{"id":1041,"date":"2022-11-09T17:48:08","date_gmt":"2022-11-09T22:48:08","guid":{"rendered":"https:\/\/cloudlearning365.com\/?p=1041"},"modified":"2023-01-10T15:08:40","modified_gmt":"2023-01-10T20:08:40","slug":"express-route-to-aviatrix-transit-option-2","status":"publish","type":"post","link":"https:\/\/cloudlearning365.com\/?p=1041","title":{"rendered":"Express Route to Aviatrix Transit \u2013 Option 2"},"content":{"rendered":"\n<p>In the last blog post: <a href=\"https:\/\/cloudlearning365.com\/?p=886\">Express Route to Aviatrix Transit \u2013 Option 1<\/a>, we have discussed how to use BGP over IPSec as overlay from customer on-premise devices to Aviatrix Transit Gateways. This solution have these two constrains:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><mark>Each IPSec tunnel have 1.25G throughput limit<\/mark><\/li>\n\n\n\n<li><mark>Azure only support IPSec, not GRE as tunneling protocol<\/mark><\/li>\n<\/ul>\n\n\n\n<p>For customer have larger ExpressRoute circuit such as 5Gbps or 10Gbps and above, but doesn&#8217;t have encryption requirement or on-premise devices isn&#8217;t capable IPSec, option 1 isn&#8217;t ideal. In this blog, I will discuss the architecture to connect to Aviatrix Transit and utilize the full ExpressRoute bandwidth.<\/p>\n\n\n\n<p>In following architecture diagram:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Aviatrix Controller must be 6.8 and above to support Multi-Peer BGPoLAN for Azure Route Server. Azure Route Server require full-mesh peering to avoid single point of failure, which would result in black-hole in traffic flow.<\/li>\n\n\n\n<li>Aviatrix Transit Gateway must have Insane Mode (High Performance Encryption HPE) enabled, as well as BGP Over LAN enabled.\n<ul class=\"wp-block-list\">\n<li>Aviatrix Controller allows &#8220;Propagate gateway route&#8221;, only on the BGP over LAN interface subnet route table.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>The on-premise to ExpressRoute circuit private peering is similar to <a href=\"https:\/\/cloudlearning365.com\/?p=886\">Express Route to Aviatrix Transit \u2013 Option 1<\/a><\/li>\n\n\n\n<li>Instead of deploying ExpressRoute Gateway (ERGW) inside of Aviatrix Transit vNet, we need to create a separate vNet to house ERGW and Azure Route Server (ARS)\n<ul class=\"wp-block-list\">\n<li>When native vNet peering been used between Spoke to Aviatrix Transit, if ARS is in the same Aviatrix Transit vNet, traffic from spoke to on-premise will bypass Aviatrix Transit gateway, as more specific route from on-premise will be inserted by ERGW point to ERGW, where Aviatrix programs less specific RFC1918 routes point to Aviatrix Transit<\/li>\n\n\n\n<li>This would apply also to HPE enabled Aviatrix Spoke, as when HPE is enabled, native vNet peering is been used as underlay to build multiple tunnels between Aviatrix Spoke Gateway to Aviatrix Transit Gateways.<\/li>\n\n\n\n<li>From Aviatrix Transit vNet created a vNet peering with ARS_ERGW_VNet, and enabled use_remote_gateways. This will enable ERGW to propagate learned route to Transit vNet<\/li>\n\n\n\n<li>From ARS_ERGW_VNet vNet created a vNet peering with Aviatrix Transit vNet, and enabled allow_gateway_transit.<\/li>\n\n\n\n<li>vNet peering is subject to $0.01 per GB for both inbound and outbound data transfer.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Multi-hop eBGP is enabled between ARS and Aviatrix Transit Gateway<\/li>\n\n\n\n<li>ARS requires dedicated RouteServerSubnet subnet, \/27 or above, cannot have UDR or Network Security Group (NSG) attached<\/li>\n\n\n\n<li>ERGW requires dedicated GatewaySubnet subnet, \/27 or above, cannot have UDR or Network Security Group (NSG) attached<\/li>\n\n\n\n<li>Branch to Branch must be enabled on ARS to exchange routes between ARS and ERGW<\/li>\n\n\n\n<li>ARS Support 8 BGP peers, each peer support up to 1000 routes<\/li>\n\n\n\n<li><mark>ARS can only exchange up to 200 routes with ERGW<\/mark><\/li>\n\n\n\n<li>ARS is a route reflector, and it&#8217;s not in traffic path.<\/li>\n\n\n\n<li>ARS Cost: $0.45USD\/hour or $324 USD per month, and for a service that\u2019s not in data path, it\u2019s not cheap<\/li>\n\n\n\n<li>When you create or delete an Azure Route Server from a virtual network that contains a Virtual Network Gateway (ExpressRoute or VPN), expect downtime until the operation complete.&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/route-server\/expressroute-vpn-support\">Reference Link<\/a><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"427\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/ER-to-Aviatrix-Transit-Options-Option2-1-427x1024.png\" alt=\"\" class=\"wp-image-1042\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/ER-to-Aviatrix-Transit-Options-Option2-1-427x1024.png 427w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/ER-to-Aviatrix-Transit-Options-Option2-1-125x300.png 125w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/ER-to-Aviatrix-Transit-Options-Option2-1-768x1840.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/ER-to-Aviatrix-Transit-Options-Option2-1-641x1536.png 641w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/ER-to-Aviatrix-Transit-Options-Option2-1.png 808w\" sizes=\"auto, (max-width: 427px) 100vw, 427px\" \/><\/figure>\n\n\n\n<!