Traffic manager for SFTP services (external end points)

gaur 211 Reputation points
2021-07-23T06:46:34.503+00:00

we need to configure Traffic Manager for services like SFTP ,VPN (that belongs to non azure environment ),and we have CName and A record value of these services , Can you please guide me the steps, how we can configure these(Below) in the END points , or any other DNS related changes required in AZure or On prem.

example of existing SFTP service(TCP=22)

SFTP.xyz.abc.com CNAME
SFTP1.xyz.abc.com A record
SFTP2.xyz.abc.com A record

Azure Traffic Manager
Azure Traffic Manager
An Azure service that is used to route incoming network traffic for high performance and availability.
126 questions
0 comments No comments
{count} votes

Accepted answer
  1. GitaraniSharma-MSFT 49,601 Reputation points Microsoft Employee
    2021-07-27T20:25:51.783+00:00

    Hello @gaur ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    Azure Traffic Manager is a DNS-based traffic load balancer. Traffic Manager uses DNS to direct the client requests to the appropriate service endpoint based on a traffic-routing method. Traffic manager also provides health monitoring for every endpoint. The endpoint can be any Internet-facing service hosted inside or outside of Azure for any service such as HTTP, HTTPS, FTP, SFTP, etc.

    Traffic Manager supports adding endpoints using three ways to refer them – as a DNS name, as an IPv4 address and as an IPv6 address. If the endpoint is added as a DNS name, then the query response will be of record type CNAME.

    When a query is received against a profile, Traffic Manager first finds the endpoint that needs to be returned as per the routing method specified and the health status of the endpoints. It then looks at the record type requested in the incoming query and the record type associated with the endpoint before returning a response based on the table shown here.

    You can choose HTTP, HTTPS, or TCP as the protocol that Traffic Manager uses when probing your endpoint to check its health.
    When the monitoring protocol is set as HTTP or HTTPS, the Traffic Manager probing agent makes a GET request to the endpoint using the protocol, port, and relative path given. An endpoint is considered healthy if probing agent receives a 200-OK response, or any of the responses configured in the Expected status code *ranges.
    When the monitoring protocol is TCP, the Traffic Manager probing agent creates a TCP connection request using the port specified. If the endpoint responds to the request with a response to establish the connection, that health check is marked as a success.

    So your endpoint monitoring for VPN will be:

    • Click Configuration.
    • Select TCP from the Protocol drop-down list.
    • Enter 443 in the Port field.
    • Update any additional settings, such as DNS TTL, probing interval, tolerated number of failures, and probe timeout, as required.
    • Click Save.

    And for SFTP will be:

    • Click Configuration.
    • Select TCP from the Protocol drop-down list.
    • Enter 22 in the Port field.
    • Update any additional settings, such as DNS TTL, probing interval, tolerated number of failures, and probe timeout, as required.
    • Click Save.

    To add VPN/SFTP endpoints to the Traffic Manager profile:

    • Click Endpoints.
    • Click Add.
    • Select External Endpoint from the Type drop-down list.
    • Enter a descriptive name for the endpoint.
    • Enter the Fully Qualified Domain Name (FQDN) or the IP address of your VPN server or SFTP server.
    • Select a geography from the Location drop-down list.
    • Click OK.

    References :
    https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-endpoint-types#external-endpoints
    https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring
    https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-how-it-works
    https://directaccess.richardhicks.com/2018/07/30/always-on-vpn-multisite-with-azure-traffic-manager/

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.