Last week at the Microsoft Build conference, we announced that Azure Peering Service is now generally available. We also introduced “routing preference,” a new option for our customers to further architect and optimize their traffic to and from Azure over the “public Internet.”
Networking is a critical enabler of the cloud. The experience when accessing your applications and data depends on the performance of your network connection and the global network powering your applications and services in the cloud.
For the best experience, data should travel the shortest path and enter and exit the Microsoft network as close as possible to you or your users. Microsoft runs the Microsoft global network, one of the world’s largest wide area networks (WANs). Stretching across all continents through hundreds of thousands of miles of fiber and hundreds of network points of presence (PoP), it powers all the Microsoft cloud services such as Azure, Microsoft 365, LinkedIn, and their millions of users.
A growing number of our customers are adopting an “Internet-first” approach. Driven by accelerated cloud adoption and the current global situation, and the need to quickly adjust and provide optimal access to users is a main priority. Cloud-centric architectures with virtual private networks (VPNs) and technologies such as SD-WAN are applied to optimize for cost, security, and performance.
Microsoft is always optimizing customer traffic within our network, from ingestion close to the user and carrying it as far as possible to its destination, avoiding the public Internet, to returning it the same way. Peering Service extends the optimized path to your doorstep or, in industry terms, to the last mile.
Concept diagram of Peering Service.
We have partnered with internet service providers (ISPs), internet exchange providers (IXPs), and software-defined cloud interconnect (SDCI) providers worldwide to provide reliable and performant public connectivity.
When connecting using a partner provider, you can take advantage of business-class internet connectivity with high availability and low latency. Using the optimal path and least amount of network hops, Peering Service improves the user experience in Microsoft apps, such as Microsoft Teams, SharePoint, and Outlook. Also, you will have access to optional advanced performance telemetry and security features such as route hijacking monitoring and prevention.
Prefix events in the portal showing an origin autonomous system number (ASN) change for a Peering Service customer’s prefix.
While optimal consumption of apps is critical, so is the ability to architect the delivery. I am excited to introduce the new routing preference option in Azure. The option brings a new second network service tier and enables customers to select how traffic routes between their Azure resources and clients accessing them from the internet. The Microsoft global network is well provisioned with multiple redundant fiber paths to ensure exceptionally high reliability and availability. We do traffic engineering using a unique software-defined WAN controller that provides optimal path selection and high performance for your traffic.
Default routing of traffic for best performance in Azure.
While Microsoft will always default to the best performing and most secure option of carrying the traffic across our backbone from source to destination, the new competitive egress tier adds a secondary option for solutions that do not require the premium predictability and performance of Microsoft’s global network. Instead, it will allow the routing of traffic directly to the public Internet.
Traffic routed with the new network service tier in Azure.
You can select your preferred routing when creating a public IP address and associating it to resources such as virtual machines (VMs), internet-facing load balancers, and more. You can also add the secondary routing preference, “Internet routing” for storage accounts that gives an additional endpoint to access services such as blobs, files, web, and Azure Data Lake over the public Internet.
Creation of an additional endpoint for internet routing option.
Let us look at how the two options compare. We did a performance comparison using ThousandEyes monitoring across multiple global locations, accessing Azure Virtual Machines. The average round-trip latency was measured over a period of 30 days. As expected, routing via Microsoft’s network provides the best latency, with the gap between the two further widening with cross-continent traffic. The choice of best scheme, price, and performance is ultimately yours.
Performance between the Microsoft network and the public Internet.
We continue to be fully committed to helping you connect to Azure in the best possible way, protect your workloads, and deliver a great networking experience. We will continue to provide innovative networking services and guidance to help you take full advantage of the cloud and are always interested in learning more about your new scenarios enabled by our networking services. As always, we welcome your feedback.