Networking
The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.
Virtual Network:
Traffic Manager:
Network Watcher:
If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.
-
Fallback to secondary region of RA-GRS storage endpoints
If CDN endpoint origin is RA-GRS storage account and application can tolerate eventual consistency of RA-GRS storage accounts it should be possible to enable automatic fallback to secondary endpoint in case of retryable error returned by origin.
16 votes -
CDN Allow Root Domain for Custom Domains
It would be great to be able to set an A record to a root domain for CDNs like you can with web apps.
For example you can set a CNAME to www.example.com but you cannot set an A record to example.com.
377 votesThank you for your suggestion. We are reviewing it and will get back to you.
-
11 votes
Azure CDN is currently revaluating their plans for Azure Government
For customers that have both public Azure and Azure Government, given that CDNs don’t host restricted data, you can use Azure CDN from public Azure in the interim.
-
A ready for use CDN
Give free a CDN that is ready for use, except for some parameters to be specified and the necessary files to be uploaded. Something like a template.
The videos where experts give lectures are only for other experts to applaud. The majority of your prospective clients are businessmen, educators, etc., who do not want to become experts in IT and do not have the time.1 voteWhat specific use case scenarios are you looking for this capability? For a # of end-to-end scenarios in Office 365 (e.g. Office 365 Video) we already enable CDN seamlessly without any user interaction needed or additional cost.
-
Support HSTS and HPKP
Allow HSTS and HPKP to be enabled on Azure CDN
Currently these values can only be passed through from the origin, which is fine for HSTS but can cause issues for HPKP (as the CDN cert may change, and probably doesn't match the origin cert)
7 votesHow do you want HSTS to be enabled on the CDN? HSTS can be enabled on Azure CDN from Verizon Premium by using the rules engine to add the “Strict-Transports-Security” response header. Support for HPKP would likely require customers to provide their own HTTPS certificates. Once support for providing your own certificates is available the rules engine could be used to enabled HPKP support.
-
Purging via CNAME
Currently purging is just supported by specifying the CDN endpoint. For case where a rewrite rules is used to direct customers to different content based on the CNAME (e.g. by selecting content to return based on host name) it is valuable to have the ability to purge content based on CNAME. Without this capability one needs to create individual CDN endpoints to use for each CNAME that has different content returned based on the CNAME.
8 votes -
Dashboard with CDN Information
The current CDN portal provides the required information, but it would be good to have something in the form of an Dashboard, which can provide an complete view of the performance and utilization.
Region/Country wise cache status and the hit and miss ration is good to have to understand the traffic and to be aware of the performance from the different regions.
11 votes -
Signed cookie in CDN
Enable authenticated access to CDN without the need to change URL or headers. This is especially useful for referencing a static web page in an IFRAME.
Scenario. When user signs in to example.com, we would first redirect users to a non-cached page on CDN cdn.com, which would set the signed cookies, before redirecting back to example.com.
On example.com, we have an IFRAME that references a static webpage on cdn.com. The static webpage references other images, JavaScript and CSS on cdn.com. The access to the webpage and other resources are authenticated by the signed cookie.
AWS implementation http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html
48 votesIf you are using Azure CDN from Verizon Premium, you can open a technical support case to have this capability setup for you via the rules engine. Overall you would use the token authentication capabilities in Azure CDN from Verizon Premium to accomplish this – https://docs.microsoft.com/en-us/azure/cdn/cdn-token-auth. With token authentication the signed token is sent by default in the query string for your URL’s. The capability you are looking for is the ability to instead have the token sent as a cookie in the client request to the CDN.
We will look at enabling this capability long term without the need to open a support case.
-
Correctly handle CORS with Range header
When browser sends a Range request to CDN, CDN downloads the entire file from origin, then serve the appropriate range to the browser. However, when serving the content range, it does not send the CORS header that is present in the origin, thus breaking cross origin requests.
6 votesWhich SKU of Azure CDN are you using – Azure CDN from Verizon or Azure CDN from Akamai. See the following documentation for working with CORS and Azure CDN – https://docs.microsoft.com/en-us/azure/cdn/cdn-cors. If CORS isn’t working after following this documentation please provide us a repro or open up a support ticket so that we can investigate further.
-
Custom rules for WAF
Allow user created rules for WAF.
62 votes -
Support OWASP Core Rule Set for Azure CDN
Ability to use WAF with OWASP CRS, and turn on/off specific rules
1 vote -
Provide access control feature
I'm looking to use Azure CDN to replace a password-protected FTP area. The lack of access control is preventing me using the CDN.
7 votes -
Alerts triggered from a URL RegEx
It would be great if we could register alerts to trigger from a URL hit or number of hits / second.
3 votes -
Ability to provide custom error response for HTTP errors e.g. 404's
Ability when 404 is returned by ones origin to have the CDN respond with a preconfigured URL i.e. custom response page.
89 votes -
Enable Large File Optimization for the below extensions
mkv mxf m2ts webm vob
6 votes -
CDN Forward HTTP Proxy
Currently we are only serving static content through CDN, it would be nice to serve dynamic content with cookies etc, where CDN kind of acts as a Forward HTTP Proxy instead of CDN. Benefit will be of multiplexing HTTP traffic to single host.
1 voteWe need more details on what you are looking for regarding “multiplexing HTTP traffic to a single host” The CDN is built as a reverse proxy and can be used for both static and dynamic content. For dynamic content that you don’t want to be cached by the CDN you can either set the appropriate cache control header (e.g. max-age) or use the bypass cache capability in the rules engine in the Azure CDN Premium to control this for specific content. Long term we are working on enabling this capability also in Azure CDN Standard.
-
Provide Access to CDN Storage
Currently there seems to be no way to access the storage the CDN is using.
I would like to use Function App with a NodeJS Blob Trigger to minify any CSS and JS files that land up on the CDN Storage.
Another scenario is to jslint & css lint any js and css files that gets stored in CDN storage and send notifications if there's anything that won't lint.
Yet another scenario is to use a blob trigger blobs and optimize any images that gets stored.
6 votesThere currently isn’t any way to access storage that is used by the CDN for caching purposes. Content is never permanently stored in the CDN cache. By default content is stored for a max of 7 days. Longer or shorter times for this TTL can also be specified. However, in all cases this is just a max value and content can be removed from the CDN’s cache if it isn’t being actively accessed.
Long term we are investigating the ability to have the CDN automatically optimized images and reduce the size of content (e.g. minify files) before they are delivered to clients.
-
Support WebApp deployment slots for Endpoints
In the Azure Portal, when configuring an Endpoint for a CDN resource, you can select WebApp. It gives you a nice list of WebApps you have access too. The problem is, if those WebApps are using Deployment Slots for staging (Dev, Test, Prod); you can't add an Endpoint for anything other than the production slot.
We would like to have a mirrored setup where our WebApp Dev slot is accessible through the CDN.
The work around is to add a custom origin, which works--but seems like the WebApp feature could be more robust.
Thanks!
82 votes -
CDN image auto image crop and resizer functionality for images
It would be really good, if the CDN could handle query strings and for the file format of images, handle resizing and cropping parameters automatically to resize our content needs... This done by the Azure CDN by its own.
258 votes -
Prevent Azure CDN Bandwidth abuse
Hello,
I have already made a couple of posts in regards to this issue on StackOverflow: http://stackoverflow.com/questions/35488753/how-to-prevent-azure-cdn-bandwidth-abuse-by-malicious-bandwidth-vampire-requests and on MSDN CDN forum: https://social.msdn.microsoft.com/Forums/azure/en-US/9e37ca24-b38d-4193-847b-f679eab76aa5/azure-cdn-bandwidth-abuse-by-malicious-bandwidth-vampire-requests?forum=azurecdn but so far, unfortunately, no good solutions to the problem were offered. So I thought it would be a good idea to post this idea here as well, and get a little more into detail on how to solve the issue since this little fix can easily be integrated into the upcoming WAF offering with the Premium SKU.Problem:
To summarize, the problem can simply be stated as follows: Any large multimedia content file such as an…124 votes
- Don't see your idea?