AdminAzure Networking Team
(Admin, Microsoft Azure)
My feedback
-
3 votes
-
1 vote
Thanks for the feedback. Agree with the feedback on destination address. We will explore having it as a drop down list that provides the firewall public IPs. This should eliminate also the confusion with the translated address.
-
3 votes
Thank you for the feedback. Can you clarify please if you are asking for the health probe to close the connection
a) WITH a 4 way close or
b) WITHOUT a 4 way close and send RST instead?@hisashima load balancer uses (a) today. why do you need the behavior described in (b). can you elaborate on the scenario and impact please?
-
380 votes7 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Admin →
We’re tracking this on our long-term backlog. However, it’s unlikely that we’ll support this in the near future.
Thank you for the suggestion and please keep the votes and ideas coming.
While we don't offer a 301 redirect service, we just announced support for Alias records which will let you point to any Public IP-backed resource (such as Application Gateway) or a Traffic Manager profile, from your zone apex. This may be an alternative if the need is to make sure both the zone apex and say the www subdomain point to the same load balanced application. For more details see https://azure.microsoft.com/en-us/blog/announcing-alias-records-for-azure-dns/
-
106 votes
Thanks for the feedback, we are working on enabling ASG references across subscriptions/VNets, it’s currently on our plans
AdminAzure Networking Team
(Admin, Microsoft Azure)
supported this idea
·
-
1 vote1 comment · Networking » VPN Connectivity (Point-to-Site, Site-to-Site) · Flag idea as inappropriate… · Admin →
Hi, can you please indicate to which article/documentation you're referring?
-
35 votesplanned · 2 comments · Networking » Security (ACLs, Firewalls, Intrusion Detection) · Flag idea as inappropriate… · Admin →
This is in roadmap.
-
22 votes
Yes, this will be supported.
-
6 votes2 comments · Networking » VPN Connectivity (Point-to-Site, Site-to-Site) · Flag idea as inappropriate… · Admin →
Hi,
Currently, the gateway private IP addresses are not required for configurations or operations, other than the GatewaySubnet range. They should have been hidden from users. The gateway resource model does not have a field for those either.
There may be use cases for new features down the road. We will update the gateway resource model accordingly and expose those properly.
Thanks,
Yushun [MSFT]Taking offline with Farouk to further clarify.
Thanks,
Yushun [MSFT] -
42 votes5 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Admin →
Azure DNS Private Zones is in Public Preview, which supports split-horizon scenarios.
https://docs.microsoft.com/en-us/azure/dns/private-dns-overviewWe will support non-empty Vnets very soon. Stay tuned !
Hello, we are working on supporting existing (non-empty) VNETs. This is coming very soon ! Stay tuned.
-
14 votes
Thank you for the feedback. We now have a report that is generated weekly on Mondays: Azure Service Tags JSON (https://www.microsoft.com/en-us/download/details.aspx?id=56519). This file includes all of the Service Tags and data by regions. This is an improvement over previous files as it includes tagging by Service Tag. We recommend you move to using this file and check weekly for updates. The file is broken out by Cloud (I.e. Public) and region (i.e., West US 2). We will take the RSS Feed request under advisement.
-
4 votes
Thanks for your suggestion, it is an identified requirement and we are evaluating it to reduce frequency from one hour to near real-time.
-
1 vote
We have noted this and will soon roll out a fix for multiple app gateways
-
16 votes4 comments · Networking » VPN Connectivity (Point-to-Site, Site-to-Site) · Flag idea as inappropriate… · Admin →
Hi Matt,
Thanks for the feedback. The status of this ask is a bit complicated – it’s partially working, but partially in progress:
1. For existing SSTP P2S VPN, there is no solution but to download the VPN client package again.
2. For IKEv2 P2S VPN, it works by P2S client reconnecting to the Azure VPN gateway. Once they connect again, they will get the new routes. This will apply to changes in VNet address spaces (including VNet peering), newly added S2S/VNet-to-VNet connections, or new routes learned via BGP.
3. The caveat for (2) is that it currently works on Mac and Linux, but Windows require a KB/Update that will be released shortly.
We will provide an update to this item once the Windows update is available.
Thanks,
Yushun [MSFT]Thanks for the feedback - there are two aspects to this ask:
1. Azure P2S route refresh on the client side
2. App Service to leverage the route refresh capabilityThe work is in progress for (1), but it will not be in band due to protocol limit. For IKEv2 P2S VPN, simply reconnecting P2S clients will enable the client side to learn the new routes. I explained a bit more in another similar ask and will merge this ask to that main item.
Once that's available, will see how App Service can leverage this.
Thanks,
Yushun [MSFT] -
13 votes2 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Admin →
We didn’t see a reply on your specific AD setup. Please feel free to add more detail so we can understand the request more thoroughly.
Hi Will, could you provide more details about your AD setup ? Is it hosted in Azure, or OnPrem ? Also, could you clarify what you mean by "Azure Tenant" in this context.
-
4 votes2 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Admin →
Have you tried the Activity Logs feature to see if it handles your use case ? https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit
Have you tried the Activity Logs feature to see if it handles your use case ? https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit
-
1 voteunder review · 1 comment · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Admin →
This is on our immediate backlog and will soon be supported. Stay tuned !
-
254 votesplanned · 14 comments · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Admin →
Unfortunately we do not have any updates at this time, but we will update this post whe the status changes.
-
30 votes
Currently inbound internet traffic on port ranges 65503-65534 should be opened for health probes to work. This is documented in FAQ at https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq.
Thanks,
Amit -
1 vote
Monitoring communication between containers on the same node is not currently supported with Network Watcher. Thank you for your feedback and we will review your suggestion as we continue to improve the service.
Monitoring communication between containers on the same node is not currently supported with Network Watcher. Thank you for your feedback and we will review your suggestion as we continue to improve the service.
HTTP and HTTPS probes use an HTTP GET. Can you please expand on the scenario where something other than 200 is a valid response for this operation? 201 for example is typically used for a POST.