Connectivity architecture in Azure Database for MySQL

This article explains the Azure Database for MySQL connectivity architecture as well as how the traffic is directed to your Azure Database for MySQL instance from clients both within and outside Azure.

Connectivity architecture

Connection to your Azure Database for MySQL is established through a gateway that is responsible for routing incoming connections to the physical location of your server in our clusters. The following diagram illustrates the traffic flow.

Overview of the connectivity architecture

As client connect to the database, they get a connection string which connects to the gateway. This gateway has a public IP address that listens to port 3306. Inside the database cluster, traffic is forwarded to appropriate Azure Database for MySQL. Therefore, in order to connect to your server, such as from corporate networks, it is necessary to open up the client side firewall to allow outbound traffic to be able to reach our gateways. Below you can find a complete list of the IP addresses used by our gateways per region.

Azure Database for MySQL gateway IP addresses

The following table lists the primary and secondary IPs of the Azure Database for MySQL gateway for all data regions. The primary IP address is the current IP address of the gateway and the second IP address is a failover IP address in case of failure of the primary. As mentioned, customers should allow outbound to both the IP addresses. The second IP address does not listen in on any services until it is activated by Azure Database for MySQL to accept connections.

Region Name Gateway IP Addresses
Australia Central
Australia Central2
Australia East,
Australia South East,
Brazil South,,
Canada Central
Canada East
Central US,,,
China East
China East 2
China North
China North 2
East Asia,,,
East US,,,
East US 2,,,,
France Central,
France South
Germany Central
Germany North East
India Central
India South
India West
Japan East,
Japan West,,,
Korea Central
Korea South
North Central US,,,
North Europe,,,
South Africa North
South Africa West
South Central US,,,
South East Asia,,,
UAE Central
UAE North
UK South
UK West
West Central US
West Europe,,
West US,
West US 2

Connection redirection

Azure Database for MySQL supports an additional connection policy, redirection, that helps to reduce network latency between client applications and MySQL servers. With this feature, after the initial TCP session is established to the Azure Database for MySQL server, the server returns the backend address of the node hosting the MySQL server to the client. Thereafter, all subsequent packets flow directly to the server, bypassing the gateway. As packets flow directly to the server, latency and throughput have improved performance.

This feature is supported in Azure Database for MySQL servers with engine versions 5.6, 5.7, and 8.0.

Support for redirection is available in the PHP mysqlnd_azure extension, developed by Microsoft, and is available on PECL. See the configuring redirection article for more information on how to use redirection in your applications.


Support for redirection in the PHP mysqlnd_azure extension is currently in preview.

Next steps