At Microsoft, we see our customers going through rapid digital transformation to accelerate business growth and empower their employees. And the shift to the digital sphere means a phenomenal growth in internet traffic. The global pandemic has transformed the way we work and live, resulting in a further increase in digital adoption.
It goes without saying that a growing number of our customers are adopting an internet-first approach.
As you move more workloads and services to Azure, we remain fully committed to adding new services and more value to empower you with more flexibility and control over your workloads to maximize performance, reliability, and cost efficiency. Today, we are announcing the general availability of Azure routing preference, a new option for you to further architect and optimize your traffic delivery between your Azure resources and clients on the Internet.
Now available in all geographies, routing preference empowers you to customize underlying routing network for your internet bound traffic to and from Azure. You can choose between routing via the Microsoft global network or routing via the Internet that uses transit Internet Service Provider (ISP) network. While the routing via Microsoft global network delivers traffic over an exceptionally reliable private global network, the transit ISP network option gives you a cost optimized choice with performance predominantly dominated by transit ISP. These routing options are also referred to as cold potato and hot potato routing respectively.
Routing via the premium Microsoft global network
Routing via Microsoft global network is the default choice for all Azure traffic. When you route your internet bound traffic through the Microsoft global network, your traffic from Azure is delivered over one of the largest networks on the globe spanning over 165,000 miles of optical fiber with over 180 edge points of presence (PoPs). The global network is well provisioned with redundant fiber paths to handle multiple simultaneous failures. The optical fibers are fully owned or leased by Microsoft and all traffic between Azure datacenters within a region or across regions is automatically encrypted at the physical layer.
The traffic engineering is managed by a range of software-defined networking (SDN) based wide area network (WAN) controls to optimize network routing and achieve unparalleled network quality of service. Besides Azure, the Azure global network also powers some of the largest enterprise and consumer services in the world that exist today—Microsoft Office 365, Windows, Teams, Dynamics 365, Xbox, Bing, Azure Active Directory, and mission-critical services from thousands of our enterprise customers.
User traffic enters Azure global network through strategically placed Microsoft edge points of presence (PoPs). Ingress traffic from users is accepted closest to the user and traversed on Microsoft global network to resources hosted in Azure. The egress traffic from Azure follows the same routing principle and exits the Microsoft network closest to the user. By accepting and delivering the traffic to the point closest to user, we provide users with a better network experience with optimal performance.
Routing via the Internet with transit ISP network
Choice matters when it comes to optimizing your workloads in the cloud. Your workloads may have varied requirements differing in performance, security, and cost efficiency. You may prefer a cost optimized alternative of carrying your traffic for some of your use cases. While Microsoft will always default to the best performing and most secure option of carrying the traffic across our global network from source to destination, the new competitive egress tier adds a second option for solutions that do not require the premium predictability and performance of Microsoft’s global network. Instead, it will allow the routing of traffic to the Internet via transit ISP network.
Configure routing preference for your resources
You can select your preferred routing when creating a public IP address and then associate it to resources such as virtual machines (VMs), internet-facing load balancers, and more. You can also add the routing preference, “Internet routing” for storage accounts that give an additional endpoint to access services such as blobs, files, web, and Azure Data Lakes over the Internet.
Get more flexibility with both routing choices enabled
It gets even better with the flexibility of enabling both routing options for the same resource. For example, you can have both routing choices enabled for your virtual machines with one public IP routed via Microsoft global network, and another one routed via ISP network.
You can also configure both routing choices for your load balancer scenarios for internet-facing frontend IPs.
You can also publish route-specific endpoints for your storage account. For example, publishing an internet route-specific endpoint for the storage account ‘mystorageaccount’ will publish the second end point to route via the transit ISP network as shown below.
Configuring routing preference gives you the flexibility to optimize your internet bound traffic either for premium network performance or for cost. Egress data transfer price varies based on your routing preference choice. Routing via ISP network is a cost optimized option. You can see the pricing for both options in the Original Postricing/details/bandwidth/" target="_blank" rel="noreferrer noopener">Azure bandwidth pricing page.
We did a performance comparison using ThousandEyes monitoring across multiple global locations, accessing Azure Virtual Machines. The average round-trip latency was measured over a period of 30 days. As expected, routing via Microsoft’s network provides the best latency, with the gap between the two further widening with cross-continent traffic. The choice of best scheme, price, and performance is ultimately yours.
Please check out the documentation on routing preference on our website to learn more about the service.