Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Fallback to secondary region of RA-GRS storage endpoints

      If CDN endpoint origin is RA-GRS storage account and application can tolerate eventual consistency of RA-GRS storage accounts it should be possible to enable automatic fallback to secondary endpoint in case of retryable error returned by origin.

      16 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    2. CDN Allow Root Domain for Custom Domains

      It would be great to be able to set an A record to a root domain for CDNs like you can with web apps.

      For example you can set a CNAME to www.example.com but you cannot set an A record to example.com.

      377 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      17 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    3. 11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      Azure CDN is currently revaluating their plans for Azure Government

      For customers that have both public Azure and Azure Government, given that CDNs don’t host restricted data, you can use Azure CDN from public Azure in the interim.

    4. A ready for use CDN

      Give free a CDN that is ready for use, except for some parameters to be specified and the necessary files to be uploaded. Something like a template.
      The videos where experts give lectures are only for other experts to applaud. The majority of your prospective clients are businessmen, educators, etc., who do not want to become experts in IT and do not have the time.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      What specific use case scenarios are you looking for this capability? For a # of end-to-end scenarios in Office 365 (e.g. Office 365 Video) we already enable CDN seamlessly without any user interaction needed or additional cost.

    5. Support HSTS and HPKP

      Allow HSTS and HPKP to be enabled on Azure CDN

      Currently these values can only be passed through from the origin, which is fine for HSTS but can cause issues for HPKP (as the CDN cert may change, and probably doesn't match the origin cert)

      7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      How do you want HSTS to be enabled on the CDN? HSTS can be enabled on Azure CDN from Verizon Premium by using the rules engine to add the “Strict-Transports-Security” response header. Support for HPKP would likely require customers to provide their own HTTPS certificates. Once support for providing your own certificates is available the rules engine could be used to enabled HPKP support.

    6. Purging via CNAME

      Currently purging is just supported by specifying the CDN endpoint. For case where a rewrite rules is used to direct customers to different content based on the CNAME (e.g. by selecting content to return based on host name) it is valuable to have the ability to purge content based on CNAME. Without this capability one needs to create individual CDN endpoints to use for each CNAME that has different content returned based on the CNAME.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    7. Dashboard with CDN Information


      1. The current CDN portal provides the required information, but it would be good to have something in the form of an Dashboard, which can provide an complete view of the performance and utilization.


      2. Region/Country wise cache status and the hit and miss ration is good to have to understand the traffic and to be aware of the performance from the different regions.


      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    8. Signed cookie in CDN

      Enable authenticated access to CDN without the need to change URL or headers. This is especially useful for referencing a static web page in an IFRAME.

      Scenario. When user signs in to example.com, we would first redirect users to a non-cached page on CDN cdn.com, which would set the signed cookies, before redirecting back to example.com.

      On example.com, we have an IFRAME that references a static webpage on cdn.com. The static webpage references other images, JavaScript and CSS on cdn.com. The access to the webpage and other resources are authenticated by the signed cookie.

      AWS implementation http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html

      48 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      If you are using Azure CDN from Verizon Premium, you can open a technical support case to have this capability setup for you via the rules engine. Overall you would use the token authentication capabilities in Azure CDN from Verizon Premium to accomplish this – https://docs.microsoft.com/en-us/azure/cdn/cdn-token-auth. With token authentication the signed token is sent by default in the query string for your URL’s. The capability you are looking for is the ability to instead have the token sent as a cookie in the client request to the CDN.

      We will look at enabling this capability long term without the need to open a support case.

    9. Correctly handle CORS with Range header

      When browser sends a Range request to CDN, CDN downloads the entire file from origin, then serve the appropriate range to the browser. However, when serving the content range, it does not send the CORS header that is present in the origin, thus breaking cross origin requests.

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      Which SKU of Azure CDN are you using – Azure CDN from Verizon or Azure CDN from Akamai. See the following documentation for working with CORS and Azure CDNhttps://docs.microsoft.com/en-us/azure/cdn/cdn-cors. If CORS isn’t working after following this documentation please provide us a repro or open up a support ticket so that we can investigate further.