--more-->\n\n\n\n<h2 class=\"wp-block-heading\">Aviatrix Spoke, Transit and ARS\/ERGW deployment<\/h2>\n\n\n\n<p>I&#8217;m using following Terraform code to deploy Aviatrix Transit with HPE and BGP over LAN enabled, deploy Aviatrix Spoke and attach to transit, create separate vNet for ARS and ERGW, create ARS and ERGW, create vNet peering between Aviatrix Transit vNet and ARS\/ERGW vNet, create BGPoverLAN connection between Aviatrix Transit Gateway and ARS<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Deploy Aviatrix Transit vNet and Transit Gateways\nmodule \"transit\" {\n  source  = \"terraform-aviatrix-modules\/mc-transit\/aviatrix\"\n  version = \"2.3.1\"\n  \n  cloud   = \"Azure\"\n  region  = \"West US\"\n  cidr    = \"10.0.16.0\/23\"\n  account = \"azure-test-jye\"\n\n  local_as_number          = 65001\n  insane_mode              = true\n  enable_bgp_over_lan      = true\n  bgp_lan_interfaces_count = 1\n  instance_size            = \"Standard_D4_v2\"\n  az_support = false\n  name = \"transit\"\n  gw_name = \"transit\"\n  resource_group = \"ER-LAB\"\n}\n\n# Deploy Aviatrix Spoke vNet and Spoke Gateways, then attach to Transit\nmodule \"mc-spoke\" {\n  source  = \"terraform-aviatrix-modules\/mc-spoke\/aviatrix\"\n  version = \"1.4.1\"\n  cloud   = \"Azure\"\n  region  = \"West US\"\n  cidr    = \"10.0.32.0\/24\"\n  account = \"azure-test-jye\"\n  transit_gw = module.transit.transit_gateway.gw_name\n  name = \"spoke\"\n  az_support = false\n}\n\n# Deploy ARS and ERGW, and create BGP over LAN connection between Aviatrix Transit GW and ARS\nmodule \"azure_route_server\" {\n  source  = \"terraform-aviatrix-modules\/azure-route-server\/aviatrix\"\n  version = \"1.0.1\"\n\n  name             = \"ars\"\n  transit_vnet_obj = module.transit.vpc\n  transit_gw_obj   = module.transit.transit_gateway\n  cidr             = \"10.0.10.0\/24\"\n  resource_group_name = module.transit.vpc.resource_group\n}<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">ER Circuit, connection and on-premise router configuration<\/h2>\n\n\n\n<p>This part is very similar to <a href=\"https:\/\/cloudlearning365.com\/?p=886\">Express Route to Aviatrix Transit \u2013 Option 1<\/a><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create ExpressRoute circuit and have it provisioned with provider<\/li>\n\n\n\n<li>Create private BGP peering between ER circuit Microsoft Enterprise Edge route and on-premise device<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"892\" height=\"693\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-78.png\" alt=\"\" class=\"wp-image-1059\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-78.png 892w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-78-300x233.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-78-768x597.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-78-386x300.png 386w\" sizes=\"auto, (max-width: 892px) 100vw, 892px\" \/><\/figure>\n\n\n\n<p>On-premise router configuration peering with MSEE<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>GigabitEthernet0\/0\/0.803 169.254.80.81 is connected to on customer side primary link subnet 169.254.80.80\/30<\/li>\n\n\n\n<li>Loopback is created for testing connectivity from cloud, we only advertise the loopback towards ER<\/li>\n\n\n\n<li>BGP session create towards MSEE 169.254.80.82, note ER always use ASN 12076<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>interface GigabitEthernet0\/0\/0.803\n description to be connected to an Azure ER circuit\n encapsulation dot1Q 803\n ip address 169.254.80.81 255.255.255.252\n\ninterface Loopback88\n ip address 192.168.88.88 255.255.255.255\n\nrouter bgp 65000\n bgp log-neighbor-changes\n neighbor 169.254.80.82 remote-as 12076\n neighbor 169.254.80.82 description Express Route\n !\n address-family ipv4\n  network 192.168.88.88 mask 255.255.255.255\n  neighbor 169.254.80.82 activate\n  neighbor 169.254.80.82 soft-reconfiguration inbound\n  neighbor 169.254.80.82 prefix-list router-to-er out\n  maximum-paths 8\n exit-address-family\n\nip prefix-list router-to-er description Advertise Loopback only\nip prefix-list router-to-er seq 10 permit 192.168.88.88\/32<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create ER Circuit connection between the ER circuit and ExpressRoute Gateway (The ERGW was provisioned by above TF script)<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1008\" height=\"648\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-73.png\" alt=\"\" class=\"wp-image-1049\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-73.png 1008w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-73-300x193.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-73-768x494.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-73-467x300.png 467w\" sizes=\"auto, (max-width: 1008px) 100vw, 1008px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1015\" height=\"478\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-74.png\" alt=\"\" class=\"wp-image-1050\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-74.png 1015w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-74-300x141.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-74-768x362.