Provide API to get live CDN metrics (number of requests, different cache statuses, different HTTP response codes, response time, origin time etc) from CDN. The same metrics is available now only via HTML dashboard in CDN manager as "Real-Time Stats", but enterprise setups need the data to our dashboard systems, not as yet another separate website.5 votes
You should consider adding a Azure Networking Traffic Simulator somewhere in Azure to provide better tooling for troubleshooting and configuring NSG firewall rules.5 votes
We want Application Gateway Public IP to be used and associated with Virtual machine. If we remove application Gateway , its public IP should be retailed.5 votes
Today the IP is of type dynamic and cannot be reapplied elsewhere. We plan to support reserved IPs in future at which point customers will be able to reuse the VIP.
NSG's should allow the use of Azure resource ID in addition to ip addresses for NSGs. For example, if I reference the ID of a webapp, then the rule will apply to the public IPs of that webapp. If I reference an azure VM, then the rule will apply to the ip address of that vm. And so on. It would make it so much more flexible to build up rules by using resource id's/names than today's very static and cumbersome implementation, especially for complex rules.4 votes
Thank you for your suggestion. We have included this in our roadmap.
Adding the ability to restrict outbound traffic based on Site Categorization would be great. This would give the ability to restrict outbound access to adult, gambling and other questionable sites.4 votes
when adding endpoints to the traffic manager, you get all app-services that are available, but in our case, the list is very long, and searching makes it difficult. The list is not sorted, and neither can we filter it.
Adding a filter would be very helpfull.4 votes
The Azure Service Fabric Reverse Proxy allows services running in the cluster to be reached from outside the cluster via HTTP(s). The default port for the reverse proxy is 19081.
Azure CDN (with AKAMAI) allowed origin port list currently does not include that port.
AKAMAI CDN should include the default reverse proxy port for Azure Service Fabric in the allowed origin port list so that integration can happen right out of the box.4 votes
Thank you for the feedback. We have confirmed the ability to add this port. We are targeting January 2018 to have this update in place as the Akamai network is currently locked down for this type of update until after the holiday season.
We can't meter Point-to-Site VPN usage now.
Please provide metric for Point-to-Site VPN traffic like Site-to-Site tunnnel metric.3 votes
Application Security Groups, Service Tags, and Augmented security rules (public preview) would be great additions to managing networks security in Azure Government. NSG's are good, but a complex application can quickly increase the number NSG rules and potentially reach limits fast. These three features would be really REALLY nice.3 votes
Thank you for your suggestion, we moved it to our ‘Networking’ bucket so we can review and update it. ASGs, service tags are in our immediate roadmap as well as further increasing the number of NSG rules (1k at the moment).
Add a feature that gives you an static IP regardless of what server you attach to it. That wat, if you have to migrate your server you keep your IP Address.3 votes
Hi there, this is good feedback and we already have this on our list for long term roadmap.
However, we have to make some non-trivial changes to make this happen.
- Anavi N [MSFT]
Kubernetes requires access to the different endpoint to perform automation.
We also need to restrict internet access with an outbound rule. It would be best if we could configured the NSG to prevent internet access while keeping the access to the internal Azure endpoints.3 votes
Thanks for the feedback, we are currently onboarding this service, looking forward to enable service tag for ARM :)
Currently Azure DNS Zone will randomly create Zone records in different DNS Servers.
I have a public DNS server which I would like to migrate to Azure DNS Zone, to do this I need maintain my name servers but redirect to Azure's. because every time I create a new zone it is generated in a different DNS Server I can't create the CNAMEs to easily migrate my clients domains.
Could this feature be added.3 votes
Thank you for the feedback. If you are referring to DNS zone transfer, this has been included in our current planning cycle.
Load balance rules do not show which server(s) traffic is currently being sent to.
Within a “Load Balance Rule” simple traffic light of Green /or Red against a node would give a quick visual indication that traffic is being sent to the node.
This would help us identify if a service had/was stop on a specific node or if a node was turned off.3 votes
In portal backlog for Standard LB. Please use multi-dimensional metrics in Azure Monitor in the interim to chart the health probe status.
More details can be found here: https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics
I'm using Akamai General Web Delivery. Its seems fine but Purge all and on the images files specific have not able the set Leverage Browser Caching (expire headers). Its maybe easly be on the Azure control panel.2 votes
Both of these capabilities are in our backlog for making available via Azure CDN from Akamai later this year.
When using websockets together with Azure Application Gateway, you end up with artifically increased latencyd in the ApplicationGatewayPerformanceLog. Indeed, all the 101 (websockets) connections remain pending, which is a normal behavior and their duration gets recorded by the gateway. The problem is this normal behavior increases the average latency of all requests (including non-101) and there is no way to filter 101 out of the ApplicationGatewayPerformanceLog logs...Therefore, if we setup an alert on latencyd, this will raise a lot of false positives...While this metric is very useful in the ApplicationGatewayAccessLog because it allows for calculation of average user sessions, it is making the ApplicationGatewayPerformanceLog unreliable because there is no way we can discard 101 from this category.
When using websockets together with Azure Application Gateway, you end up with artifically increased latencyd in the ApplicationGatewayPerformanceLog. Indeed, all the 101 (websockets) connections remain pending, which is a normal behavior and their duration gets recorded by the gateway. The problem is this normal behavior increases the average latency of all requests (including non-101) and there is no way to filter 101 out of the ApplicationGatewayPerformanceLog logs...Therefore, if we setup an alert on latencyd, this will raise a lot of false positives...While this metric is very useful in the ApplicationGatewayAccessLog because it allows for calculation of average user…2 votes
Thanks for your feedback. We have added this item to our backlog.
When the UDR assoc the Subnet is not possible connect by RDP from the Internet, or other services exposed in the internet.
If I could create the NAT Rule on the Azure Firewall I can expose any services in internet and this issue would be resolved.
thank you so much.
Best Regards1 vote
The amount of hassle involved with getting some IKE logs for a VPN that will not connect is unacceptable. 15 Azure PoSH commands is insane.
Have a working troubleshooter in the web UI1 vote
Thanks for the feedback. We plan to leverage Azure Monitor Diagnostics logs to allow customers to get IKE logs. Will update once the feature is in progress.
We have several app-ways in the same subnet.
Traffic analytics is display a DestIPs which does not correspond with the displayed NICs (it belongs to a different app-way).1 vote
Hello, Please provide which country comes under which Zones for Outbound data transfer. This will help for correct pricing for customers for zone1, zone2 and zone31 vote
We are planning to provide greater detail that shows which peering location (i.e. Washington DC) aligns to which Zone (i.e. Zone 1).
Is adding external endpoints via IP address available instead of FQDN? i don't think it is? can some one clarify it please..
On Azure Traffic Manager, is external endpoints addition via IP address available instead of FQDN? i don't think it is yet? can some one clarify it please..1 vote
- Don't see your idea?