Skip to main content
Azure
  • 4 min read

Architect and optimize your internet traffic with Azure routing preference

At Microsoft, we see our customers going through rapid digital transformation to accelerate business growth and empower their employees. And the shift to the digital sphere means a phenomenal growth in internet traffic.

At Microsoft, we see our customers going through rapid digital transformation to accelerate business growth and empower their employees. And the shift to the digital sphere means a phenomenal growth in internet traffic. The global pandemic has transformed the way we work and live, resulting in a further increase in digital adoption. It goes without saying that a growing number of our customers are adopting an internet-first approach.

As you move more workloads and services to Azure, we remain fully committed to adding new services and more value to empower you with more flexibility and control over your workloads to maximize performance, reliability, and cost efficiency. Today, we are announcing the general availability of Azure routing preference, a new option for you to further architect and optimize your traffic delivery between your Azure resources and clients on the Internet.

Now available in all geographies, routing preference empowers you to customize underlying routing network for your internet bound traffic to and from Azure. You can choose between routing via the Microsoft global network or routing via the Internet that uses transit Internet Service Provider (ISP) network. While the routing via Microsoft global network delivers traffic over an exceptionally reliable private global network, the transit ISP network option gives you a cost optimized choice with performance predominantly dominated by transit ISP. These routing options are also referred to as cold potato and hot potato routing respectively.

Routing via the premium Microsoft global network

Routing via Microsoft global network is the default choice for all Azure traffic. When you route your internet bound traffic through the Microsoft global network, your traffic from Azure is delivered over one of the largest networks on the globe spanning over 165,000 miles of optical fiber with over 180 edge points of presence (PoPs). The global network is well provisioned with redundant fiber paths to handle multiple simultaneous failures. The optical fibers are fully owned or leased by Microsoft and all traffic between Azure datacenters within a region or across regions is automatically encrypted at the physical layer.

Azure global network

The traffic engineering is managed by a range of software-defined networking (SDN) based wide area network (WAN) controls to optimize network routing and achieve unparalleled network quality of service. Besides Azure, the Azure global network also powers some of the largest enterprise and consumer services in the world that exist today—Microsoft Office 365, Windows, Teams, Dynamics 365, Xbox, Bing, Azure Active Directory, and mission-critical services from thousands of our enterprise customers.

User traffic enters Azure global network through strategically placed Microsoft edge points of presence (PoPs). Ingress traffic from users is accepted closest to the user and traversed on Microsoft global network to resources hosted in Azure. The egress traffic from Azure follows the same routing principle and exits the Microsoft network closest to the user. By accepting and delivering the traffic to the point closest to user, we provide users with a better network experience with optimal performance.

Route via Azure global network (cold potato routing)

Routing via the Internet with transit ISP network

Choice matters when it comes to optimizing your workloads in the cloud. Your workloads may have varied requirements differing in performance, security, and cost efficiency. You may prefer a cost optimized alternative of carrying your traffic for some of your use cases. While Microsoft will always default to the best performing and most secure option of carrying the traffic across our global network from source to destination, the new competitive egress tier adds a second option for solutions that do not require the premium predictability and performance of Microsoft’s global network. Instead, it will allow the routing of traffic to the Internet via transit ISP network.

Route via ISP network (hot potato routing)

 

Configure routing preference for your resources

You can select your preferred routing when creating a public IP address and then associate it to resources such as virtual machines (VMs), internet-facing load balancers, and more. You can also add the routing preference, “Internet routing” for storage accounts that give an additional endpoint to access services such as blobs, files, web, and Azure Data Lakes over the Internet.

Configure routing preference for Azure resources

Get more flexibility with both routing choices enabled

It gets even better with the flexibility of enabling both routing options for the same resource. For example, you can have both routing choices enabled for your virtual machines with one public IP routed via Microsoft global network, and another one routed via ISP network.

Enable both routing options for Azure VM

You can also configure both routing choices for your load balancer scenarios for internet-facing frontend IPs.

You can also publish route-specific endpoints for your storage account. For example, publishing an internet route-specific endpoint for the storage account ‘mystorageaccount’ will publish the second end point to route via the transit ISP network as shown below.

Enable both routing options for Azure Storage

Pricing

Configuring routing preference gives you the flexibility to optimize your internet bound traffic either for premium network performance or for cost. Egress data transfer price varies based on your routing preference choice. Routing via ISP network is a cost optimized option. You can see the pricing for both options in the Azure bandwidth pricing page.

Performance

We did a performance comparison using ThousandEyes monitoring across multiple global locations, accessing Azure Virtual Machines. The average round-trip latency was measured over a period of 30 days. As expected, routing via Microsoft’s network provides the best latency, with the gap between the two further widening with cross-continent traffic. The choice of best scheme, price, and performance is ultimately yours.

Thousand eyes performance.

Learn more

Please check out the documentation on routing preference on our website to learn more about the service.