerASN": 65010, "vlanId": 200, "provisioningState": "Succeeded" }

→

--name - Specifies the peering name to show

Key Concept

If you remember nothing else from this pattern, remember: ExpressRoute creates a private, dedicated connection between your network and Azure for faster and safer data transfer.

Common Mistakes

Using the public internet instead of setting up ExpressRoute for private connection

This exposes data to the internet and can cause slower, less reliable connections.

Use ExpressRoute circuits to create a private, dedicated link for sensitive or critical workloads.

Not specifying the correct peering type or missing peering setup

Without proper peering, the connection between your network and Azure won't work.

Always create and verify the correct peering (like AzurePrivatePeering) after creating the circuit.

Setting bandwidth too low for your data needs

Insufficient bandwidth causes slow data transfer and poor application performance.

Choose bandwidth that matches your expected data transfer volume and application needs.

Summary

Create an ExpressRoute circuit with az network express-route create to establish a dedicated connection.

Verify the circuit details with az network express-route show to ensure it is ready.

Set up private peering with az network express-route peering create to connect your network privately.

Check peering status with az network express-route peering show to confirm the connection is active.