Skip to main content
Index

Connect to Azure

You can create a connection between your Equinix virtual device and Azure Express Route. 

 

Click here to watch a video on how to to create a virtual device and connect to Azure using Network Edge Portal. 

Layer 2 connection to Azure

 

What do you need to create a connection? 

 

     1) A provisioned Equinix virtual device (virtualDeviceUUID) with a registered license. In case you have an optional secondary virtual device, you also need the Id of the secondary device.

     2) Authorization key from your provider. In case you have an optional secondary virtual device, you also need the authorization key of the secondary device. The two authorization keys will be the same if they belong to the same account. 

     3) Unique Id of the provider's service profile (profileUUID) and metro (sellerMetroCode) of the provider

 

If you already have all the information and authentication credentials, you can skip ahead to Step 2f and create a connection. Otherwise, go through the steps to retrieve information.

Step 1: Retrieve Microsoft Service Key

Obtain a location-specific service key via the Azure portal.

 

Step 2: Create Connection

2a) Authenticate

Submit your user credentials, Client ID, and Client Secret for OAuth2 authentication.

 

Refer to Generating a Client ID and Client Secret key section under the Getting Started section for instructions on how to create client ID and client secret and refer to Requesting Access and Refresh tokens section for instructions on how to call Oauth API to validate and authenticate your credentials.

 

If you are unaware of your user credentials for Equinix Customer Portal, contact your local Equinix Service Desk. 

 

2b) Get virtual devices

Find out your available virtual devices (UUIDs) on the NE platform by calling Get virtual devices API.

You may choose any available interface of the device for your connection. However, Equinix will select an interface if you do not specify any.

 

You may skip this step if you already know your available virtual devices.

 

2c) Get metros

Gather available metro options (metroCode) where the NE platform is available by calling Get metro  API.

 

You may skip this step if you already know the metro code where you want your device.  

 

2d) Get Service Profile

Identify all seller/service profiles available for a given metro or metros by calling Get L2 Service Profiles. You need profileUUID and sellerMetroCode to create a connection.

 

You may skip this step if you already know the service profile details.

 

2e) Get ValidateAuthorizationKey

Verify whether a connection can be established with your Azure service key and the seller profile selected in the previous step by calling Get validateAuthorizationKey API.

 

You may skip this step if you are certain that your key is authorized for creating connections with the desired service profile.

 

2f) Post Connections

POST /ne/v1/l2/connections

Method POST
URL or End Point /ne/v1/l2/connections
Headers Authorization, Content-Type
Query Parameters Not applicable
Body Parameters virtualDeviceUUID, primaryName, profileUUID, speed, speedUnit, notifications [...], purchaseOrderNumber, interfaceId, namedTag, sellerMetroCode, authorizationKey, secondaryVirtualDeviceUUID, secondaryName, secondarySpeed, secondarySpeedUnit,  secondarySellerMetroCode, secondaryInterfaceId

 

The POST connections API creates a Layer 2 Connection between your virtual device and the destination service profile. 

 

To obtain an authorization key, you may refer to Requesting Access and Refresh tokens under the Getting Started section.

 

The following screenshots show sample curl requests to create a layer 2 Azure connection for HA and non-HA virtual devices.

 

Azure Connection for a non-high availability virtual device

 

curl -X

POST "https://api.equinix.com/ne/v1/l2/connections"

-H "content-type: application/json"

-H "authorization: Bearer qwErtY8zyW1abcdefGHI"

-d '{

  "virtualDeviceUUID": "ecb215dc-0d1d-4a48-a150-aacad8d3a371",

  "primaryName": "JohnDoePrimary",

  "profileUUID": "274afb42-6d3a-4114-8f7e-717efee792ae",

  "speed": 50,

  "speedUnit": "MB",

  "notifications": [

    "JohnDoe@equinix.com"

  ],

  "purchaseOrderNumber": "4562",

  "namedTag": "Private",

  "sellerMetroCode": "DC",

  "authorizationKey": "fbc3c0e1-59e7-4bfe-b5f3-209dee6b692a",

  "interfaceId": 6

}'

 

Azure Connection for a high availability virtual device

 

curl -X

POST "https://api.equinix.com/ne/v1/l2/connections"

-H "content-type: application/json"

-H "authorization: Bearer qwErtY8zyW1abcdefGHI"

