Skip to main content
Configuring Microsoft Peering for ExpressRoute Microsoft Peering lets your on-premises network connect directly and securely to Microsoft public services—such as Microsoft 365, Dynamics 365, and many Azure public services (for example, Azure SQL Database or Cosmos DB)—over an ExpressRoute circuit. This avoids traversing the public internet, improving performance, predictability, and security for traffic to Microsoft public endpoints. What Microsoft Peering provides
  • Private connectivity to Microsoft public services over ExpressRoute.
  • BGP-based routing exchange for public prefixes between your network and Microsoft.
  • Redundancy and resiliency using primary and secondary links across the ExpressRoute circuit.
Key requirements and configuration items How to prepare and configure Microsoft Peering (high-level steps)
  1. Gather required information:
    • Public prefixes you will advertise and the IRR where they are registered.
    • Your ASN.
    • Two subnets (primary and secondary) from your public address space.
    • VLAN ID to use for this peering.
  2. Confirm prefix ownership in the routing registry (ARIN, RIPE, APNIC, etc.). Microsoft verifies this before establishing peering.
  3. In the Azure portal (https://portal.azure.com), open your ExpressRoute circuit and choose the Microsoft Peering configuration blade.
  4. Enter the ASN, primary and secondary subnets, VLAN ID, the list of prefixes to advertise, and the routing registry.
  5. Submit the configuration and wait for Microsoft to validate the prefixes and complete the peering session setup.
  6. After validation, establish BGP sessions and verify route exchange and reachability to Microsoft public services.
ExpressRoute portal UI example
The image shows a Microsoft peering configuration interface with fields for ASN, subnets, peering options, and routing registry name. Accompanying it are highlighted categories such as "Owned and Registered Subnets" and "Routing Registry Name."
Choosing between Microsoft Peering and Private Peering
Before submitting Microsoft Peering configuration, ensure the public prefixes you intend to advertise are owned by your organization and properly registered in the indicated IRR. Microsoft validates registry ownership and will not accept unregistered or incorrectly registered prefixes.
Links and references

Watch Video