Azure Load Balancer
An Azure service that delivers high availability and network performance to applications.
410 questions
Azure Load Balancer Floating IP option - why do packets at backend guest show as translated?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 27%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECW%3C/text%3E%3C/svg%3E)
Chris Wynne
0
Reputation points
Have a Azure public Load balancer with two public IP's as frontends with a two member backend pool - Palo Alto NVA firewalls. Those NVA's inspect and translate traffic to backend hosts on a subscriber virtual network. Recently this has stopped working, and despite the Floating IP option being set, the packets seen by the NVA's show the packet destination being translated to the IP of the Palo NVA. IE: What we expect: Source IP 1.1.1.1, Destination 40.1.1.40 What we see on the NVA: Source IP 1.1.1.1 Destination 192.168.1.4 Previously this worked and packets would match translation rules and security policies on the NVA (we've done this setup in multiple environments), but sometime in december 2023, this stopped working for at least one environment and we've not been able to work around it since.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT 23,426 Reputation points Microsoft Employee2024-01-18T02:48:20.2+00:00 @Chris Wynne
Thank you for reaching out. Can you please share a screenshot of the load balancing rules configurated? As it will help troubleshoot the issue.
Sign in to comment