topic Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515 in Cloud Firewall

really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 03:56:11 GMT

Working on Cloudguard with Azure express route

What do the IPs in red point to ?

Know it is Azure related ? But no one in Azure answers. Here there are lots of experts.

thanks !!

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Alex- — Sat, 15 Jun 2024 09:37:05 GMT

Seems to be the BGP Peering Addresses of the Azure peer, like a Router or VPN Gateway.

On Check Point, this would be the router-id.

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 11:40:03 GMT

@Alex- is 100% right. If you look at 3rd column, shows 65535, which in your case would be AS number.

Andy

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 15:28:18 GMT

Here is the link related to this question ?

I do not know what peers these IPs in red point to ?

These IPs should be within GatewaySubnet, 65515 is MS reserved internal ASN.

Are they virtual network gateway IPs ? If yes, we have 3 IPs in our environment. why ?
When a virtual network gateway is deployed, MS deploys two by default, right ?

thanks a lot !!

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 15:42:08 GMT

What is BGP peer |P?

Andy

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 17:55:15 GMT

That is my question. This is more Azure related question. I posed this in Azure community and no one answer. I am trying some luck here as more helpers are here.

We are deploying cloudguard in Azure. I am digging some details in order to understand the cloud environment.

I searched the internet for 2 days without any luck. The link above is the only thing I found which displays the routing table.

In our express routing table, the next-hop even has 3 IPs. I do not know where they point .

Hopefully, Gustavo Coronel and shay Levin can shed some light here. 🙂 I watched their many nice videos.
thanks !!

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 17:50:24 GMT

K, I see what you are saying now. Not sure what sort of support leven you have for Azure, but it might be worth opening case with their support to confirm.

Just a thought...

Andy

I will keep checking myself as well to see if I can find anything for you.

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 17:56:50 GMT

K, just had more careful look at this. I mean, could it be as simple as below?

Andy

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 17:59:19 GMT

thanks so much !!!

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 18:08:08 GMT

I guess those next-hop IPs are network virtual gateway. Like to get confirmation from some experts. Also how do we have three ?

Some MS docs mention:
"The Azure gateway subnet is needed by Azure to host the two virtual machines of your Azure gateway"

"A virtual network gateway is composed of two or more Azure-managed VMs that are automatically configured and deployed to a specific subnet that you create called the gateway subnet. The gateway VMs contain routing tables and run specific gateway services."

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 18:19:38 GMT

https://learn.microsoft.com/bs-latn-ba/azure/network-watcher/next-hop-overview

https://learn.microsoft.com/en-us/azure/network-watcher/next-hop-overview

https://www.tufin.com/blog/demystifying-azure-route-table

.12 hops all seem to have * beside them, whatever that means, most likely its DIRECTLY CONNECTED, as per below in the lab

[Expert@CP-STANDALONE:0]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.16.10.1 0.0.0.0 UG 0 0 0 eth0
172.16.10.0 * 255.255.255.0 U 0 0 0 eth0
192.168.10.0 * 255.255.255.0 U 0 0 0 eth1
\[Expert@CP-STANDALONE:0]# clish
CLINFR0771 Config lock is owned by admin. Use the command 'lock database override' to acquire the lock.
CP-STANDALONE> show route
Codes: C - Connected, S - Static, R - RIP, B - BGP (D - Default),
O - OSPF IntraArea (IA - InterArea, E - External, N - NSSA),
IS - IS-IS (L1 - Level 1, L2 - Level 2, IA - InterArea, E - External),
A - Aggregate, K - Kernel Remnant, H - Hidden, P - Suppressed,
NP - NAT Pool, U - Unreachable, i - Inactive

S 0.0.0.0/0 via 172.16.10.1, eth0, cost 0, age 92910
C 127.0.0.0/8 is directly connected, lo
C 172.16.10.0/24 is directly connected, eth0
external
C 192.168.10.0/24 is directly connected, eth1
internal

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 18:30:33 GMT

thanks a lot !!

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 18:32:19 GMT

No worries mate. Does that sort of makes sense?

Andy

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

Gongya_Yu — Sat, 15 Jun 2024 18:35:13 GMT

I am reading them now.
I just sent a message to my previous co-worker. He is an Azure expert working for MS.

thanks so much !!

Re: really like to know what the next-hop IP points to in Azure express route table for ASN 65515

the_rock — Sat, 15 Jun 2024 18:44:15 GMT

Sounds good!