Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    How can we improve Azure Networking?

    You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

    There are two ways to get more votes:

    • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
    • You can remove your votes from an open idea you support.
    • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
    (thinking…)

    Enter your idea and we'll search to see if someone has already suggested it.

    If a similar idea already exists, you can support and comment on it.

    If it doesn't exist, you can post your idea so others can support it.

    Enter your idea and we'll search to see if someone has already suggested it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. RST packet is sent from probe of load balancer.

      The probe use RST to disconnect a TCP connection that established 3 way handshake. If I use an software to monitor some paket, the software will detect some errors by RST paket. I hope we can use FIN sequence to close the TCP connection.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    2. Test alert for LoadBalancerAlertEvent.

      I can't confirm whether ALB can put diagnostic logs to a storage account. I hope we will be able to put test alert in future.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    3. Load Balancer should drop all packets for ports not configured

      Load Balancer should drop all packets for ports not configured before they get to my NSGs. See REG: 119012221000062 for additional information. Basically, the Azure LB installed as part of the Azure AD service is configured for port 443. But my NSG flow logs show packets arriving on a port other than 443 and incidentally for the destination as the public IP associated with the LB. My initial complaint was why do I see such a public IP address and I was told this is unavoidable because SNAT is enabled on this LB. I have no control over this LB…

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    4. Increase idle timeout of public LB more than in 30 minutes

      We can use idle timeout of public LB only in 30 minutes. I want to use it more than in 30 minutes. E.g. 60, 90 or 120 minutes.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    5. HTTP status code

      The HTTPS probe considers any HTTP status other than 200 to be a failure. Any response 200-299 should be considered a success. See https://tools.ietf.org/html/rfc7231#section-6.3

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      need-feedback  ·  2 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    6. Show Traffic lights on an ILB Rule showing which node traffic is being passed too

      Load balance rules do not show which server(s) traffic is currently being sent to.
      Within a “Load Balance Rule” simple traffic light of Green /or Red against a node would give a quick visual indication that traffic is being sent to the node.
      This would help us identify if a service had/was stop on a specific node or if a node was turned off.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    7. Allow Basic Port Forwarding With Network Load Balancer for all Services

      Azure Network Load Balancer should support basic port forwarding, many customers have firewall rules that block PaaS Services. Today you can create a port forwarder with NLB, but only to its supported endpoints. Ideally you could forward to any Azure hostname or IP address.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    8. Allow Selection of VMs within Availability set for standard LB backend pool

      It would be great if allowing Selection of VMs within availability set for standard SKU Load balancer backend pool

      the feature does exist in Basic only , yet in Standard not. even though it is mentioned in the documentation it supports it.

      for example I have a client that needs to add only 50 VMs within an av in a VNET that hosts over 500 VMs. Yet when going to the backend pool of the standard LB it shows all of the 500 VMs , if there is a filtering way to only shows a specific AV that would be…

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    9. On Azure portal,under Load balancer the statement of floating IP should be updated.

      Recently i took a case ,customer complained this .On Azure portal,under Load balancer the statement of floating IP "says 'We recommend using this feature only when configuring a SQL Always" needs to be updated.
      The statement needs to be updated as follows :
      We recommend using this feature only when configuring a SQL AlwaysOn Availability Group Listener and SQL Failover Clustered Instance (FCI) IP Address.

      The current statement appears to be old and was true before we started supporting SQL FCI on Azure. You can see the details here
      https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-portal-sql-create-failover-cluster

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    10. Paas service: How to check on portal if instance is active in load balancer or not

      Is there is any Azure Metric that is emitted whenever a resource is taken out of load-Balancer ? I am looking for a better method than IIS logs for this as going to IIS logs every time is quite slow and not very practical as we go to do testing on various resources.

