Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
517 questions
Troubleshooting Bad Requests Through a Private Endpoint Connected to a Load Balancer
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 17%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOC%3C/text%3E%3C/svg%3E)
Omer Cohen
0
Reputation points
Greetings,
I have a private endpoint connected to private link service composed of a load balancer with a VM in its backend.
The load balancer's Inbound rule forwards TCP traffic on port 80 to the backend pool containing aforementioned VM.
The backend VM forwards traffic through a VPN gateway to a remote service, using iptables. This is confirmed to work correctly: running curl <private-ip-of-remote-ip> from any VM in the VNet returns a valid response.
However, when running curl <private-ip-of-load-balancer> I'm getting a bad request. Obviously the same occurs when running curl <ip-of-private-endpoint> (since the LB and private-endpoint are connected).
When temporarily replacing the load balancer's inbound rule with a nat rule I was able to get a valid response when running curl <private-ip-of-load-balancer> from a VM in the load balancer's VNet, however, this is not a solution, since a private endpoint isn't compatible with an inbound nat rule.
Attached is a diagram containing the resources and rules mentioned above:
I would greatly appreciate your expertise in the matter,
Omer.
{count} votes
-
KapilAnanth-MSFT 47,206 Reputation points Microsoft Employee2024-11-19T04:26:06.33+00:00 Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I believe this is a continuation of : https://learn.microsoft.com/en-us/answers/questions/2114387/exploring-cost-effective-solutions-for-routing-tra
We shall continue to work with you in the above thread as well.
It appears some part of your question has been removed, can you please add them back so I can have a better understanding of the issue.
Cheers,
Kapil
-
Omer Cohen 0 Reputation points
2024-11-19T16:46:04.4966667+00:00 Hey @KapilAnanth-MSFT ,
I've completed the part that wasn't uploaded correctly, although it seems that formatting is off.
This question raises a different issue, one does not overlap with the others.I would like to add that before including
iptableson my approach, I've tried following this guide by enabling ip forwarding on the VM's nic and utilizing a routing table route.Thanks,
omer.
Sign in to comment
Sign in to answer