ExpressRoute lets you extend on-premises networks into the Microsoft cloud over a private connection (with help of connectivity provider). This feature allows to connect offices, datacenters, or other facilities to the Microsoft cloud with each location having its own ExpressRoute Circuit. Connectivity can be from: - Any-to-any (IP VPN) network. - Point-to-point Ethernet network. - Virtual cross-connection via connectivity provider at a colocation facility. - Directly from ExpressRoute sites. ExpressRoute connections do not go over the public Internet. Some Features: - Connectivity to Microsoft cloud services across all regions in the geopolitical region. - Global connectivity to Microsoft services across all regions with the ExpressRoute Global Reach. - Dynamic routing between your network and Microsoft via Border Gateway Protocol (BGP). - Built-in redundancy in every peering location for higher reliability. ExpressRoute enables direct access to the following services in all regions: - Microsoft Office 365 - Microsoft Dynamics 365 - Azure compute services, such as Azure Virtual Machines - Azure cloud services, such as Azure Cosmos DB and Azure Storage **[[Border Gateway Protocol (BGP)]]** ExpressRoute is a **private connection** from your on-premises infrastructure to your Azure infrastructure. Even if you have an ExpressRoute connection, DNS queries, certificate revocation list checking, and Azure Content Delivery Network requests are **still sent over the public internet**. Route-based VPN gateway for connections between virtual networks, point-to-site connections, multisite connections, or coexistence with an Azure ExpressRoute gateway