AdminAzure Networking Team (Admin, Microsoft Azure)

My feedback

  1. 15 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      started  ·  3 comments  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →

      Something similar is underway, and so wanted to hear your scenarios/use cases to ensure that the same would covered with the other feature. Can you share examples of what the incoming request would be and what should the forwarding URL?

    • 10 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        under review  ·  2 comments  ·  Networking » Azure Front Door Service  ·  Flag idea as inappropriate…  ·  Admin →

        We would like to hear more feedback on this. Can you explain your scenarios a bit more? Azure Front Door is different than Azure Load Balancer particularly for the fact that it is Layer 7 i.e. HTTP/HTTPS. So, waiting and not getting a feedback from the backend/origin/app server for 30 seconds for a web request is unusual.

      • 1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  Networking » Azure Firewall  ·  Flag idea as inappropriate…  ·  Admin →
          AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

          SNAT on incoming connections is done do ensure symmetric routing across the underlying firewall nodes for returning packets. This is needed as the Standard Load Balancer has TCP state checking rules today that will drop the session if the returning packet comes from a different firewall physical node. This will be fixed in the future, but no ETA yet.

        • 9 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

            Thanks. We will add this feature to our backlog to consider for a future release.

          • 4 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  Networking » Azure Firewall  ·  Flag idea as inappropriate…  ·  Admin →
              AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

              Thanks for the feedback. This feature is high on our list - tentatively for H1 2019.

            • 1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Networking » Azure Firewall  ·  Flag idea as inappropriate…  ·  Admin →
                AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                We are working on adding Service Tags to Azure Firewall network rules and hope to have it released in Q1 2019.

              • 1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                  Please elaborate on the scenario. You can already provide permissions on a zone to a specific user such that user is able to manage records within that zone but not other zones. Please see https://docs.microsoft.com/en-us/azure/dns/dns-protect-zones-recordsets#zone-level-rbac

                • 3 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    need-feedback  ·  2 comments  ·  Networking » Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →
                    AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                    HTTP and HTTPS probes use an HTTP GET. Can you please expand on the scenario where something other than 200 is a valid response for this operation? 201 for example is typically used for a POST.

                  • 1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      1 comment  ·  Networking » Azure Firewall  ·  Flag idea as inappropriate…  ·  Admin →
                      AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                      Thanks for the feedback. Agree with the feedback on destination address. We will explore having it as a drop down list that provides the firewall public IPs. This should eliminate also the confusion with the translated address.

                    • 3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        3 comments  ·  Networking » Load Balancing  ·  Flag idea as inappropriate…  ·  Admin →

                        @hisashima load balancer uses (a) today. why do you need the behavior described in (b). can you elaborate on the scenario and impact please?

                      • 411 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                          While we don't offer a 301 redirect service, we just announced support for Alias records which will let you point to any Public IP-backed resource (such as Application Gateway) or a Traffic Manager profile, from your zone apex. This may be an alternative if the need is to make sure both the zone apex and say the www subdomain point to the same load balanced application. For more details see https://azure.microsoft.com/en-us/blog/announcing-alias-records-for-azure-dns/

                        • 143 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            6 comments  ·  Networking » Virtual Networks (VNET)  ·  Flag idea as inappropriate…  ·  Admin →
                            AdminAzure Networking Team (Admin, Microsoft Azure) supported this idea  · 
                          • 1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                              Hi, can you please indicate to which article/documentation you're referring?

                            • 45 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                planned  ·  5 comments  ·  Networking » Virtual Networks (VNET)  ·  Flag idea as inappropriate…  ·  Admin →

                                Yes, this will be supported.

                              • 6 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)

                                  Hi,

                                  Currently, the gateway private IP addresses are not required for configurations or operations, other than the GatewaySubnet range. They should have been hidden from users. The gateway resource model does not have a field for those either.

                                  There may be use cases for new features down the road. We will update the gateway resource model accordingly and expose those properly.

                                  Thanks,
                                  Yushun [MSFT]

                                  Taking offline with Farouk to further clarify.

                                  Thanks,
                                  Yushun [MSFT]

                                • 45 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                                    Hello, we are working on supporting existing (non-empty) VNETs. This is coming very soon ! Stay tuned.

                                  • 14 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      2 comments  ·  Scripting and Command Line Tools » Xplat-CLI  ·  Flag idea as inappropriate…  ·  Admin →

                                      Thank you for the feedback. We now have a report that is generated weekly on Mondays: Azure Service Tags JSON (https://www.microsoft.com/en-us/download/details.aspx?id=56519). This file includes all of the Service Tags and data by regions. This is an improvement over previous files as it includes tagging by Service Tag. We recommend you move to using this file and check weekly for updates. The file is broken out by Cloud (I.e. Public) and region (i.e., West US 2). We will take the RSS Feed request under advisement.

                                    • 4 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        1 comment  ·  Networking » Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
                                        AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                                        Thanks for your suggestion, it is an identified requirement and we are evaluating it to reduce frequency from one hour to near real-time.

                                      • 1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          planned  ·  1 comment  ·  Networking » Bugs  ·  Flag idea as inappropriate…  ·  Admin →
                                          AdminAzure Networking Team (Admin, Microsoft Azure) commented  · 

                                          We have noted this and will soon roll out a fix for multiple app gateways

                                        • 16 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)

                                            Hi Matt,

                                            Thanks for the feedback. The status of this ask is a bit complicated – it’s partially working, but partially in progress:

                                            1. For existing SSTP P2S VPN, there is no solution but to download the VPN client package again.

                                            2. For IKEv2 P2S VPN, it works by P2S client reconnecting to the Azure VPN gateway. Once they connect again, they will get the new routes. This will apply to changes in VNet address spaces (including VNet peering), newly added S2S/VNet-to-VNet connections, or new routes learned via BGP.

                                            3. The caveat for (2) is that it currently works on Mac and Linux, but Windows require a KB/Update that will be released shortly.

                                            We will provide an update to this item once the Windows update is available.

                                            Thanks,
                                            Yushun [MSFT]

                                            Thanks for the feedback - there are two aspects to this ask:

                                            1. Azure P2S route refresh on the client side
                                            2. App Service to leverage the route refresh capability

                                            The work is in progress for (1), but it will not be in band due to protocol limit. For IKEv2 P2S VPN, simply reconnecting P2S clients will enable the client side to learn the new routes. I explained a bit more in another similar ask and will merge this ask to that main item.

                                            Once that's available, will see how App Service can leverage this.

                                            Thanks,
                                            Yushun [MSFT]

                                          ← Previous 1

                                          Feedback and Knowledge Base