Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. how to access restrict for private endpoint

      A private endpoint of Azure SQLDB is created, and it can be accessed with Private IP via Express Route from on-premises.
      Since the NSG of the subnet does not act on the endpoint, the private endopoint can be accessed from anywhere on-premises.
      Is there any way to restrict the connection source IP address for Private endpoint on Azure side?

      43 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Azure Private Link  ·  Flag idea as inappropriate…  ·  Admin →
    2. PaaS Resources Should All Have Private IP Option

      One of the biggest concerns for companies is moving data to publicly accessible resources. Most companies are going to be hybrid cloud for a while as well. They also have sites that access sensitive data.

      The game changer for Azure is to allow all storage (data lake store, storage accts, etc.) and app services (besides paying for an ASE) to be private IP with VNET integration...

      All of the AWS breaches are from people exposing storage publicly. This same concern lies within Azure blob storage as well. Even worse since Azure blob storage doesn't have the same firewall settings as…

      14 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Azure Private Link  ·  Flag idea as inappropriate…  ·  Admin →
    3. Private Endpoint groupId should be case insensitive.

      When setting up a private endpoint, the groupId should be case insensitive. For example, a CosmosDB private endpoint against the SQL API requires the groupId to be "Sql". If the groupId is "sql", the error message is unhelpful:

      code: InternalServerError
      message: An error occurred
      details: []

      Instead, the resource provider should be accommodate any case for the groupId. Or, as a second option, the resource provider should return a helpful error message, such as "Invalid groupId 'sql' was provided. Please see <insert docs url here> for more information." That's an error message a user can understand and provides a path…

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Private Link  ·  Flag idea as inappropriate…  ·  Admin →
    4. Private Endpoint ARM template deployment: fix Complete mode

      Deploying a Private Endpoint using an ARM template works fine in Incremental mode: the Microsoft.Network/privateEndpoints resource in the template automatically deploys the Microsoft.Network/networkInterfaces resource as well.

      Deploying the template in Complete mode results in a failure however: because the NIC is not explicitly mentioned in the template ARM tries to delete it. This fails, which causes the deployment to return failure after about an hour.

      I have not found a way to explicitly deploy a NIC in the template and link it to the Private Endpoint.

      Please make it possible to deploy ARM templates in Complete mode when the template…

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Private Link  ·  Flag idea as inappropriate…  ·  Admin →
    5. Dual-homed private endpoints

      We use private endpoints in our backend systems, and because it is cloud, our developers/engineers need access via the frontend network! So our backend services need to be dual homed to allow connection to the DB privately! To get this to work, we are asked to implement an unmanageable workaround, because of DNS issues that were raised in ticket 120042825000729.
      If we put two IP addresses under the same DNS entry, the first IP address is picked up all the time! The only solution appears that we have two different zones (with the same name), and connect each zone to…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Azure Private Link  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base