Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,167 questions
issues about replaying a pakcet on Azure platform
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 10%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJW%3C/text%3E%3C/svg%3E)
Johney Wang
1
Reputation point
Hi Team,
I have a question about azure virtual network.
When I try to replay one of my pcap files on the Azure platform. I got an "RST+ACK" block, sent by Azure platform( frame 27 in the attached png). Does Azure virtual network do some flow clear when transferring packets? And if so, could I close the flow clearing?
What we want to do is our pakcet can be sent to the far end and not blocked or modified by the under Azure platform. Is this possible?
Br,
Johney
{count} votes
-
GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee2022-03-23T10:44:24.817+00:00 Hello @Johney Wang ,
Apologies for the delay in response.
Could you please let us know your exact requirement?
You mentioned you are sending a packet. May I know what type of packet is being sent (application/service used) and from where to where this packet is being sent? Is it within Azure? Are you using Azure load balancer in your setup somewhere?If the traffic is within an azure vm, you can refer the below doc which shows the common TCP/IP performance tuning techniques and some things to consider:
https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-tcpip-performance-tuningIf you are using Azure load balancer, it's default behavior is to silently drop flows when the idle timeout of a flow is reached.
Refer : https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-tcp-resetRegards,
Gita -
GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee
2022-03-24T07:00:06.417+00:00 Hello @Johney Wang ,
Could you please provide the requested details for further discussion on this issue?
Regards,
Gita -
Johney Wang 1 Reputation point
2022-03-24T15:56:53.807+00:00 Hi GitaraniSharmaMSFT-4262,
Thanks for your quick reply. For your questions:
1) What type of packet is being sent (application/service used) ?
The packet was captured by ourselves and its based on TCP flow, which may not has the normal TCP connecting and ending handshakes. For example, the server(10.24.1.50) send the FIN packet when it receives a RST flag.2) From where to where this packet is being sent? Is it within Azure? Are you using Azure load balancer in your setup somewhere?
yes, Its within Azure, and the packet is sent between two Virtual network/subnets of My Azure environment.
And no load balancer is used.
Br,
Johney
-
GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee
2022-03-28T12:35:21.79+00:00 Hello @Johney Wang ,
Thank you for providing the details.
I cannot think of any reason why Azure would block a packet within Azure when there is no load balancer involved.
From the packet capture, I see that the VM "FortiTester-v710-zhwang" (10.24.1.170) is sending all the FIN and RST packets. May I know if any specific application/service is running on this VM?Regards,
Gita -
Johney Wang 1 Reputation point
2022-03-28T15:54:31.87+00:00 Hi GitaraniSharmaMSFT-4262,
There's no specific app/service running on this VM, and What we do is just replay a pcap file(with FIN and RST) to the virtual network port.
So the TCP flags(FIN/RST) have an effect on the transferring of the Azure platform?
Br,
Johney
-
GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee
2022-03-29T10:20:48.237+00:00 Hello @Johney Wang ,
I'm checking on this issue with the backend team. Will keep you posted on any updates.
Regards,
Gita -
GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee
2022-03-30T11:14:30.89+00:00 Hello @Johney Wang ,
The PG validated the below:
Azure platform can inject RST in load balancer scenarios and idle timeout, but that doesn't seem to be the case here.
PG has requested further details as below:
- Did you verify that the server app isn't generating the RST?
- Can we see the pcap on both ends?
Regards,
Gita -
Johney Wang 1 Reputation point
2022-03-30T16:33:55.177+00:00 Hi GitaraniSharmaMSFT-4262,
Thanks for your response. And attached are the client/server pcaps.
I just wonder where the frame number 17 of azr_server.pcap comes from?
Regards,
Johney
-
Johney Wang 1 Reputation point
2022-03-30T16:34:37.947+00:00 Client pcap file:
-
Johney Wang 1 Reputation point
2022-03-30T16:35:39.67+00:00 Hi GitaraniSharmaMSFT-4262,
Sorry, but Could I upload .pcap file here?
-
GitaraniSharma-MSFT 47,686 Reputation points Microsoft Employee
2022-03-30T17:28:51.53+00:00 Hello @Johney Wang ,
Please send an email to us with the .pcap files as requested in the private message.
Regards,
Gita
Sign in to comment