Share via

Intermittent Azure SQL Database Connection Failures on Azure App Service (.NET 8 Linux Containers)

Nanthakumar S 0 Reputation points
2026-02-05T10:37:55.57+00:00

We are experiencing intermittent SQL connection failures from our .NET 8 applications running in Linux containers on Azure App Service, using both:

  • mcr.microsoft.com/dotnet/aspnet:8.0-alpine-3.18-amd64
  • mcr.microsoft.com/dotnet/aspnet:8.0 (Debian 12 Bookworm)

Error (intermittent):

Microsoft.Data.SqlClient.SqlException (0x80131904): - pre-login handshake failed (provider: SSL Provider, error: 31) - post-login handshake failed (provider: SSL/TLS, error: 31) - login process failed (provider: TCP Provider, error: 35)
  • Failures occur both during pre-login handshake, post-login handshake, and login process.
  • Connections are generally successful but fail occasionally during TLS negotiation or early login.
  • App Service and SQL Server logs provide no additional details to this issue.
  • Microsoft.Data.SqlClient version: 6.1.2

Steps Taken:

  • Verified SQL Server accessibility and monitored App Service metrics.
  • SQL and App Service metrics—no obvious CPU, memory, or networking spikes
Azure SQL Database
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Manoj Kumar Boyini 15,650 Reputation points Microsoft External Staff Moderator
    2026-02-05T11:41:57.38+00:00

    Hi Nanthakumar S

    The issue occurs because the connection to Azure SQL is successfully established at the TCP level, but the client does not complete the pre‑login/TLS handshake fast enough. Azure SQL only waits a few seconds for the client to send the initial login packets. If the client delays during the handshake most commonly due to high CPU usage, thread contention, or memory pressure in the App Service the service closes the connection. This results in the “TCP Provider, error: 35” and “connection reset by peer” errors. Intermittent network latency can also contribute to this failure pattern.

    This behavior is expected and is part of Azure SQL’s protection mechanism to prevent slow‑drip or trickle‑attack‑style connections. It does not indicate an issue with Azure SQL itself.

    Recommended Solution: Ensure that the App Service has enough CPU and memory headroom, and scale the App Service plan up or out if it is operating under load. These handshake failures are classified as transient, so implementing retry logic in the SQL client is strongly recommended; retries typically succeed once the CPU or network condition clears. If the issue continues after improving client performance, run the Azure SQL Connectivity Checker to confirm whether intermittent network latency or packet loss is involved.

    This approach will prevent the handshake delays that lead to the connection resets and will stabilize the connection behavior.

    Hope this helps, Please let us know if you have any questions and concerns.

    Was this answer helpful?

  2. AI answer

    2026-02-05T10:38:05.77+00:00

    Intermittent SQL connection failures, especially during the pre-login handshake, post-login handshake, and login process, can be indicative of several underlying issues. Here are some steps and considerations that may help you troubleshoot the problem:

    1. Check for Network Issues: Since the failures occur during TLS negotiation, ensure that there are no intermittent network issues between your Azure App Service and the Azure SQL Database. You can use tools like ping or telnet to test connectivity.
    2. Increase Connection Timeout: Sometimes, increasing the connection timeout value in your connection string can help mitigate issues caused by transient network conditions. A recommended timeout is at least 30 seconds.
    3. Implement Retry Logic: As a best practice for cloud-connected applications, implement retry logic to handle transient connectivity issues. This can help your application recover from temporary failures without user intervention.
    4. Monitor SNAT Port Exhaustion: Azure App Service uses Source Network Address Translation (SNAT) ports for outbound connections. If your application is under heavy load, you might be exhausting these ports, leading to connection failures. Monitoring the SNAT port usage can provide insights into whether this is a contributing factor.
    5. Check SSL/TLS Configuration: Ensure that your application is configured to use the correct version of TLS that is supported by Azure SQL Database. You may need to update your .NET libraries or configurations to ensure compatibility.
    6. Review Azure Service Health: Check the Azure Service Health dashboard for any ongoing issues or outages that might affect connectivity to Azure SQL Database.
    7. Logging and Diagnostics: Enable detailed logging for your Azure App Service and SQL Database to capture more information about the failures. This can help identify patterns or specific conditions under which the failures occur.

    If these steps do not resolve the issue, consider reaching out to Azure support for further assistance.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.