This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
hey guys
what would be option when services are internal so Traffic Manager or Front Door does not apply since they support public endpoints/public DNS?
in the last month 2 customers are configuring some active/passive private ips in different AZ and and go and say you know you can use Traffic Manager or Front Door but when they tell me their access points are private IPs, they are not public services IPs...
I am speechless
so what would he workaround when a services is published internally and customer has ER so they don't have public endpoints which work for Traffic Manager or Front Door
I also know Azure LB and App GW they don't work either since they don't even support priority routing like TM and FD do
so my customers basically have "Disaster Recovery" scenarios in the same region and accessing this using ER/VPN in case an AZ completely fails
I know that is not really Disaster Recovery but let's call it that way and just want to know what would the solution for this scenarios, thanks
thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 10%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Interesting setup.
Traffic Manager works at the DNS level and designed to serve internet facing services only . I haven't seen ppls using it for private endpoints, but may be the below link workaround can up for discussion.
is that deprecated I mean that feature is documented from 2018? and I found this
What types of traffic can be routed using Traffic Manager?
As explained in How Traffic Manager Works, a Traffic Manager endpoint can be any internet facing service hosted inside or outside of Azure. Hence, Traffic Manager can route traffic that originates from the public internet to a set of endpoints that are also internet facing. If you have endpoints that are inside a private network (for example, an internal version of Azure Load Balancer) or have users making DNS requests from such internal networks, then you cannot use Traffic Manager to route this traffic.
Hello @Carlos Chacon Chavarria ,
Apologies for the delay in response.
I can think of 3 ways to achieve your setup:
1) Use Traffic manager with private endpoints and manual failover as advised by @Devaraj G .
Refer : https://learn.microsoft.com/en-gb/archive/blogs/mihansen/using-azure-traffic-manager-for-private-endpoint-failover-manual-method
When we use private endpoints with Azure Traffic Manager, the health probes fail and they will be marked as degraded. The endpoints that are degraded are not included in the ATM's query response. However, if all the endpoints are degraded then they will be included in the query response. Therefore you can go ahead and set it up for private endpoints, if you are okay with the health monitoring feature not being available.
If all endpoints in a profile are degraded, then Traffic Manager treats all endpoints as healthy and routes traffic to all endpoints. This behavior ensures that problems with the probing mechanism do not result in a complete outage of your service.
Refer: https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring#traffic-routing-methods - check the NOTE section.
https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-troubleshooting-degraded#understanding-traffic-manager-probes
2) Use Application gateway/Load balancer with the backend private IPs and then put Azure Front Door in the front for the routing methods.
Refer : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-faq#can-azure-front-door-load-balance-or-route-traffic-within-a-virtual-network-
3) Use Azure Front Door premium (which is in preview) as it supports traffic routing to private link origins.
Refer : https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/concept-private-link
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.