disableoutboundsnat

Shruthi Appojisetty 26 Reputation points
2020-09-03T11:38:51.293+00:00

What is the difference between the Load Balancer Resource and the Load Balancer that is created as part of AKS ?
When I create a LB Resource I'm allowed to bind the same Public IP for the Load Balancer Rules and the Outbound Rules.
However, the same does not work for the Load Balancer that comes up as part of AKS Cluster. When I try to use single IP for both the LB Rules and the Outbound Rules I get an error saying "disableOutboundSNAT should be set to true" for the LB Rule when the same IP is referenced by Outbound Rules.

Azure Traffic Manager
Azure Traffic Manager
An Azure service that is used to route incoming network traffic for high performance and availability.
111 questions
Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,877 questions
Azure Load Balancer
Azure Load Balancer
An Azure service that delivers high availability and network performance to applications.
404 questions
Azure Virtual Machine Scale Sets
Azure Virtual Machine Scale Sets
Azure compute resources that are used to create and manage groups of heterogeneous load-balanced virtual machines.
352 questions
Accepted answer
  1. vipullag-MSFT 24,441 Reputation points
    2020-09-04T07:40:10.093+00:00

    @Shruthi Appojisetty

    Apologies in delayed response.
    For AKS, this is created by the platform. Same frontend IP cannot have both properties. i.e Inbound rule - SNAT and outbound rule.

    If you are using an IP for outbound rule and if the same IP is part of Inbound rule, to avoid the error mentioned, you need to enable this property ( -DisableOutboundSNAT ) in the Inbound rule.

    Try to modify the rule for disabling the outbound SNAT, you can refer this document. Then you can create a outbound rule like below:

    ex: 

    $rule = New-AzLoadBalancerRuleConfig -Name $lbr -Protocol $pro -Probe $probe -FrontendPort $port -BackendPort $port -FrontendIpConfiguration $feip -BackendAddressPool $bePool -DisableOutboundSNAT

    Also, please refer this document for creating outbound rule config.

    Hope this information helps.

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest