Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. The Application gateway creation requires both public and private IP addresses. The current documentation does not work

      Current documentation says

      az network application-gateway create -n myApplicationGateway -l canadacentral -g myResourceGroup --sku Standard_v2 --public-ip-address myPublicIp --vnet-name myVnet --subnet mySubnet

      It should be
      az network application-gateway create -n myApplicationGateway -l canadacentral -g myResourceGroup --sku Standard_v2 --public-ip-address myPublicIp --private-ip-address myPrivateIp --vnet-name myVnet --subnet mySubnet

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    2. Ability to update Application gateway without re-provisioning

      Capability to update an existing gateway would be beneficial to templatized adding multiple backend/listeners. adding resource providers like below would help
      "Microsoft.Network/applicationGateways/frontendIPConfigurations"
      "Microsoft.Network/applicationGateways/backendAddressPools"
      "Microsoft.Network/applicationGateways/backendHttpSettingsCollection"

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. Ability to update Application gateway without re-provisioning

      Capability to update an existing gateway would be beneficial to templatized adding multiple backend/listeners. adding resource providers like below would help
      "Microsoft.Network/applicationGateways/frontendIPConfigurations"
      "Microsoft.Network/applicationGateways/backendAddressPools"
      "Microsoft.Network/applicationGateways/backendHttpSettingsCollection"

      0 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    4. add variable for current unix timestamp

      I'd like to use Rewrite to add a request header to my backend servers that indicates the time the request began, i.e. "X-Request-Start: unix-timestamp-with-milliseconds"

      E.g. "X-Request-Start: 1602010915.395"

      To do this I need a server variable that yields the current time in the desired format.

      This would allow my backend monitoring/telemtry system to better estimate request queuing. For example, New Relic provides sample configurations for other popular load balancers here: https://docs.newrelic.com/docs/apm/applications-menu/features/request-queue-server-configuration-examples

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. Do Not Cache DNS

      The gateway currently resolves the DNS for Target entries in the backend pool only once and then caches the result. This means that if the DNS changes the Gateway is effectively broken until is modified to force it re-resolve the DNS.

      Ideally, the Gateway would turn off caching entirely. Failing that, it should at least honor the DNS TTL and refresh at least that frequently.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. Option to specify whether health probes follow redirects

      Currently the 'test' button for Health Probes always follows redirects. However, when the gateway runs the Health Probe it does NOT follow redirects. This actually breaks the Health Probes.

      When setting up a Health Probe, one should be able to specify whether redirects should be followed and that should be done consistently whether manually run via the Test button or automatically run via the schedule.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. Application Gateway upgrade notification

      There's no notification for the Application Gateway instance upgrade.
      Is it possible that the customers be informed about the upgrade in advance? So the customers can arrange a service downtime or Maintenance window.

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    8. Include support for redirect rules and rewrite url rules on the Application Gateway

      Today I had a call with one of the Microsoft support engineers to understand why the Rewrite URL feature (preview) is not working as it should, and then we realized that the Rewrite URL feature would not work with the Redirect Rules, according to the limitations section in the link below.

      I think it would be a great feature, especially on those scenarios that clients want to migrate from old site to a new site with new domain, and they want to redirect web traffic from the old site to the new site. And that is exactly the scenario that…

      13 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    9. Have better checks on Application gateway

      Have better checks on Application gateway, after reinstalling listener certificates, the configured backends go into an "unknown" state, a reboot is necessary even though the AGW is in a running state.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    10. Allow priority traffic to a member of a backend pool

      Now if we need to use some sort of "Active-Passive" failover VMs in a backend pool we must use a load balancer instead of Application Gateway, but this leaves us without the App Gateway features like WAF for example. Please add a priority option in the backend pool members.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    11. ChaCha20

      Add the ChaCha20 stream ciphers to our list of available TLS cipher suites in the near future.
      TLSCHACHA20POLY1305SHA256
      TLS
      ECDHEECDSAWITHCHACHA20POLY1305SHA256
      TLS
      ECDHERSAWITHCHACHA20POLY1305_SHA256

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    12. AAG - Export/Import configuration (primary -> DR restore)

      Looking for an option to backup & restore AAG configuration (backend pools, listeners, etc) from active/primary AAG to passive/DR AAG.

      MS supported responded by saying, no direct way to perform this task but you can manually export the configuration using ARM template form. Reference: https://azure.microsoft.com/en-in/blog/export-template/

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    13. Allow pattern mattern regexp exclusions like used on other vendors e.g barracuda

      Allow pattern mattern regexp exclusions like used on other vendors e.g barracuda.

      So we can customise what is blcoked in sql Tautology for example

      sql-tautology-conditions-simple

      [^[:alnum:]]+(OR|AND|HAVING)(\x20|\x09|\x0d|%0a|\x22|\x27|\x2b)+[%'"()0x*+-/[:xdigit:]]+(\x20|\x09|\x0d|%0a)(!)?(=|<|>)(\x20|\x09|\x0d|%0a)[%'"()0x*+-/[:xdigit:]]+ similar expression in waf policy ?

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    14. Support for W3C Trace Context (distributed tracing)

      Please add support for W3C Trace Context (https://www.w3.org/TR/trace-context/).

      Azure Application Gateway should generate (and log) the required headers for the trace context so that end-to-end tracing would be possible. Preferrably with integration to Application Insights which already supports this.

      75 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    15. Redeploying AppGW (through ARM or cli) will clear all settings and configurations from running appGW

      Redeploying AppGW will clear all settings and configurations, such as listeners, http settings, backends, etc
      this is causing an outage and will require to reconfigure it from scratch.
      I wish we have this feature, like AKS or any other azure resources which redeploying does not change the existence settings.

      9 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. SSL labs shows certificate chain issue after TLS protocol and cipher suite changes in Application Gateway

      SSL labs show certificate chain issues after TLS protocol and cipher suite changes in the Application Gateway.

      The same certificate when reapplied to AG with a different name this error gets resolved.
      Its seems that after TLS setting change again uploading certificate is mandatory.
      Again there is no way to delete certificate from AG.
      If we have to adjust the cipher suites and test this creates lot of problems as every time new certificate must be uploaded with a different name

      4 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. NTLM in Application Gateway v2

      NTLM should be supported in Application Gateway V2

      19 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Support for regex negative lookahead with WAF policy.

      I confirmed that we can not use regex negative lookahead like below as match values of custom WAF policy in Application Gateway.
      "\%(?!$|\W)"

      Some people want to use this regex so I want you to add this feature.

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    19. Allow both AppGw and Standard Public IP Address to move from one subscription to another.

      Allow both AppGw and Standard Public IP Address to move from one subscription to another.
      We, regardless of using AppGw v1 or v2, would be allowed to move an existing AppGw entirely by doing this.

      56 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. High security predefined setup

      This will give you an A+ score on ssl policy and should be a predefined setup:


      az network application-gateway ssl-policy set -g resource-group --gateway-name app-gw --policy-type Custom --min-protocol-version TLSv1_2 --cipher-suites TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

      Yet it is not a predefined one. something under the name: max-security.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base