question

Superuser1312-3137 avatar image
0 Votes"
Superuser1312-3137 asked GitaraniSharmaMSFT-4262 commented

Clustering in Azure - Virtual Database IP not reachable

I use a Debian-based custom application that is also available in the Azure Marketplace. I deploy two nodes, it works without any problems.

Within this application there is the possibility of building a cluster. The cluster setup works, but the DB-IP cannot be reached after the setup. I strongly suspect that this is a configuration error on my part.

The cluster works without problems in OnPrem environments.

The construction is very simple
2 nodes + Virtual Database IP in the same subnet. Actually, only a free IP from the subnet has to be used for the Virtual Database IP.

So I created a network group (Vnet) in Azure, there are the two nodes and there are free IPs in this subnet.
Unfortunately, as written, the IP cannot be reached after it has been set up. I have already tried to outsource the IP to a separate interface - without success.

The virtual database IP is linked to the primary node during cluster setup, but must be accessible from both nodes.

Unfortunately I haven't found a way to create an "empty" internal IP in Azure - only public IPs can be created.

Does somebody has any idea?

Thanks in advance for your help

azure-virtual-network
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

For the case that the main question is too "specific", maybe a general question:

Are the Vnets in Azure different from onPrem environments? Is there anything special to consider there (network limitations, security rules, special configurations)?

0 Votes 0 ·

1 Answer

GitaraniSharmaMSFT-4262 avatar image
0 Votes"
GitaraniSharmaMSFT-4262 answered GitaraniSharmaMSFT-4262 commented

Hello @Superuser1312-3137 ,

Apologies for the delay in response.

A virtual network in Azure is similar to the network that in an on-premises environment, helping us connect different resources. But there are some restrictions or constraints:
- VNets are Layer-3 overlays. Azure does not support any Layer-2 semantics.
- Multicast, broadcast, IP-in-IP encapsulated packets, and Generic Routing Encapsulation (GRE) are not supported in Vnets.
- You can use TCP, UDP, and ICMP TCP/IP protocols within VNets. Unicast is supported within VNets, with the exception of DHCP via Unicast (source port UDP/68 / destination port UDP/67) and UDP source port 65330 which is reserved for the host.
- You cannot create an empty Private IP in Azure.

Please find some articles below for your reference:
https://docs.microsoft.com/en-us/azure/virtual-network/concepts-and-best-practices
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-faq#configuration
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview

Since you mentioned, you are using a Debian-based custom application from Azure Marketplace, I would advise you to contact the support team for that application for more information on how to setup the application in Azure with clustering capability. You can contact them by clicking on "support" or "help" in the left pane of that application page in Azure marketplace.

Kindly let us know if the above helps or you need further assistance on this issue.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @GitaraniSharmaMSFT-4262,

I am facing the exact same issue as described above but instead of Debian application, I am configuring DFS Namespace Server Role on cluster. DFS team proposed that it could be a VNet issue. All configuration is based on private ip since my Azure VMs are connected to on-prem through Express Route and are on-prem domain joined.

Here are the details: https://docs.microsoft.com/en-us/answers/questions/471475/dfs-namespace-server-role-on-azure-vm-configured-f.html

I can only ping the virtual ip of DFS role only from active node in cluster. However, I want to reach out to this DFS role from other on-prem domain joined machines as well.

Is there any missing configuration or Vnet's don't support this use-case?

Let me know if you need any more details.

Thanks in advance!

0 Votes 0 ·

Hello @SumitChawla-7194 ,

Using DFS Namespaces on a virtual machine in Microsoft Azure has been tested but your scenario needs deeper investigation and remote support as it is difficult to find the cause of the issue without looking into the complete setup. So if you have a support plan, I request you file a support ticket, else please do let us know, we will try and help you get a one-time free technical support.

Reference : https://docs.microsoft.com/en-us/windows-server/storage/dfs-namespaces/dfs-overview#interoperability-with-azure-virtual-machines

Thanks,
Gita

0 Votes 0 ·