UDR vs Virtual Network Route

Hi all,

Lets say I create a vnet of 10.10.0.0/16.

That will create an active default route of type 'Virtual network' for 10.10.0.0/16 network

I then create a UDR 0.0.0.0 via next hop 10.10.10.10, which is now a User route for all traffic.

Perhaps i've misread but I was under the assumption that UDR's outrank Default Azure routes/virtual network routes so traffic should be routed via 10.10.10.10 but ive tested this and traffic routes directly within the Virtual Network route (Traceroute shows this).

  1. So am I right to assume that the shortest prefix is taking preference here and that route preference is still dictated by shortest route prefix?

  2. I assume it wouldn't be possible to send traffic destined for traffic within the same subnet via my firewall (10.10.10.10) if I wanted to see that traffic through my monitoring tab?

  3. . Also if I wanted to block intervnet traffic, is an NSG the only option here? i.e 10.10.1.1/16 deny to 10.10.2.2/16

submitted by /u/Wendallw00f
[link] [comments]

Read more here: https://www.reddit.com/r/AZURE/comments/lnj9vm/udr_vs_virtual_network_route/

Content Attribution

This content was originally published by /u/Wendallw00f at Microsoft Azure, and is syndicated here via their RSS feed. You can read the original post over there.

%d bloggers like this: