Troubleshoot latency issues within a virtual network
You work as a support engineer supporting Azure infrastructure. You've been contacted by your web team about an issue with the website not responding. The web team have a pool of webservers behind a load balancer and public IP address.
In this exercise, you'll use what you've learned to go through steps to troubleshoot the connection issues to the virtual machines.
Verify that the website can't be reached
Use the Cloud Shell on the right.
Use this Azure CLI command to get the public IP address of the scale set.
az network public-ip show \ --resource-group cloud-shell-storage-westeurope \ --name myScaleSetLBPublicIP \ --query '[ipAddress]' \ --output tsv
Copy the IP address, in a new tab in your browser, try to navigate to it.
Check that Network Security Groups are configured correctly
In another browser tab, navigate to the Azure portal.
Search for Network security groups.
Under Services, select Network Security Groups.
Check the port rules for the scale set
In the Azure portal, search for scale set, and then under Services, select Virtual machine scale sets.
In the list, select myScaleSet to view the details.
On the left, under Settings, select Networking.
Select the Inbound port rules tab, and then select the Outbound port rules tab.
Note
There are no network security groups (NSG) on this network interface.
Check the network settings for the pool instances
On the left, under Settings, select Instances.
Select the first instance listed, in the above example this is myScaleSet_2. In your environment this could be different.
On the left, under Settings, select Networking.
There isn't an NSG being used by this instance.
In the breadcrumb trail, select myScaleSet, and then repeat steps 2 to 4 to see that there isn't an NSG on the other instance.
Check the load balancer for a scale set
Select the Load balancing tab, and then select the myScaleSetLB load balancer.
On the left, under Settings, select Frontend IP configuration.
Check that there is a frontend IP address, and that this is the IP you tested at the beginning of this exercise.
On the left, under Settings, select Load balancing rules.
Note
There is a rule for port 80 and port 443.
On the left, select Diagnose and solve problems.
Use the Diagnose and solve problems troubleshooter
Select the No connectivity to the backend pool troubleshooter.
In the Tell us more about the problem you are experiencing drop-down box, select Intermittent connectivity.
Scroll down and read the insight found.
The insight points to the fact that the backend instances in the pool aren't listening for port 443. The website instances should be listening to port 80. This insight points to a problem in the load balancer rule.