Free Microsoft Azure AZ-700 Actual Exam Questions - Question 12 Discussion
(SD-WAN). The SD-WAN uses
BGP.
You have an Azure subscription that contains 20 virtual networks configured as a hub and spoke
topology. The topology contains a hub virtual network named Vnetl.
The virtual networks connect to the SD-WAN by using a network virtual appliance (NVA) in Vnetl.
You need to ensure that BGP route advertisements will propagate between the virtual networks and
the SD-WAN. The solution must minimize administrative effort
What should you implement?
D imo. Azure Route Server makes BGP route sharing seamless between your VNets and the SD-WAN via the NVA without having to manage individual BGP sessions on multiple VPN gateways. Since the question mentions minimizing admin effort, Route Server fits best because it automates route propagation. A could work but managing 40 branches plus 20 VNets with individual VPN gateways sounds like a nightmare. B and C don’t handle routing in this context, so they can be ruled out pretty quickly.
I’m thinking option A could be tricky since you'd have to manage BGP sessions on each VPN gateway, which might increase admin overhead. Does the NVA even support direct BGP peering with Route Server in option D?
It’s D. Azure Route Server is specifically built to exchange BGP routes dynamically between VNets and NVAs without complex manual route configuration, which matches the need to minimize admin effort. Unlike option A, which would require setting up a VPN Gateway and managing BGP sessions manually, Route Server handles route propagation automatically. Since the SD-WAN is already using BGP, Route Server can integrate smoothly if the NVA supports it. Options B and C don’t deal with BGP route sharing at all, so they’re not relevant here.
D Azure Route Server is designed to simplify route management by automatically sharing BGP routes between VNets and network appliances, which suits this scenario well. It reduces admin overhead since you don’t have to manually configure each route on the NVA or set up multiple VPN gateways. The key is that your NVA must support BGP peering with the Route Server, but assuming it does, this is the cleanest and most scalable approach compared to setting up a separate VPN Gateway with BGP enabled. Options B and C don’t fit the routing requirements here.
D Route Server definitely helps with automating BGP route sharing across VNets and the SD-WAN, cutting down manual work. The NVA can peer with Route Server to propagate routes easily without extra VPN setup.
Option D still, since Azure Route Server simplifies BGP route sharing without extra config.
Maybe D makes the most sense here since Azure Route Server can help automate route propagation with BGP across your networks without manual updates. Curious if anyone thinks A would be simpler though?