Skip to Content

Microsoft AZ-720: Troubleshoot Azure Load Balancer Backend VM Not Responding to HTTP Health Probes

By: Author Alex Lim

Posted on

Categories Exam

Learn how to troubleshoot an Azure Load Balancer backend VM that stops responding to HTTP health probes. Discover the likely cause and resolve connectivity issues effectively.

Table of Contents

Question

A company hosts a highly available application using Azure Load Balancer.

A virtual machine (VM) on the backend pool stops responding to health probes. The health probes are configured to use HTTP.

You are troubleshooting the incoming traffic issue. You run a Netsh trace on port 80. No incoming packets are detected on the VM. Outgoing packets are detected.

What is the cause of the issue?

A. A network security group is preventing incoming traffic to the port.
B. A proxy is configured.
C. Session persistence is configured.
D. An application on the VM is blocking the port.

Answer

A. A network security group is preventing incoming traffic to the port.

Explanation

When a virtual machine on the backend pool of an Azure Load Balancer stops responding to HTTP health probes and a Netsh trace on port 80 shows no incoming packets but outgoing packets are detected, the most likely cause is a network security group (NSG) blocking incoming traffic to the port.

NSGs are used to filter network traffic to and from Azure resources. If an NSG associated with the VM or the subnet has a rule that denies incoming traffic on port 80, the health probes from the load balancer will be blocked, resulting in the VM being marked as unhealthy and removed from the backend pool.

To resolve this issue:

  1. Review the NSG rules associated with the VM and the subnet.
  2. Identify any rules blocking incoming traffic on port 80.
  3. Modify the rules to allow incoming traffic from the load balancer’s health probe IP address or the VirtualNetwork service tag.
  4. Save the changes and monitor the VM’s health status in the load balancer.

By ensuring the NSG allows incoming traffic on port 80 from the load balancer, the health probes will reach the VM, and if the application is responding correctly, the VM will be marked as healthy and start receiving traffic from the load balancer again.

Troubleshooting Microsoft Azure Connectivity AZ-720 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Troubleshooting Microsoft Azure Connectivity AZ-720 exam and earn Troubleshooting Microsoft Azure Connectivity AZ-720 certification.