-d '{

  "virtualDeviceUUID": "ecb215dc-0d1d-4a48-a150-aacad8d3a371",

  "primaryName": "JohnDoePrimary",

  "profileUUID": "274afb42-6d3a-4114-8f7e-717efee792ae",

  "speed": 50,

  "speedUnit": "MB",

  "notifications": [

    "JohnDoe@equinix.com"

  ],

  "purchaseOrderNumber": "4562",

  "namedTag": "Private",

  "sellerMetroCode": "DC",

  "authorizationKey": "fbc3c0e1-59e7-4bfe-b5f3-209dee6b692a",

  "interfaceId": 5

  "secondaryVirtualDeviceUUID": "03c2cfef-0ec2-4599-81c9-09efa0d7b0e7",

  "secondaryName": "JohnDoeSecondary",

  "secondarySpeed": 50,

  "secondarySpeedUnit": "MB",

  "secondaryAuthorizationKey": "fbc3c0e1-59e7-4bfe-b5f3-209dee6b692a",

  "secondaryInterfaceId": 6

 

}'

 

 

The description of the body parameters is as follows:

 

Body Parameter Name Mandatory Type Example Applicable Values Description
virtualDeviceUUID Yes string ecb215dc-0d1d-4a48-a150-aacad8d3a371   Unique ID of the virtual device.
primaryName Yes string JohnDoe_Dot1q_Manual   Name of the primary connection - An alpha-numeric 24 characters string which can include only hyphens and underscores ('-' & '_').
profileUUID Yes string 84c6616c-573a-447d-a478-9fab8fff284d   Unique identifier of the provider's service profile.
speed Yes integer 50  

Speed/Bandwidth you would like to allocate to the connection. If you do not know the speed, you can call the validateAuthorizationkey API and query using the ExpressRoute service key to obtain the speed.

speedUnit Yes string MB   Unit of the speed or bandwidth you would like to allocation to the connection.
notifications Yes array  JohnDoe@equinix.com

 

An array of email ids you would like to notify when there are any updates on your connection. Example Object: ["user@organization.com", "user@eu.company.com"]
purchaseOrderNumber No string 4562   An optional field to link the purchase order numbers to the connection on Equinix which would get reflected on the invoice.
interfaceId No integer 5   Any available interface of the device. 
secondaryVirtualDeviceUUID Yes string 03c2cfef-0ec2-4599-81c9-09efa0d7b0e7   The unique ID of the secondary virtual device. 
secondaryName Yes string JohnDoe2_Azure_QinQ   Name of the secondary connection - An alpha-numeric 24 characters string which can include only hyphens and underscores ('-' & '_').
secondarySpeed Yes string 50   Speed/Bandwidth you would like to allocate to the optional secondary connection.
secondarySpeedUnit Yes string MB

"MB"

"GB"

Unit of the speed or bandwidth of the optional secondary connection.
secondarySellerMetroCode No string DA   Provider location where you would like to connect. 
secondaryInterfaceId No Integer 6   Any available interface of the device. 
namedTag Yes string Private

"Private" 

"Public" 

"Microsoft" 

"Manual"

The type of peering you would like to set up with Azure Express Route.
sellerMetroCode Yes string DC   Provider location where you would like to connect. 
authorizationKey Yes string fbc3c0e1-59e7-4bfe-b5f3-209dee6b692a   Authorization Key obtained from the provider. Example: Service Key from Azure Express Route, Account ID from AWS, Pairing Key from Google Cloud Platform, OCID from Oracle Cloud Infrastructure - they all map to the authorization key property.

 

NE Participants can create up to three connections to Azure using the same Azure service key. However, all 3 connections must have different namedTags such as "private", "public", "Microsoft" or "Manual"  peering. Note that "Microsoft" peering requires special permission from Microsoft.

 

Maximum Number Of Connections

Peering Type (indicated by namedTag field)

3  pairs (3 primary and 3 redundant) Public
Private
Microsoft
Manual

 

If you get “Access Denied” error, contact your local Equinix Service Desk.

 

Sample response for a virtual device (non HA).

 

{

    "message": "Connection Saved Successfully",
    "primaryConnectionId": "9349a8-0e07-44d0-944c-88a25d8d28f7",

    "status": "SUCCESS"

}

 

 

Sample response for a virtual device with an additional secondary device for high availability (HA).

