Exam AZ-304 topic 4 question 30 discussion

Both are BGP and heres why from the link provided in the answer it is clearly stated that UDRs are used for S2S VPN while BGP is used for Express Route. "Forced tunneling in Azure is configured using virtual network custom user-defined routes. Redirecting traffic to an on-premises site is expressed as a Default Route to the Azure VPN gateway." 2 paragrpahs down from that section: "ExpressRoute forced tunneling is not configured via this mechanism, but instead, is enabled by advertising a default route via the ExpressRoute BGP peering sessions. " Answer: BGP, BGP

Using an ExpressRoute circuit will use the BPG routes to go out to the Internet. https://purple.telstra.com/blog/forced-tunnelling-azure#:~:text=Microsoft%20Azure%20offers%20a%20feature,connection%20or%20an%20ExpressRoute%20circuit. Microsoft does not support any router redundancy protocols (for example, HSRP, VRRP) for high availability configurations. We rely on a redundant pair of BGP sessions per peering for high availability. https://docs.microsoft.com/en-us/azure/expressroute/expressroute-routing

answer: default routes, BGP when you are configuring BGP to force outbound connections to on premise you are changing BGP default routes, why default routes is not an option here? Default routes makes more sense to me than just saying BGP

The first Question should be BGP, as stated below ExpressRoute forced tunneling is not configured via this mechanism, but instead, is enabled by advertising a default route via the ExpressRoute BGP peering sessions. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm#requirements-and-considerations Question 2 is BGP also.

2nd question is BGP for sure, but I would choose User-Defined Route for 1st question. When we ensure Azure gateway is using BGP. An on-premises network gateway can exchange routes with an Azure virtual network gateway using the border gateway protocol (BGP). For expressroute, you must use BGP to advertise on-premises routes to the Microsoft Edge router. Do NOT be confused with this statement. It's traffic from on-prem to azure. You can use user-defined routes for forcing traffic from the Express Route to, for example, a Network Virtual Appliance. This one is for redirect traffic from Azure to on-prem then go to Internet. With the next hop type for the route with the 0.0.0.0/0 address prefix is Internet, the traffic will go to internet. ref: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview

BGP for both

https://docs.microsoft.com/en-us/azure/expressroute/expressroute-routing Microsoft does not support any router redundancy protocols (for example, HSRP, VRRP) for high availability configurations. We rely on a redundant pair of BGP sessions per peering for high availability. BGP for both

It was discussed before. https://www.examtopics.com/discussions/microsoft/view/6100-exam-az-301-topic-4-question-7-discussion/ The first one is BGP. check it out here https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm The link is about S-S VPN with forced tunnel. The UDR is used. But for ExpressRoute, URD could not be used. "ExpressRoute forced tunneling is not configured via this mechanism, but instead, is enabled by advertising a default route via the ExpressRoute BGP peering sessions. "