Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. 2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    2. I want to set using gateways on spoke vnet.

      actually, vnet peering is able to single hub architecture.

      eg;
      Allowed model:
      [ Spoke vnet1 ] ----------- [ Hub vnet1 ] -----<ER/S2S>---
      - spoke to hub use remote gateway
      - hub to spoke allow gateway transit

      Disallowed model:
      ---<ER/S2S>---- [ Spoke vnet1 ] -------- [ Hub vnet1 ] --- <ER/S2S> ---
      - spoke to hub use remote gateway
      - hub to spoke allow gateway transit(both vnets)

      I want to use multi gateway, use scenario is below.
      [Spoke vnet1] is owned by managed service provider. This service has VPN option on VPN gateway. but, cannot deploy VPN of this restriction.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    3. UDR next hop based on FQDN

      Are there any plan to support next hop address based on FQDN so route table can be failover based on DNS ?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    4. Tiny IPv6 address prefix size is just embarrasing.

      This is a common theme of service providers that Just Do Not Get It. The entire point of IPv6 is that the address space is no longer limited to tiny blocks.

      The standard is to provide a /64 to customers. That should be the bare minimum for a cloud service being provided to enterprises. A /125 is a joke.

      The RIPE.NET recommendation is /48 for everybody: https://bit.ly/2rynO5M

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    5. Service Tag dependecy

      What does Service Tag depency on other service tags mean? For example for Azure Monitor service tag has dependency on Stroage service tag. Does this mean we need to add Storage as well for Azure Monitor or does this mean Azure monitor includes IPs for Storage service tag?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    6. Is there a Azure product which is comparable to AWS's transit gateway?

      Is there a Azure product which is comparable to AWS's transit gateway?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    7. Allow to add multiple Service Tags to NSG rule

      Allow to add multiple Service Tags to NSG rule. Right now we can add multiple subnets, ranges, IPs and ports, Great idea would be to add also multiple service tags to source/destination as now we create multiple rules for one host to multiple service tags.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    8. The Ability to change/define the BGP IP address assigned to the Virtual Network Gateway (automatically by Azure) when enabling BGP

      The BGP Peer IP addresses when randomly assigned creates issues with the On-premise networks and private IP addresses ranges being advertised and currently in use. Customers have VPN's to various other devices and platforms, the static address provided creates routing issues when the BGP peer advertised is a part of a cutomer On-premise network.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    9. Azure Network Topology Diagram Vnet to Vnet

      Azure Network Topology Diagram is great but it will be more useful & better if that can be extended from Vnet to vnet as well & this will give us better understating how the whole azure setup is done. It will also help us to troubleshoot more better way. Is there any plan to add this feature in near future?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    10. Create VNETs in their own, dedicated resource group.

      A lot of folks report problems deleting a VNET. One thing I found which works is to create the VNET in a dedicated resource group, and then, if you need to delete the VNET, delete the entire resource group. This seems to work. Of course, there are authorization implications, but those should be manageable by assigning rights with service principals at the subscription or individual resource level.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. Add a preference route or cost when exist two or more route for the same destinations

      The client does not always have BGP options on their local firewall and traffic can go through one tunnel or the other. With the option of setting the priority helps and solve the problem.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    12. ASGs for UDRs

      ASGs are wonderful. They decouple ACLs from subnets, and so allow me to segment my application tiers without having to create separate subnets for each tier.

      However, the moment I need to use UDRs, I'm back to using subnets for each tier. It would be great to be able to define UDRs for an ASG, so I can decouple routing from subnets just as I can currently decouple ACLs from subnets.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    13. Allow NVAs etc... to establish BGP session directly with VNETs

      To make HA scenarios a lot simpler with NVAs that support BGP (which most of them do nowadays) each VNET should allow you to establish a BGP session directly with it so you can advertise and learn routes dynamically straight to the VNET.

      This would help so many HA scenarios and also making sure traffic flows are symmetric a lot simpler by using BGP local preference, AS Path and Weight attributes.

      Perhaps this could be enabled via a VNET service endpoint on your VNET as required?

      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    14. Portal - Azure Networking - column heading for vNet and subnet to list address range

      Hi, would be nice to have a column to list the default address ranges for vNet and subnet associated with CIDR eg
      10.252.0.0/18 10.252.0.0-10.252.63.255

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    15. Add metrics for routes in route tables

      Add metrics for routes to provide an easy way to utilize backup routes in Azure.

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    16. Integrating App service on the exsiting VNET that already has static (or dynamic) IP.

      I want to integrating App service on the exsiting VNET that already has static (or dynamic) IP.

      31 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    17. Allow Network Adapter to move to different VNET

      Please allow one to move a VM or VM NIC to a different VNET. Its pretty crazy that one of the suggested options is a backup and restore to change the virtual machines network

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    18. wants to make my custom service tags for network security group

      Is it possible to create and add our own service tag mapping to multiple ip address ranges? These days, we need to have our own service tag for outside cloud vendor's service such as payment or customer review.

      39 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    19. Cross-subscription VNet (Shared VNet)

      A virtual network that spans subscriptions. Multiple different subscriptions can deploy to the same virtual network in a region.

      If you are interested in this feature, please up-vote and add details about your company/scenario.

      We appreciate the feedback.


      • VNet Team [MSFT]

      55 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      need-feedback  ·  2 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    20. NSG service tag for AzureBastionSubnet

      When implementing complicated access controls inside a virtual network, we always need to allow connections from AzureBastionSubnet of the virtual network.

      It would be nice we have AzureBastionSubnet service tag which automatically describes a specific Azure Bastion subnet for each virtual network where resources NSG attached reside in.

      7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1 3 4 5 6
    • Don't see your idea?

    Feedback and Knowledge Base