CODEWITHSUNDEEP
azureazure-virtual-machineazure-virtual-network
sadhat75
sadhat75

Reputation: 301

Azure internal load balancer IP

I have a very simple Azure VM setup. One VM is behind an Internal Load Balancer, and it's private IP address is 10.0.1.10. A Web Service is running in that VM. I can access website by using http://localhost, but as per my software requirement, I have to use Load Balancer private IP address instead of localhost. But I can not browse with Internal Load Balancer IP address (http://10.0.1.10 does not work from that VM). Is that by design that I can't access Internal Load Balancer by it's private IP address? Or I need to do something special to make it work?

Upvotes: 0

Views: 1918

Answers (2)

ckuhtz
ckuhtz

Reputation: 365

There's a difference between public and internal Azure Load Balancer configurations.

When Azure Load Balancer is used in a public load balancer configuration, SNAT is used for outbound requests. This means a VM behind a public can reach the public IP address of the load balancer and the flow will be load balanced accordingly. This will consume an ephemeral port for each connection to the VIP.

Internal load balancer configurations do not offer SNAT today. In turn, an internal load balancer configuration does not allow a pool member to access the IP address of the internal load balancer.

We are looking at addressing this in a future release by allowing an option to enable SNAT for internal load balancers as well. Mandatory SNAT can actually impose constraints for those who don't need to access the IP address of the load balancer, and therefore this needs to be an option rather than the default.

Upvotes: 1

Jason Ye
Jason Ye

Reputation: 13954

According to your description, do you means that the VM in the load balancer and the web service running on the VM, you want to use the VM to browse the internal load balancer IP, but it doesn’t work.

I had test in my lab, and the same error occurred. By the way, the load balancer can’t work in this way. Here is my network capture result: enter image description here

Maybe we should to create a new VM outside of the load balancer, then you can browse the load balancer IP. Because once a network interface is added to a load balancer's back-end IP address pool, the load balancer is able to send load-balanced network traffic based on the load-balanced rules that are created.

If you still have questions, welcome to post back here. Thanks.

Best Regards,

Upvotes: 0

Related Questions