7. Configure VNet Peering
Without VNet Peering, the Route Server SG-Transit-RouteServer will not accept or advertise the address space of other VNet(s). Thus, the next task is to create peering between SG-VNET1 and SG-Transit-VNet. To do this, go to the “Peerings” of SG-VNET1 and click “Add”. When add the peering, the configuration is divided to “This virtual network” and “Remote virtual network”. Let’s look at the Remote virtual network configuration first:
Since the purpose is to peer with SG-Transit-VNet, SG-Transit-VNet is selected as the VNet under Remote virtual network. As we want two ways communication between SG-VNET1 and SG-Transit-VNet, the “Traffic to remote virtual network” and “Traffic forwarded from remote virtual network” setting will be configured as “Allow”, which is the default setting. More importantly, under “Virtual network gateway or Route Server”, the options to select is “Use this virtual network’s gateway or Route Server” instead of None. This is because the Route Server is at SG-Transit-VNet, with this setting, virtual machines in SG-VNet1 can utilize the Route Server advertised routes to reach the spoke sites. Now, let’s go back to the configuration of “This virtual network”:
The option needs to pay attention is “Virtual network gateway or Route Server”, “Use the remote virtual network’s gateway or Route Server” needs to be selected instead of None. Again, this is to allow virtual machines in SG-VNET1 can utilize the Route Server advertised routes to reach the spoke sites. Finally, click “Add” to create peering between SG-VNET1 and SG-Transit-VNet.
SG-VNet2 also needs to create peering with SG-Transit-VNet. Since the peering configuration for SG-VNET2 is the same as SG-VNET1, it will not be repeated here.