Thursday 29 April 2021

Using the Azure App Gateway: networking

 I had an Azure App Gateway providing a routing gateway over a backend App Service and Wordpress site.

I found two problems:

1. Outbound calls from the Azure App Service to a Webservice on the internet failed intermittently.

In the end I discovered the App needed a NAT Gateway as it was suffering SNAT exhaustion. I also improved the code to recycle client connections.

2. Accessing the Wordpress URLs would start erroring with a 502. The backend health probe would occassional complain it couldn't connect, or timed out. Performing a connection diagnostic test (trying to connect on TCP/IP showed 4 errors in 66 attempts).

Again this was a SNAT exhaustion problem. The App Gateway was in a subnet, so I associated the NAT Gateway with that subnet.