Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    How can we improve Azure Networking?

    You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

    There are two ways to get more votes:

    • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
    • You can remove your votes from an open idea you support.
    • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
    (thinking…)

    Enter your idea and we'll search to see if someone has already suggested it.

    If a similar idea already exists, you can support and comment on it.

    If it doesn't exist, you can post your idea so others can support it.

    Enter your idea and we'll search to see if someone has already suggested it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Network Monitor Dashboard

      Provide a dashboard to help understand the Azure network topology and to visualise the NSG rules

      24 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    2. Support edns-client-subnet extension in Traffic Manager

      I'm surprised to learn the Traffic Manager does not support the client-subnet feature. Most major CDNs & DNS providers seem to support it.

      19 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  Domain Name Service (DNS, Traffic Manager)  ·  Flag idea as inappropriate…  ·  Admin →
    3. Support CAA record in Azure DNS web portal

      Thank you for supporting CAA records via CLI/PowerShell/API - but for the majority of people, this isn't easy. Please add support for these records in the DNS zone management blade.

      18 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    4. 16 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    5. Allow network security to allow or deny other network security groups

      Amazon Web Services allows a security group to allow or deny other security groups (including itself). This allows you to easily group NICs (VMs) into the same "VLAN", or to allow one "server role" to access another "server role" (for example allow the WAP security group to access the ADFS security group)

      16 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    6. Application Gateway Performance

      We have two large instances of Application gateway on our application which is a connected client application using long polling. When we did load testing, gateway starts to give 503 with just 10k connections whereas our back-end application just works with just 7 % CPU. When we raised ticket we got a response saying it is as per design. We did not expect this from Application gateway.
      Can you please let us know what is performance metrics of Application Gateway.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. provide diagnostic ability in Azure Resource Manager VPN tunnels

      The PowerShell command that is used in the classic "ASM" VPN troubleshooting is not compatible with the new Azure Resource Manager VPN tunnels. This makes it very difficult to troubleshoot VPN problems.

      The newest Azure PowerShell doesn't provide any start-azureRMvirtualnetworkgatewaydiagnostics like the old azure services manager did.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    8. Add ability to use a Network Security Group (NSG) as a rule source/target

      Currently NSG rules have the concept of the source or target being a Tag, and there are a couple predefined tags (Internet, VirtualNetwork, and AzureLoadBalancer). It would be nice if there was a similar feature where you could select the source or target being another network security group. Resources would be considered part of a NSG if they have their network interface associated with that NSG, they are in a subnet associated with that NSG, or they are in a VNET associated with that NSG. This essentially creates a subnet that has a dynamic address space.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    9. Provide NSG Tags for PaaS Services

      Provide a way to TAG resoures in NSG - such as Azure Storage, Azure SQL and other PaaS Services or let user define his own custom tags.

      12 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    10. Gateway upgrade notification

      As per my understanding Azure does notify the customer on few of the events like a storage maintenance or a VM maintenance, etc but the gateway is not in the list as of now.

      It would have been nice if Azure notified the stakeholders before such a gateway upgrade was due to occur in advance. Alternatively if that wasn’t possible, then at the very least the stakeholders should be notified that their Site2Site VPN tunnel is down post upgrade.

      12 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)

      Thank you for your feedback. Alerting for gateway connectivity is a common ask, so it is on our roadmap.
      As of now, you can check connection status of your tunnel via the PowerShell cmdlet Get-AzureRmVirtualNetworkGatewayConnection.

      Thanks,
      Bridget [MSFT]

    11. Add App Service Virtual IP (VIP) as Traffic Manager endpoints

      When using the Alias Record Set of Azure DNS, it becomes an error if it is a domain name.

      App Service has a VIP, I would like an option to add IP instead of domain name.

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    12. Allow special chartacters in the pre-shared key for IPSec VPN tunnels

      Allow special chartacters in the pre-shared key for IPSec VPN tunnels

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    13. Make ASG independant of a VNET like NSG

      While it's possible to attach a NSG to multiple subnet or even different subnet in different VNET, it should be the same for ASG.
      Currently I can add machines only in the same VNET once a single machine had been added to the ASG.

      My usage : I've got different services I deploy in different vnet but identical usage just different environments. Then I have some shared resource such as nsg that are applied to these different instances and I wanted to add the different machines with same role to a single ASG instead of create one ASG/role/environment and just…

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    14. Allow both ExpressRoute and VPN Virtual Network Gateways on a single VNet

      We have several clients who require both a ExpressRoute Gateway to connect from their on-premises network, AND a VPN connection between the same VNet and another VNet (Either in the same subscription, or in a different subscription.

      An example is a client who wishes to use their subscription to host database servers that can then replicate certain data sets across to an other companies subscription via a VPN connection.

      9 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    15. Direct Traffic to External web page when all nodes in a pool are down

      Ability to redirect incoming request to external webpage when all nodes in the backends pool are shutdown. Users will get this information information during maintenance/outage.

      9 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. provide troubleshooting features to VPN gateways

      Until Microsoft improves the Azure VPN technology, it would be good and sometimes necessary to provide some VPN troubleshooting tools on the Azure side. The local side logs sometimes are not enough and it gets very difficult to understand the reason of tunnel outages. This feature will also be definitely useful once the Azure VPN technology will be completely stable and reliable, in order to analyse traffic and build monitoring based on it.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    17. Auto-scale for Application Gateway

      I hope Application Gateway instance can increase with auto-scale.

      If it has this feature, we dose't need to add instance for many web access.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Application Gateway support for multiple IPs on backend DNS name

      We are using Docker on Azure. Therefore we have a single DNS name for all containers. It would be great to have support for this. Having a backend pool with a single DNS name like 'myservice.domain' having multiple A records (each one resulting in a separate backend server entry).

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    19. Azure Networking Traffic Simulator

      You should consider adding a Azure Networking Traffic Simulator somewhere in Azure to provide better tooling for troubleshooting and configuring NSG firewall rules.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  2 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    20. Application Gateway Public IP to be allocated to existing Virtual Machine

      We want Application Gateway Public IP to be used and associated with Virtual machine. If we remove application Gateway , its public IP should be retailed.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base