disaster recovery design

High Availablity within hub site

Virtual WAN deploys a separate set of gateway instances in a virtual hub for each connectivity option: site-to-site, point-to-site, express route.

Each gateway is deployed with its own set of public and private IPs.

Site-to-site VPN gateway allows creation of two tunnels to two different endpoints for each VPN connection (like two onprem firewalls/gateways)

Intra-region vnet latency is negligible, connections can be used active-active.

Inter-region connections may have more latency than a branch site has to its closest region. Active/passive connections make sense in that case.

enterprise express route