Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. private link for Appservice but public SCM endpoint

      Private link also makes the SCM endpoint private for an app service. This means that we can't use cloud hosted Azure Devops agents to deploy our appservice.

      We should be able to make access to the site use the private link but still be able to use IP whitelisting to allow access to the SCM site

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    2. 1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    3. NSG flow logging isn't supported when using NAT

      Any plans when this or if this is going to be implemented in the future. NSG flow logging.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    4. Increase VNET Peering Limit of 500

      With new concepts like Global VNet Peerings, Virtual Datacenter and Hub-Spoke Topology - VNET peerings become even more important.

      Please INCREASE the number of 500x allowed Peerings

      Thanks,
      Catalin.Cloud

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    5. Improve Networking API

      https://docs.microsoft.com/en-us/rest/api/virtualnetwork/Subnets/Get

      Add an additional return value field stating remaining Private IP Addresses available for consumption in a VNET\Subnet -

      This response can help monitor Private IP exhaustion from AKS \ DataBricks \ - maybe expand capability to PrivateLink or Service Delegated subnets.

      This could also be delivered as a service in NetworkWatcher.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    6. ◇ Title : VIrtual network :To edit the address ranges that has Vnet peering setting

      According to the current Azure Virtual Network specification, if we want to edit an address range on a VNet that has VNet peering settings, we need to delete the VNet peering settings, change the address space, and then configure VNet peering again.
      We hope to be able to change the configuration of address ranges without deleting the VNet peering settings.

      Reference as follows: Requirements and constraints
      https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering#requirements-and-constraints

      27 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    7. Support Global VNet Peering in Azure App Service VNet Integration

      App Service allows integrating to a VNet and it can talk to peered VNets in the same region, but cannot talk to peered VNets in other regions (global peering).

      This would allow us to not have to deploy an App Service in each region or switch to IaaS services.

      9 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    8. Dual Stack Azure VM requires public IPv4 address to work

      An Azure VM configured in a dual-stack IPv6 subnet with two IP configurations (IPv4 and IPv6) by default has IPv4-only connectivity.
      The VM will get IPv6 internet connectivity only if a public IPv6 address is assigned to it. Once a public IPv6 is assigned to the machine, IF the machine does NOT have a public IPv4 assigned to it, the VM will loose IPv4 internet connectivity and will only be able to browse ipv6-only sites.
      When a public IPv4 address is assigned to the VM, VM will be able to browse IPv4 and IPv6 sites.

      Such behavior is unexpected (assigning…

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    9. Error Messages from Azure should be informative enough for the user to take corrective measures

      When a deployment fails, error messages do not explain or let us know what was the issue all about. This needs to be fixed.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    10. Peering Cost prevents some freedom in design

      Several times when proposing a customer utilize an "empty hub" as a starting point in what will grow over time, the cost affiliated with the peering causes some push back.

      My suggestion is to remove the cost associated with Peering within a region, Global peering I wouldn't expect be free. Typically the hosts in a hub / spoke config communicates within 1 vNet or to a Hybrid endpoint, that already incur egress charges from the GW

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. List VM's attached to Application security group

      Please allow to list the number of vm's attached to ASG, it woulb be easy to search and update the rules. currently we are having 30-35 serveres in each environment, it is very difficult to identify the vm's which are using common asg. there is no direct search option to do this.

      only available option is to go to each vm and check nic/asg attached to it.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    12. Multiple SubnetGateways or Gateway Transit Peerings

      Allow Multiple GatewaySubnets per vNET - or - Allow a vNET to use Multiple Gateway Transit Peerings.

      42 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    13. I want to set using gateways on spoke vnet.

      actually, vnet peering is able to single hub architecture.

      eg;
      Allowed model:
      [ Spoke vnet1 ] ----------- [ Hub vnet1 ] -----<ER/S2S>---
      - spoke to hub use remote gateway
      - hub to spoke allow gateway transit

      Disallowed model:
      ---<ER/S2S>---- [ Spoke vnet1 ] -------- [ Hub vnet1 ] --- <ER/S2S> ---
      - spoke to hub use remote gateway
      - hub to spoke allow gateway transit(both vnets)

      I want to use multi gateway, use scenario is below.
      [Spoke vnet1] is owned by managed service provider. This service has VPN option on VPN gateway. but, cannot deploy VPN of this restriction.

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    14. UDR next hop based on FQDN

      Are there any plan to support next hop address based on FQDN so route table can be failover based on DNS ?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    15. Tiny IPv6 address prefix size is just embarrasing.

      This is a common theme of service providers that Just Do Not Get It. The entire point of IPv6 is that the address space is no longer limited to tiny blocks.

      The standard is to provide a /64 to customers. That should be the bare minimum for a cloud service being provided to enterprises. A /125 is a joke.

      The RIPE.NET recommendation is /48 for everybody: https://bit.ly/2rynO5M

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    16. Service Tag dependecy

      What does Service Tag depency on other service tags mean? For example for Azure Monitor service tag has dependency on Stroage service tag. Does this mean we need to add Storage as well for Azure Monitor or does this mean Azure monitor includes IPs for Storage service tag?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    17. Is there a Azure product which is comparable to AWS's transit gateway?

      Is there a Azure product which is comparable to AWS's transit gateway?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    18. Allow to add multiple Service Tags to NSG rule

      Allow to add multiple Service Tags to NSG rule. Right now we can add multiple subnets, ranges, IPs and ports, Great idea would be to add also multiple service tags to source/destination as now we create multiple rules for one host to multiple service tags.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    19. The Ability to change/define the BGP IP address assigned to the Virtual Network Gateway (automatically by Azure) when enabling BGP

      The BGP Peer IP addresses when randomly assigned creates issues with the On-premise networks and private IP addresses ranges being advertised and currently in use. Customers have VPN's to various other devices and platforms, the static address provided creates routing issues when the BGP peer advertised is a part of a cutomer On-premise network.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    20. Azure Network Topology Diagram Vnet to Vnet

      Azure Network Topology Diagram is great but it will be more useful & better if that can be extended from Vnet to vnet as well & this will give us better understating how the whole azure setup is done. It will also help us to troubleshoot more better way. Is there any plan to add this feature in near future?

      7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1 3 4 5 6
    • Don't see your idea?

    Feedback and Knowledge Base