 

{
    "message": "Connection Saved Successfully",
    "primaryConnectionId": "9994b8d-dcdb-45bc-b760-55368e16f3c4",
    "secondaryConnectionId": "888d4c1-5444-4511-b2e4-51f06f062974"
}

 

The description of the response payload is as follows:

 

Field Name Type Example Description
message string Connection Saved Successfully Indicates the status of the API call.
primaryConnectionId string 9994b8d-dcdb-45bc-b760-55368e16f3c4 Indicates the primary connection ID of the connection that was just created.
secondaryConnectionId string 888d4c1-5444-4511-b2e4-51f06f062974 Indicates the secondary connection ID of the connection that was just created.

 

When a connection is created, the connection transitions through various states within the Equinix and Azure infrastructure. These states can be monitored using the response attributes of the API Get L2 connections {connId}. The "status" attribute indicates the connection status in Equinix and the "providerStatus" indicates the status in Azure.

 

Equinix States  Azure States  
status providerStatus Provider Status Peerings Status Description
1. PROVISIONING NOT_AVAILABLE Not provisioned Not provisioned   Connection request has not been yet sent to Microsoft Azure.
2. PENDING_BGP_PEERING PENDING_BGP Provisioned Not provisioned

The connection has been approved and awaits for the customer to configure Microsoft peering on the Azure portal.

 

 

Note that the status will be “PENDING_BGP_PEERING” until peering is completed in the Azure portal and the status will only change to "PROVISIONED" once Equinix Fabric syncs with Microsoft. If you want to synchronize the BGP peering instantly, you may use the Equinix portal.

3. PROVISIONING  PROVISIONED Provisioned Provisioned Provisioning completed at Microsoft's end and the connection is provisioning at Equinix's end.
4. PROVISIONED PROVISIONED Provisioned Provisioned The connection is provisioned.

 

 

 

 

When an end-user deletes a connection using the  API Delete connections {uuid}  the connection transitions through the following states within the Equinix infrastructure. 

 

Equinix States under /ne/v1/l2/connections/{connId}
status providerStatus Description

DEPROVISIONING

PROVISIONED

Connection disbandment in progress.

DEPROVISIONED DEPROVISIONED

Connection deleted.

Step 3: Setup Microsoft Peering

Configure BGP peering on the Azure portal and call the below API to synchronize the peering changes with Equinix. Once it is completed, the connection status retrieved via the Connections API should change from “Pending-BGP-Peering” to “Provisioned”

Alternatively, you can also synchronize the peering using the Equinix portal.

 

Refer to https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-routing-portal-resource-manager for instructions on how to configure peering for an Express Route connection. 

 

PATCH l2/connection/bgpSync

 Method  PATCH
 URL or End Point  /ne/v1/l2/connection/bgpSync
 Headers  Authorization, Content-Type
 Query Parameters  Not applicable
 Body Parameters  authorizationKey

 

The PATCH connections API synchronizes the peering changes done in the Azure portal with Equinix.

 

If you are unaware of how to obtain an authorization key, refer to Requesting Access and Refresh tokens under the Getting Started section.

 

The following screenshots show a sample curl request to accept an L2 connection and its respective JSON response. 

 

curl -X

PATCH "http://api.equinix.com/ne/v1/l2/connection/bgpSync"

-H "content-type: application/json"

-H "authorization: Bearer qwErtY8zyW1abcdefGHI"

-d '{

  "authorizationkey": "ASDFGH9JK0LMNBVCXZ"

}'

 

The description of the request payload is as follows:

 

Body Parameter Name Mandatory Type Example values Description
authorizationkey Y string ASDFGH9JK0LMNBVCXZ Connection credentials such as Account ID for AWS, Service key for Azure, etc.

 

{
    "message": "Bgp Peering was Initiated, connection will be updated shortly "
}

 

The description of the response payload is as follows:

 

Field Name Type Example values Description
message string Bgp Peering was Initiated, connection will be updated shortly  Status of the Patch API call.

 

If you get “Access Denied” error, contact your local Equinix Service Desk.

 

Refer https://docs.aws.amazon.com/directconnect/latest/UserGuide/getting_started.html for instructions on how to accept the connection using the AWS console.

https://docs.equinix.com/en-us/Content/home.htm for instructions on how to accept the connection using the Equinix portal.

Patch L2 Connections {connId}