Comparison of ExpressRoute Routing Domains

ExpressRoute supports three routing domains for various types of services.

Private peering Public peering Microsoft peering
Purpose This is the same as the site-to-site VPN option and connects your on-premises network to Virtual Networks in Azure This expands connectivity to most other Azure services such as storage, Azure Websites but note exceptions This expands the connectivity to the Office 365 services
Concerns Should be enabled after considering that traffic to Azure now bypasses the normal route to the Internet and instead goes via the dedicated ExpressRoute path. This is an issue if certain monitoring and data leakage prevention solutions are in-place to monitor traffic leaving the on-premises network via the Internet which would now be bypassed for Azure/Office 365. Not available with all carriers and locations
Supported services Virtual Networks, including all virtual machines and cloud services
  • Power BI
  • Dynamics 365 for Operations (formerly known as Dynamics AX Online)
  • Most of the Azure services with a few exceptions below
    • CDN
    • Visual Studio Team Services Load Testing
    • Multi-factor Authentication
    • Traffic Manager
  • Office 365
  • Most of the Dynamics 365 services (formerly known as CRM Online)
    • Dynamics 365 for Sales
    • Dynamics 365 for Customer Service
    • Dynamics 365 for Field Service
    • Dynamics 365 for Project Service
Max. # prefixes supported per peering 4000 by default, 10,000 with ExpressRoute Premium 200 200
IP address ranges supported Any valid IPv4 address within your WAN. Public IPv4 addresses owned by you or your connectivity provider. Public IPv4 addresses owned by you or your connectivity provider.

If you have ExpressRoute and enable public peering the ASR replication traffic will leverage the ExpressRoute connection.

Comments