Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Increase VNET Peering Limit of 500

      With new concepts like Global VNet Peerings, Virtual Datacenter and Hub-Spoke Topology - VNET peerings become even more important.

      Please INCREASE the number of 500x allowed Peerings

      Thanks,
      Catalin.Cloud

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    2. Dynamic routing within VNET

      I would like to have the option to dynamically route traffic within a subnet in Azure.
      Example: I have a two VMs acting as tunnel endpoints for 4G<->Network devices. These VMs are connecting to the same endpoints over Internet but use different technologies and have different connection availability. One is fast but unreliable, the other one slow but reliable. This setup is exported from my on premise VMware setup. But for this to work I have to be able to dynamically choose which VM I want to route traffic to, be it using Cisco route tracking or OSPF.

      I've set…

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    3. ASGs for UDRs

      ASGs are wonderful. They decouple ACLs from subnets, and so allow me to segment my application tiers without having to create separate subnets for each tier.

      However, the moment I need to use UDRs, I'm back to using subnets for each tier. It would be great to be able to define UDRs for an ASG, so I can decouple routing from subnets just as I can currently decouple ACLs from subnets.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    4. Need ability to update NIC IP configurations for VMs that are stopped but not deallocated

      When attempting to update NIC IP configurations for Azure VMs that are stopped but not deallocated, the update request times out after a long time period and subsequent requests for changes to the VM's NIC configuration fail. Users should be able to make this type of change without a failure or a long time-out period.

      2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    5. virtual network integration panel is broken (August 2017)

      Hi,

      The section "IP ADDRESSES ROUTED TO VNET" in the App Service Plan/Networking/Virtual Network Integration panel is no longer working.

      This looks like a GUI error. The section is empty - does not show the actual configured routes, and does not provide an input box to add additional routes.

      This affects classic VNets - I do not know about RM Vnets.

      Regards,
      Ben

      2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    6. List VM's attached to Application security group

      Please allow to list the number of vm's attached to ASG, it woulb be easy to search and update the rules. currently we are having 30-35 serveres in each environment, it is very difficult to identify the vm's which are using common asg. there is no direct search option to do this.

      only available option is to go to each vm and check nic/asg attached to it.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    7. Create VNETs in their own, dedicated resource group.

      A lot of folks report problems deleting a VNET. One thing I found which works is to create the VNET in a dedicated resource group, and then, if you need to delete the VNET, delete the entire resource group. This seems to work. Of course, there are authorization implications, but those should be manageable by assigning rights with service principals at the subscription or individual resource level.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    8. UDR next hop based on FQDN

      Are there any plan to support next hop address based on FQDN so route table can be failover based on DNS ?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    9. Name display for next hop types

      "The name displayed and referenced for next hop types is different between the Azure portal and command-line tools, and the Azure Resource Manager and classic deployment models."

      This should be changed for intuition. I should be forced to remember multiple names for identical configurations. Azure already has unnecessarily given proprietary names for industry standards.

      Stop making your product unnecessarily difficult to use.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    10. Make sure no new network adapters are created or the new one inherites the values of the pre existing NIC.

      We use DSC to monitor for compliancy. When someone switches the subnet in Azure a new NIC is created in Windows. The networkingDSC resource enables you to rename a NIC so you can monitor it based on a predictable name for monitoring / orchestration purposes. But when a VM is moved to a new Network subnet it creates a new nic and hides the old one in system devices. DSC is then unable to rename the NIC to the same name as it's config due to the old name being in use.... This behavior breaks the goal of eliminating configuration…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. Delete a network security group: this description is insufficient. please make it better

      Delete a network security group: this description is insufficient. please make it better

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    12. There is a bug in firewall settings

      in this page:
      https://portal.azure.com/#@XXXX/providers/Microsoft.Network/networkSecurityGroups/xxxx/overview

      Where I try to change the ip for more that one inbound rule, there is a validation message says that the port is duplicated (although it is not)

      Excepted not to see this message

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    13. make SNAT Flows graph tool available to customers

      give customers access to the virtual network SNAT Flows graph tool/data, so that a customer can self determine if a Azure VM using default Internet access is actually successfully communicating outbound to the internet. This is impossible to discern from other Azure tools or conclusively know by running packet captures locally on the VM. Support has access to this tool and data, and was able to confirm for me which ruled that out as a problem, and resulted in correct resolution of the root problem.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    14. Add Ability to create a Dynamic Object "Local Subnet" Route in a Route Table

      We have a configuration where we want VMs on the same subnet to communicate directly through the virtual network, and VMs on different subnets to communicate through a firewall. We have done this by defining a unique route table for for each subnet.

      It would be far more better to have a "Local Subnet" object so that a single route table could be used for all the subnets in a vnet. For example, create a route with Address Prefix as "Local Subnet" with nexthop "Virtual Network".

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    15. Vnet creation imposes 1 subnet. why not make it optional or allow the creation of all subnet needed at once

      upon creating my vnet I can only 1 subnet. an ADD button would be useful to allow the creation of multiple subnet at one time or make it optional

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    16. Internal vNet endpoints for SQL Databases and Storage Devices to allow private accessible only via Expressroute Gateway

      To justify using Expressroute to "securely" extend the corporate LAN/WAN infrastructure to the cloud.

      Create Internal vNet Endpoints for SQL Databases and Storage Devices to allow private accessible only via Expressroute Gateway.

      Needed to secure sensitive PII, HIPAA, and Company Confidential Databases and storage devices

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    17. Complete Network map

      Complete Network map - NICs connected to subnet - connected to vnet and NSG rule name

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    18. Allow VM's to have multiple Public IP's with a single private IP

      We should be able to attach multiple public IP's to a single NIC without having multiple private IP's.

      It is very difficult to configure 3rd party firewalls needing a 1:1 between public IP's and private IP's as far as routing rules go.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    19. additional VNET Service point for retrieving Linux environments packages

      additional VNET Service point for retrieving Azure certified Linux packages

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    20. Portal - Azure Networking - column heading for vNet and subnet to list address range

      Hi, would be nice to have a column to list the default address ranges for vNet and subnet associated with CIDR eg
      10.252.0.0/18 10.252.0.0-10.252.63.255

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base