      I understand if there is current limitation to not expose this via Portal (which I think should be exposed : a future feature request), However I would appreciate if there is any metric that we can sign up to know this detail.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    11. add support for internal loadbalancers on vm scalesets

      We don't want to use the external loadbalancer in a scaleset, we've got our own firewall setup in Azure and want the scaleset behind it, but with an azure internal loadbalancer.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    12. Multiple Standard SKU Load Balancer per AV set

      For a multi-NIC NVA pool to leverage HA ports from a Standard SKU load balancer it will need to be able to support more than one load balancer per AV set. Typical deployment would have one NIC for a Trusted zone, one NIC for an Untrusted zone. For routing symmetry and redundancy you should be able to load balance for both inbound and outbound traffic on the same NVA pool.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →

      Thank you for the feedback. You can already have a public and Internal Load Balancer (basic and standard) for the same VM, Availability Set, VMSS. And when using HA Ports load balancing rules as described in https://aka.ms/lbhaports flow symmetry is provided for appliances.

      There is no symmetry between two different Load Balancer resources because the flow is different for each of them. Not sure how we would identify them as related.

    13. How to configure SSL on Azure LoadBalancer

      Hi,

      We have configured 2 Windows resources and it has Apache server. now we have enabled Load balancer for these 2 instances and its working fine.

      I need to configure SSL for the load balancer . pls share the steps/guide to configure SSL on Azure load balancer.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    14. standard internal loadbalancer

      Access to public address does not work for standard internal loadbalancer (according to MS by design). In order to be able to access public resources a public IP need to be assigned.
      However there are cases where public IP should not be assigned to allow only private traffic. There are two services which however require (via UDR) access to public.
      Reaching the KMS license server (Windows) and Redhat repositories (for both the recommendation is to use UDR).
      So access to those services is not possible once you do a standard internal loadbalancer and your policy prohibits use of public IP. …

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    15. Standard load balancer - last rule warning

      I just caused an outage, because I deleted the last rule of the standard frontend load balancer in front of the firewalls.
      The root cause is clear based on the documentation:
      "The Load Balancer resource must be configured with a load balancer rule to create a link between the public IP frontend with the backend pool."
      That means, I am forced to have a rule, regardless whether it is nonsense like some random high port, in order to enable the backend VMs to connect to internet. So even I do not want to have a connection from internet, I still…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    16. Support for ping/UDP probe for ALB

      Hello Team,

      I add this idea on behalf of my customer, who has this user scenario as below:

      Based on the current design, https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-custom-probe-overview#types, Azure Load balancer does not support UDP health probes (only HTTP, HTTPs & TCP are supported).
      Hence to load balance a UDP service, a dummy application needs to be created on the Virtual machine to mark the backend service as Healthy

      Please advise if it's feasible to add one of the following options:
      1) ICMP health probe
      2) An option to mark the service ‘always up’ (let the user decide how to check whether the…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    17. Azure SLB: suggestion for display of frontend ip addresses

      On the portal, we can see public IP address which is assigned to each VM in "overview" of VM resource.
      If VM is bound to loadbalancing rule or inbound NAT rule of SLB, SLB's frontend IP address is displayed in "Public IP address" field.

      However, even if SLB has multiple frontend addresses, not all public addresses are not displayed, but only a single public address is displayed in this field. Sometimes it confuses operators. Please consider to modify this like below:

      - not to display any frontend IP address of SLB in "Public IP address" field
      or
      - display all…

      0 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    18. Load Balancer should drop all packets for ports not configured

      Load Balancer should drop all packets for ports not configured before they get to my NSGs. See REG: 119012221000062 for additional information. Basically, the Azure LB installed as part of the Azure AD service is configured for port 443. But my NSG flow logs show packets arriving on a port other than 443 and incidentally for the destination as the public IP associated with the LB. My initial complaint was why do I see such a public IP address and I was told this is unavoidable because SNAT is enabled on this LB. I have no control over this LB…

      0 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
    1 3 Next →
    • Don't see your idea?

    Feedback and Knowledge Base