User defined route does not work when associated despite all the vm in the same vnet. Additionally, ping is disrupted when associated to a vm.

Shuvajit Roy 166 Reputation points
2023-02-22T10:00:20.3933333+00:00

User defined route does not work when associated despite all the vm in the same vnet. Additionally, ping is disrupted when associated to a vm.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,186 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,175 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee
    2023-02-22T11:39:50.79+00:00

    Hello @Shuvajit Roy ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you have associated UDR to a subnet but the connectivity between VMs in the same Vnet is not working. Also, you are unable to ping the VMs.

    Could you please share the configuration that you want to achieve? When you say all VMs in the same Vnet, how are you routing the traffic?

    Is it from VM1 (subnet1) to VM2 (subnet2) via a VM3 (subnet3)? If yes, you can refer the below doc which shows a tutorial on how to achieve this:

    https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal

    To route traffic through a VM acting as an NVA, you need to turn on IP forwarding in Azure and in the operating system of NVA virtual machine. Once IP forwarding is enabled, any traffic received by the NVA VM that's destined for a different IP address, won't be dropped and will be forwarded to the correct destination.

    Refer: https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal#turn-on-ip-forwarding

    To turn on IP forwarding for the operating system of NVA virtual machine to forward network traffic.

    Refer: https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal#turn-on-ip-forwarding-in-the-operating-system

    And if you are trying to ping from one VM to another, you need to make sure that ICMP is allowed in the VM's OS Windows Firewall.

    Refer: https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal#allow-icmp-in-windows-firewall

    NOTE: Always deploy a virtual appliance/NVA VM into a different subnet than the resources that route through the virtual appliance. Deploying the virtual appliance to the same subnet then applying a route table to the subnet that routes traffic through the virtual appliance can result in routing loops where traffic never leaves the subnet.

    Refer: https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#user-defined

    Kindly let us know if the above helps or you need further assistance on this issue.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.