Step-by-Step: User-Defined Routing in the Cloud with Azure Resource Manager and Azure PowerShell 1.0 Preview

Custom IP routing topologies on Azure Virtual Networks have been available for several months via native User-Defined Routing (UDR) and IP Forwarding features.  However, recently I’ve been receiving questions on how to configure IP forwarding and user-defined routes via the new Azure Resource Manager (ARM) API. 

In this article, we’ll step through a set of PowerShell snippets that walk-through the entire end-to-end process of using the new Azure PowerShell 1.0 Preview module cmdlets for ARM to implement user-defined routing for the front-end subnet pictured above.

# Sign-in with Azure account credentials

Login-AzureRmAccount

# Select Azure Subscription

$subscriptionId =
(Get-AzureRmSubscription |
Out-GridView `
-Title "Select an Azure Subscription ..." `
-PassThru).SubscriptionId

Select-AzureRmSubscription `
-SubscriptionId $subscriptionId

# First time only - register ARM core resource providers

Register-AzureRmResourceProvider `
-ProviderNamespace Microsoft.Compute

Register-AzureRmResourceProvider `
-ProviderNamespace Microsoft.Storage

Register-AzureRmResourceProvider `
-ProviderNamespace Microsoft.Network

Get-AzureRmResourceProvider |
Select-Object `
-Property ProviderNamespace `
-ExpandProperty ResourceTypes

# Select Resource Group in which existing VNET is provisioned

$rgName =
(Get-AzureRmResourceGroup |
Out-GridView `
-Title "Select an Azure Resource Group ..." `
-PassThru).ResourceGroupName

# Select Azure VNET and Location on which to enable UDR

$vnetName =
(Get-AzureRmVirtualNetwork `
-ResourceGroupName $rgName).Name |
Out-GridView `
-Title "Select an Azure VNET ..." `
-PassThru

$vnet = Get-AzureRmVirtualNetwork `
-ResourceGroupName $rgName `
-Name $vnetName

$location = $vnet.Location

# Select Azure Subnet on which to enable UDR

$subnetName =
$vnet.Subnets.Name |
Out-GridView `
-Title "Select an Azure Subnet ..." `
-PassThru

$subnet = $vnet.Subnets |
Where-Object Name -eq $subnetName

# Create new UDR table

$routeTableName = "frontendroutetable"

$routeTable = New-AzureRmRouteTable `
-Name $routeTableName `
-ResourceGroupName $rgName `
-Location $location

# Add a route to the UDR Table

$routeName = "frontendroute"

$routeTable |
Add-AzureRmRouteConfig `
-Name $routeName `
-AddressPrefix "192.168.2.0/24" `
-NextHopType VirtualAppliance `
-NextHopIpAddress "192.168.0.101" |
Set-AzureRmRouteTable

# Assign UDR table to selected subnet

Set-AzureRmVirtualNetworkSubnetConfig `
-VirtualNetwork $vnet `
-Name $subnetName `
-AddressPrefix $subnet.AddressPrefix `
-RouteTableId $routeTable.Id |
Set-AzureRmVirtualNetwork

# Confirm UDR table is provisioned and assigned to subnet

Get-AzureRmRouteTable `
-ResourceGroupName $rgName `
-Name $routeTableName

# Configure “Appliance” VM for IP Forwarding on each NIC

$vmName =
(Get-AzureRmVM -ResourceGroupName $rgName).Name |
Out-GridView `
-Title "Select a VM to configure forwarding ..." `
-PassThru

$nicName =
((Get-AzureRmVM `
-ResourceGroupName $rgName `
-Name $vmName).NetworkInterfaceIDs).Split("/")[-1] |
Out-GridView `
-Title "Select a NIC to configure forwarding ..." `
-PassThru

$nicConfig =
Get-AzureRmNetworkInterface `
-ResourceGroupName $rgName `
-Name $nicName

$nicConfig.EnableIPForwarding = $true

$nicConfig | Set-AzureRmNetworkInterface

See you in the Clouds!

- Keith