Disable BGP propagation guidance #618
Assignees
Labels
documentation
Improvements or additions to documentation
Comments
|
Amended guidance on hub and spoke |
|
Closing issue as PR has been merged. |
ghost
locked as resolved and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Current ESLZ guidance for hub and spoke network architecture when connectivity between landing zones across two hubs is required, is to cross-connect the ExpressRoute circuits across hubs.
While this scenario addresses the required connectivity needs, spokes across hubs will communicate directly bypassing the firewall. We need to update the guidance to indicate that, if customer requires traffic across hubs to be inspected by their firewall, they have to either 1) create more specific route entries in their UDRs (so that traffic across hubs is redirected via the local firewall) or 2) disable BGP propagation on the spokes, as this will simplify the route configuration in the UDR.
The text was updated successfully, but these errors were encountered: