Edit

Traffic Manager subnet override using Azure PowerShell

  • Article

Traffic Manager subnet override allows you to alter the routing method of a profile. The addition of an override will direct traffic based upon the end user's IP address with a predefined IP range to endpoint mapping.

How subnet override works

When subnet overrides are added to a traffic manager profile, Traffic Manager will first check if there's a subnet override for the end user’s IP address. If one is found, the user’s DNS query will be directed to the corresponding endpoint. If a mapping isn't found, Traffic Manager will fall back to the profile’s original routing method.

The IP address ranges can be specified as either CIDR ranges (for example, 1.2.3.0/24) or as address ranges (for example, 1.2.3.4-5.6.7.8). The IP ranges associated with each endpoint must be unique to that endpoint. Any overlap of IP ranges among different endpoints will cause the profile to be rejected by Traffic Manager.

There are two types of routing profiles that support subnet overrides:

  • Geographic - If Traffic Manager finds a subnet override for the DNS query's IP address, it will route the query to the endpoint whatever the health of the endpoint is.
  • Performance - If Traffic Manager finds a subnet override for the DNS query's IP address, it will only route the traffic to the endpoint if it's healthy. Traffic Manager will fall back to the performance routing heuristic if the subnet override endpoint isn't healthy.

Prerequisites

Azure Cloud Shell

Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You can use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell preinstalled commands to run the code in this article, without having to install anything on your local environment.

To start Azure Cloud Shell:

Option Example/Link
Select Try It in the upper-right corner of a code or command block. Selecting Try It doesn't automatically copy the code or command to Cloud Shell. Screenshot that shows an example of Try It for Azure Cloud Shell.
Go to https://shell.azure.com, or select the Launch Cloud Shell button to open Cloud Shell in your browser. Button to launch Azure Cloud Shell.
Select the Cloud Shell button on the menu bar at the upper right in the Azure portal. Screenshot that shows the Cloud Shell button in the Azure portal

To use Azure Cloud Shell:

  1. Start Cloud Shell.

  2. Select the Copy button on a code block (or command block) to copy the code or command.

  3. Paste the code or command into the Cloud Shell session by selecting Ctrl+Shift+V on Windows and Linux, or by selecting Cmd+Shift+V on macOS.

  4. Select Enter to run the code or command.

If you choose to install and use PowerShell locally, this article requires the Azure PowerShell module version 5.4.1 or later. Run Get-Module -ListAvailable Az to find the installed version. If you need to upgrade, see Install Azure PowerShell module. If you're running PowerShell locally, you also need to run Connect-AzAccount to create a connection with Azure.

Create a Traffic Manager subnet override

To create a Traffic Manager subnet override, you can use Azure PowerShell to add the subnets for the override to the Traffic Manager endpoint.

Add IP Address range to Endpoint

  1. Retrieve the Traffic Manager endpoint:

    To enable the subnet override, retrieve the endpoint you wish to add the override to and store it in a variable using Get-AzTrafficManagerEndpoint.

    Replace the Name, ProfileName, and ResourceGroupName with the values of the endpoint that you're changing. In this example we will use the endpoint name myAppServicePlan and the profile name myTrafficManagerProfile.

    
$TrafficManagerEndpoint = Get-AzTrafficManagerEndpoint -Name "myAppServicePlan" -ProfileName "myTrafficManagerProfile" -ResourceGroupName "MyResourceGroup" -Type AzureEndpoints

  2. Add the IP address range to the endpoint:

    To add the IP address range to the endpoint, you'll use Add-AzTrafficManagerIpAddressRange to add the range.

    
### Add a range of IPs ###
Add-AzTrafficManagerIPAddressRange -TrafficManagerEndpoint $TrafficManagerEndpoint -First "1.2.3.4" -Last "5.6.7.8"

### Add a subnet ###
Add-AzTrafficManagerIPAddressRange -TrafficManagerEndpoint $TrafficManagerEndpoint -First "9.10.11.0" -Scope 24

### Add a range of IPs with a subnet ###
Add-AzTrafficManagerIPAddressRange -TrafficManagerEndpoint $TrafficManagerEndpoint -First "12.13.14.0" -Last "12.13.14.31" -Scope 27

Update Endpoint

Once the ranges are added, use Set-AzTrafficManagerEndpoint to update the endpoint.


Set-AzTrafficManagerEndpoint -TrafficManagerEndpoint $TrafficManagerEndpoint

Remove IP address range from Endpoint

  1. Retrieve the Traffic Manager endpoint:

    To enable the subnet override, retrieve the endpoint you wish to add the override to and store it in a variable using Get-AzTrafficManagerEndpoint.

    Replace the Name, ProfileName, and ResourceGroupName with the values of the endpoint that you're changing.

    
$TrafficManagerEndpoint = Get-AzTrafficManagerEndpoint -Name "myAppServicePlan" -ProfileName "myTrafficManagerProfile" -ResourceGroupName "MyResourceGroup" -Type AzureEndpoints

  2. Remove the IP address range from the endpoint:

    
### Remove a range of IPs ###
Remove-AzTrafficManagerIpAddressRange -TrafficManagerEndpoint $TrafficManagerEndpoint -First "1.2.3.4" 

### Remove a subnet ###
Remove-AzTrafficManagerIpAddressRange -TrafficManagerEndpoint $TrafficManagerEndpoint -First "9.10.11.0" 

### Remove a range of IPs with a subnet ###
Remove-AzTrafficManagerIpAddressRange -TrafficManagerEndpoint $TrafficManagerEndpoint -First "12.13.14.0"

Update Endpoint

Once the ranges are removed, use Set-AzTrafficManagerEndpoint to update the endpoint.

Set-AzTrafficManagerEndpoint -TrafficManagerEndpoint $TrafficManagerEndpoint

Next steps

Learn more about Traffic Manager traffic routing methods.

Learn about the Subnet traffic-routing method