Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
2.3.2. User-Defined Routes
UDRs override Azure's system routes to control traffic flow—typically to force traffic through a firewall or network virtual appliance (NVA).
Route Table Concepts:
- A route table is a collection of routes
- Route tables are associated with subnets
- Each subnet can have only one route table (but one route table can serve multiple subnets)
Next Hop Types:
| Next Hop | Use Case |
|---|---|
| Virtual appliance | Route through firewall/NVA |
| Virtual network gateway | Route to on-premises via VPN/ExpressRoute |
| Virtual network | Route within VNet |
| Internet | Route to internet (default or explicit) |
| None | Drop traffic (black hole) |
Forced Tunneling:
Force all internet-bound traffic through on-premises:
Common UDR Patterns:
| Pattern | Route | Next Hop |
|---|---|---|
| Force through NVA | 0.0.0.0/0 | NVA IP |
| Spoke-to-spoke via hub | Spoke B CIDR | NVA IP (in hub) |
| Block internet | 0.0.0.0/0 | None |
Written byAlvin Varughese
Founder•15 professional certifications