Azure NAT blocking connections

Question

When I try to connect to a port on the public IP address of a node, 50% of the time Azure doesn't respond and nmap marks it as "filtered".

When I try to connect to the same port from the node using localhost, it works 100% of the time.

I see this behavior consistently on Azure, and never on AWS & DigitalOcean.

Any thoughts?

Nmap done: 1 IP address (1 host up) scanned in 3.23 seconds
root@AZURE_HOST:~# nmap -Pn -p 28015 AZURE_PUBLIC_IP

Starting Nmap 6.40 ( http://nmap.org ) at 2015-11-11 17:36 UTC
Nmap scan report for AZURE_PUBLIC_IP
Host is up (0.0012s latency).
PORT      STATE SERVICE
28015/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 3.15 seconds
root@AZURE_HOST:~# nmap -Pn -p 28015 AZURE_PUBLIC_IP

Starting Nmap 6.40 ( http://nmap.org ) at 2015-11-11 17:37 UTC
Nmap scan report for AZURE_PUBLIC_IP
Host is up.
PORT      STATE    SERVICE
28015/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 3.23 seconds
root@AZURE_HOST:~# nmap -Pn -p 28015 localhost

Starting Nmap 6.40 ( http://nmap.org ) at 2015-11-11 17:37 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000088s latency).
PORT      STATE SERVICE
28015/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 1.06 seconds
root@AZURE_HOST:~# nmap -Pn -p 28015 localhost

Starting Nmap 6.40 ( http://nmap.org ) at 2015-11-11 17:37 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000070s latency).
PORT      STATE SERVICE
28015/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 1.08 seconds
root@AZURE_HOST:~# nmap -Pn -p 28015 localhost

Starting Nmap 6.40 ( http://nmap.org ) at 2015-11-11 17:37 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000066s latency).
PORT      STATE SERVICE
28015/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 1.05 seconds

Answer 1

Closing this for now as at the moment this issue is confounded by a DC-wide networking issue. I'll delete this if I can repro after this issue has been resolved.

Network Infrastructure and Storage - East US 2 - Partial Service Interruption 24 mins agoStarting at approximately 16:40 UTC on 11 Nov, 2015 engineers are investigating an issue with Network Infrastructure impacting Storage in East US 2.