Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Support User-agent http header for Azure FrontDoor

      Support for User-Agent http Header.
      It could be very usefull to be able to redirect to specific backend using the User-Agent header (ios ...).

      Actually the only way i found to achieve this is to put another Ngnix in front of Front Door to redirect to specific Host.

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    2. Front door equals

      Front Door Rules Engine has match condition by request path. For value to match you have to specify it without root /. For example to match path /abc you have to specify "Equals abc".

      This behavior is not documented and is counterintuitive. Another issue that there is no obvious way to match exactly /. Only solution is to match request path that is Less than 1.

      Please fix Route path to contain leading slash. If that is not possible please update documentation on Rules Engine to describe this behavior and provide workaround to match exactly /.

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    3. Validate Token like APIM at Azure Front Door Level

      Can we validate Security Token At Front Door like API Management Service?

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    4. Challenges in making AFD Work as a CDN for on prem resources

      We would like to use the AFD's WAFs capability and CDN for protecting our on premise farm

      We will need to create the service on AFD and have Backend access via an IP and Backend header
      Conceptually and by design the service should be able to do it
      Challenges:


      1. On a single IP we have many Names that are published in HTTPS only, a single certificate with SAN entry for all the names
        The IP address normally does not respond to any request and give a 403

      We have modified the IP to respond with 200 for HTTP
      but HTTPS…

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    5. Exclusions required in config of Frontdoor WAF

      Please implement match exclusions in the Frontdoor WAF similar to how exclusions are handled in Application Gateway WAF. We need to ignore a cookie value where randomized session strings seem to trip WAF regularly.

      Thanks
      Ben.

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    6. Why does front door remove Authorization Headers when we do a Redirect?

      I have a set of APIs built using web service (legacy) and I have created a new set of APIs using Azure functions. Now I want all my legacy API to route to Azure Function.

      I tried the Azure Front Door service redirect to achieve the functionality. I was able to redirect but the request headers are missing in the redirected requests. Not sure why Azure Front Door is removing them?

      4 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    7. Allow replacing/updating parts of a http header value

      Today you can only remove, add or completly re-write an http header value.

      It should be possible to replace part of it.

      For this to be useful, there should be a various of environment variables" which you should be able to reference.
      There could include values currently being used by the frontend, backend and rule which is currently executing, as well as generic things like a UniqueID for the request, the date and time, browser type, country of remote client and so on.

      Also you should be able to use complex regex for this, with multiple capture groups which should…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    8. Validate domains and not hosts(sub domains)

      Make it so I can validate a domain once with a txt record or whatever, and then there won't be any need for any more validations for that domain.

      So when I add a new frontend in Front Door it is automatically validated directly if the domain is already validated.

      This would allow for certificates to be requested without the messing around with afdverify which is needed now , which also need you to manually verify the newly added domain and it takes hours before DigiCert decide to send the emails for manual verification.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    9. provide dev/test pricing for Azure Front Door

      It would be great if you provide dev/test pricing, especially when it comes to the cost of routes.

      Our pre-prod environments have very little traffic, but a lot of routes.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    10. Front door t-msedge.net add ipv6 to auth nameservers.

      Front door cname domain fails to load in a IPv6 only scenario, since the auth nameservers for domain t-msedge.net is IPv4 only. Please add IPv6 to those nameservers ASAP.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    11. Front Door: TM’s FQDN is reflecting in drop down menu mutiple times when adding app services to a front door backend pool

      Currently if i have multiple app services connected to a traffic manager and i want to have a Azure Front door, TM's FQDN reflects in the dropdown while adding these appservices in Front door backend pool.

      For eg. Say xyz.azurewesites.net and pqr.azurewebsites.net are connected to tm.trafficmanager.net. When I create a front door and try to add these appservices to the pool, tm.trafficmanager.net shows up two times instead of real appservice names.

      This is a issue where if I want add app services among multiple backend pools say one for read and one for write, there would be no way to…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    12. Allow running Front Door (WAF) in a learning mode

      If should be possible for Front Door to learn what requests look like for a site, and then white-list those request patterns, and at the same time indicate that requests that don't match the learned pattern should be considered more likely to be "bad requests".

      There should be a GUI where blocked requests are listed, where you could select if it's an OK request or not.

      Also, Front Door should know" when there's a new deployment of the backend, and then automatically enter a a semi-learning mode for a period.
      During this period FD should be less prone to block…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    13. Make it possible to handle https redirects from a naked domain to a subdomain (https://MyDomain.com to https://www.MyDomain.com)

      This is needed because there is no way of doing this unless you go and get a certificate for the backendas well, and then you still have the cert admin overhead to deal with.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    14. Swap back the backend http host header to that of the front end for the http response header

      Front Door has functionality to make sure the host header works for the backend.
      Even though, Front Door has no problems with delivering an http-header with location set to the Front Door configured value for host header for the backend.

      It is kind of obvious, that if you replace a host header from A to B on the way in, you should swap it back on the way out.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    15. Rule Engine Configuration: Add "Request Host Name" as a test condition field

      The only option currently available within Azure Front Door to test the incoming request host name is through the "Request Url" field; since regexes are not supported - and the incoming request url value can be incredibly long - it is not economical to test against this field.

      Enabling developers to test conditions against a "Request Host Name" field would let them to implement high-level, domain-specific rules without any difficulty.

      An example rule with "Request Host Name" "Ends With" "mx" "To Lowercase" would be applicable to these incoming requests:
      somedomain.com.mx
      FOODOMAIN.MX
      bardomain.com.mx
      thisisareallylonghostname.CoM.mX

      But it would not be applicable to…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    16. Rule Engine Configuration: Add "Prepend" as a redirect destination path option

      With the current Rule Engine Configuration feature set, developers only have the option to Replace or Preserve the target path when performing a route configuration redirect override. These two options are rigid, and as such, significantly limit the capabilities of Azure Front Door; adding a Prepend option would significantly add more flexibility to Azure Front Door - while keeping it easy for developers to use.

      Attached is a mock-up of how this functionality would be utilized within the Rule Engine Configuration blade.

      In this mock-up, a rule is configured so that any request to http://somewebsite.com with a path not starting…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    17. Provide Example to connect Front Door with Azure Load Balancer

      Currently no example is provided to showcase connectivity between Azure Front Door and Azure Load Balancer - although your FaQ states it should work there is no proof anywhere and any combinations tried in a live subscription to make this work lead nowhere.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    18. Standard Rules Engine: Support Appending Query Strings (e.g. SAS Tokens for Storage Accounts)

      Standard Rules Engine: Support Appending Query Strings

      Initial use case would be for allowing Front Door and Azure CDN to sit in front of static websites and content stored in a PRIVATE storage account/container.

      As it currently exists, using a private storage account is only compatible with Premium Verizon Azure CDN: https://docs.microsoft.com/en-us/azure/cdn/cdn-sas-storage-support#option-2-hidden-cdn-sas-token-using-a-rewrite-rule

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    19. Fallback to secondary region of RA-GRS storage endpoints for AzureFD

      With a storage account configured with RA-GRS. It would be nice that if Azure FD is using a backend point to a storage account it would use primary endpoint as Priority 1 and for the secondary endpoint be used as Priority 2, currently this needs configured manually with 'Custom Host' type

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    20. 2 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base