From 4c49ae73e572041fd97699eaddf4b24f9ac703a6 Mon Sep 17 00:00:00 2001
From: David Naylor <dnaylor@cloudflare.com>
Date: Mon, 13 Jan 2025 21:28:25 +0000
Subject: [PATCH 1/2] [Magic Cloud] Specify Azure GatewaySubnet size

---
 src/content/docs/magic-cloud-networking/reference.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/docs/magic-cloud-networking/reference.mdx b/src/content/docs/magic-cloud-networking/reference.mdx
index 1c250bbafeffe07..d8d18b5003e8b21 100644
--- a/src/content/docs/magic-cloud-networking/reference.mdx
+++ b/src/content/docs/magic-cloud-networking/reference.mdx
@@ -27,7 +27,7 @@ When using Magic Cloud Networking to automatically create on-ramps to your AWS a
 
 When using Magic Cloud Networking to automatically create on-ramps to your Azure account, you should be aware of the following configuration changes Cloudflare will make on your behalf:
 
-- Cloudflare will create a Virtual Network Gateway in your Virtual Network (VNet). Virtual Network Gateways in Azure require a subnet named `GatewaySubnet`. Cloudflare will create a `GatewaySubnet` if one does not already exist in your VNet. If there is not enough unused address space left in your VNet to create a `GatewaySubnet`, or if a `GatewaySubnet` exists but does not have enough address space left for a Virtual Network Gateway, on-ramp creation will fail.
+- Cloudflare will create a Virtual Network Gateway in your Virtual Network (VNet). Virtual Network Gateways in Azure require a subnet named `GatewaySubnet`. Cloudflare will create a `GatewaySubnet` if one does not already exist in your VNet. If there is not enough unused address space left in your VNet to create a /27 `GatewaySubnet`, or if a `GatewaySubnet` exists but does not have enough address space left for a Virtual Network Gateway, on-ramp creation will fail.
 - Cloudflare will enable gateway route propagation on all route tables in your VNet. This will result in a route for each prefix in your [Magic WAN Address Space](/magic-cloud-networking/cloud-on-ramps/#magic-wan-address-space) pointing to the gateway. If your VNet has other Virtual Network Gateways, their routes will also propagate to your route tables. If you delete the on-ramp, route propagation will not be disabled.
 - By default, Network Security Groups in Azure contain Allow rules for outbound/inbound traffic to/from the `VirtualNetwork` service tag, which includes Virtual Network Gateway address space (and therefore your Magic WAN Address Space). If you do not want all resources in your VNet to be accessible from Magic WAN, add the appropriate Deny rules to your Network Security Groups (NSGs).
 - Cloudflare will add a route in Magic WAN for each IPv4 address range in your VNet.

From 0838bfe1f3af4cdc1d40e4167987b1c89301e8bd Mon Sep 17 00:00:00 2001
From: marciocloudflare <83226960+marciocloudflare@users.noreply.github.com>
Date: Tue, 14 Jan 2025 09:52:46 +0000
Subject: [PATCH 2/2] Update
 src/content/docs/magic-cloud-networking/reference.mdx

---
 src/content/docs/magic-cloud-networking/reference.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/docs/magic-cloud-networking/reference.mdx b/src/content/docs/magic-cloud-networking/reference.mdx
index d8d18b5003e8b21..e7c78436bd7473d 100644
--- a/src/content/docs/magic-cloud-networking/reference.mdx
+++ b/src/content/docs/magic-cloud-networking/reference.mdx
@@ -27,7 +27,7 @@ When using Magic Cloud Networking to automatically create on-ramps to your AWS a
 
 When using Magic Cloud Networking to automatically create on-ramps to your Azure account, you should be aware of the following configuration changes Cloudflare will make on your behalf:
 
-- Cloudflare will create a Virtual Network Gateway in your Virtual Network (VNet). Virtual Network Gateways in Azure require a subnet named `GatewaySubnet`. Cloudflare will create a `GatewaySubnet` if one does not already exist in your VNet. If there is not enough unused address space left in your VNet to create a /27 `GatewaySubnet`, or if a `GatewaySubnet` exists but does not have enough address space left for a Virtual Network Gateway, on-ramp creation will fail.
+- Cloudflare will create a Virtual Network Gateway in your Virtual Network (VNet). Virtual Network Gateways in Azure require a subnet named `GatewaySubnet`. Cloudflare will create a `GatewaySubnet` if one does not already exist in your VNet. If there is not enough unused address space left in your VNet to create a `/27` subnet  for the`GatewaySubnet`, or if a `GatewaySubnet` exists but does not have enough address space left for a Virtual Network Gateway, on-ramp creation will fail.
 - Cloudflare will enable gateway route propagation on all route tables in your VNet. This will result in a route for each prefix in your [Magic WAN Address Space](/magic-cloud-networking/cloud-on-ramps/#magic-wan-address-space) pointing to the gateway. If your VNet has other Virtual Network Gateways, their routes will also propagate to your route tables. If you delete the on-ramp, route propagation will not be disabled.
 - By default, Network Security Groups in Azure contain Allow rules for outbound/inbound traffic to/from the `VirtualNetwork` service tag, which includes Virtual Network Gateway address space (and therefore your Magic WAN Address Space). If you do not want all resources in your VNet to be accessible from Magic WAN, add the appropriate Deny rules to your Network Security Groups (NSGs).
 - Cloudflare will add a route in Magic WAN for each IPv4 address range in your VNet.