Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. change virtual machine virtual network through portal

      Today, I needed to change a virtual network to a existing Virtual Machine. I had to delete this VM, create a new one using attached disks from the old one and set the Virtual Network. It would be nice if we had another way to do that, using Portal for example.

      723 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      16 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    2. Allow DNS servers to be advertised per subnet instead of VNET

      Instead of advertising the DNS servers per VNET, is there anyway we can specify what DNS servers should be advertised per subnet? In most cases, I would create a VNET and use NSGs to segregate out my traffic.

      The problem with specifying the DNS servers for the whole VNET, is now I am required to create a completely separate VNET for a DMZ, as my internal DNS servers are being advertised to those machines. In this case, being able to specify DNS servers at a subnet level will allow more flexibility in regards to creating one VNET instead of multiple…

      534 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      20 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    3. Please provide a way for grouping the endpoints and assign as a group name to the Azure VMs

      We are adding endpoints for each virtual machine once created. Normally the RDP endpoint will be created by default, and can be added more if required by specifying the port #. I feel there are additional features needed to make this feature more flexible and to secure them in a centralized place. Some are -

      1. The endpoints are configured by defining the ports, but it is not accepting whether the ports are inbound or outbound. So, there should be an option to include the port to open for inbound or outbound instead of configuring in the VM.

      2. There…

      312 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →

      Hi there, this is a lot of good feedback. Thanks for taking the time to send it over to us, we really appreciate that here at Microsoft.

      1. Could you elaborate on the need for this?

      2. This is possible today via NSGs you can specify the source IP.

      3. Have you looked at ASGs?

      4 (both of them) We are looking into making management easier and will take this feedback into consideration.

      Thanks!

      - Anavi N [MSFT]

    4. Possibility to set a DNS Suffix on Azure networks (like DNS Servers)

      There are many scenarios for Virtual Machines (and Other maybe) where NIC settings are cleared (VM Deallocated). DNS Servers can be set on Azure Network, and this VM will have DNS Servers settings via DHCP. But we have to set DNS Suffix manually each time, or set a script automatically at each boot.
      The idea is just to have a way to set a suffix DNS for VM Networks, with the same way as DNS Servers. With this settings, DHCP will assign DNS suffix to all VM automatically.

      309 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      9 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    5. Support VNET re-deployment without destroying subnets

      When you deploy a VNET from an ARM template in incremental mode I would expect omitting the subnet property would not change the subnets since they are child resources. Instead they are destroyed. I think this is inconsistent with all other similar resource types e.g. app service plans and web apps, azure SQL servers and databases, etc... Please make VNETs and subnets deployments consistent.

      https://github.com/Azure/azure-quickstart-templates/issues/2786

      256 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      8 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    6. Simplify creation and visualization of Azure VNET's

      Creating a virtual network that spans an on-premise deployment and more than 1 Azure datacenter is a pain and not easy to "see" if all thing are lined up correctly. Building a network like this shouldn't require importing or exporting files and running powershell commands if you don't want to. Would be great it was like using Visio (Drag, Drop, Pipe). Then use that same view to see the overall health, speed, and usage in real time on that network.

      184 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →

      Hey Conrad,

      This is an amazing idea! For now, this tool can help you view and interact with your network: https://marketplace.visualstudio.com/items?itemName=bencoleman.armview.

      Additionally, documentation for Network Watcher topology view can be found here: https://docs.microsoft.com/en-us/azure/network-watcher/view-network-topology. I will forward your suggestion that this be made more interactive.

      Best,
      Allegra [MSFT]

    7. Allow to change subnets modification with enabled vnet peering

      Currentl once vnet is deployed and peering is created with another subscription or vnet. Once the peering is set, it is not possible to extend,remove or add another subnets ranges to all vnets which have valid peering configured. For such if you need to modify the subnet, you have to remove the peering (might cause downtime if peering is used), do the subnet modification and recreate the peering again.

      181 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  5 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    8. Allow transitive network flow between peered VNET's

      if we assume Three networks.

      VNET1 <> VNET2 <>VNET3

      <> denotes vnet peering

      A machine on VNET1 cannot directly see a machine in VNET3

      We would like this facility to enable us to build a network design without having to use vitual network appliances to make this happen.

      133 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      10 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    9. update DNS settings for VNET without restart of the VMs to take effect

      Current when we try to update the DNS settings in the VNET or NIC, it required the VMs to be restarted to take effect. But when there are a large amount of VMs under the VNET, it would be a hard work to do so.
      If this process could be simplify so that the restarted of VM will be no longer required, it would be a good news.

      131 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      9 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    10. Allow us to view the effective route for an Subnet without requiring an Interface inside of the subnet.

      Currently in order to view the effective routes for a subnet you need to have some kind of network interface inside of the subnet. I find that sometimes I need to view the routing table for a subnet, but it doesn't contain any VMs. Could you add functionality to allow us to view the effective routes without having to provision anything inside of it?
      My use case is that I host ILB ASEs in dedicated subnets, but I can't view the routing table because there are no VMs inside of it.

      104 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      9 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. VM MAC address spoofing

      I wanted to run multiple LXC/LXD containers on a single Linux VM and make them exposed to VNET via a bridged interface to provide services in the private network. That's not possible without VM/VNIC ability of MAC address spoofing. Please support it.

      60 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  3 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    12. KMS / RHUI service endpoint

      Could you kindly add service endpoint for KMS and RHUI.
      It will really helpful for managing VMs without SNAT Public IP.

      58 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    13. Add a system route for KMS

      Could you please add a system route to the KMS server. (kms.core.windows.net / 23.102.135.246)
      When using forced-tunneling, we must set an UDR to the KMS manually.

      38 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    14. subnet expansion

      It would be nice if you could expand a subnet without having to remove all of the cloud services and VMs from the subnet. In our case we will have to destroy all of our subnets to expand one subnet. This is very inconvenient (yes we opened a support ticket).

      Additionally, make the tool available that the internal Microsoft support people use that creates a nice table of the various components of the subscription (I don't need to know datacenter, node, cluster). I've only seen snippets of the tables, but they are better than what I am getting from either…

      33 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    15. Add Service Tags to Route Tables/UDR

      Include the ability to add Service Tags to UDRs. We have experienced that while many times services require NSGs to be open for a Service, many users have a default route in the Route Tables to push traffic through network virtual appliances. To circumvent having to put an entire datacenter range IP on UDRs to get services to work, there should be Service Tags in the UDR destination field in order to be able to add specific services the ability to talk to VNET-joined services. A good example of this is API Management. While the team does not support a…

      25 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    16. 20 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    17. time protocol

      Network Time - Precision Time Protocol (IEEE 1588 std) support

      Azure should provide a know reference service for a network time protocol such as NTP or preferably for the IEEE 1588 standard Precision Time Protocol, or provide this as an option with the Blockchain service.

      19 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    18. Adding multiple NSGs to a NIC

      I have several virtual machines in several different subnets that need to apply a certain set of network security rules. But for each VM there are also their own unique rules. I would like to be able to set multiple NSG for the NIC of each virtual machine. I do not want to copy common rules to each NSG.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    19. MS NVA to over come transitive issues and costs for 3rd party NVAs

      Provide an MS NVA to over come the cost of having to implement 3rd party NVA's, to provide routes between Vnets, due the the lack of support for transtive routes, whilst having to useUDRs is very time consuming and creates additional administrative burdens. As well as massive additional costs burdens.

      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    20. Allow a UDR to specify any routable "next hop" IP address (not limited to the VNet or Region)

      It would be great if a UDR could point to an IP in another region or on-premises via ExpressRoute. The problem today is that If someone invests in a NGFW virtual appliance, it can only be used from the VNet where it exists or others that are peered to it within the same region. A UDR should be able to route to any routable address... why not?

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1
    • Don't see your idea?

    Feedback and Knowledge Base