Share via

Request for SNAT Port Usage Metric on Azure NAT Gateway

Shanshan Li 20 Reputation points Microsoft Employee
2024-11-04T09:06:43.1+00:00

Dear Azure Support Team,

Our product relies on Azure NAT Gateway as the primary outbound solution. To prevent SNAT port exhaustion and ensure smooth connectivity, we would like to monitor the SNAT port usage. This would enable us to allocate additional public IPs in advance if the SNAT port usage exceeds a specified threshold.

We understand that a single NAT Gateway can scale up to 16 public IP addresses, with each IP providing up to 64,512 SNAT ports for outbound connections. However, based on the current documentation (Azure NAT Gateway Metrics), we noted that the available metrics do not directly represent SNAT port usage:

  • SNAT Connection Count: Shows the number of new SNAT connections within a specified interval, by connection state and protocol.
  • Total SNAT Connection Count: Indicates the total active SNAT connections, by protocol.

As SNAT ports are allocated dynamically and a single SNAT port can support multiple SNAT connections, SNAT connection counts alone do not provide sufficient insight into SNAT port usage. While monitoring failed SNAT connections might help respond to exhaustion events, our goal is to proactively assign additional IP addresses before failures occur.

Could you please advise if there is a way to access a metric like SNAT Port Usage or any equivalent metric that would provide visibility into SNAT port utilization? This metric would greatly enhance our ability to manage resources efficiently and prevent potential disruptions.

Thank you for your consideration and assistance.

Azure NAT Gateway
Azure NAT Gateway
NAT Gateway is a fully managed service that securely routes internet traffic from a private virtual network with enterprise-grade performance and low latency.
39 questions
0 comments
Accepted answer
  1. KapilAnanth-MSFT 47,286 Reputation points Microsoft Employee
    2024-11-04T09:32:06.52+00:00

    @Shanshan Li ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Your observation is correct.

    • There's no SNAT port usage metric for a NAT gateway as of now.
    • Customers are requested to use the SNAT Connection Count and Total SNAT Connection Count metrics to help evaluate the SNAT capacity of the NAT gateway resource.

    Should you feel this feature should be included, you can raise a post in Azure Feedback Hub forum requesting this feature.

    All the feedback shared in these forums are monitored and reviewed by the Microsoft engineering teams responsible for building Azure

    Please let us know if we can be of any further assistance here.

    Thanks,

    Kapil

    Please Accept an answer if correct.

    Original posters help the community find answers faster by identifying the correct answer.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.