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-74-500x235.png 500w\" sizes=\"auto, (max-width: 1015px) 100vw, 1015px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">If you want to create the Aviatrix Gateway BGP over LAN to ARS manually:<\/h2>\n\n\n\n<p>Note down ARS ASN and peering IP<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"396\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-75-1024x396.png\" alt=\"\" class=\"wp-image-1056\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-75-1024x396.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-75-300x116.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-75-768x297.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-75-500x193.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-75.png 1417w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Note down Aviatrix Transit GW BPG over LAN interface IP, note this interface may not be eth1, as if you enabled Transit FireNet which will create two additional interfaces, this could push the BGP over LAN interface to eth3<\/p>\n\n\n\n<p>Azure Portal -&gt; Primary Transit Gateway -&gt; Networking -&gt; find bgp_lan interface, and note down it&#8217;s private IP, eg: 10.0.16.68<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"457\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76-1024x457.png\" alt=\"\" class=\"wp-image-1057\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76-1024x457.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76-300x134.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76-768x343.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76-1536x686.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76-500x223.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-76.png 1790w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p> Azure Portal -&gt; HA Transit Gateway -&gt; Networking -&gt; find bgp_lan interface, and note down it&#8217;s private IP, eg: 10.0.16.76<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"254\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77-1024x254.png\" alt=\"\" class=\"wp-image-1058\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77-1024x254.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77-300x74.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77-768x190.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77-1536x380.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77-500x124.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-77.png 1793w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Obtain Aviatrix Transit Gateway ASN, Multi-Cloud Transit -&gt; Advanced -&gt; Select Transit GW -&gt; Local AS Number. Note it down or if it&#8217;s not set, make sure to set it and avoid conflict with your existing ASN or <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/vpn-gateway\/vpn-gateway-bgp-overview#what-asns-autonomous-system-numbers-can-i-use\">Azure reserved ASNs<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"792\" height=\"553\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-81.png\" alt=\"\" class=\"wp-image-1063\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-81.png 792w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-81-300x209.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-81-768x536.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-81-430x300.png 430w\" sizes=\"auto, (max-width: 792px) 100vw, 792px\" \/><\/figure>\n\n\n\n<p>Config peering in ARS. The example shows you the two peering with Primary and HA Aviatrix Transit Gateways, using Aviatrix Transit Gateway Name, ASN of Aviatrix Transit Gateway, and corresponding bgp_lan interface private IPs noted earlier<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"347\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80-1024x347.png\" alt=\"\" class=\"wp-image-1062\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80-1024x347.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80-300x102.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80-768x260.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80-1536x521.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80-500x170.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-80.png 1604w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Aviatrix Controller -&gt; Multi-Cloud Transit -&gt; Setup -&gt; External connections -&gt;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Select External device, BGP, LAN<\/li>\n\n\n\n<li>Select Transit vNet<\/li>\n\n\n\n<li><span style=\"text-decoration: underline;\">Enable Remote Gateway HA<\/span> <strong>AND <\/strong>enable <span style=\"text-decoration: underline;\">BGP Activemesh<\/span>  (ARS requires full mesh BGP)<\/li>\n\n\n\n<li>Remote BGP AS Number and Remote BGP AS Number (Backup) both 65515 (ARS static ASN as noted earlier)<\/li>\n\n\n\n<li>Provide ARS peering IP noted earlier in Remote LAN IP and Remote LAN IP (Backup)<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"739\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-1024x739.png\" alt=\"\" class=\"wp-image-1064\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-1024x739.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-300x216.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-768x554.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-1536x1108.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-2048x1478.