Troubleshooting Bad Requests Through a Private Endpoint Connected to a Load Balancer

Omer Cohen 0 Reputation points
2024-11-18T18:53:24.3433333+00:00

Greetings,
I have a private endpoint connected to private link service composed of a load balancer with a VM in its backend. The load balancer's Inbound rule forwards TCP traffic on port 80 to the backend pool containing aforementioned VM. The backend VM forwards traffic through a VPN gateway to a remote service, using iptables. This is confirmed to work correctly: running curl <private-ip-of-remote-ip> from any VM in the VNet returns a valid response. However, when running curl <private-ip-of-load-balancer> I'm getting a bad request. Obviously the same occurs when running curl <ip-of-private-endpoint> (since the LB and private-endpoint are connected). When temporarily replacing the load balancer's inbound rule with a nat rule I was able to get a valid response when running curl <private-ip-of-load-balancer> from a VM in the load balancer's VNet, however, this is not a solution, since a private endpoint isn't compatible with an inbound nat rule. Attached is a diagram containing the resources and rules mentioned above:
Screenshot from 2024-11-18 20-49-20

I would greatly appreciate your expertise in the matter,
Omer.

Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
518 questions
Azure Load Balancer
Azure Load Balancer
An Azure service that delivers high availability and network performance to applications.
456 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.