home

Supported platforms

Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers
Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Show On this page:

thumbnailSupported platforms

Key Azure Concepts

Azure routing tables

Azure maintains its own routing tables for each subnet and provides a unique packet-forwarding environment based upon its own proprietary rules.

Resources within an Azure subnet do not share the same Layer 2 broadcast domain, and the destination MAC address is not used by the Azure network to decide where to send a frame.

If you configure a router in your VM to send traffic with another Azure VM as the next hop, the traffic is delivered to the destination without passing through the next hop.

By default, each subnet uses the system route table. The system route table contains the following rules:
  • Local virtual network rule: For any addresses within the local virtual network, packets are delivered directly to the destination without an intermediate hop.
  • On-premises rule: For any addresses in the on-premises address range, packets are delivered with the VPN gateway as the next hop.
  • Internet rule: For any addresses on the public Internet, packets are delivered with the Azure infrastructure gateway as the next hop.
To send local traffic by way of an intermediate hop, you must create a user-defined route table and associate it with the subnet on which the traffic will originate. You can then add routes to the route table. Routes consist of:
  • Address prefix: An address prefix in CIDR format that specifies the address range of the destination to which this route applies.
  • Next hop type: The type of hop that should be used for the route. This can be:
    • Virtual network: The packet is delivered directly within the virtual network and has no intermediate hop.
    • Virtual network gateway: The packet is delivered to the Azure site-to-site VPN gateway to be sent over the VPN tunnel.
    • Internet: The packet is delivered to the Azure infrastructure gateway to be sent onto the public Internet.
    • Virtual appliance: The packet is delivered to the specified Azure VM for processing.
    • None: The packet is dropped.
  • Next hop address: The address of the VM to which the packet should be sent. This address applies only to virtual appliance routes.
In addition, for Express Route users, there is a BGP route table. Routing is done using a longest prefix match across all route tables. If the same prefix is in multiple tables, routes are applied with the following priority (with 1 being the highest priority):
  1. User defined routes
  2. BGP routes
  3. System routes

Because of this approach to packet handling by the Azure network, the routing capability of Vyatta NOS in Azure is limited. The routes on Vyatta NOS determine which interface packets leave, but do not have any affect beyond that. To configure packets to leave through a particular interface, configure a static route with a next hop of the first host address in the subnet (for example, for 10.0.4.0/24, the first host address is 10.0.4.1). This address is the address of the Azure infrastructure gateway for that subnet.

Last updated: April 4, 2022