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-82-416x300.png 416w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Validation<\/h2>\n\n\n\n<p>Aviatrix Controller -&gt; Site2Cloud -&gt; Setup, you should observe the S2C connection is up<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"249\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84-1024x249.png\" alt=\"\" class=\"wp-image-1067\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84-1024x249.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84-300x73.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84-768x186.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84-1536x373.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84-500x121.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-84.png 1948w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Aviatrix Controller -&gt; Multi-Cloud Transit -&gt; BGP -&gt; Diagnostics -&gt; select Transit GW and run show ip bgp, we can see on-prem route 192.168.88.88 learned with proper AS Path: 65515 (ARS\/ERGW), 12076 (ER private peering MSEE), 65000 (On-prem router)<\/p>\n\n\n\n<p>10.0.10.0\/24 is ARS\/ERGW vNet and 10.0.16.0\/23 is Aviatrix Transit vNet<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"555\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-83-1024x555.png\" alt=\"\" class=\"wp-image-1066\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-83-1024x555.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-83-300x163.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-83-768x416.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-83-500x271.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-83.png 1532w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>We can also observe the same from CoPilot -&gt; Troubleshoot -&gt; Cloud Routes -&gt; Site2Cloud. Note how a full mesh tunnels have been established.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"381\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-1024x381.png\" alt=\"\" class=\"wp-image-1068\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-1024x381.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-300x112.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-768x286.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-1536x572.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-2048x762.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-85-500x186.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>CoPilot -&gt; Troubleshoot -&gt; Cloud Routes -&gt; BGP Info -&gt; Learned CIDR<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"285\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-1024x285.png\" alt=\"\" class=\"wp-image-1069\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-1024x285.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-300x84.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-768x214.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-1536x428.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-2048x570.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-86-500x139.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>CoPilot -&gt; Troubleshoot -&gt; Cloud Routes -&gt; BGP Info -&gt; Advertised CIDR<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"402\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-1024x402.png\" alt=\"\" class=\"wp-image-1070\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-1024x402.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-300x118.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-768x301.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-1536x603.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-2048x804.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-87-500x196.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>On-premise router have the spoke route 10.0.32.0\/24 been advertised<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>show ip bgp\nBGP table version is 53, local router ID is 192.168.77.1\nStatus codes: s suppressed, d damped, h history, * valid, &gt; best, i - internal,\nr RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,\nx best-external, a additional-path, c RIB-compressed,\nt secondary path, L long-lived-stale,\nOrigin codes: i - IGP, e - EGP, ? - incomplete\nRPKI validation codes: V valid, I invalid, N Not found\n\n Network          Next Hop            Metric LocPrf Weight Path\n\n*&gt; 10.0.10.0\/24 169.254.80.82 0 12076 i\n*&gt; 10.0.16.0\/23 169.254.80.82 0 12076 i\n<mark style=\"background-color:#e2e2e2\" class=\"has-inline-color\">*&gt; 10.0.32.0\/24 169.254.80.82 0 12076 i<\/mark>\n*&gt; 10.1.30.10\/32 0.0.0.0 0 32768 i\n*&gt; 10.1.31.0\/24 0.0.0.0 0 32768 i\n*&gt; 10.1.32.0\/24 0.0.0.0 0 32768 i\n*&gt; 192.168.88.88\/32 0.0.0.0 0 32768 i<\/code><\/pre>\n\n\n\n<p>Logon to a VM in the spoke vNet and ping the on-premise router loopback<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"478\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-88-1024x478.png\" alt=\"\" class=\"wp-image-1071\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-88-1024x478.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-88-300x140.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-88-768x358.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-88-500x233.