Senior Customer Engineer @Microsoft Β· Azure Networking Specialist
I'm a Senior Customer Engineer at Microsoft focused mostly on Azure networking β helping enterprises design hub-and-spoke, Virtual WAN, ExpressRoute, hybrid connectivity, and SD-WAN integrations. This profile is a curated index of the hands-on labs, architecture articles, and troubleshooting toolkits I've built while working with customers. Most content is reproducible end-to-end so you can deploy, break, and learn from real Azure topologies.
π Currently exploring: AVNM Part Two Β· ExpressRoute monitoring Β· vWAN routing intent with forced tunneling π¬ Ask me about: vWAN custom routing Β· ExR Fastpath Β· ARS dual-home Β· BGP-over-IPsec Β· NAT Gateway
π£ Connect: LinkedIn Β· GitHub Β· MS Tech Community Β· Azure Networking Docs
- Labs
- Architectures
- Articles β ExpressRoute & Virtual WAN
- Articles β Networking Fundamentals
- Tools & Snippets
- Tech Stack
- BGP over IPSec Β· Blue -Yellow Isolation β Custom vHub routing with Cisco CSR branch over IPsec + BGP, with
rt_yellow/rt_blueroute table isolation - Azure Virtual Network Manager β Walk-throughs for Mesh, Hub-and-Spoke, and Hub-and-Spoke + Global Mesh
- AVNM Part Two β Advanced AVNM scenarios (work in progress)
- Route Server Dual Home β Highly available ARS across two hubs with BGP + VNet-to-VNet IPsec
- Dual vWAN Secure Hubs + BGP-over-IPsec β Dual-region secured vWAN hubs with Private Routing Intent and full bow-tie BGP-over-IPsec branches using Strongwan (Bicep / Terraform / CLI / PowerShell)
- ILB With Apache Server via Vnet Peering -Client connection over Vnet peering to an ILB with two Apache Servers in the BE. NatGW provided soley for deployment of Apache Server
- AVNM vs Hub & Spoke vs Virtual WAN β Side-by-side comparison, decision tree, cost breakdown, and a hybrid AVNM + Hub & Spoke reference architecture
- ExR Fastpath β When to use Fastpath and exactly what it bypasses
- MSEE Hairpin Design Alternatives β How to avoid the classic MSEE hairpin
- vWAN-to-vWAN Connection Options β Patterns for connecting multiple vWANs
- vWAN with ExR Bow-Tie + HRP β Dual-hub bow-tie with high-redundancy paths
- vWAN Routing Intent + Forced Tunneling β Securing internet egress with routing intent
- What is this ExR IP? β Demystifying the IPs you see on ExR resources
- vWAN Traffic Flow Patterns β Common end-to-end traffic flows through vWAN
- vWAN Routing Limits & Mitigations β Contention-point map of route limits across ER, S2S BGP, SD-WAN NVA, and VNet peering β with mitigation playbook
- Migrating off IPsec-over-ExpressRoute to ER-only β Why the IPsec overlay is the throughput chokepoint, what ER-only + FastPath buys you, and a 4-step cutover plan
- ExR Monitoring & Best Practices β Field guide for ExpressRoute monitoring, alerting, and HA/DR design (BFD, dual MSEEs, two POPs, bow-tie, FastPath)
- Network Perf in Azure β Throughput, latency, and tuning levers
- Azure IP Addressing & SNAT β Subnet sizing, pseudo-VIP, and the 3 SNAT options
- Empty VNet Trick β Advertising indirect spoke routes to on-prem
- Simple Loop Scripts β NetCat / Curl / Wget / Test-NetConnection / PSPing loop scripts for connectivity troubleshooting
- ARG Kusto Queries β A growing catalog of KQL queries for Azure Resource Graph inventory
Thanks for stopping by! β¨