UDR vs Virtual Network Route

Hi all,

Lets say I create a vnet of

That will create an active default route of type 'Virtual network' for network

I then create a UDR via next hop, which is now a User route for all traffic.

Perhaps i've misread but I was under the assumption that UDR's outrank Default Azure routes/virtual network routes so traffic should be routed via but ive tested this and traffic routes directly within the Virtual Network route (Traceroute shows this).

  1. So am I right to assume that the shortest prefix is taking preference here and that route preference is still dictated by shortest route prefix?

  2. I assume it wouldn't be possible to send traffic destined for traffic within the same subnet via my firewall ( if I wanted to see that traffic through my monitoring tab?

  3. . Also if I wanted to block intervnet traffic, is an NSG the only option here? i.e deny to

