0

I probably need outgoing proxy or something similar in Azure to have the flexibility of vmss to scale-in my stateless app by changing the number of instances (autoscaling) and use a single public IP address with no limitations on number of IP connections (that is the case for basic and standard load balancer). How can I attache a nat device to a vmss in azure? Probably that is the wrong question. What is the right questions.

Edik Mkoyan
  • 309
  • 2
  • 17

1 Answers1

1

You could use an Azure load balancer as a proxy for outbound internet connectivity by using source network address translation (SNAT). See how to deploy VMSS with existing LB and outbound rules and guidelines should be considered. If the backend VMSS don't have instance-level public IP (ILPIP) addresses, they establish outbound connectivity via the frontend IP of the public load balancer.

If you are facing some issues, see how to throughout the outbound connection.

Nancy
  • 26,865
  • 3
  • 18
  • 34
  • all those things are done, azure's lb has limitations on ip connections, and I don't really need a load balancer, I need a snat gateway. And I don't need public ips on all the machines in the scale set. – Edik Mkoyan Oct 28 '20 at 08:09
  • 1
    You could configure a virtual network subnet to use a NAT gateway, refer to [this](https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway-resource) and this [step-by-step guide](https://www.rebeladmin.com/2020/05/step-step-guide-source-network-address-translation-snat-subnet-using-azure-nat-gateway-powershell-guide/#:~:text=In%20Azure%2C%20we%20can%20do,Gateway%20has%20the%20following%20characteristics%2C&text=One%20public%20IP%20can%20provide,concurrent%20UDP%20and%20TCP%20flows.) with PowerShell. – Nancy Oct 28 '20 at 08:19
  • How can I change the PAT settings for the load balancer? – Edik Mkoyan Oct 28 '20 at 09:18
  • I have not validated it yet but it looks like to use [Set-AzLoadBalancerOutboundRuleConfig](https://learn.microsoft.com/en-us/powershell/module/az.network/set-azloadbalanceroutboundruleconfig?view=azps-5.0.0) with `-AllocatedOutboundPort `. – Nancy Oct 28 '20 at 09:58