Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Add a feature that gives you an static IP regardless of what server you attach to it.

      Add a feature that gives you an static IP regardless of what server you attach to it. That wat, if you have to migrate your server you keep your IP Address.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  IP addresses  ·  Flag idea as inappropriate…  ·  Admin →
    2. Add App Service Virtual IP (VIP) as Traffic Manager endpoints

      When using the Alias Record Set of Azure DNS, it becomes an error if it is a domain name.

      App Service has a VIP, I would like an option to add IP instead of domain name.

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    3. Make another POP location in Moscow, Russia

      Make another POP location in Moscow, Russia

      15 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  2 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    4. azure application gateway websockets latency metric

      When using websockets together with Azure Application Gateway, you end up with artifically increased latencyd in the ApplicationGatewayPerformanceLog. Indeed, all the 101 (websockets) connections remain pending, which is a normal behavior and their duration gets recorded by the gateway. The problem is this normal behavior increases the average latency of all requests (including non-101) and there is no way to filter 101 out of the ApplicationGatewayPerformanceLog logs...Therefore, if we setup an alert on latencyd, this will raise a lot of false positives...While this metric is very useful in the ApplicationGatewayAccessLog because it allows for calculation of average user…

      2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. Auto-scale for Application Gateway

      I hope Application Gateway instance can increase with auto-scale.

      If it has this feature, we dose't need to add instance for many web access.

      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. Application Gateway Performance

      We have two large instances of Application gateway on our application which is a connected client application using long polling. When we did load testing, gateway starts to give 503 with just 10k connections whereas our back-end application just works with just 7 % CPU. When we raised ticket we got a response saying it is as per design. We did not expect this from Application gateway.
      Can you please let us know what is performance metrics of Application Gateway.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. cmdlet / API for updating 'Custom caching rules'

      It looks like the only way to update caching rules is via the WebUI, it would be nice if there was a programmatic way of updating custom caching rules, you know devops and all that. cmdlets / api / **** even ARM options

      14 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    8. Monitoring BGP Routes Updates - Routes addition or deletion

      We are looking for option to monitor BGP Routes which are propagated to Azure Virtual network through ExpressRoute established and managed by network provider, BT . This is to notify network admins when new network is added as BGP Routes in Azure Virtual Network.
      It would be good if this can be monitored using OMS log analytics. As an alternative option, if route addition is logged as activity log, then it can be used for alerting and notification.

      9 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  ExpressRoute  ·  Flag idea as inappropriate…  ·  Admin →
    9. Support for IKEv2 VPN clients to connect to an Azure based RRAS server (Allow ESP traffic through NSG)

      Currently, Network Security Groups only support rules for TCP and UDP traffic. This request is for the addition of rules for ESP traffic which is required for IKEv2 clients to connect to an RRAS server running on Azure.
      We use ExpressRoute Point-to-Site is not an option as they cannot coexist. We currently use SSTP for our clients to connect but lack the resiliency that comes with an IKEv2 connection.

      Alternatively, support for Expressroute/Point-to-Site coexistence would also satisfy our requirement and eliminate the need to maintain an RRAS server in Azure.

      34 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    10. Allow transit routing between ExpressRoute, VPN Gateways, and NVAs by allowing them to peer with BGP and exchange routes.

      Allow transit routing between ExpressRoute Gateways, VPN Gateways, and NVAs by allowing them to peer with BGP and exchange routes. This functionality would give the customer more flexibility in how they lay out their network.

      217 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      12 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. azure zones dns-forwarder

      Please extend DNS zones solution to add forwarding & client features to implement the following in PaaS instead of with VMs:
      https://github.com/Azure/azure-quickstart-templates/tree/master/301-dns-forwarder

      Use case: use azure dns to forward dns queries to 168.63.129.16 & between subnets. Enterprise DNS would forward to Azure DNS. VNET has Azure-provided name resolution (*.internal.cloudapp.net). In this way Enterprise DNS could dynamically learn of a PaaS offering on VNET.

      262 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  5 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    12. Test Azure CDN Rule Engine before sending for approval

      At this moment, you cann't test Azure CDN Rule Engine before sending for approval, approval of new Rules takes up to 4 hours. Which make things very difficult.

      64 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      8 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
      planned  ·  Anton Kucer [MSFT] responded

      Rule approval is currently automatic with no delay. We will follow up on having the 4 hour approval message you see in the CDN supplemental portal updated to remove this confusion. While approval is automatic it can currently take 90 minutes for updates to propagate to all CDN POPs. Work is under way to significantly reduce this to a much lower value in the next few months.

    13. Add ServiceTags for login.microsoft.com and arm api endpoint in NSG

      Kubernetes requires access to the different endpoint to perform automation.

      We also need to restrict internet access with an outbound rule. It would be best if we could configured the NSG to prevent internet access while keeping the access to the internal Azure endpoints.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    14. Allow User-Defined Routes (UDR) to work across ExpressRoute.

      Currently, UDRs are limited to IP addresses which appear in a single peer group of VNETs (i.e., in the same Azure data center location). I would like to have a NextHop to a firewall that can serve multiple regions. The traffic would flow across the ExpressRoute (MPLS-style).

      While most deployments are in a few Azure data centers, there are some which are elsewhere. It is less economical to have a separate firewall instance for each region. With UDR across ExpressRoute (or VPNs), that would be a money saver.

      42 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  ExpressRoute  ·  Flag idea as inappropriate…  ·  Admin →
    15. Application gateway

      Hi MS team,

      Could you enable the 'Edit' option for the Listeners we are configuring in the Application gateway. This will be really helpful if we decide to change our certificate.

      Although we can do a workaround of deleting the listener and creating new one, but that needs some time investigating it, so I feel Edit option is a much better and easy approach for clients.

      Thanks,
      Thulasidas

      16 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. API for Real-Time Stats of CDN

      Provide API to get live CDN metrics (number of requests, different cache statuses, different HTTP response codes, response time, origin time etc) from CDN. The same metrics is available now only via HTML dashboard in CDN manager as "Real-Time Stats", but enterprise setups need the data to our dashboard systems, not as yet another separate website.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    17. Support IPv6 in Application Gateway front-end public IP

      Support IPv6 in Application Gateway front-end public IP

      197 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  3 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Allow a VM's NIC to use a VNET\Subnet from another Subscription

      Given that the syntax of json deployment templates allows referencing resources by a unique resourceid which includes the guid of the subscription, I would like to create a VM in subscription 'A', whose NIC references a subnet that is part of a VNET in subscription 'B'.

      The reason for this is two-fold:
      1) This would allow a corporate networking function to securely manage all the networking infrastructure in a corporate IT-owned and managed subscription, but allow it to be consumed by line-of-business units, whose subscriptions are restricted (via ARM policies) to not allow the creation of VNETs.
      2) This would…

      127 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  6 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    19. Allow changing of pricing tier

      Allow changing pricing their from Verizon Standard to Verizon Premium and vice versa

      139 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  4 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    20. Reduce update times for Application Gateways

      It would be great if the Application Gateway could update faster. Working with AGWs forces me to wait for 15-30 minutes after each update - which wastes a lot of time.

      Working with gateways at AWS feels nearly instant and does not require such long waiting times.
      I'd highly appreciate if Azure AWG updates could become so fast, too.

      61 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base