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-88.png 1339w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Traceroute towards on-premise router loopback<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>10.0.32.5 is spoke gateway<\/li>\n\n\n\n<li>10.0.17.196 is transit gateway<\/li>\n\n\n\n<li>10.0.10.4 is ERGW<\/li>\n\n\n\n<li>168.254.80.81 is on-premise router interface that connected to MSEE peering<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"174\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-89.png\" alt=\"\" class=\"wp-image-1072\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-89.png 800w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-89-300x65.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-89-768x167.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-89-500x109.png 500w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Packet walk through<\/h2>\n\n\n\n<p>When spoke VM 10.0.32.20 tried to reach on-premise router loopback 192.168.88.88. VM itself will use it&#8217;s default route sending via eth0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"139\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-90-1024x139.png\" alt=\"\" class=\"wp-image-1073\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-90-1024x139.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-90-300x41.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-90-768x104.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-90-500x68.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-90.png 1093w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>VM route table send to spoke gateway via controller programed RFC1918 routes<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"753\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91-1024x753.png\" alt=\"\" class=\"wp-image-1074\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91-1024x753.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91-300x221.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91-768x565.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91-1536x1129.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91-408x300.png 408w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-91.png 1790w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Spoke HA gateway has IP 10.0.32.5<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"599\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-92-1024x599.png\" alt=\"\" class=\"wp-image-1075\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-92-1024x599.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-92-300x176.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-92-768x449.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-92-500x293.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-92.png 1046w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In spoke gateway route table, we can see it&#8217;s ending to Transit Gateways via IPSec tunnel, also there&#8217;s an alternative route via primary spoke GW.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"390\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93-1024x390.png\" alt=\"\" class=\"wp-image-1076\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93-1024x390.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93-300x114.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93-768x293.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93-1536x586.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93-500x191.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-93.png 1807w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Transit GW route table, shows it will send out via eth1 (we noted earlier this is bgp_lan interface), with next hop IP of 10.0.16.65 and 10.0.16.73.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"679\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-94-1024x679.png\" alt=\"\" class=\"wp-image-1077\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-94-1024x679.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-94-300x199.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-94-768x509.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-94-452x300.png 452w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-94.png 1475w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>10.0.16.65 is Azure subnet router of subnet 10.0.16.64\/29<br>10.0.16.73 is Azure subnet router of subnet 10.0.16.72\/29<\/p>\n\n\n\n<p>So this traffic be subject to effective route of eth1 (Reminder, as mentioned before, not always eth1, could be eth3 if Transit FireNet enabled)<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"431\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95-1024x431.png\" alt=\"\" class=\"wp-image-1078\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95-1024x431.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95-300x126.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95-768x323.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95-1536x646.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95-500x210.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-95.png 1859w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Effective route of Primary Transit GW, 192.168.88.88\/32 next hop type of Virtual Network Gateway point to 10.3.129.70. This is MSEE router that you don&#8217;t have control with. