Senior Customer Engineer @Microsoft · Azure Networking Specialist
I'm a Senior Customer Engineer at Microsoft focused mostly on Azure networking — helping enterprises design hub-and-spoke, Virtual WAN, ExpressRoute, hybrid connectivity, and SD-WAN integrations. This profile is a curated index of the hands-on labs, architecture articles, and troubleshooting toolkits I've built while working with customers. Most content is reproducible end-to-end so you can deploy, break, and learn from real Azure topologies.
🔭 Currently exploring: AVNM Part Two · ExpressRoute monitoring · vWAN routing intent with forced tunneling 💬 Ask me about: vWAN custom routing · ExR Fastpath · ARS dual-home · BGP-over-IPsec · NAT Gateway
📣 Connect: LinkedIn · GitHub · MS Tech Community · Azure Networking Docs
- Labs
- Architectures
- Articles — ExpressRoute & Virtual WAN
- Articles — Networking Fundamentals
- Tools & Snippets
- Tech Stack
- BGP over IPSec · Blue -Yellow Isolation — Custom vHub routing with Cisco CSR branch over IPsec + BGP, with
rt_yellow/rt_blueroute table isolation - Azure Virtual Network Manager — Walk-throughs for Mesh, Hub-and-Spoke, and Hub-and-Spoke + Global Mesh
- AVNM Part Two — Advanced AVNM scenarios (work in progress)
- Route Server Dual Home — Highly available ARS across two hubs with BGP + VNet-to-VNet IPsec
- Dual vWAN Secure Hubs + BGP-over-IPsec — Dual-region secured vWAN hubs with Private Routing Intent and full bow-tie BGP-over-IPsec branches using Strongwan (Bicep / Terraform / CLI / PowerShell)
- ILB With Apache Server via Vnet Peering -Client connection over Vnet peering to an ILB with two Apache Servers in the BE. NatGW provided soley for deployment of Apache Server
- AVNM vs Hub & Spoke vs Virtual WAN — Side-by-side comparison, decision tree, cost breakdown, and a hybrid AVNM + Hub & Spoke reference architecture
- ExR Fastpath — When to use Fastpath and exactly what it bypasses
- MSEE Hairpin Design Alternatives — How to avoid the classic MSEE hairpin
- vWAN-to-vWAN Connection Options — Patterns for connecting multiple vWANs
- vWAN with ExR Bow-Tie + HRP — Dual-hub bow-tie with high-redundancy paths
- vWAN Routing Intent + Forced Tunneling — Securing internet egress with routing intent
- What is this ExR IP? — Demystifying the IPs you see on ExR resources
- vWAN Traffic Flow Patterns — Common end-to-end traffic flows through vWAN
- vWAN Routing Limits & Mitigations — Contention-point map of route limits across ER, S2S BGP, SD-WAN NVA, and VNet peering — with mitigation playbook
- Migrating off IPsec-over-ExpressRoute to ER-only — Why the IPsec overlay is the throughput chokepoint, what ER-only + FastPath buys you, and a 4-step cutover plan
- ExR Monitoring & Best Practices — Field guide for ExpressRoute monitoring, alerting, and HA/DR design (BFD, dual MSEEs, two POPs, bow-tie, FastPath)
- Network Perf in Azure — Throughput, latency, and tuning levers
- Azure IP Addressing & SNAT — Subnet sizing, pseudo-VIP, and the 3 SNAT options
- Empty VNet Trick — Advertising indirect spoke routes to on-prem
- Simple Loop Scripts — NetCat / Curl / Wget / Test-NetConnection / PSPing loop scripts for connectivity troubleshooting
- ARG Kusto Queries — A growing catalog of KQL queries for Azure Resource Graph inventory
- Compute Desk — Copilot CLI extension: an Azure IaaS VM AI team of 20 specialist agents for SKU sizing, cost, performance, DR, scale sets, and more
- Network Desk — Copilot CLI extension: an Azure networking AI team of specialist agents for topology, security, DNS, hybrid connectivity, load balancing, and more
Thanks for stopping by! ✨