Connection Timeout (ETIMEDOUT) to External Client API from Azure App Service

Ndeye Aram Seye 0 Reputation points
2024-09-20T14:33:27.71+00:00

I’m experiencing a connection timeout issue (ETIMEDOUT) when my NodeJs Azure App Service tries to make a request to an external client API that was working perfectly until recently. The service was able to connect without any issues yesterday, but today it fails with a timeout.

  • The error I receive from Axios is: connect ETIMEDOUT.
  • When I run the service locally on my PC, everything works fine, and the requests to the external API are successfully completed.
  • A colleague running the service locally also doesn't face this issue, and their requests to the same external API work without any problems.

I tried troubleshooting by SSH-ing into the Azure App Service and running a tcpping to the external API:

  • For the problematic API, the ping results in a timeout.
  • When I test the ping for another external API from the same App Service, the connection works perfectly, indicating that not all external connections are impacted.

Both the client and my team have confirmed that no changes have been made to the external API or our setup. The issue seems to be isolated to the connection between the Azure App Service and this specific external API.

Troubleshooting Steps Taken:

  1. Tested connectivity locally — everything works fine.
  2. Tried tcpping from the Azure App Service to the API, which times out.
  3. The IP address of the external API is correct, it must not be a DNS issue.
  4. Verified connectivity to other external APIs from the same App Service, which works without any issues.
  5. Contacted the client to confirm that their firewall or IP restrictions haven’t changed.

Request for Help:

  • How can I further troubleshoot or verify if this is related to SNAT port exhaustion, IP restrictions, or other Azure network limitations?
  • Has anyone experienced similar issues where specific API endpoints become unreachable from an Azure App Service, while others remain accessible?
  • What tools or diagnostics can I run to narrow down the cause of this timeout ?
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,770 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. SnehaAgrawal-MSFT 21,506 Reputation points
    2024-09-23T07:59:51.9933333+00:00

    @Ndeye Aram Seye Thanks for asking question!

    You can use App Service Diagnostics to find SNAT port allocation information, and observe the SNAT ports allocation metric of an App Service site. To find SNAT port allocation information, follow the following steps:

    1. To access App Service diagnostics, navigate to your App Service web app or App Service Environment in the Azure portal. In the left navigation, select Diagnose and solve problems.
    2. Select Availability and Performance Category
    3. Select SNAT Port Exhaustion tile in the list of available tiles under the category. The practice is to keep it below 128. If you do need it, you can still open a support ticket, and the support engineer will get the metric from back-end for you.

    Since SNAT port usage isn't available as a metric, it isn't possible to either autoscale based on SNAT port usage, or to configure auto scale based on SNAT ports allocation metric.

    Please Refer to detailed guide here- https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-intermittent-outbound-connection-errors

    More Details- SNAT with App Service

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.