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96-1024x683.png\" alt=\"\" class=\"wp-image-1079\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96-1024x683.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96-300x200.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96-768x513.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96-1536x1025.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96-450x300.png 450w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-96.png 1897w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"628\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97-1024x628.png\" alt=\"\" class=\"wp-image-1080\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97-1024x628.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97-300x184.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97-768x471.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97-1536x942.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97-489x300.png 489w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-97.png 1960w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>At this point, the only next visibility point would be from the ER Circuit Private Peering route table<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"390\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99-1024x390.png\" alt=\"\" class=\"wp-image-1082\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99-1024x390.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99-300x114.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99-768x293.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99-1536x585.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99-500x191.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-99.png 1808w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"544\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-100-1024x544.png\" alt=\"\" class=\"wp-image-1083\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-100-1024x544.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-100-300x159.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-100-768x408.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-100-500x266.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/11\/image-100.png 1143w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Is there another method to connect to Aviatrix Transit if we need:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Encryption all the way from vNet to on-premise<\/li>\n\n\n\n<li>Enjoy full bandwidth of ExpressRoute without the IPSec limits<\/li>\n\n\n\n<li>Provide enterprise grade visibility, monitoring and troubleshooting ability for mission critical workloads.<\/li>\n<\/ul>\n\n\n\n<p>Stay tunned for next blog<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Note<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In current Aviatrix implementation of ARS with Aviatrix Transit BGP multi-peer, we used previous BGP over LAN workflow, which were meant to be use to integrate with SD-WAN appliances. In previous workflow, we program bgp_lan subnet route table to have 0\/0 point to BGP peer&#8217;s IP address. Since this workflow is inherited with ARS integration, it will program 0\/0 point to ARS instance. If on-premise network is advertising 0\/0 route towards ER, the UDR&#8217;s default route will force cloud to internet traffic going through ARS, while ARS will use it&#8217;s own route table to redirect the traffic to Express Route Gateway, the ARS isn&#8217;t been designed to handle the bandwidth of Express Route. The workaround would be remove the 0\/0 UDR from bgp_lan route table, and place a lock on the route table to prevent modification until Aviatrix will release a fix.<\/li>\n\n\n\n<li>If one of the Aviatrix Transit Gateway goes down,  as long as remaining Aviatrix Transit Gateway kept BGP peer with the two Azure Route Server Instances, the connectivity will remain. When both ARS instances are UP, they are expecting to receive the same routes. As such as cannot simulate an single ARS instance outage from Aviatrix side, by blocking traffic to a single ARS instance from both Transits.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>In the last blog post: Express Route to Aviatrix Transit \u2013 Option 1, we have discussed how to use BGP over IPSec as overlay from customer on-premise devices to Aviatrix Transit Gateways. This solution have these two constrains: For customer &hellip; <a href=\"https:\/\/cloudlearning365.com\/?p=1041\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,4],"tags":[],"class_list":["post-1041","post","type-post","status-publish","format-standard","hentry","category-aviatrix","category-azure"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1041","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1041"}],"version-history":[{"count":16,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1041\/revisions"}],"predecessor-version":[{"id":1098,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1041\/revisions\/1098"}],"wp:attachment":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1041"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1041"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1041"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}