    10. Custom rules for WAF

      Allow user created rules for WAF.

      62 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  6 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. Support OWASP Core Rule Set for Azure CDN

      Ability to use WAF with OWASP CRS, and turn on/off specific rules

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    12. Provide access control feature

      I'm looking to use Azure CDN to replace a password-protected FTP area. The lack of access control is preventing me using the CDN.

      7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    13. Alerts triggered from a URL RegEx

      It would be great if we could register alerts to trigger from a URL hit or number of hits / second.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    14. Ability to provide custom error response for HTTP errors e.g. 404's

      Ability when 404 is returned by ones origin to have the CDN respond with a preconfigured URL i.e. custom response page.

      89 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  4 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    15. 6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    16. CDN Forward HTTP Proxy

      Currently we are only serving static content through CDN, it would be nice to serve dynamic content with cookies etc, where CDN kind of acts as a Forward HTTP Proxy instead of CDN. Benefit will be of multiplexing HTTP traffic to single host.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      We need more details on what you are looking for regarding “multiplexing HTTP traffic to a single host” The CDN is built as a reverse proxy and can be used for both static and dynamic content. For dynamic content that you don’t want to be cached by the CDN you can either set the appropriate cache control header (e.g. max-age) or use the bypass cache capability in the rules engine in the Azure CDN Premium to control this for specific content. Long term we are working on enabling this capability also in Azure CDN Standard.

    17. Provide Access to CDN Storage

      Currently there seems to be no way to access the storage the CDN is using.

      I would like to use Function App with a NodeJS Blob Trigger to minify any CSS and JS files that land up on the CDN Storage.

      Another scenario is to jslint & css lint any js and css files that gets stored in CDN storage and send notifications if there's anything that won't lint.

      Yet another scenario is to use a blob trigger blobs and optimize any images that gets stored.

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →

      There currently isn’t any way to access storage that is used by the CDN for caching purposes. Content is never permanently stored in the CDN cache. By default content is stored for a max of 7 days. Longer or shorter times for this TTL can also be specified. However, in all cases this is just a max value and content can be removed from the CDN’s cache if it isn’t being actively accessed.

      Long term we are investigating the ability to have the CDN automatically optimized images and reduce the size of content (e.g. minify files) before they are delivered to clients.

    18. Support WebApp deployment slots for Endpoints

      In the Azure Portal, when configuring an Endpoint for a CDN resource, you can select WebApp. It gives you a nice list of WebApps you have access too. The problem is, if those WebApps are using Deployment Slots for staging (Dev, Test, Prod); you can't add an Endpoint for anything other than the production slot.

      We would like to have a mirrored setup where our WebApp Dev slot is accessible through the CDN.

      The work around is to add a custom origin, which works--but seems like the WebApp feature could be more robust.

      Thanks!

      82 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  2 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    19. CDN image auto image crop and resizer functionality for images

      It would be really good, if the CDN could handle query strings and for the file format of images, handle resizing and cropping parameters automatically to resize our content needs... This done by the Azure CDN by its own.

      258 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  16 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    20. Prevent Azure CDN Bandwidth abuse

      Hello,
      I have already made a couple of posts in regards to this issue on StackOverflow: http://stackoverflow.com/questions/35488753/how-to-prevent-azure-cdn-bandwidth-abuse-by-malicious-bandwidth-vampire-requests and on MSDN CDN forum: https://social.msdn.microsoft.com/Forums/azure/en-US/9e37ca24-b38d-4193-847b-f679eab76aa5/azure-cdn-bandwidth-abuse-by-malicious-bandwidth-vampire-requests?forum=azurecdn but so far, unfortunately, no good solutions to the problem were offered. So I thought it would be a good idea to post this idea here as well, and get a little more into detail on how to solve the issue since this little fix can easily be integrated into the upcoming WAF offering with the Premium SKU.

      Problem:
      To summarize, the problem can simply be stated as follows: Any large multimedia content file such as an…

      124 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  2 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1
    • Don't see your idea?

    Feedback and Knowledge Base